[evolvis-commits] r17366: Merged from upstream 5.1

mirabilos at evolvis.org mirabilos at evolvis.org
Fri Jul 8 15:04:17 CEST 2011


Author: mirabilos
Date: 2011-07-08 15:04:17 +0200 (Fri, 08 Jul 2011)
New Revision: 17366

Modified:
   trunk/gforge_base/evolvisforge-5.1/src/debian/dsf-in/common.postinst
   trunk/gforge_base/evolvisforge-5.1/src/www/account/editsshkeys.php
   trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_activity.php
   trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_newreleases.php
   trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_news.php
   trunk/gforge_base/evolvisforge-5.1/tests/func/RBAC/rbacTest.php
Log:
Merged from upstream 5.1

Modified: trunk/gforge_base/evolvisforge-5.1/src/debian/dsf-in/common.postinst
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/src/debian/dsf-in/common.postinst	2011-07-08 13:04:13 UTC (rev 17365)
+++ trunk/gforge_base/evolvisforge-5.1/src/debian/dsf-in/common.postinst	2011-07-08 13:04:17 UTC (rev 17366)
@@ -68,6 +68,12 @@
 		    fi
 		fi
 
+		if [ -c /dev/urandom ]; then  # ...using /dev/urandom when possible
+		    sk=$(dd if=/dev/urandom count=1 bs=16 2> /dev/null | md5sum | cut -c-32)
+		else		# ...or something else if need be.
+		    sk=$(date +"%s:%N" | md5sum | cut -c-32)
+		fi
+
 		cat > $t <<EOF
 ; This file was generated by the Debian installation system.
 ; You can edit the values here or move them to other files.
@@ -79,6 +85,8 @@
 database_user=gforge
 database_port=5432
 database_password=$pw
+
+session_key=$sk
 EOF
 		mv $t /etc/gforge/config.ini.d/debian-install-secrets.ini
 	    fi

Modified: trunk/gforge_base/evolvisforge-5.1/src/www/account/editsshkeys.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/src/www/account/editsshkeys.php	2011-07-08 13:04:13 UTC (rev 17365)
+++ trunk/gforge_base/evolvisforge-5.1/src/www/account/editsshkeys.php	2011-07-08 13:04:17 UTC (rev 17366)
@@ -40,7 +40,7 @@
 			/* The encoded key is made of 0-9, A-Z ,a-z, +, / (base 64) characters,
 			 ends with zero or up to three '=' and the length must be >= 512 bits (157 base64 characters).
 			 The whole key ends with an optional comment. */
-			if ( preg_match("@^ssh-(rsa|dss)\s+[A-Za-z0-9+/]{157,}={0,2}(\s+.*)?$@", $key) === 0 ) { // Warning: we must use === for the test
+			if ( preg_match("@^(((no-port-forwarding|no-X11-forwarding|no-agent-forwarding|no-pty|command=\"[^\"]+\"|from=\"?[A-Za-z0-9\.-]+\"?),?)*\s+)?ssh-(rsa|dss)\s+[A-Za-z0-9+/]{157,}={0,2}(\s+.*)?$@", $key) === 0 ) { // Warning: we must use === for the test
 				$msg = sprintf (_('The following key has a wrong format: |%s|.  Please, correct it by going back to the previous page.'),
 						htmlspecialchars($key));
 				exit_error($msg,'my');

Modified: trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_activity.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_activity.php	2011-07-08 13:04:13 UTC (rev 17365)
+++ trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_activity.php	2011-07-08 13:04:17 UTC (rev 17366)
@@ -33,7 +33,7 @@
 $url = rtrim($url, '/');
 
 if ($group_id) {
-	forge_require_perm('project_read', $group_id);
+	session_require_perm('project_read', $group_id);
 
 	$res = db_query_params ('SELECT group_name FROM groups WHERE group_id=$1',
 				array($group_id),

Modified: trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_newreleases.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_newreleases.php	2011-07-08 13:04:13 UTC (rev 17365)
+++ trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_newreleases.php	2011-07-08 13:04:17 UTC (rev 17366)
@@ -37,7 +37,7 @@
 if ($limit > 100) $limit = 100;
 
 if ($group_id) {
-	forge_require_perm('project_read', $group_id);
+	session_require_perm('project_read', $group_id);
 	
 	$res = db_query_params ('SELECT group_name FROM groups WHERE group_id=$1',
 				array ($group_id)) ;

Modified: trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_news.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_news.php	2011-07-08 13:04:13 UTC (rev 17365)
+++ trunk/gforge_base/evolvisforge-5.1/src/www/export/rss20_news.php	2011-07-08 13:04:17 UTC (rev 17366)
@@ -35,7 +35,7 @@
 if ($limit > 100) $limit = 100;
 
 if ($group_id) {
-	forge_require_perm('project_read', $group_id);
+	session_require_perm('project_read', $group_id);
 	
 	$res = db_query_params ('SELECT group_name FROM groups WHERE group_id=$1',
 				array($group_id),

Modified: trunk/gforge_base/evolvisforge-5.1/tests/func/RBAC/rbacTest.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/tests/func/RBAC/rbacTest.php	2011-07-08 13:04:13 UTC (rev 17365)
+++ trunk/gforge_base/evolvisforge-5.1/tests/func/RBAC/rbacTest.php	2011-07-08 13:04:17 UTC (rev 17366)
@@ -34,7 +34,7 @@
 		$this->click("link=Users and permissions");
 		$this->waitForPageToLoad("30000");
 		$this->assertTrue($this->isTextPresent("Members of ProjectA"));
-		$this->click("//tr/td[contains(.,'Anonymous')]/../td/input[contains(@value,'Unlink Role')]");
+		$this->click("//tr/td/form/div[contains(.,'Anonymous')]/../../../td/form/div/input[contains(@value,'Unlink Role')]");
 		$this->waitForPageToLoad("30000");
 		$this->assertTrue($this->isTextPresent("Role unlinked successfully"));
 



More information about the evolvis-commits mailing list