chiark / gitweb /
cgi-auth-flexible.git
3 years agoTesting: test.cgi: Provide debug output hook
Ian Jackson [Tue, 27 Oct 2015 16:48:31 +0000 (16:48 +0000)]
Testing: test.cgi: Provide debug output hook

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
3 years agoTesting: test.cgi: Break out @verifier_params
Ian Jackson [Tue, 27 Oct 2015 16:48:16 +0000 (16:48 +0000)]
Testing: test.cgi: Break out @verifier_params

No functional change.

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
3 years agoblinding: Use . as separator rather than / (which ends up as %2e)
Ian Jackson [Tue, 27 Oct 2015 16:47:28 +0000 (16:47 +0000)]
blinding: Use . as separator rather than / (which ends up as %2e)

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
3 years agoblinding: Fix move of Params setting into check_divert
Ian Jackson [Tue, 27 Oct 2015 16:46:50 +0000 (16:46 +0000)]
blinding: Fix move of Params setting into check_divert

We were setting various things in $r rather than $r->{Divert}.

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
3 years agosrcdump: Report tar output to stderr, not stdout
Ian Jackson [Tue, 27 Oct 2015 16:46:00 +0000 (16:46 +0000)]
srcdump: Report tar output to stderr, not stdout

Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
3 years agoTesting: rename dump to test-data
Ian Jackson [Tue, 27 Oct 2015 16:45:30 +0000 (16:45 +0000)]
Testing: rename dump to test-data

Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
3 years agotest.cgi: ignore "dump" directory
Ian Jackson [Tue, 27 Oct 2015 15:17:55 +0000 (15:17 +0000)]
test.cgi: ignore "dump" directory

Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
3 years agotest.cgi: unset srcdump_filter_cwd
Ian Jackson [Tue, 27 Oct 2015 15:15:27 +0000 (15:15 +0000)]
test.cgi: unset srcdump_filter_cwd

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
3 years agoblinding: Properly lift _blind and _unblind for "" and undef
Ian Jackson [Tue, 27 Oct 2015 15:15:05 +0000 (15:15 +0000)]
blinding: Properly lift _blind and _unblind for "" and undef

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
3 years agoblinding: Blind cookies and hidden form param
Ian Jackson [Sun, 25 Oct 2015 13:37:15 +0000 (13:37 +0000)]
blinding: Blind cookies and hidden form param

Each time we generate a cookie or a hidden form parameter, generate
some random hex digits and xor them with the hex digits in the cookie
or parameter value.

Our cookies contain decimal digits, and punctuation, too.  The decimal
digits are simply blinded the same way (which is fine) and the
punctuation is left alone.  It's the actual values we care about.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
3 years agoblinding: Remove handling of REDIRECT-LOGOUT
Ian Jackson [Sun, 25 Oct 2015 13:35:25 +0000 (13:35 +0000)]
blinding: Remove handling of REDIRECT-LOGOUT

Nothing sets $kind to REDIRECT-LOGOUT.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
3 years agoblinding: Move another setting of Params into check_divert
Ian Jackson [Sun, 25 Oct 2015 13:34:31 +0000 (13:34 +0000)]
blinding: Move another setting of Params into check_divert

Previously, divert_ok had the knowledge of the need to set
the first of loggedout_param_names.  Put this into check_divert.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
3 years agoblinding: Move setting of Params into check_divert
Ian Jackson [Sun, 25 Oct 2015 13:25:44 +0000 (13:25 +0000)]
blinding: Move setting of Params into check_divert

Previously, divert_ok had the knowledge of the need to set
assoc_param_name in some cases.  Put this into check_divert.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
3 years agoblinding: Discuss CookieSecret a bit differently
Ian Jackson [Sun, 25 Oct 2015 13:24:43 +0000 (13:24 +0000)]
blinding: Discuss CookieSecret a bit differently

3 years agoblinding: Introduce _CookieRaw (same as CookieSecret for now
Ian Jackson [Sun, 25 Oct 2015 13:23:56 +0000 (13:23 +0000)]
blinding: Introduce _CookieRaw (same as CookieSecret for now

3 years agoFix broken db creation
Ian Jackson [Sun, 25 Oct 2015 13:20:49 +0000 (13:20 +0000)]
Fix broken db creation

3 years agosrcdump: Fix git vcsscript to work properly
Ian Jackson [Sun, 25 Oct 2015 13:20:14 +0000 (13:20 +0000)]
srcdump: Fix git vcsscript to work properly

3 years agosrcdump: Skip undef entries in srcdump_dirscan_prepare (relevant if SCRIPT_FILENAME...
Ian Jackson [Sun, 25 Oct 2015 13:19:26 +0000 (13:19 +0000)]
srcdump: Skip undef entries in srcdump_dirscan_prepare (relevant if SCRIPT_FILENAME is undef, for example

3 years agoAdd caf-srcdump to .gitignore
Ian Jackson [Sun, 25 Oct 2015 13:18:33 +0000 (13:18 +0000)]
Add caf-srcdump to .gitignore

3 years agoReformat construct_cookie (no functional change)
Ian Jackson [Sun, 25 Oct 2015 12:05:05 +0000 (12:05 +0000)]
Reformat construct_cookie (no functional change)

3 years agoFix ref to nonpagetype in check_nonpage
Ian Jackson [Thu, 16 Jul 2015 12:10:40 +0000 (13:10 +0100)]
Fix ref to nonpagetype in check_nonpage

3 years agoAbolish default_db_setup_stmts and set it up in new_verifier
Ian Jackson [Thu, 16 Jul 2015 12:10:15 +0000 (13:10 +0100)]
Abolish default_db_setup_stmts and set it up in new_verifier

5 years agodb_... settings: rename file from assocdb_...
Ian Jackson [Sun, 7 Apr 2013 17:06:36 +0000 (18:06 +0100)]
db_... settings: rename file from assocdb_...

5 years agocaf.db: rename file from caf-assocs.db
Ian Jackson [Sun, 7 Apr 2013 16:56:55 +0000 (17:56 +0100)]
caf.db: rename file from caf-assocs.db

5 years agodb_prefix setting: change from assocdb_table
Ian Jackson [Sun, 7 Apr 2013 16:51:29 +0000 (17:51 +0100)]
db_prefix setting: change from assocdb_table

5 years agodocs: more work
Ian Jackson [Wed, 3 Apr 2013 20:52:22 +0000 (21:52 +0100)]
docs: more work

5 years agodb_setup_stmts: new setting
Ian Jackson [Wed, 3 Apr 2013 20:52:14 +0000 (21:52 +0100)]
db_setup_stmts: new setting

5 years agodocs: more work
Ian Jackson [Thu, 28 Mar 2013 21:15:23 +0000 (21:15 +0000)]
docs: more work

5 years agodocs: more work
Ian Jackson [Thu, 28 Mar 2013 21:10:44 +0000 (21:10 +0000)]
docs: more work

5 years agodocs: more work
Ian Jackson [Thu, 28 Mar 2013 21:10:35 +0000 (21:10 +0000)]
docs: more work

5 years agodocs: more work
Ian Jackson [Thu, 28 Mar 2013 21:01:44 +0000 (21:01 +0000)]
docs: more work

5 years agodocs: more work
Ian Jackson [Thu, 28 Mar 2013 20:17:55 +0000 (20:17 +0000)]
docs: more work

5 years ago_chain_params: make an internal-only function as seems to have little plausible exter...
Ian Jackson [Thu, 28 Mar 2013 19:53:32 +0000 (19:53 +0000)]
_chain_params: make an internal-only function as seems to have little plausible external use

5 years agodocs: more work
Ian Jackson [Thu, 28 Mar 2013 19:50:01 +0000 (19:50 +0000)]
docs: more work

5 years agodocs: more work
Ian Jackson [Thu, 28 Mar 2013 19:44:12 +0000 (19:44 +0000)]
docs: more work

5 years agosrcdump_vcsscript: make into a single hash, not a bevy of separate settings
Ian Jackson [Thu, 28 Mar 2013 19:44:05 +0000 (19:44 +0000)]
srcdump_vcsscript: make into a single hash, not a bevy of separate settings

5 years agodocs: more work
Ian Jackson [Thu, 28 Mar 2013 19:20:18 +0000 (19:20 +0000)]
docs: more work

5 years agodocs: more work
Ian Jackson [Thu, 28 Mar 2013 19:06:25 +0000 (19:06 +0000)]
docs: more work

5 years agosrcdump_vcs_dirs, etc.: do not handle CVS as metadata dir in ever subdir means we...
Ian Jackson [Thu, 28 Mar 2013 19:06:02 +0000 (19:06 +0000)]
srcdump_vcs_dirs, etc.: do not handle CVS as metadata dir in ever subdir means we need CVS-specific logic to find working tree root(s)

5 years agodocs: more work
Ian Jackson [Thu, 21 Mar 2013 17:12:04 +0000 (17:12 +0000)]
docs: more work

5 years agodocs: more work
Ian Jackson [Thu, 21 Mar 2013 17:10:14 +0000 (17:10 +0000)]
docs: more work

5 years agoTODO: some untranslated strings
Ian Jackson [Thu, 21 Mar 2013 17:09:55 +0000 (17:09 +0000)]
TODO: some untranslated strings

5 years agois_page: remove obsolete hook
Ian Jackson [Thu, 21 Mar 2013 17:09:12 +0000 (17:09 +0000)]
is_page: remove obsolete hook

5 years agoget_params hook: actually DTRT for multiple-valued parameters
Ian Jackson [Thu, 21 Mar 2013 17:08:57 +0000 (17:08 +0000)]
get_params hook: actually DTRT for multiple-valued parameters

5 years agois_https hook: rename from check_https
Ian Jackson [Thu, 21 Mar 2013 17:07:32 +0000 (17:07 +0000)]
is_https hook: rename from check_https

5 years agodocs: more work
Ian Jackson [Thu, 21 Mar 2013 14:57:29 +0000 (14:57 +0000)]
docs: more work

5 years agodocs: more work
Ian Jackson [Wed, 20 Mar 2013 18:29:33 +0000 (18:29 +0000)]
docs: more work

5 years agoneed_add_hidden: support use with the class rather than an object
Ian Jackson [Wed, 20 Mar 2013 18:29:21 +0000 (18:29 +0000)]
need_add_hidden: support use with the class rather than an object

5 years agoupdate_get_need_add_hidden: new $force parameter
Ian Jackson [Wed, 20 Mar 2013 18:29:02 +0000 (18:29 +0000)]
update_get_need_add_hidden: new $force parameter

5 years agomutate_ok: abolish, and provide only check_mutate
Ian Jackson [Wed, 20 Mar 2013 18:27:57 +0000 (18:27 +0000)]
mutate_ok: abolish, and provide only check_mutate

5 years agodocs: more work
Ian Jackson [Tue, 19 Mar 2013 19:04:27 +0000 (19:04 +0000)]
docs: more work

5 years agodocs: more work
Ian Jackson [Tue, 19 Mar 2013 17:47:56 +0000 (17:47 +0000)]
docs: more work

5 years agodocs: more work
Ian Jackson [Tue, 19 Mar 2013 01:09:59 +0000 (01:09 +0000)]
docs: more work

5 years agofixes
Ian Jackson [Tue, 19 Mar 2013 01:09:55 +0000 (01:09 +0000)]
fixes

5 years agoupdate_get_need_add_hidden: new function
Ian Jackson [Sun, 17 Mar 2013 14:12:18 +0000 (14:12 +0000)]
update_get_need_add_hidden: new function

5 years agodocs: more work
Ian Jackson [Sun, 17 Mar 2013 14:07:08 +0000 (14:07 +0000)]
docs: more work

5 years ago.gitignore: add lots of docs files
Ian Jackson [Sun, 17 Mar 2013 14:06:54 +0000 (14:06 +0000)]
.gitignore: add lots of docs files

5 years agodocs: more work
Ian Jackson [Sun, 17 Mar 2013 13:59:59 +0000 (13:59 +0000)]
docs: more work

5 years agominor improvements and a todo, prompted by docs work
Ian Jackson [Sun, 17 Mar 2013 13:59:31 +0000 (13:59 +0000)]
minor improvements and a todo, prompted by docs work

5 years agorename nonpage_ok to check_nonpage
Ian Jackson [Sun, 17 Mar 2013 13:20:40 +0000 (13:20 +0000)]
rename nonpage_ok to check_nonpage

5 years agojavascript hijacking fix, docs are still wip
Ian Jackson [Thu, 7 Mar 2013 18:09:41 +0000 (18:09 +0000)]
javascript hijacking fix, docs are still wip

5 years agoconfig: permit unknown promise_... settings
Ian Jackson [Wed, 6 Mar 2013 21:19:57 +0000 (21:19 +0000)]
config: permit unknown promise_... settings

5 years agoTODO: need to fix js hijacking
Ian Jackson [Sat, 23 Feb 2013 21:32:44 +0000 (21:32 +0000)]
TODO: need to fix js hijacking

5 years agodocs: move into separate file
Ian Jackson [Sat, 23 Feb 2013 21:16:35 +0000 (21:16 +0000)]
docs: move into separate file

5 years agodocs: wip
Ian Jackson [Sat, 23 Feb 2013 21:15:34 +0000 (21:15 +0000)]
docs: wip

5 years agodocs: wip
Ian Jackson [Sat, 23 Feb 2013 20:38:27 +0000 (20:38 +0000)]
docs: wip

5 years agodocs: wip
Ian Jackson [Sat, 23 Feb 2013 20:07:40 +0000 (20:07 +0000)]
docs: wip

5 years agoautomatic agpl compliance: fix licence installation to come soon enough
Ian Jackson [Sat, 23 Feb 2013 20:07:24 +0000 (20:07 +0000)]
automatic agpl compliance: fix licence installation to come soon enough

5 years agoautomatic agpl compliance: abstract away shell scripts rather than whole code for...
Ian Jackson [Sat, 23 Feb 2013 20:07:09 +0000 (20:07 +0000)]
automatic agpl compliance: abstract away shell scripts rather than whole code for vcs dumps

5 years agodocs: wip
Ian Jackson [Sat, 23 Feb 2013 17:42:25 +0000 (17:42 +0000)]
docs: wip

5 years agoautomatic agpl compliance: fixes
Ian Jackson [Sat, 23 Feb 2013 17:21:01 +0000 (17:21 +0000)]
automatic agpl compliance: fixes

5 years agoautomatic agpl compliance: fixes, now does files too
Ian Jackson [Sat, 23 Feb 2013 17:13:25 +0000 (17:13 +0000)]
automatic agpl compliance: fixes, now does files too

5 years agoautomatic agpl compliance: fixes
Ian Jackson [Sat, 23 Feb 2013 15:50:46 +0000 (15:50 +0000)]
automatic agpl compliance: fixes

5 years agoautomatic agpl compliance: wip fixes, need to check output tarballs are what we expect
Ian Jackson [Mon, 18 Feb 2013 17:04:18 +0000 (17:04 +0000)]
automatic agpl compliance: wip fixes, need to check output tarballs are what we expect

5 years agoautomatic agpl compliance: wip fixes
Ian Jackson [Mon, 18 Feb 2013 16:57:21 +0000 (16:57 +0000)]
automatic agpl compliance: wip fixes

5 years agoautomatic agpl compliance: generation stuff, compiles but untested and not hooked in
Ian Jackson [Mon, 18 Feb 2013 16:46:05 +0000 (16:46 +0000)]
automatic agpl compliance: generation stuff, compiles but untested and not hooked in

5 years agoautomatic agpl compliance: dumps data, does not yet generate
Ian Jackson [Mon, 18 Feb 2013 15:50:10 +0000 (15:50 +0000)]
automatic agpl compliance: dumps data, does not yet generate

5 years agoautomatic agpl compliance: wip, before rationalise locations and dirs
Ian Jackson [Mon, 18 Feb 2013 15:27:25 +0000 (15:27 +0000)]
automatic agpl compliance: wip, before rationalise locations and dirs

5 years agoautomatic agpl compliance: rename things "licence" rather than "agpl", handle in...
Ian Jackson [Sat, 16 Feb 2013 12:03:56 +0000 (12:03 +0000)]
automatic agpl compliance: rename things "licence" rather than "agpl", handle in _check_divert_core

5 years agoautomatic agpl compliance: generate links on login forms etc.
Ian Jackson [Sat, 16 Feb 2013 11:59:58 +0000 (11:59 +0000)]
automatic agpl compliance: generate links on login forms etc.

5 years agofix is_loggedout
Ian Jackson [Mon, 21 Jan 2013 16:47:52 +0000 (16:47 +0000)]
fix is_loggedout

5 years agoredirect to https version only if $encrypted_only
Ian Jackson [Fri, 18 Jan 2013 19:20:40 +0000 (19:20 +0000)]
redirect to https version only if $encrypted_only

5 years agosupport check_https and also redirect to https version
Ian Jackson [Fri, 18 Jan 2013 19:16:47 +0000 (19:16 +0000)]
support check_https and also redirect to https version

5 years agospot cookie is missing even though we can't tell what parm value is
Ian Jackson [Fri, 18 Jan 2013 19:09:17 +0000 (19:09 +0000)]
spot cookie is missing even though we can't tell what parm value is

5 years agoprovide new debug hook
Ian Jackson [Fri, 18 Jan 2013 19:08:53 +0000 (19:08 +0000)]
provide new debug hook

5 years agorestore umask
Ian Jackson [Fri, 18 Jan 2013 18:48:05 +0000 (18:48 +0000)]
restore umask

5 years agoreturn 1 from module load
Ian Jackson [Fri, 18 Jan 2013 18:45:27 +0000 (18:45 +0000)]
return 1 from module load

5 years agosupport assocdb_dbh
Ian Jackson [Fri, 18 Jan 2013 18:45:16 +0000 (18:45 +0000)]
support assocdb_dbh

5 years agoactually sort out debugging
Ian Jackson [Thu, 17 Jan 2013 13:51:46 +0000 (13:51 +0000)]
actually sort out debugging

5 years agosort out debugging, fix a todo
Ian Jackson [Wed, 16 Jan 2013 17:57:55 +0000 (17:57 +0000)]
sort out debugging, fix a todo

5 years agochange login/password protocol to support custom error messages
Ian Jackson [Tue, 15 Jan 2013 17:18:32 +0000 (17:18 +0000)]
change login/password protocol to support custom error messages

5 years ago$divert->Message is already translated
Ian Jackson [Tue, 15 Jan 2013 17:16:07 +0000 (17:16 +0000)]
$divert->Message is already translated

5 years agofix exports
Ian Jackson [Fri, 11 Jan 2013 18:15:29 +0000 (18:15 +0000)]
fix exports

5 years agowip, finish path handling, seems to work well now
Ian Jackson [Fri, 11 Jan 2013 16:47:39 +0000 (16:47 +0000)]
wip, finish path handling, seems to work well now

5 years agowip
Ian Jackson [Fri, 11 Jan 2013 16:33:53 +0000 (16:33 +0000)]
wip

5 years agowip
Ian Jackson [Fri, 11 Jan 2013 16:20:33 +0000 (16:20 +0000)]
wip

5 years agowip
Ian Jackson [Fri, 11 Jan 2013 16:14:04 +0000 (16:14 +0000)]
wip

5 years agowip
Ian Jackson [Fri, 11 Jan 2013 16:10:09 +0000 (16:10 +0000)]
wip

5 years agowip
Ian Jackson [Fri, 11 Jan 2013 15:54:43 +0000 (15:54 +0000)]
wip

5 years agowip
Ian Jackson [Fri, 11 Jan 2013 15:19:29 +0000 (15:19 +0000)]
wip