Tollef Fog Heen [Sat, 27 Jul 2019 00:05:28 +0000 (02:05 +0200)]
Fix up HTML a bit
Tollef Fog Heen [Fri, 26 Jul 2019 21:57:05 +0000 (23:57 +0200)]
Initial totp-fetch-seed implementation, not complete yet
Tollef Fog Heen [Tue, 23 Jul 2019 21:15:15 +0000 (23:15 +0200)]
Actually create the totp directory too
Tollef Fog Heen [Tue, 23 Jul 2019 15:50:54 +0000 (17:50 +0200)]
Whitespace cleanup
Peter Palfrader [Thu, 3 Jan 2019 13:56:40 +0000 (14:56 +0100)]
html/Makefile: searchform.html also requires domains.tab
Tollef Fog Heen [Wed, 2 Jan 2019 19:17:54 +0000 (20:17 +0100)]
releasing package userdir-ldap-cgi version 0.3.42
Tollef Fog Heen [Wed, 2 Jan 2019 19:16:27 +0000 (20:16 +0100)]
Remove link to HTTPS version, this is all HTTPS now.
Tollef Fog Heen [Wed, 2 Jan 2019 19:16:09 +0000 (20:16 +0100)]
Fix build-breaking typo
Tollef Fog Heen [Wed, 2 Jan 2019 19:08:55 +0000 (20:08 +0100)]
Release 0.3.41
Peter Palfrader [Fri, 23 Nov 2018 09:11:31 +0000 (10:11 +0100)]
How one identifies is not relevant to their work in Debian: remove gender attribute from ud-ldap
Peter Palfrader [Sun, 4 Nov 2018 12:13:38 +0000 (13:13 +0100)]
Remove html/domains.tab from the source as it is autogenerated during build
Peter Palfrader [Sun, 4 Nov 2018 12:05:37 +0000 (13:05 +0100)]
Release 0.3.40
Alex Muntada [Fri, 2 Mar 2018 16:35:08 +0000 (17:35 +0100)]
Explain how to use DNSSEC and SSHFP records
Martin Zobel-Helas [Mon, 18 Sep 2017 17:21:47 +0000 (19:21 +0200)]
also add debian/changelog entry
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Mon, 18 Sep 2017 17:19:05 +0000 (19:19 +0200)]
Remove link to old CA
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Tollef Fog Heen [Sat, 5 Aug 2017 22:00:49 +0000 (00:00 +0200)]
Reformat list of dependencies and drop "perl5", which is no longer a thing.
Tollef Fog Heen [Sat, 5 Aug 2017 22:00:14 +0000 (00:00 +0200)]
New debhelper version installs in debian/$package, adjust debian/rules appropriately.
Tollef Fog Heen [Sat, 5 Aug 2017 21:59:17 +0000 (23:59 +0200)]
Add missing Build-Depends for libhtml-parser-perl.
Tollef Fog Heen [Sat, 5 Aug 2017 21:58:38 +0000 (23:58 +0200)]
Add debian/compat with level 10.
Tollef Fog Heen [Sat, 5 Aug 2017 21:58:17 +0000 (23:58 +0200)]
Use a bit more modern perl in Util.pm, drop defined for an array check.
Adam D. Barratt [Mon, 24 Jul 2017 17:49:15 +0000 (18:49 +0100)]
doc-mail/wml: fix typo ("MTA" -> "MUA")
If the user is editing mail, it's far more likely that they'll be doing so
in an MUA rather than an MTA.
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Signed-off-by: Julien Cristau <jcristau@debian.org>
Adam D. Barratt [Mon, 24 Jul 2017 17:49:14 +0000 (18:49 +0100)]
doc-mail.wml: fix typo ("looses" -> "loses")
The user has misplaced their password, not released it.
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Signed-off-by: Julien Cristau <jcristau@debian.org>
Paul Wise [Mon, 15 Aug 2016 07:58:58 +0000 (15:58 +0800)]
Suggest using TLS when connecting to LDAP directly
Avoids manipulation of information by the network.
Paul Wise [Mon, 25 Apr 2016 02:48:31 +0000 (10:48 +0800)]
Give an example of the show command
Suggested-by: Mathieu Malaterre <malat@debian.org>
Suggested-in: <CA+7wUsyRnLjCiyJ3iyL6H8ZX_ttj0grBXJbq7KJXYaW9wznN8g@mail.gmail.com>
Paul Wise [Wed, 9 Mar 2016 14:57:36 +0000 (22:57 +0800)]
Drop SSH key fingerprint info from machines.cgi pages
Suggested-by: Drew Parsons <dparsons@debian.org>
Suggested-in: <
1457492501.9688.6.camel@debian.org>
Raphael Geissert [Thu, 18 Feb 2016 19:13:17 +0000 (20:13 +0100)]
Allow dashes in hostnames for sudo passwords (RT #5785)
Paul Wise [Sun, 1 Nov 2015 12:35:24 +0000 (20:35 +0800)]
Update LDAP search docs for the usergroups changes
Julien Cristau [Tue, 9 Jun 2015 11:29:11 +0000 (21:29 +1000)]
machines.cgi: generate fingerprints for ssh-
ed25519 host keys
Signed-off-by: Julien Cristau <jcristau@debian.org>
Paul Wise [Mon, 30 Mar 2015 01:05:30 +0000 (09:05 +0800)]
Add a hint about how to merge existing SSH keys
Paul Wise [Tue, 10 Feb 2015 02:16:02 +0000 (10:16 +0800)]
ravel is no longer recommended for general shell usage
Peter Palfrader [Sat, 3 Jan 2015 13:05:48 +0000 (14:05 +0100)]
Update .gitignore
Peter Palfrader [Sat, 3 Jan 2015 13:05:28 +0000 (14:05 +0100)]
Update copyright year
Peter Palfrader [Sat, 3 Jan 2015 12:57:07 +0000 (13:57 +0100)]
Use $config{sslcafile} instead of hardcoding the path to the SSL CA in Util.pm.
Peter Palfrader [Sat, 3 Jan 2015 12:49:39 +0000 (13:49 +0100)]
Use $config{maildomain} in update.cgi instead of hardcoded db.d.o.
Peter Palfrader [Sat, 3 Jan 2015 12:35:53 +0000 (13:35 +0100)]
Add dependency on libcrypt-cbc-perl
Peter Palfrader [Sat, 3 Jan 2015 12:34:02 +0000 (13:34 +0100)]
New version number
Peter Palfrader [Sat, 3 Jan 2015 12:30:36 +0000 (13:30 +0100)]
Various fixes for XSS and bad crypto. No claim to completeness.
* Fix a XSS reported in
https://trac.torproject.org/projects/tor/ticket/14037
* Fix horrible use of crypto primitives.
* Add HMAC authentication to authtoken.
* Verify that the uid passed as a get parameters matches the
one stored in authtoken.
Peter Palfrader [Sun, 21 Dec 2014 09:14:04 +0000 (10:14 +0100)]
User new CA root cert in Util.pm
Peter Palfrader [Sun, 21 Dec 2014 09:13:41 +0000 (10:13 +0100)]
Fix debian/changelog and release info
Héctor Orón Martínez [Thu, 6 Nov 2014 16:03:20 +0000 (17:03 +0100)]
machines.cgi: re-add architecture field to list
Signed-off-by: Héctor Orón Martínez <zumbi@debian.org>
Héctor Orón Martínez [Thu, 6 Nov 2014 15:57:26 +0000 (16:57 +0100)]
d/changelog: add entry
Signed-off-by: Héctor Orón Martínez <zumbi@debian.org>
Héctor Orón Martínez [Thu, 6 Nov 2014 15:55:45 +0000 (16:55 +0100)]
machines.cgi: replace architecture field by description, more informative
Signed-off-by: Héctor Orón Martínez <zumbi@debian.org>
Paul Wise [Thu, 6 Nov 2014 10:50:27 +0000 (18:50 +0800)]
Use the correct cert when connecting to the LDAP server
Paul Wise [Thu, 6 Nov 2014 08:50:00 +0000 (16:50 +0800)]
Slightly nicer attribute list output
Paul Wise [Thu, 6 Nov 2014 08:19:27 +0000 (16:19 +0800)]
Switch from http to https links where possible.
Paul Wise [Thu, 6 Nov 2014 08:24:45 +0000 (16:24 +0800)]
Fix typo in doctype
Paul Wise [Thu, 6 Nov 2014 08:24:06 +0000 (16:24 +0800)]
Joey is no longer involved in the debian-admin team.
Paul Wise [Thu, 6 Nov 2014 08:22:16 +0000 (16:22 +0800)]
Fix the type and location of the VCS repository.
Peter Palfrader [Sun, 21 Sep 2014 12:34:39 +0000 (14:34 +0200)]
Allow dash (-) in hostnames
Tollef Fog Heen [Thu, 20 Mar 2014 19:02:28 +0000 (20:02 +0100)]
Exclude users with accountStatus set from the search.
Stephen Gran [Sun, 2 Mar 2014 08:24:15 +0000 (08:24 +0000)]
Revert "drop overrids - LDAP has it on its own"
This reverts commit
7476c73032e5755ecb80609734669a66cb8c8de4.
Stephen Gran [Fri, 28 Feb 2014 21:07:59 +0000 (21:07 +0000)]
drop overrids - LDAP has it on its own
Signed-off-by: Stephen Gran <steve@lobefin.net>
Luca Filipozzi [Thu, 16 Jan 2014 23:26:19 +0000 (23:26 +0000)]
fix typo
Luca Filipozzi [Thu, 16 Jan 2014 23:22:43 +0000 (23:22 +0000)]
voipPassword -> rtcPassword
Luca Filipozzi [Tue, 14 Jan 2014 01:27:04 +0000 (01:27 +0000)]
store voipPassword as an HA1
Martin Zobel-Helas [Sun, 12 Jan 2014 12:28:13 +0000 (13:28 +0100)]
add changelog entry
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sun, 12 Jan 2014 12:12:31 +0000 (13:12 +0100)]
add voippasswords
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sun, 15 Dec 2013 10:06:54 +0000 (11:06 +0100)]
don't escape authtoken
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Fri, 6 Sep 2013 20:21:25 +0000 (22:21 +0200)]
Revert "XSS bug in db.debian.org"
This reverts commit
784c4020017d260775339c1231052ca4eb387f02.
Martin Zobel-Helas [Fri, 6 Sep 2013 20:20:59 +0000 (22:20 +0200)]
uri_escape input
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Fri, 6 Sep 2013 17:15:08 +0000 (19:15 +0200)]
add debian/changelog entry for Moritz Naumann
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Moritz Naumann [Tue, 27 Aug 2013 14:42:49 +0000 (16:42 +0200)]
XSS bug in db.debian.org
Hi, I just stumbled upon an XSS bug in db.debian.org:
https://db.debian.org/search.cgi?id=%22%3E%3C/a%3E%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E%3Cx%20y=%22&dosearch=Search...
Both the "id" and "authtoken" fields lack input validation.
<zobel> bfly: you can find the code at git.debian.org in userdir-ldap-cgi
<zobel> would be nice if you could send a patch
A (n untested) patch is attached. Please let me know whether it's usable
and whether you are going to apply it.
-- Moritz
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sun, 25 Aug 2013 11:58:32 +0000 (13:58 +0200)]
iso-codes and isoquery are build-depends and not depends
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sun, 25 Aug 2013 11:52:50 +0000 (13:52 +0200)]
add changelog entry for the typo in update.wml
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sun, 25 Aug 2013 11:52:16 +0000 (13:52 +0200)]
auto-generate html/domains.tab
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Ramakrishnan Muthukrishnan [Thu, 22 Aug 2013 17:01:54 +0000 (22:31 +0530)]
typo: mail default handling incorrectly pointing to the greylist option.
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Peter Palfrader [Sat, 27 Jul 2013 09:37:32 +0000 (11:37 +0200)]
Point out users can use non-clearsigned mail, and mention that maybe that is smart with webmailers
Peter Palfrader [Thu, 30 May 2013 14:51:57 +0000 (16:51 +0200)]
die handler breaks stuff on wheezy
Luca Filipozzi [Wed, 23 Jan 2013 05:49:19 +0000 (05:49 +0000)]
make dnsZoneEntry description more understandable
Paul Wise [Sun, 2 Dec 2012 12:15:11 +0000 (20:15 +0800)]
Update the documentation to mention txt records in dnsZoneEntry fields.
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Enrico Zini [Sun, 25 Nov 2012 10:12:10 +0000 (11:12 +0100)]
Link to SSO documentation in web password update field
Hello,
attached is a simple patch that adds a link to
http://wiki.debian.org/DebianSingleSignOn to web password update field.
Can you please apply it and push it to production?
Ciao,
Enrico
--
GPG key: 4096R/
E7AD5568 2009-05-08 Enrico Zini <enrico@enricozini.org>
From
21da63edc068b1e717c6f48d80bed17178c96e23 Mon Sep 17 00:00:00 2001
From: Enrico Zini <enrico@enricozini.org>
Date: Sun, 25 Nov 2012 11:08:53 +0100
Subject: [PATCH] Added link to single signon documentation
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Fri, 15 Jun 2012 17:44:57 +0000 (19:44 +0200)]
and include it
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Fri, 15 Jun 2012 17:38:56 +0000 (19:38 +0200)]
fix layout problems
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Fri, 15 Jun 2012 14:37:19 +0000 (16:37 +0200)]
readd the lost items
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Fri, 15 Jun 2012 14:35:13 +0000 (16:35 +0200)]
move the navbar to all pages
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Fri, 15 Jun 2012 13:45:42 +0000 (15:45 +0200)]
two more pages of documentation
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Fri, 15 Jun 2012 13:41:26 +0000 (15:41 +0200)]
promote documentation on searchform.wml
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Wed, 13 Jun 2012 20:45:51 +0000 (22:45 +0200)]
Merge branch 'master' of git+ssh://db.debian.org/git/userdir-ldap-cgi
* 'master' of git+ssh://db.debian.org/git/userdir-ldap-cgi:
And a changelog entry for Nick's change
Use the changes@ address consistently in preference to change@
Try a different CreateCryptSalt approach
Conflicts:
debian/changelog
Martin Zobel-Helas [Wed, 13 Jun 2012 20:42:50 +0000 (22:42 +0200)]
some cleanup
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Wed, 13 Jun 2012 16:49:41 +0000 (18:49 +0200)]
use libjs-jquery-tablesorter to sort machines.cgi
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Wed, 13 Jun 2012 16:23:03 +0000 (18:23 +0200)]
restructure
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Peter Palfrader [Sun, 10 Jun 2012 20:03:06 +0000 (22:03 +0200)]
And a changelog entry for Nick's change
Peter Palfrader [Sun, 10 Jun 2012 20:01:01 +0000 (22:01 +0200)]
Use the changes@ address consistently in preference to change@
Cherry pick
6e07c94822cba24dd24e5f86e662a7ddabc863ea from torproject,
by Nick Mathewson:
Having both addresses listed on the website led me to think that one
of them must be a misprint, and slowed down my debugging attempts
by a factor of 2 as I tried every one of my incorrect ideas on both
of the addresses.
Peter Palfrader [Fri, 9 Mar 2012 19:58:42 +0000 (20:58 +0100)]
Try a different CreateCryptSalt approach
Martin Zobel-Helas [Fri, 9 Mar 2012 18:51:32 +0000 (19:51 +0100)]
remove code duplication
Peter Palfrader [Fri, 9 Mar 2012 18:09:52 +0000 (19:09 +0100)]
Also ignore "-" as words for cracklib
Peter Palfrader [Fri, 9 Mar 2012 17:59:28 +0000 (18:59 +0100)]
And say which password failed its check
Peter Palfrader [Fri, 9 Mar 2012 17:58:09 +0000 (18:58 +0100)]
Say what web password is good for
Martin Zobel-Helas [Fri, 9 Mar 2012 11:47:38 +0000 (12:47 +0100)]
Better salt
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Fri, 9 Mar 2012 11:32:46 +0000 (12:32 +0100)]
fix web password generation
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Fri, 9 Mar 2012 09:04:15 +0000 (10:04 +0100)]
unrelease
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Fri, 9 Mar 2012 09:02:43 +0000 (10:02 +0100)]
release 0.3.36
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Fri, 9 Mar 2012 09:00:24 +0000 (10:00 +0100)]
use Crypt::PasswdMD5 to create apache passwords
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Thu, 8 Mar 2012 22:59:29 +0000 (23:59 +0100)]
fix code
Martin Zobel-Helas [Thu, 8 Mar 2012 22:52:14 +0000 (23:52 +0100)]
release
Martin Zobel-Helas [Thu, 8 Mar 2012 18:24:52 +0000 (19:24 +0100)]
Merge branch 'master' of git+ssh://db.debian.org/git/userdir-ldap-cgi
* 'master' of git+ssh://db.debian.org/git/userdir-ldap-cgi:
add webpassword Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Thu, 8 Mar 2012 18:23:11 +0000 (19:23 +0100)]
add webpassword
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Thu, 8 Mar 2012 18:23:11 +0000 (19:23 +0100)]
add webpassword
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Fri, 10 Feb 2012 18:01:35 +0000 (19:01 +0100)]
add two more pics
Martin Zobel-Helas [Fri, 10 Feb 2012 17:52:34 +0000 (18:52 +0100)]
fix URL path