Subject | Hash | Author | Date (UTC) |
---|---|---|---|
totp: urlencode parameters when calling qrencode | 0b16e22978a8b5488e8f435a538dec07bb515476 | Catalin(ux) M. BOIE | 2019-10-19 03:53:20 |
/run/rocketgit-fpm/ -> /run to not create the dir | 13ff6e91698260ba5a41591275fa915e33baebc9 | Catalin(ux) M. BOIE | 2019-10-01 16:08:43 |
Compute repo disk size only for not deleted repos | 551d1798802853e5af1e12a1908cc10fbc432d17 | Catalin(ux) M. BOIE | 2019-09-30 22:08:27 |
git_log2listing big changes | e91fdef76511d586af30a3aa4b44273a1203bd36 | Catalin(ux) M. BOIE | 2019-09-30 19:54:38 |
typo | 0ef09cd6e02fa3bf79e0a26b887badc103b03d87 | Catalin(ux) M. BOIE | 2019-09-30 19:53:56 |
Some more error testing for http_confirm test | 1f36b1f55465c57e935b830e456d8f8044ec17da | Catalin(ux) M. BOIE | 2019-09-30 19:53:38 |
fixes: ignore some errors | 584eef4cbfb5427eaae34d72ea99b94ec4da29a4 | Catalin(ux) M. BOIE | 2019-09-30 19:52:45 |
cache: functional test for timeout | acaeca2fbceb797b0fb58f1c05bdd8d1f9025f25 | Catalin(ux) M. BOIE | 2019-09-30 19:51:35 |
Fixed rg_git_merge because it was broken | 797a976065420525f9f2c6a096ae306ffa5ed78d | Catalin(ux) M. BOIE | 2019-09-30 19:50:41 |
Disable GC when serving requests from web/fetch/push; we will do it from cron | fd16c96f5f0a6d24e0c6aaf45c5a02833579667a | Catalin(ux) M. BOIE | 2019-09-30 19:48:49 |
git: fixes display of filenames which are not UTF-8 valid | 83b6f641a547a4652aad6e921486d2b91cffdb9f | Catalin(ux) M. BOIE | 2019-09-30 19:46:07 |
rg_change_pass missed a log file name | e49fc9f8c896414098713e418205d97b2e594c1f | Catalin(ux) M. BOIE | 2019-09-22 09:32:59 |
totp: remove a double DELETE sql query and invalidate cache after we remove the data from db | ff22d7ddabc1c64a37fcb1749f54321974b0f8d3 | Catalin(ux) M. BOIE | 2019-09-22 09:28:30 |
selinux: added map (for packs) | 911b2cffa2d754d466a31693af71d6c58639dd9d | Catalin(ux) M. BOIE | 2019-09-22 06:58:44 |
Do not allow : char in user name | 460b846752c03368990b60efbbf12f74e229bda5 | Catalin(ux) M. BOIE | 2019-09-22 05:58:37 |
Do not allow : char in repo name | b072ba3cd6c46e2ee7d07dc5890c8671d8462a09 | Catalin(ux) M. BOIE | 2019-09-22 05:56:56 |
Fix an XSS in repo description | ee2d11f0b16b436d9e64a0c5ac57361d25e098e1 | Catalin(ux) M. BOIE | 2019-09-22 05:45:11 |
Do not allow a user name to start with minus; strlen -> mb_strlen | 755f2a47e99dc3a56cee90b424ee8a9bd84236f8 | Catalin(ux) M. BOIE | 2019-09-22 05:07:01 |
Do not allow a repo to start with minus; strlen -> mb_strlen | 8ac45126805015c868ae8054ea328dc5a16cf31c | Catalin(ux) M. BOIE | 2019-09-22 05:06:41 |
Limit the desciption of the project to 100 chars to be able to pack more repos per page | 1d2714726347b1eb9f113bd9c4d65d301d6502bd | Catalin(ux) M. BOIE | 2019-09-22 04:59:11 |
File | Lines added | Lines deleted |
---|---|---|
inc/totp.inc.php | 6 | 4 |
File inc/totp.inc.php changed (mode: 100644) (index 8b49f5c..88f7afb) | |||
... | ... | function rg_totp_png($secret) | |
152 | 152 | { | { |
153 | 153 | global $rg_ssh_host; | global $rg_ssh_host; |
154 | 154 | ||
155 | $extra = gmdate('Y-m-d H:i'); | ||
156 | $issuer = $rg_ssh_host; | ||
155 | $extra = urlencode(gmdate('Y-m-d H:i')); | ||
156 | $secret = urlencode($secret); | ||
157 | $issuer = urlencode($rg_ssh_host); | ||
157 | 158 | $cmd = "qrencode -o - --level=H --type=PNG 'otpauth://totp/$extra?secret=$secret&issuer=$issuer'"; | $cmd = "qrencode -o - --level=H --type=PNG 'otpauth://totp/$extra?secret=$secret&issuer=$issuer'"; |
158 | $a = rg_exec($cmd, '', FALSE, FALSE); | ||
159 | $a = rg_exec($cmd, '', FALSE, FALSE, FALSE); | ||
159 | 160 | if ($a['ok'] != 1) | if ($a['ok'] != 1) |
160 | 161 | return FALSE; | return FALSE; |
161 | 162 | ||
... | ... | function rg_totp_text($secret) | |
170 | 171 | global $rg_ssh_host; | global $rg_ssh_host; |
171 | 172 | ||
172 | 173 | $extra = urlencode(gmdate('Y-m-d H:i')); | $extra = urlencode(gmdate('Y-m-d H:i')); |
174 | $secret = urlencode($secret); | ||
173 | 175 | $issuer = urlencode($rg_ssh_host); | $issuer = urlencode($rg_ssh_host); |
174 | 176 | $cmd = "qrencode -o - --level=M --margin=2 --type=UTF8" | $cmd = "qrencode -o - --level=M --margin=2 --type=UTF8" |
175 | 177 | . " 'otpauth://totp/$extra?secret=$secret&issuer=$issuer'"; | . " 'otpauth://totp/$extra?secret=$secret&issuer=$issuer'"; |
176 | $a = rg_exec($cmd, '', FALSE, FALSE); | ||
178 | $a = rg_exec($cmd, '', FALSE, FALSE, FALSE); | ||
177 | 179 | if ($a['ok'] != 1) | if ($a['ok'] != 1) |
178 | 180 | return FALSE; | return FALSE; |
179 | 181 |