Jan Dittberner
a085e0cec2
Merge remote-tracking branch 'origin/main' into bug-1561
...
* origin/main:
Updated text as per #bug-1537
Adjusted wording as per https://lists.cacert.org/wws/arc/cacert-policy/2020-09/msg00008.html
Corrected label on CSR text box.
Corrected language. This is the New Client Certificate page, but has the New Server Certificate language.
2 days ago
Jan Dittberner
4edf5c0cc5
Merge pull request 'Corrected language. This is the New Client Certificate page, but has the New Server Certificate language.' ( !19 ) from bug-1559 into main
...
Reviewed-on: #19
Reviewed-by: Jan Dittberner <jandd@cacert.org>
Reviewed-by: Kim Nilsson <knilsson@cacert.org>
Reviewed-by: Dirk Astrath <dirk@cacert.org>
2 months ago
Jan Dittberner
fd29a02049
Merge branch 'main' into bug-1559
2 months ago
Jan Dittberner
1d41eedc27
Merge pull request 'Updated text as per #bug-1537' ( !24 ) from bug-1537 into main
...
Reviewed-on: #24
Reviewed-by: Kim Nilsson <knilsson@cacert.org>
Reviewed-by: Jan Dittberner <jandd@cacert.org>
Reviewed-by: Dirk Astrath <dirk@cacert.org>
2 months ago
Jan Dittberner
bb8fd1519b
Merge pull request 'Adjusted wording as per https://lists.cacert.org/wws/arc/cacert-policy/2020-09/msg00008.html ' ( !21 ) from bug-1560 into main
...
Reviewed-on: #21
Reviewed-by: Kim Nilsson <knilsson@cacert.org>
Reviewed-by: Dirk Astrath <dirk@cacert.org>
2 months ago
Brian Mc Cullough
2ca4b1aab8
Updated text as per #bug-1537
...
Edited CCA, Privacy Policy and RDL text to remove references to Australia.
4 months ago
Brian McCullough
110c6ed909
Modified text as per https://lists.cacert.org/wws/arc/cacert-policy/2020-09/msg00008.html
4 months ago
Brian McCullough
c4b9c6370e
Adjusted wording as per https://lists.cacert.org/wws/arc/cacert-policy/2020-09/msg00008.html
4 months ago
Brian McCullough
5989e8adad
Corrected label on CSR text box.
4 months ago
Brian Mc Cullough
16a05fff74
Corrected language. This is the New Client Certificate page, but has the New Server Certificate language.
4 months ago
Jan Dittberner
06aee033a7
Merge pull request 'Replace http links with https' ( !18 ) from use-https-for-verification-links into main
...
Reviewed-on: #18
Reviewed-by: Kim Nilsson <knilsson@cacert.org>
Reviewed-by: Brian Mc Cullough <bmccullough@cacert.org>
Reviewed-by: Dirk Astrath <dirk@cacert.org>
4 months ago
Jan Dittberner
c61f0c4519
Merge branch 'main' into use-https-for-verification-links
4 months ago
Jan Dittberner
408796eaf0
Merge pull request 'Improve client certificate issuing' ( !17 ) from fix-client-cert-issues into main
...
Reviewed-on: #17
Reviewed-by: Brian Mc Cullough <bmccullough@cacert.org>
Reviewed-by: Dirk Astrath <dirk@cacert.org>
4 months ago
Jan Dittberner
844eb0fbf3
Merge branch 'main' into fix-client-cert-issues
4 months ago
Jan Dittberner
abfce60ed4
Merge pull request 'Fix client certificate login' ( !16 ) from fix-client-certificate-login into main
...
Reviewed-on: #16
Reviewed-by: Brian Mc Cullough <bmccullough@cacert.org>
Reviewed-by: Dirk Astrath <dirk@cacert.org>
4 months ago
Jan Dittberner
44987425dc
Merge branch 'main' into fix-client-certificate-login
4 months ago
Jan Dittberner
e021736c47
Merge pull request 'Add maintenance query to remove memid=0 emails' ( !2 ) from fix-email-address-maintenance-bug-1543 into main
...
Reviewed-on: #2
Reviewed-by: Brian Mc Cullough <bmccullough@cacert.org>
Reviewed-by: Dirk Astrath <dirk@cacert.org>
4 months ago
Jan Dittberner
66daeb6fcd
Merge branch 'main' into fix-email-address-maintenance-bug-1543
4 months ago
Jan Dittberner
9626e7f6fc
Fix initial index for email SAN lookup
5 months ago
Jan Dittberner
5f89d48036
Remove leftover header call
5 months ago
Jan Dittberner
3bf254e237
Use https links instead of http for registration
5 months ago
Jan Dittberner
0f75bdcdac
Use https links instead of http
5 months ago
Jan Dittberner
9a672e9bf9
Improve client certificate issuing
...
- add more comprehensive message when a user does not select an email address or the SSO flag
- fix missing value for coll_found in emailcerts INSERT query
- handle database errors when the emailcerts INSERT query fails
5 months ago
Jan Dittberner
560be526c4
Fix client certificate login
...
This change fixes the client certificate login for cases where duplicate
serial numbers have been issued and recorded in the emailcerts table.
Email addresses from the client certificate are used as an additional
matching parameter.
- includes/lib/general.php got a new function
get_email_addresses_from_client_cert to create an array of email
addresses from the environment variables set by Apache httpd
- includes/loggedin.php and www/index.php use the new function to pass
email addresses to the get_user_id_from_cert function
- get_user_id_from_cert in includes/lib/general.php has been enhanced to
use a JOIN over the emailcerts, root_certs and email tables. All
parameters are escaped via mysql_real_escape_string
- SQL errors in get_user_id_from_cert are now handled
- a match from get_user_id_from_cert is only returned when there is
exactly one row in the result set
The code and the used query have been tested with Apache 2.4.10 and PHP
5.6 from Debian Jessie and a MariaDB 10.11 in strict mode using a
container based test setup to match the current production setup as
close as possible.
5 months ago
Dirk Astrath
e2f9138035
Merge pull request 'Ignore files that are dynamically generated' ( !12 ) from update-gitignore into main
...
Reviewed-on: #12
Reviewed-by: Dirk Astrath <dirk@cacert.org>
5 months ago
Dirk Astrath
443467c435
Merge pull request 'Add class 3 root-certificates signed in 2021' ( !13 ) from add-2021-class3-certificate-files into main
...
Reviewed-on: #13
Reviewed-by: Dirk Astrath <dirk@cacert.org>
5 months ago
Dirk Astrath
6e23a0bd87
Merge pull request 'Use Digest::SHA instead of removed Digest::SHA1' ( !14 ) from fix-sha-digest-import into main
...
Reviewed-on: #14
Reviewed-by: Dirk Astrath <dirk@cacert.org>
5 months ago
Dirk Astrath
f14c9ad991
Merge pull request 'Remove locale/cv.c' ( !15 ) from remove-unused-c-code into main
...
Reviewed-on: #15
Reviewed-by: Dirk Astrath <dirk@cacert.org>
5 months ago
Jan Dittberner
6d2da10fa2
Remove locale/cv.c
...
This change removes locale/cv.c. It does not seem to be used anywhere in
the current system. None of the current critical team members knows
about its history. It might have been replaced by
locale/escape_special_chars.php long ago.
5 months ago
Jan Dittberner
5d9c8689cc
Use Digest::SHA instead of removed Digest::SHA1
...
This fixes the Digest import in server.pl. Digest::SHA1 has long been
replaced by the more generic Digest::SHA.
5 months ago
Jan Dittberner
6e3549c21a
Add class 3 certificates signed in 2021
...
These files have been referenced in pages/index/3.php since commit
bf7dcbd0
5 months ago
Jan Dittberner
03b6d7c4bf
Ignore files that are dynamically generated
5 months ago
Jan Dittberner
0dc3bd7626
Merge pull request 'Redirect to code.cacert.org for source code' ( !11 ) from feature/replace-static-tarballs-with-code-reference into main
...
Reviewed-on: #11
Reviewed-by: Dirk Astrath <dirk@cacert.org>
1 year ago
Jan Dittberner
bf2ab338d1
Merge pull request 'Remove opinionated comments on hash algorithms' ( !10 ) from bugfix/remove-opinionated-hash-algorithm-descriptions into main
...
Reviewed-on: #10
1 year ago
Jan Dittberner
62dc71fb4d
Redirect to code.cacert.org for source code
1 year ago
Jan Dittberner
f6831c82af
Remove opinionated comments on hash algorithms
1 year ago
Jan Dittberner
efb9f4b461
Merge pull request 'Add missing closing a tag for link' ( #9 ) from add-closing-tag-for-csr-app-link into main
...
Reviewed-on: #9
1 year ago
Jan Dittberner
ccd5273c7b
Add missing closing a tag for link
1 year ago
Jan Dittberner
37fd9a3127
Merge pull request 'bugfix/1551-link-to-csr-app' ( #8 ) from bugfix/1551-link-to-csr-app into main
...
Reviewed-on: #8
Reviewed-by: Dirk Astrath <dirk@cacert.org>
1 year ago
Jan Dittberner
3ecb1a6d1a
Enable expert options by default
...
addresses https://bugs.cacert.org/view.php?id=1551
1 year ago
Jan Dittberner
91f7e11751
Add link to new CSR generator application
...
addresses https://bugs.cacert.org/view.php?id=1551
1 year ago
Jan Dittberner
53d4d108ce
Merge pull request 'Remove old sponsoring links' ( #7 ) from bugfix/1423-remove-tunix-and-oan-links into main
...
Reviewed-on: #7
Reviewed-by: Dirk Astrath <dirk@cacert.org>
1 year ago
Jan Dittberner
df612b08ba
Merge branch 'main' into fix-email-address-maintenance-bug-1543
1 year ago
Jan Dittberner
3e25be237d
Remove old sponsoring links
...
fixes https://bugs.cacert.org/view.php?id=1423
1 year ago
Jan Dittberner
8521ac0719
Merge pull request 'Use integer values for type when inserting into ordomaincerts' ( #3 ) from bugfix/1548-proper-type-for-orgdomain-insert into main
...
Reviewed-on: #3
1 year ago
Jan Dittberner
6ddce57ded
Merge branch 'main' into fix-email-address-maintenance-bug-1543
1 year ago
Jan Dittberner
ae4f01bcbe
Merge branch 'main' into bugfix/1548-proper-type-for-orgdomain-insert
1 year ago
Jan Dittberner
c9ab54b30a
Merge pull request 'Add migration script for missing users DEFAULTs' ( #4 ) from bugfix/1549-add-missing-defaults-on-users-table into main
...
Reviewed-on: #4
Applied in prod by @dirk
1 year ago
Jan Dittberner
10540621a8
Add migration script for missing users DEFAULTs
...
This commit adds a migration script to add missing DEFAULT values on the
users table. INSERTs into the users table fail without these DEFAULTs on
MariaDB in strict mode.
1 year ago
Jan Dittberner
bdb30f8898
Use integer values for type when inserting into ordomaincerts
...
MySQL tolerated INSERTs of an empty string in the type column of the
ordomaincerts table. This commit uses an integer value of 0 as default
instead to ensure that MariaDB with strict settings accepts the INSERT
too.
1 year ago