From e9a3d262aa18e6469b9372741210014f51b0c9a7 Mon Sep 17 00:00:00 2001 From: Martin Zobel-Helas Date: Fri, 9 Mar 2012 12:32:46 +0100 Subject: [PATCH 01/16] fix web password generation Signed-off-by: Martin Zobel-Helas --- update.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/update.cgi b/update.cgi index 9f9b78c..13d847b 100755 --- a/update.cgi +++ b/update.cgi @@ -249,7 +249,7 @@ if (!($query->param('doupdate'))) { } # create a md5 crypted password - $newwebpassword = apache_md5_crypt($query->param('newwebpass'), &Util::CreateCryptSalt(1)); + $newwebpassword = apache_md5_crypt($query->param('newwebpass'), &Util::CreateCryptSalt()); &Util::LDAPUpdate($ldap, $editdn, 'webPassword', $newwebpassword); } -- 2.20.1 From 9b394648f35965c5b6e18a8ff12af25d73866f7a Mon Sep 17 00:00:00 2001 From: Martin Zobel-Helas Date: Fri, 9 Mar 2012 12:47:38 +0100 Subject: [PATCH 02/16] Better salt Signed-off-by: Martin Zobel-Helas --- Util.pm | 16 ++++++++++++++++ update.cgi | 2 +- 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/Util.pm b/Util.pm index 001de37..f6be1ed 100644 --- a/Util.pm +++ b/Util.pm @@ -50,6 +50,22 @@ sub CreateCryptSalt { return ($md5 ? "\$1\$$out\$" : $out); } +sub CreateMD5Salt { + my $validstr = './0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; + my @valid = split(//,$validstr); + my ($in, $out); + + my $cryptsaltlen = 8; + + open (F, "param('doupdate'))) { } # create a md5 crypted password - $newwebpassword = apache_md5_crypt($query->param('newwebpass'), &Util::CreateCryptSalt()); + $newwebpassword = apache_md5_crypt($query->param('newwebpass'), &Util::CreateMD5Salt()); &Util::LDAPUpdate($ldap, $editdn, 'webPassword', $newwebpassword); } -- 2.20.1 From 48b86bd65e76c84d921c50a3fcdcd5a9ad73b379 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Fri, 9 Mar 2012 18:58:09 +0100 Subject: [PATCH 03/16] Say what web password is good for --- html/update.wml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/html/update.wml b/html/update.wml index 184004f..34bc314 100644 --- a/html/update.wml +++ b/html/update.wml @@ -190,7 +190,7 @@ - Change web password:
(re-enter to verify) + Change web password (for https://sso.debian.org/):
(re-enter to verify)
-- 2.20.1 From 7e071849e84e3605d36cdef39332fe58e2dc76c7 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Fri, 9 Mar 2012 18:59:28 +0100 Subject: [PATCH 04/16] And say which password failed its check --- update.cgi | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/update.cgi b/update.cgi index d7749d8..c7caafd 100755 --- a/update.cgi +++ b/update.cgi @@ -240,12 +240,12 @@ if (!($query->param('doupdate'))) { if ($query->param('newwebpass') && $query->param('newwebpassvrfy')) { if ($query->param('newwebpass') ne $query->param('newwebpassvrfy')) { # passwords don't match... - &Util::HTMLError("The passwords you specified do not match. Please go back and try again."); + &Util::HTMLError("The web-passwords you specified do not match. Please go back and try again."); } my ($r, $msg) = &Util::checkPasswordQuality($query->param('newwebpass'), undef, [@ldapinfo_for_pwcheck]); if ($r) { - &Util::HTMLError("Password check failed: $msg. Please go back and try again."); + &Util::HTMLError("Password check failed for web-password: $msg. Please go back and try again."); } # create a md5 crypted password -- 2.20.1 From ff0cef885477e3fbf5ad82b0768f66e0e4da13d3 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Fri, 9 Mar 2012 19:09:52 +0100 Subject: [PATCH 05/16] Also ignore "-" as words for cracklib --- password-qualify-check | 2 ++ 1 file changed, 2 insertions(+) diff --git a/password-qualify-check b/password-qualify-check index 08e90dc..95af588 100755 --- a/password-qualify-check +++ b/password-qualify-check @@ -57,6 +57,8 @@ except ValueError, e: if len(ldapwords) > 0: # squeeze's cracklib-packer complains about '*' on input - it # says 'skipping line: 1' + while '-' in ldapwords: + ldapwords.remove('-') while '*' in ldapwords: ldapwords.remove('*') -- 2.20.1 From dce01ebc1c99705de3acd1638edf0b9301ddf8cb Mon Sep 17 00:00:00 2001 From: Martin Zobel-Helas Date: Fri, 9 Mar 2012 19:51:32 +0100 Subject: [PATCH 06/16] remove code duplication --- Util.pm | 26 ++++++++------------------ update.cgi | 2 +- 2 files changed, 9 insertions(+), 19 deletions(-) diff --git a/Util.pm b/Util.pm index f6be1ed..2b230ab 100644 --- a/Util.pm +++ b/Util.pm @@ -34,28 +34,16 @@ sub CreateKey { sub CreateCryptSalt { # this can create either a DES type salt or a MD5 salt - my $md5 = shift; # do we want a MD5 salt? + # 0 for DES, 1 for MD5 salt and 2 for apache MD5 salt + my $type = shift; my $validstr = './0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; my @valid = split(//,$validstr); my ($in, $out); - my $cryptsaltlen = ($md5 ? 8 : 2); - - open (F, "param('doupdate'))) { } # create a md5 crypted password - $newwebpassword = apache_md5_crypt($query->param('newwebpass'), &Util::CreateMD5Salt()); + $newwebpassword = apache_md5_crypt($query->param('newwebpass'), &Util::CreateCryptSalt(2)); &Util::LDAPUpdate($ldap, $editdn, 'webPassword', $newwebpassword); } -- 2.20.1 From f82558216b5676e2fcc8725b348e1c094b10f151 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Fri, 9 Mar 2012 20:58:42 +0100 Subject: [PATCH 07/16] Try a different CreateCryptSalt approach --- Util.pm | 21 ++++++++++----------- update.cgi | 2 +- 2 files changed, 11 insertions(+), 12 deletions(-) diff --git a/Util.pm b/Util.pm index 2b230ab..27060d7 100644 --- a/Util.pm +++ b/Util.pm @@ -33,27 +33,26 @@ sub CreateKey { } sub CreateCryptSalt { + # CreateCryptSalt(type = 0, skip_header = 0) # this can create either a DES type salt or a MD5 salt - # 0 for DES, 1 for MD5 salt and 2 for apache MD5 salt - my $type = shift; + # 0 for DES, 1 for MD5 salt + # if skip_header is 0, does not add $1$ for md5 salts. + my $md5 = shift; # do we want a MD5 salt? + my $no_crypttype_header = shift; my $validstr = './0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; my @valid = split(//,$validstr); my ($in, $out); - - my $cryptsaltlen = 2; - if (($type == 1)||($type == 2)) { - $cryptsaltlen = 8; - } - + + my $cryptsaltlen = ($md5 ? 8 : 2); + open (F, "param('doupdate'))) { } # create a md5 crypted password - $newwebpassword = apache_md5_crypt($query->param('newwebpass'), &Util::CreateCryptSalt(2)); + $newwebpassword = apache_md5_crypt($query->param('newwebpass'), &Util::CreateCryptSalt(1, 1)); &Util::LDAPUpdate($ldap, $editdn, 'webPassword', $newwebpassword); } -- 2.20.1 From 9c4e3ad724f2085e340f5e1247549d31b55e5039 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Sun, 10 Jun 2012 22:01:01 +0200 Subject: [PATCH 08/16] Use the changes@ address consistently in preference to change@ Cherry pick 6e07c94822cba24dd24e5f86e662a7ddabc863ea from torproject, by Nick Mathewson: Having both addresses listed on the website led me to think that one of them must be a misprint, and slowed down my debugging attempts by a factor of 2 as I tried every one of my incorrect ideas on both of the addresses. --- html/forward.wml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/html/forward.wml b/html/forward.wml index b0bc436..a2b6375 100644 --- a/html/forward.wml +++ b/html/forward.wml @@ -29,7 +29,7 @@ not create a forward file then that machine will spool the mail to

The email forwarding can be easily reconfigured using GnuPG: 

-echo "emailforward: foo@bar.com" | gpg --clearsign | mail change@db.debian.org
+echo "emailforward: foo@bar.com" | gpg --clearsign | mail changes@db.debian.org
or by visiting db.debian.org -- 2.20.1 From 5cb87afd538ccefcc819032e7ac832a410ff0f52 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Sun, 10 Jun 2012 22:03:06 +0200 Subject: [PATCH 09/16] And a changelog entry for Nick's change --- debian/changelog | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/debian/changelog b/debian/changelog index bf6bab3..db1b911 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,9 @@ userdir-ldap-cgi (0.3.37) Xnstable; urgency=low - * + [ Nick Mathewson ] + * Use the changes@ address consistently in preference to change@. - -- Martin Zobel-Helas Fri, 09 Mar 2012 10:03:46 +0100 + -- Peter Palfrader Sun, 10 Jun 2012 22:03:14 +0200 userdir-ldap-cgi (0.3.36) unstable; urgency=low -- 2.20.1 From dcd50e6d13ea0ca9c07914f1305c4eb26f062113 Mon Sep 17 00:00:00 2001 From: Martin Zobel-Helas Date: Wed, 13 Jun 2012 18:23:03 +0200 Subject: [PATCH 10/16] restructure Signed-off-by: Martin Zobel-Helas --- debian/control | 45 +++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 43 insertions(+), 2 deletions(-) diff --git a/debian/control b/debian/control index a23c033..32e64d4 100644 --- a/debian/control +++ b/debian/control @@ -8,8 +8,49 @@ Uploaders: Peter Palfrader , Stephen Gran , Package: userdir-ldap-cgi Architecture: all -Depends: userdir-ldap, perl5, libnet-ldap-perl, libcrypt-blowfish-perl, gnupg (>= 1.0.3), libdate-manip-perl, liburi-perl, libio-socket-ssl-perl, libossp-uuid-perl, libdigest-hmac-perl, python, python-crack | python-cracklib, cracklib-runtime, libcrypt-passwdmd5-perl -Recommends: wamerican, wamerican-large, wamerican-small, wbritish, wbritish-large, wbritish-small, wbulgarian, wcanadian, wcanadian-large, wcanadian-small, wcatalan, wdanish, wdutch, wfaroese, wfinnish, wfrench, wgalician-minimos, witalian, wngerman, wnorwegian, wogerman, wpolish, wspanish, wswedish, wswiss, wukrainian +Depends: userdir-ldap, + perl5, + libcrypt-blowfish-perl, + libcrypt-passwdmd5-perl, + libdate-manip-perl, + libdigest-hmac-perl, + libio-socket-ssl-perl, + libnet-ldap-perl, + libossp-uuid-perl, + liburi-perl + , + gnupg (>=1.0.3) + , + python, + python-crack | python-cracklib + , + cracklib-runtime +Recommends: wamerican, + wamerican-large, + wamerican-small, + wbritish, + wbritish-large, + wbritish-small, + wbulgarian, + wcanadian, + wcanadian-large, + wcanadian-small, + wcatalan, + wdanish, + wdutch, + wfaroese, + wfinnish, + wfrench, + wgalician-minimos, + witalian, + wngerman, + wnorwegian, + wogerman, + wpolish, + wspanish, + wswedish, + wswiss, + wukrainian Replaces: userdir-ldap Description: CGI programs for the db.debian.org These programs are run on http://db.debian.org/ to simplify the -- 2.20.1 From eae592f7884ae95cabd41c3984a8672ecae961c2 Mon Sep 17 00:00:00 2001 From: Martin Zobel-Helas Date: Wed, 13 Jun 2012 18:49:41 +0200 Subject: [PATCH 11/16] use libjs-jquery-tablesorter to sort machines.cgi Signed-off-by: Martin Zobel-Helas --- debian/changelog | 4 ++-- debian/control | 3 +++ debian/links | 3 +++ debian/rules | 2 ++ html/debdb.css | 17 +++++++++++++++++ html/template/header.wml | 15 +++++++++++++++ machines.cgi | 13 +++++++------ 7 files changed, 49 insertions(+), 8 deletions(-) create mode 100644 debian/links diff --git a/debian/changelog b/debian/changelog index bf6bab3..224b677 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,6 @@ -userdir-ldap-cgi (0.3.37) Xnstable; urgency=low +userdir-ldap-cgi (0.3.37) UNRELEASED; urgency=low - * + * use libjs-jquery-tablesorter to sort machines.cgi -- Martin Zobel-Helas Fri, 09 Mar 2012 10:03:46 +0100 diff --git a/debian/control b/debian/control index 32e64d4..f1dcc71 100644 --- a/debian/control +++ b/debian/control @@ -25,6 +25,9 @@ Depends: userdir-ldap, python-crack | python-cracklib , cracklib-runtime + , + libjs-jquery, + libjs-jquery-tablesorter Recommends: wamerican, wamerican-large, wamerican-small, diff --git a/debian/links b/debian/links new file mode 100644 index 0000000..4c96adb --- /dev/null +++ b/debian/links @@ -0,0 +1,3 @@ +/usr/share/javascript/jquery var/www/userdir-ldap/js/jquery +/usr/share/javascript/jquery-tablesorter var/www/userdir-ldap/js/jquery-tablesorter +/usr/share/javascript/jquery-metadata var/www/userdir-ldap/js/jquery-metadata diff --git a/debian/rules b/debian/rules index 50b8352..454da0a 100755 --- a/debian/rules +++ b/debian/rules @@ -56,6 +56,8 @@ binary-indep: build install -m 644 apache-config.txt $(i)/usr/share/doc/$(package) + dh_link + dh_installchangelogs dh_installcron dh_fixperms --exclude=web-cookies diff --git a/html/debdb.css b/html/debdb.css index 57d73cc..ba99d0f 100644 --- a/html/debdb.css +++ b/html/debdb.css @@ -24,3 +24,20 @@ td.center { h1.h1class { text-align: center; } + +table { border-collapse: separate; border-spacing: 1px; } + +table.tablesorter { +font-size: 100%; +text-align: center; +} + +table.tablesorter th { + padding: 2px; + text-align: center; + vertical-align: middle; +} +table.tablesorter tbody td { + padding: 2px; + vertical-align: middle; +} diff --git a/html/template/header.wml b/html/template/header.wml index eb8479e..8213247 100644 --- a/html/template/header.wml +++ b/html/template/header.wml @@ -23,10 +23,25 @@ {#style#} {#style#: + + + :#style#} + + + + + + diff --git a/machines.cgi b/machines.cgi index ba84f18..f01d4e1 100755 --- a/machines.cgi +++ b/machines.cgi @@ -127,6 +127,7 @@ my $host = lc($query->param('host')); my $sortby = lc($query->param('sortby')) || "host"; my $sortorder = lc($query->param('sortorder')) || "asc"; + &Util::HTMLSendHeader; $ldap = Net::LDAP->new($config{ldaphost}) || &Util::HTMLError($!); &Util::UpgradeConnection($ldap) unless $config{usessl} eq 'False'; @@ -211,19 +212,19 @@ if ($output{havehostdata}) { } else { # display summary info $hostdetails = "

Summary

\n"; - $hostdetails .= "\n"; + $hostdetails .= "
\n\n"; foreach $key (@summaryorder) { if ($sortby ne $key) { - $hostdetails .= ""; + $hostdetails .= ""; } else { if ($sortorder ne "dsc") { - $hostdetails .= ""; + $hostdetails .= ""; } else { - $hostdetails .= ""; + $hostdetails .= ""; } } } - $hostdetails .= "\n"; + $hostdetails .= "\n\n\n"; my @sorted; if ($sortorder eq "asc") { @@ -239,7 +240,7 @@ if ($output{havehostdata}) { } $hostdetails .= "\n"; } - $hostdetails .= "
$summaryattrs{$key}$summaryattrs{$key}$summaryattrs{$key}$summaryattrs{$key}$summaryattrs{$key}$summaryattrs{$key}
\n"; + $hostdetails .= "\n\n"; } # Finally, we can write the output... yuck... -- 2.20.1 From 8572ceaaa11c6282001d267684ed2fdbb653a198 Mon Sep 17 00:00:00 2001 From: Martin Zobel-Helas Date: Wed, 13 Jun 2012 22:42:50 +0200 Subject: [PATCH 12/16] some cleanup Signed-off-by: Martin Zobel-Helas --- html/hostinfo.wml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/html/hostinfo.wml b/html/hostinfo.wml index f815f9e..24c2b3e 100644 --- a/html/hostinfo.wml +++ b/html/hostinfo.wml @@ -1,8 +1,5 @@ #use wml::db.d.o title="debian.org Developer Machines" -# -# -# -# -#
Lookup:
-#		 -# 
~hostdetails~
-#

Debian Host Naming Scheme\ -- 2.20.1 From 173d946672400aef8b5230210443f037bea16a4f Mon Sep 17 00:00:00 2001 From: Martin Zobel-Helas Date: Fri, 15 Jun 2012 15:41:26 +0200 Subject: [PATCH 13/16] promote documentation on searchform.wml Signed-off-by: Martin Zobel-Helas --- debian/changelog | 1 + html/searchform.wml | 36 +++++++++++++++++++++++++++--------- 2 files changed, 28 insertions(+), 9 deletions(-) diff --git a/debian/changelog b/debian/changelog index 842f5df..c072afa 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,6 +2,7 @@ userdir-ldap-cgi (0.3.37) UNRELEASED; urgency=low [ Martin Zobel-Helas ] * use libjs-jquery-tablesorter to sort machines.cgi + * promote documentation on searchform.wml [ Nick Mathewson ] * Use the changes@ address consistently in preference to change@. diff --git a/html/searchform.wml b/html/searchform.wml index e50b218..2e51d39 100644 --- a/html/searchform.wml +++ b/html/searchform.wml @@ -1,5 +1,32 @@ #use wml::db.d.o title="debian.org Developers LDAP Search" +

+

@@ -46,13 +73,4 @@ to update their settings, or logged in.

-
-
-

Debian development machines -
Documentation -
Lost or forgotten password instructions -
Debian.org Email Forwarding -
Debian Certificate Authority -
SPI Certificate Authority

-
-- 2.20.1 From d94bff4b6491c3207152cde4d5fd0aeb67abf0ca Mon Sep 17 00:00:00 2001 From: Martin Zobel-Helas Date: Fri, 15 Jun 2012 15:45:42 +0200 Subject: [PATCH 14/16] two more pages of documentation Signed-off-by: Martin Zobel-Helas --- html/searchform.wml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/html/searchform.wml b/html/searchform.wml index 2e51d39..9874bc1 100644 --- a/html/searchform.wml +++ b/html/searchform.wml @@ -10,9 +10,11 @@
  • DSA Wiki
    • -
  • Documentation +
  • LDAP Documentation -- 2.20.1 From 375608726c73fb2c8f55f4fae332235e987bf559 Mon Sep 17 00:00:00 2001 From: Martin Zobel-Helas Date: Fri, 15 Jun 2012 16:35:13 +0200 Subject: [PATCH 15/16] move the navbar to all pages Signed-off-by: Martin Zobel-Helas --- html/searchform.wml | 29 ----------------------------- html/template/db.d.o.wml | 4 +++- html/template/vbar.wml | 31 +++++++++++++++++++++++++++++++ 3 files changed, 34 insertions(+), 30 deletions(-) create mode 100644 html/template/vbar.wml diff --git a/html/searchform.wml b/html/searchform.wml index 9874bc1..33f030c 100644 --- a/html/searchform.wml +++ b/html/searchform.wml @@ -1,34 +1,5 @@ #use wml::db.d.o title="debian.org Developers LDAP Search" - -

    diff --git a/html/template/db.d.o.wml b/html/template/db.d.o.wml index 9b30066..cf05841 100644 --- a/html/template/db.d.o.wml +++ b/html/template/db.d.o.wml @@ -1,10 +1,12 @@ #use wml::basic NOMIRRORS=true NOCOMMENTS=true - +#use wml::vbar
    $(title) "/> + + {#mainbody#} + + + -- 2.20.1 From 03a2094f69b5b8d37b6d8d3734c46788a76292f2 Mon Sep 17 00:00:00 2001 From: Martin Zobel-Helas Date: Fri, 15 Jun 2012 16:37:19 +0200 Subject: [PATCH 16/16] readd the lost items Signed-off-by: Martin Zobel-Helas --- html/template/vbar.wml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/html/template/vbar.wml b/html/template/vbar.wml index 5e2a8b7..5deab80 100644 --- a/html/template/vbar.wml +++ b/html/template/vbar.wml @@ -11,9 +11,11 @@
  • DSA Wiki
    • -
  • Documentation +
  • LDAP Documentation -- 2.20.1