| Commit message (Collapse) | Author | |||
|---|---|---|---|---|
| 2014-01-16 | auth: lua string comparisons are time invariant | Jason A. Donenfeld | ||
| By default, strings are compared by hash, so we can remove this comment. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
| 2014-01-16 | authentication: use hidden form instead of referer | Jason A. Donenfeld | ||
| This also gives us some CSRF protection. Note that we make use of the hmac to protect the redirect value. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
| 2014-01-16 | auth: add basic authentication filter framework | Jason A. Donenfeld | ||
| This leverages the new lua support. See filters/simple-authentication.lua for explaination of how this works. There is also additional documentation in cgitrc.5.txt. Though this is a cookie-based approach, cgit's caching mechanism is preserved for authenticated pages. Very plugable and extendable depending on user needs. The sample script uses an HMAC-SHA1 based cookie to store the currently logged in user, with an expiration date. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
| 2014-01-16 | t0111: Additions and fixes | Lukas Fleischer | ||
| * Rename the capitalize-* filters to dump.* since they also dump the arguments. * Add full argument validation to the email filters. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> | ||||
| 2014-01-16 | parsing.c: Remove leading space from committer | Lukas Fleischertitle='2019-11-09 20:23:05 -0500'>2019-11-09 | Remove extended-join and invite-notify | June McEnroe |
| 2019-11-09 | Maintain stateCaps and offer them to clients | June McEnroe | ||
| 2019-11-09 | Parse capabilities | June McEnroe | ||
| 2019-11-09 | Avoid the reserved _A names with BIT macro | June McEnroe | ||
| 2019-11-09 | Define macro for bit flag enums | June McEnroe | ||
| 2019-11-08 | Check that password is hashed | June McEnroe | ||
| 2019-11-08 | Avoid calling getopt_long again after it returns -1 | June McEnroe | ||
| 2019-11-08 | Only change AWAY status for registered clients | June McEnroe | ||
| 2019-11-07 | Just write the example normally | June McEnroe | ||
| 2019-11-07 | Include path in readlinkat error | June McEnroe | ||
| 2019-11-07 | Call clientConsume before clientRecv | June McEnroe | ||
| 2019-11-06 | Use -l:filename in Linux.mk | June McEnroe | ||
| 2019-11-06 | Fix compat.h for #defined strlcpy | June McEnroe | ||
| 2019-11-06 | Allow unsetting LIBRESSL_PREFIX | June McEnroe | ||
| 2019-11-06 | Document calico service configuration | June McEnroe | ||
| 2019-11-06 | Document SASL EXTERNAL configuration in more detail | June McEnroe | ||
| 2019-11-06 | Document pounce service configuration | June McEnroe | ||
| 2019-11-06 | Mention Darwin and GNU/Linux in README | June McEnroe | ||
| 2019-11-06 | Assume LibreSSL from brew on Darwin | June McEnroe | ||
| 2019-11-06 | Remove -DNO_EXPLICIT_BZERO from Darwin.mk | June McEnroe | ||
| 2019-11-06 | Don't install rc scripts or dirs on Linux | June McEnroe | ||