[evolvis-commits] r17366: Merged from upstream 5.1
mirabilos at evolvis.org
mirabilos at evolvis.org
Fri Jul 8 15:04:17 CEST 2011
Author: mirabilos
Date: 2011-07-08 15:04:17 +0200 (Fri, 08 Jul 2011)
New Revision: 17366
Modified:
trunk/gforge_base/evolvisforge-5.1/src/debian/dsf-in/common.postinst
trunk/gforge_base/evolvisforge-5.1/src/www/account/editsshkeys.php
trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_activity.php
trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_newreleases.php
trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_news.php
trunk/gforge_base/evolvisforge-5.1/tests/func/RBAC/rbacTest.php
Log:
Merged from upstream 5.1
Modified: trunk/gforge_base/evolvisforge-5.1/src/debian/dsf-in/common.postinst
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/src/debian/dsf-in/common.postinst 2011-07-08 13:04:13 UTC (rev 17365)
+++ trunk/gforge_base/evolvisforge-5.1/src/debian/dsf-in/common.postinst 2011-07-08 13:04:17 UTC (rev 17366)
@@ -68,6 +68,12 @@
fi
fi
+ if [ -c /dev/urandom ]; then # ...using /dev/urandom when possible
+ sk=$(dd if=/dev/urandom count=1 bs=16 2> /dev/null | md5sum | cut -c-32)
+ else # ...or something else if need be.
+ sk=$(date +"%s:%N" | md5sum | cut -c-32)
+ fi
+
cat > $t <<EOF
; This file was generated by the Debian installation system.
; You can edit the values here or move them to other files.
@@ -79,6 +85,8 @@
database_user=gforge
database_port=5432
database_password=$pw
+
+session_key=$sk
EOF
mv $t /etc/gforge/config.ini.d/debian-install-secrets.ini
fi
Modified: trunk/gforge_base/evolvisforge-5.1/src/www/account/editsshkeys.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/src/www/account/editsshkeys.php 2011-07-08 13:04:13 UTC (rev 17365)
+++ trunk/gforge_base/evolvisforge-5.1/src/www/account/editsshkeys.php 2011-07-08 13:04:17 UTC (rev 17366)
@@ -40,7 +40,7 @@
/* The encoded key is made of 0-9, A-Z ,a-z, +, / (base 64) characters,
ends with zero or up to three '=' and the length must be >= 512 bits (157 base64 characters).
The whole key ends with an optional comment. */
- if ( preg_match("@^ssh-(rsa|dss)\s+[A-Za-z0-9+/]{157,}={0,2}(\s+.*)?$@", $key) === 0 ) { // Warning: we must use === for the test
+ if ( preg_match("@^(((no-port-forwarding|no-X11-forwarding|no-agent-forwarding|no-pty|command=\"[^\"]+\"|from=\"?[A-Za-z0-9\.-]+\"?),?)*\s+)?ssh-(rsa|dss)\s+[A-Za-z0-9+/]{157,}={0,2}(\s+.*)?$@", $key) === 0 ) { // Warning: we must use === for the test
$msg = sprintf (_('The following key has a wrong format: |%s|. Please, correct it by going back to the previous page.'),
htmlspecialchars($key));
exit_error($msg,'my');
Modified: trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_activity.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_activity.php 2011-07-08 13:04:13 UTC (rev 17365)
+++ trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_activity.php 2011-07-08 13:04:17 UTC (rev 17366)
@@ -33,7 +33,7 @@
$url = rtrim($url, '/');
if ($group_id) {
- forge_require_perm('project_read', $group_id);
+ session_require_perm('project_read', $group_id);
$res = db_query_params ('SELECT group_name FROM groups WHERE group_id=$1',
array($group_id),
Modified: trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_newreleases.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_newreleases.php 2011-07-08 13:04:13 UTC (rev 17365)
+++ trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_newreleases.php 2011-07-08 13:04:17 UTC (rev 17366)
@@ -37,7 +37,7 @@
if ($limit > 100) $limit = 100;
if ($group_id) {
- forge_require_perm('project_read', $group_id);
+ session_require_perm('project_read', $group_id);
$res = db_query_params ('SELECT group_name FROM groups WHERE group_id=$1',
array ($group_id)) ;
Modified: trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_news.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_news.php 2011-07-08 13:04:13 UTC (rev 17365)
+++ trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_news.php 2011-07-08 13:04:17 UTC (rev 17366)
@@ -35,7 +35,7 @@
if ($limit > 100) $limit = 100;
if ($group_id) {
- forge_require_perm('project_read', $group_id);
+ session_require_perm('project_read', $group_id);
$res = db_query_params ('SELECT group_name FROM groups WHERE group_id=$1',
array($group_id),
Modified: trunk/gforge_base/evolvisforge-5.1/tests/func/RBAC/rbacTest.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/tests/func/RBAC/rbacTest.php 2011-07-08 13:04:13 UTC (rev 17365)
+++ trunk/gforge_base/evolvisforge-5.1/tests/func/RBAC/rbacTest.php 2011-07-08 13:04:17 UTC (rev 17366)
@@ -34,7 +34,7 @@
$this->click("link=Users and permissions");
$this->waitForPageToLoad("30000");
$this->assertTrue($this->isTextPresent("Members of ProjectA"));
- $this->click("//tr/td[contains(.,'Anonymous')]/../td/input[contains(@value,'Unlink Role')]");
+ $this->click("//tr/td/form/div[contains(.,'Anonymous')]/../../../td/form/div/input[contains(@value,'Unlink Role')]");
$this->waitForPageToLoad("30000");
$this->assertTrue($this->isTextPresent("Role unlinked successfully"));
More information about the evolvis-commits
mailing list