Commit graph

186 commits

Author SHA1 Message Date
c61f0c4519 Merge branch 'main' into use-https-for-verification-links 2024-05-20 10:46:16 +00:00
0f75bdcdac Use https links instead of http 2024-05-05 20:16:09 +02:00
9a672e9bf9 Improve client certificate issuing
- add more comprehensive message when a user does not select an email address or the SSO flag
- fix missing value for coll_found in emailcerts INSERT query
- handle database errors when the emailcerts INSERT query fails
2024-05-05 20:13:37 +02:00
bdb30f8898 Use integer values for type when inserting into ordomaincerts
MySQL tolerated INSERTs of an empty string in the type column of the
ordomaincerts table. This commit uses an integer value of 0 as default
instead to ensure that MariaDB with strict settings accepts the INSERT
too.
2023-07-14 18:06:10 +02:00
Wytze van der Raay
cf5a6ce0a3 Fix for https://bugs.cacert.org/view.php?id=790
"Creating organisation client certs by pasted CSR"
2014-12-05 09:08:43 +00:00
Wytze van der Raay
add8566161 Fix for https://bugs.cacert.org/view.php?id=28
"Wrong language for ''you've been assured'' & ''[CAcert.org] Client Certificate'' emails"
2014-11-24 09:59:19 +00:00
Wytze van der Raay
4f70392a23 Fix for https://bugs.cacert.org/view.php?id=1273
"Replace all backtick operators with calls to runCommand() or shell_exec()"
2014-11-24 09:56:38 +00:00
Mendel Mobach
8be54e45e9 Fix for https://bugs.cacert.org/view.php?id=1339 2014-11-18 22:08:23 +00:00
Wytze van der Raay
924e6b0337 Intermediate patch for https://bugs.cacert.org/view.php?id=807
"CAcert ignores signature algorithm from csr".

This patch introduces the UI for our members to choose which signature
algorithm they want their certificates signed with. Among the choices
are SHA-256, SHA-384 and SHA-512. Further choices may be included as our
signer and web frontend permit.
2014-06-13 16:00:16 +00:00
Wytze van der Raay
ccc2a6f534 Combined fixes for
- https://bugs.cacert.org/view.php?id=413
  "Add a web page indicating the certificate request is still pending"
- https://bugs.cacert.org/view.php?id=1138
  "Implement to log the SE activity"
- https://bugs.cacert.org/view.php?id=1221
  "Inconsistency in Assurance Management"
2014-06-07 09:16:26 +00:00
Wytze van der Raay
14aafe2212 Fix for https://bugs.cacert.org/view.php?id=1275
"Missing quotes around"masteracc" array index"
2014-06-07 08:52:43 +00:00
Wytze van der Raay
b740a14b10 Fix for https://bugs.cacert.org/view.php?id=372
"Renewing certificates fails to update links between domains and the certificate
 properly which causes issues"
2014-06-07 08:46:18 +00:00
Mendel Mobach
1112d76dd5 fix for https://bugs.cacert.org/view.php?id=1272
"Arbitrary Code Execution via SQL injection on certain database fields"
2014-04-19 07:32:11 +00:00
Mendel Mobach
ea8c675168 fix for https://bugs.cacert.org/view.php?id=1266
"Second-order SQL injection in Certificate-related queries"
2014-04-18 08:12:30 +00:00
Wytze van der Raay
eff4f484ff Fix for https://bugs.cacert.org/view.php?id=448
"when revoking a certificate, confusing info is given to the user"
2014-03-24 11:38:41 +00:00
Wytze van der Raay
1b49547d06 Fix for https://bugs.cacert.org/view.php?id=440
"Problem with subjectAltName"
2014-01-15 16:00:05 +00:00
Wytze van der Raay
0d230706fc Fix for https://bugs.cacert.org/view.php?id=1195
"Take out change ability on pages/account/6.php"
2014-01-15 15:50:40 +00:00
Wytze van der Raay
3b79d4bd1b Fix for https://bugs.cacert.org/view.php?id=1236
"Security questions rejected invalid on adding middle name"
2014-01-15 15:40:51 +00:00
Wytze van der Raay
3ac5042e96 Fix for https://bugs.cacert.org/view.php?id=1010
"Reorder the view on organisation certificates"
2013-11-20 16:28:34 +00:00
Wytze van der Raay
fc979343e1 Fix for https://bugs.cacert.org/view.php?id=569
"output order when removing email address"
2013-10-21 09:17:17 +00:00
Wytze van der Raay
3dfac78f84 Jumbo patch for the following issues:
https://bugs.cacert.org/view.php?id=893
    Extend Delete account feature for support
  https://bugs.cacert.org/view.php?id=1123
    Add the Check CCA acception to all certificate creation processes
  https://bugs.cacert.org/view.php?id=1136
    Extend SE console with the functionality to revoke all user certificates of an user account
  https://bugs.cacert.org/view.php?id=1137
    Record the CCA acception for entering an assurance
  https://bugs.cacert.org/view.php?id=1177
    Combine wot.inc.php, notary.inc.php and temp-function.php
2013-09-06 15:21:06 +00:00
root
47d3b2b0a2 Fix for http://bugs.cacert.org/view.php?id=782
Add "notes" field to certificate information.
2013-07-17 08:19:05 +00:00
Wytze van der Raay
e870b86839 Improved fix for https://bugs.cacert.org/view.php?id=922
CAcert application code problem causing missing "certificate about to expire messages"
2013-06-11 10:04:47 +00:00
Wytze van der Raay
291f6cb1d4 Fix for https://bugs.cacert.org/view.php?id=964
"VBscript, Weak Keys script 4.php, 17.php to combine / select box key
 size and lower limit to 2048" (Codename: Blackjack)
2013-02-27 10:29:48 +00:00
Wytze van der Raay
bd2f3898b4 Backing out the changes made earlier today for:
Fix for https://bugs.cacert.org/view.php?id=922
  "CAcert application code problem causing missing 'certificate about to expire'
messages"
since that new code is locking up the mysql server.
2012-11-01 19:27:29 +00:00
Wytze van der Raay
27236c1388 Fix for https://bugs.cacert.org/view.php?id=860
"someone accessed your password and secret questions page, plz change pwd translation mixed and garbled, text is tanslated in TL"
2012-11-01 13:57:40 +00:00
Wytze van der Raay
39e859c96c Fix for https://bugs.cacert.org/view.php?id=922
"CAcert application code problem causing missing 'certificate about to expire' messages"
2012-11-01 13:54:03 +00:00
Wytze van der Raay
316ef65915 Fix for https://bugs.cacert.org/view.php?id=978
"Invalid SPKAC requests are not properly validated"
2012-10-31 10:03:33 +00:00
Wytze van der Raay
ccad5d5e16 Fix for https://bugs.cacert.org/view.php?id=981
New layout of view for Organisation Administrators in account/id35
2012-08-10 11:06:29 +00:00
Wytze van der Raay
1d69ee1289 Fix for https://bugs.cacert.org/view.php?id=789
Editing domain for organisations does not work.
2012-07-25 15:16:46 +00:00
Wytze van der Raay
46a36a95e4 Fix for https://bugs.cacert.org/view.php?id=967
Give an OA the opportuntiy to check if a designated Organisation Admininistrator
is a CAcert assurer.
2012-07-04 09:00:17 +00:00
root
2679d75dfc Fix for https://bugs.cacert.org/view.php?id=985
"Move from translingo to pootle"
2012-01-24 14:26:05 +00:00
Wytze van der Raay
0161d32e3d Fix for https://bugs.cacert.org/view.php?id=966 :
Delete Admin for [organization] deletes admin even though cancel button
is pressed.
2011-10-21 20:01:45 +00:00
Wytze van der Raay
3d4f9beb37 Fix for https://bugs.cacert.org/view.php?id=953 (After change of
password change on account.php?id=14 does not meet requirements wrong redirect)
2011-08-03 10:08:53 +00:00
Wytze van der Raay
8571e6f0a9 Fix for https://bugs.cacert.org/view.php?id=918
(detection and prevention of weak keys for CAcert-issued certificates)
2011-06-16 09:19:58 +00:00
Philipp Dunkel
e89b61e045 http://bugs.cacert.org/view.php?id=817 2010-05-04 19:51:50 +00:00
Philipp Dunkel
5b2687358b Text improvement due to support request 2009-12-20 22:41:21 +00:00
Philipp Dunkel
414ea03c2c Bug in the doubleval() function that only affected the production system 2009-12-03 20:50:54 +00:00
Philipp Dunkel
45a79bce52 Prevented wrong root certificate selection due to session problem 2009-12-02 22:08:51 +00:00
Philipp Dunkel
20a89f4232 Removed old code 2009-10-15 21:37:40 +00:00
Philipp Dunkel
50b7f0283f Refactored certificate issueing to use the new generatecertpath function 2009-10-15 21:11:30 +00:00
Philipp Dunkel
4046e845a8 http://bugs.cacert.org/view.php?id=781 2009-10-04 15:34:39 +00:00
Philipp Dunkel
a73302888f http://bugs.cacert.org/view.php?id=608 2009-09-20 17:38:13 +00:00
Philipp Dunkel
5e2319f7b6 Improved register_globals handling 2009-09-19 23:23:30 +00:00
Philipp Dunkel
19b6f8692b Added NullByte Prevention 2009-07-31 21:25:38 +00:00
Philipp Dunkel
9b70628acc Tagged Text 2009-05-31 16:48:40 +00:00
Philipp Dunkel
f522b17554 Improved server certificate renewal. Another bug is still there. 2009-05-22 05:09:24 +00:00
root
c0fa2d9054 https://bugs.cacert.org/view.php?id=215 2009-04-26 21:27:56 +00:00
root
c7e24e56f7 Fixed a hole
Added OCSP renewal support
2009-04-23 19:19:58 +00:00
root
365e014d14 Cleanup of CSRs
Standardisation of temp names
2009-04-13 23:07:13 +00:00