gigi.git
2 years agofix: add missing timecondition during init process
INOPIAE [Thu, 4 Jan 2018 11:05:16 +0000 (12:05 +0100)]
fix: add missing timecondition during init process

Change-Id: Id1d14d9edae4ac8689b3c9b9c1f04ac36b883913

2 years agoMerge "chg: format show history link"
Lucas Werkmeister [Thu, 4 Jan 2018 21:47:57 +0000 (22:47 +0100)]
Merge "chg: format show history link"

2 years agoMerge "chg: don’t use printf with variable format strings"
Felix Dörre [Thu, 4 Jan 2018 12:02:15 +0000 (13:02 +0100)]
Merge "chg: don’t use printf with variable format strings"

2 years agochg: don’t use printf with variable format strings
Lucas Werkmeister [Thu, 28 Dec 2017 12:37:15 +0000 (13:37 +0100)]
chg: don’t use printf with variable format strings

Except in very exceptional cases, the format string to printf should
never be variable (and for maximum clarity, it should always be
single-quoted even if it happens to contain no shell special
characters). This commit changes one format string from double to single
quotes and rewrites two more to use substitution sequences instead of
substituting variables directly into the format (which is dangerous if
they could contain ‘%’ characters).

With this change, the following search finds no results:

    git grep "printf (?:>&2 )? [^']"

Change-Id: Ieeae16c483a7e568cd5812260a6ac54375c33340

2 years agoMerge "add: script to generate changelog based on git info"
Benny Baumann [Thu, 28 Dec 2017 19:18:42 +0000 (20:18 +0100)]
Merge "add: script to generate changelog based on git info"

2 years agoadd: script to generate changelog based on git info
Felix Dörre [Mon, 6 Nov 2017 21:02:00 +0000 (22:02 +0100)]
add: script to generate changelog based on git info

Extract version and date of the debian/changelog file from git.

Additionally adjust the jenkins template with general updates and
invocation of the new generation script.

Change-Id: I2c286e7c4411385fabecdbde74a6a1e6cfbb803e

2 years agoMerge "upd: remove alert settings from register process"
Felix Dörre [Mon, 25 Dec 2017 01:40:34 +0000 (02:40 +0100)]
Merge "upd: remove alert settings from register process"

2 years agoMerge "chg: adjust ticket number handling according to current number scheme"
Felix Dörre [Mon, 25 Dec 2017 01:40:31 +0000 (02:40 +0100)]
Merge "chg: adjust ticket number handling according to current number scheme"

2 years agoupd: remove alert settings from register process
INOPIAE [Thu, 7 Dec 2017 05:29:09 +0000 (06:29 +0100)]
upd: remove alert settings from register process

Change-Id: I511ceed2f00c15902c46d31564ba4f8454fef774

2 years agofix: ensure that Users and Organisations only are inserted completely
Felix Dörre [Sat, 9 Dec 2017 23:18:03 +0000 (00:18 +0100)]
fix: ensure that Users and Organisations only are inserted completely

Change-Id: I2c9fc5140ad46020c55325622fb102a0d1a073db

2 years agoMerge changes I86c1045b,I9fc533ac
Benny Baumann [Wed, 20 Dec 2017 22:27:40 +0000 (23:27 +0100)]
Merge changes I86c1045b,I9fc533ac

* changes:
  chg: revoke certificates if repeated ping failed
  fix: the "generateBrokenKeypair" can sometimes hang indefinitely

2 years agoMerge changes I2f1b08c0,Ie38a6b51
Felix Dörre [Mon, 18 Dec 2017 23:42:25 +0000 (00:42 +0100)]
Merge changes I2f1b08c0,Ie38a6b51

* changes:
  chg: move email and domain to verification menu
  chg: adjust wording to have a consequent wording over all pages displayed to the user

2 years agochg: adjust ticket number handling according to current number scheme
INOPIAE [Sun, 17 Dec 2017 06:15:48 +0000 (07:15 +0100)]
chg: adjust ticket number handling according to current number scheme

Change-Id: I48d298bc4b4b9f11befdb00ec87a4cc83ebbcc2c

2 years agochg: revoke certificates if repeated ping failed
Felix Dörre [Fri, 1 Dec 2017 22:18:38 +0000 (23:18 +0100)]
chg: revoke certificates if repeated ping failed

Change-Id: I86c1045bb0ab1e47657cc445af4f1eb8c53e031c

2 years agofix: the "generateBrokenKeypair" can sometimes hang indefinitely
Felix Dörre [Wed, 13 Dec 2017 19:34:15 +0000 (20:34 +0100)]
fix: the "generateBrokenKeypair" can sometimes hang indefinitely

The value of "p" can be too small so no value for "q" can be found.

The problem can be resolved by re-choosing both p and q when the result
is too small. The old "swap and only re-generate the smaller prime" does
not work anymore as p and q are not generated with equal length.

Change-Id: I9fc533ac6ece769b15deeb4186385f2a72188e72

2 years agofix: allow dev-certificates to be regenerated (with different serials)
Felix Dörre [Fri, 1 Dec 2017 22:12:15 +0000 (23:12 +0100)]
fix: allow dev-certificates to be regenerated (with different serials)

When old auto-generated certificates expire, it is necessary to
regenerate gigi's certificates. It is more comfortable to use different
serials there.

Change-Id: I0773d73e4cf392c7a5b7b1c400844b30171a9ebf

2 years agochg: format show history link
INOPIAE [Sun, 10 Dec 2017 11:59:58 +0000 (12:59 +0100)]
chg: format show history link

Change-Id: I121af08191c13978781854ce3c873dd95c1516ca

2 years agochg: move email and domain to verification menu
INOPIAE [Sat, 9 Dec 2017 13:29:06 +0000 (14:29 +0100)]
chg: move email and domain to verification menu

Change-Id: I2f1b08c0ba6d0500efcc7f04d54433900afeb8b3

2 years agochg: adjust wording to have a consequent wording over all pages
INOPIAE [Sat, 9 Dec 2017 06:35:29 +0000 (07:35 +0100)]
chg: adjust wording to have a consequent wording over all pages
displayed to the user

Change-Id: Ie38a6b517a266790f0dc0fc80c5fa0561fe6925c

2 years agoupd: clean output of Test-Manager Pinger-Forwarding
Felix Dörre [Fri, 1 Dec 2017 22:01:48 +0000 (23:01 +0100)]
upd: clean output of Test-Manager Pinger-Forwarding

Change-Id: I6c19430bbe09ede13ca90d070f2309ce23a6f547

2 years agofix: clean up "SECURE_REFERENCE"-Page
Felix Dörre [Fri, 1 Dec 2017 15:19:45 +0000 (16:19 +0100)]
fix: clean up "SECURE_REFERENCE"-Page

Change-Id: I866cb02ae3c8206c29dba980fc35f01f4c527585

2 years agochg: get wording to be the same as in Signup.java
INOPIAE [Tue, 14 Nov 2017 20:53:40 +0000 (21:53 +0100)]
chg: get wording to be the same as in Signup.java

Change-Id: I88b6a9aaa4108120074b8551960f0841c141054b

2 years agofix: create config variables for email addresses
INOPIAE [Tue, 14 Nov 2017 20:18:36 +0000 (21:18 +0100)]
fix: create config variables for email addresses

fixes issue #74

Change-Id: I9761e4c27fd92365cb647b9be8f954c4c02ffba2

2 years agoMerge "chg: improve information about password strength"
Felix Dörre [Tue, 14 Nov 2017 18:24:12 +0000 (19:24 +0100)]
Merge "chg: improve information about password strength"

2 years agoMerge "upd: get default variables into outputables for error messages"
Benny Baumann [Sat, 11 Nov 2017 13:56:01 +0000 (14:56 +0100)]
Merge "upd: get default variables into outputables for error messages"

2 years agoMerge "chg: wording on root cert page"
Benny Baumann [Sat, 11 Nov 2017 12:48:14 +0000 (13:48 +0100)]
Merge "chg: wording on root cert page"

2 years agoMerge changes Icf0b8af5,I2f8a5077
Benny Baumann [Sat, 11 Nov 2017 12:38:57 +0000 (13:38 +0100)]
Merge changes Icf0b8af5,I2f8a5077

* changes:
  add: table to store certificate logs
  chg: manage more resources explicitly

2 years agochg: improve information about password strength
INOPIAE [Wed, 11 Oct 2017 06:29:26 +0000 (08:29 +0200)]
chg: improve information about password strength

Change-Id: Ib9ef93fd4961df8bbc6bd667af8d1e0b5f49d602

2 years agoupd: get default variables into outputables for error messages
Felix Dörre [Wed, 11 Oct 2017 11:29:00 +0000 (13:29 +0200)]
upd: get default variables into outputables for error messages

Change-Id: I01c09aa503158d8cdbcfb3e15b03b61e9ac29d21

2 years agochg: wording on root cert page
INOPIAE [Thu, 9 Nov 2017 18:01:05 +0000 (19:01 +0100)]
chg: wording on root cert page

Change-Id: Ic05ec9747487bb1102e82e81e7d952f505a1c19e

2 years agoadd: table to store certificate logs
Felix Dörre [Mon, 6 Nov 2017 21:00:58 +0000 (22:00 +0100)]
add: table to store certificate logs

Change-Id: Icf0b8af5b7c40264acdf0d08f395f5f235962dfc

2 years agochg: manage more resources explicitly
Felix Dörre [Tue, 7 Nov 2017 20:06:55 +0000 (21:06 +0100)]
chg: manage more resources explicitly

When a constructor that gets a resource fails, it might prevent the
resource from being closed. By giving the resource explicitly to the
try-with-resources, this is prevented.

Change-Id: I2f8a50773de71f699c00729b51048892a44033e6

2 years agochg: use GCD of pre-multiplied list of primes to check for known factors
Benny Baumann [Tue, 7 Nov 2017 20:20:05 +0000 (21:20 +0100)]
chg: use GCD of pre-multiplied list of primes to check for known factors

Change-Id: Iae10d67814bed36a8864cccf4d7e33ad3dbefeab

2 years agoMerge changes I46ae11f8,I6d71e70e,Ie19e3229
Benny Baumann [Tue, 7 Nov 2017 19:55:40 +0000 (20:55 +0100)]
Merge changes I46ae11f8,I6d71e70e,Ie19e3229

* changes:
  chg: remove csr_name and crt_name columns from certs
  chg: use certificate attachment to store CRT and CSR files
  add: text-attachments for certificates

2 years agoMerge "add: show more certificates on the "roots" page"
Lucas Werkmeister [Tue, 7 Nov 2017 19:36:37 +0000 (20:36 +0100)]
Merge "add: show more certificates on the "roots" page"

2 years agochg: remove csr_name and crt_name columns from certs
Felix Dörre [Sat, 4 Nov 2017 23:25:22 +0000 (00:25 +0100)]
chg: remove csr_name and crt_name columns from certs

Change-Id: I46ae11f8a158547f4b1c1e1ddf062f6016e36af0

2 years agochg: use certificate attachment to store CRT and CSR files
Felix Dörre [Sat, 4 Nov 2017 23:04:39 +0000 (00:04 +0100)]
chg: use certificate attachment to store CRT and CSR files

Note: requires an updated version of cassiopeia

Change-Id: I6d71e70ec84a95a0323ab945e69bc6e29c332a81

2 years agoadd: text-attachments for certificates
Felix Dörre [Sat, 4 Nov 2017 22:50:45 +0000 (23:50 +0100)]
add: text-attachments for certificates

Change-Id: Ie19e3229557f829f4c6ec9617daa34f3238b1e85

2 years agoadd: functionality check for rejection of broken keys
Benny Baumann [Thu, 2 Nov 2017 23:05:44 +0000 (00:05 +0100)]
add: functionality check for rejection of broken keys

Change-Id: Ic7b3ef5515af2417057d04855b249a60e08f9cf8

2 years agoMerge changes Iabf8ec0b,Ia60382fc,I84138914,If8bc2638,Ia7813913
Benny Baumann [Thu, 2 Nov 2017 23:10:40 +0000 (00:10 +0100)]
Merge changes Iabf8ec0b,Ia60382fc,I84138914,If8bc2638,Ia7813913

* changes:
  add: check for keys using acceptable algorithms
  chg: update debian/copyright file based on upstream spec
  add: public key check testing for ROCA (Return of Coppersmith Attack) vulnerability
  add: public key check searching for small primes (less than 10k)
  add: initial class for performing arbitrary checks to validate public keys

2 years agoadd: check for keys using acceptable algorithms
Benny Baumann [Fri, 27 Oct 2017 17:40:44 +0000 (19:40 +0200)]
add: check for keys using acceptable algorithms

Change-Id: Iabf8ec0bc22ff4b117073ad0d068409bbf00040e

2 years agochg: update debian/copyright file based on upstream spec
Benny Baumann [Thu, 26 Oct 2017 20:47:33 +0000 (22:47 +0200)]
chg: update debian/copyright file based on upstream spec

Change-Id: Ia60382fc3b516543418bcafb9af34fee181eac89

2 years agoadd: public key check testing for ROCA (Return of Coppersmith Attack) vulnerability
Benny Baumann [Wed, 18 Oct 2017 23:31:23 +0000 (01:31 +0200)]
add: public key check testing for ROCA (Return of Coppersmith Attack) vulnerability

Check based on code from https://github.com/crocs-muni/roca/blob/master/java/BrokenKey.java

Change-Id: I84138914ad944fcc089f50cc8d84dbcd38723ff8

2 years agoadd: public key check searching for small primes (less than 10k)
Benny Baumann [Wed, 18 Oct 2017 23:28:46 +0000 (01:28 +0200)]
add: public key check searching for small primes (less than 10k)

Change-Id: If8bc26381bb2e8f4f267cfd211f1154bcb3a7d65

2 years agoadd: initial class for performing arbitrary checks to validate public keys
Benny Baumann [Wed, 18 Oct 2017 23:25:59 +0000 (01:25 +0200)]
add: initial class for performing arbitrary checks to validate public keys

Change-Id: Ia7813913b1f5922747ddba4af9a21e4fbaf07c9e

2 years agoupd: enforce that test cases receive all mails explicitly
Felix Dörre [Sat, 28 Oct 2017 06:44:39 +0000 (08:44 +0200)]
upd: enforce that test cases receive all mails explicitly

Change-Id: I7a9335f13b125d473f6f12bd05d3f2da6d535785

2 years agofix: more spontaneous failing test cases
Felix Dörre [Thu, 26 Oct 2017 22:05:16 +0000 (00:05 +0200)]
fix: more spontaneous failing test cases

Change-Id: I5bd3df024d647ca7793bc895f866c60aa6d9d55c

2 years agoadd: show more certificates on the "roots" page
Felix Dörre [Sun, 8 Oct 2017 15:22:05 +0000 (17:22 +0200)]
add: show more certificates on the "roots" page

Change-Id: I2a2acbba4636bc54b93d4f3022543a66a296ec6c

2 years agoadd: message while reporting private key compromise
Felix Dörre [Fri, 25 Aug 2017 22:52:48 +0000 (00:52 +0200)]
add: message while reporting private key compromise

Change-Id: I164ed07804c65e9e9396166d61e3cba645ae308e

2 years agoadd: process to report compromised certificates
Felix Dörre [Sat, 29 Jul 2017 21:12:54 +0000 (23:12 +0200)]
add: process to report compromised certificates

Change-Id: I0f124a48ea18740d19fc413dd99b9a69bd1eb33e

2 years agoadd: key-compromise revocation
Felix Dörre [Fri, 25 Aug 2017 14:45:55 +0000 (16:45 +0200)]
add: key-compromise revocation

Change-Id: If52127f976f6a0238ed4ec3673b848f1aba0181a

2 years agoupd: modifications in jenkins job to use newest NRE
Felix Dörre [Thu, 5 Oct 2017 16:58:29 +0000 (18:58 +0200)]
upd: modifications in jenkins job to use newest NRE

Change-Id: I938cd266ffaa371194f9dbbd1802fab357df59e0

2 years agoupd: enhance "generateTruststoreNRE"-script to generate gigi-keys
Felix Dörre [Thu, 5 Oct 2017 16:43:15 +0000 (18:43 +0200)]
upd: enhance "generateTruststoreNRE"-script to generate gigi-keys

... for development

Change-Id: I1ebb0c157fb6bcca8a83e27037b9f26c7d707019

2 years agoadd: improve error message on SQL syntax error
Felix Dörre [Tue, 26 Sep 2017 19:01:16 +0000 (21:01 +0200)]
add: improve error message on SQL syntax error

Change-Id: I8f27402492c12c4a7c3d236f60dde7789c1d9157

3 years agoupd: store different types of revocation
Felix Dörre [Sat, 12 Aug 2017 18:31:57 +0000 (20:31 +0200)]
upd: store different types of revocation

Change-Id: Ie2a51a16eed420b284f9fd5660e057da1069b740

3 years agofix: get dependencies in build-xml straight
Felix Dörre [Tue, 26 Sep 2017 19:05:13 +0000 (21:05 +0200)]
fix: get dependencies in build-xml straight

Change-Id: If1c02f5ddc3a51066310810eb24ee51342dc7f9b

3 years agoupd: mark unverified names of agents in points overview
Felix Dörre [Sun, 27 Aug 2017 00:27:05 +0000 (02:27 +0200)]
upd: mark unverified names of agents in points overview

Change-Id: I72d4e357775c72215995b0974c768edac43b5cb9

3 years agofix: move Some CA to variable
INOPIAE [Tue, 29 Aug 2017 06:28:42 +0000 (08:28 +0200)]
fix: move Some CA to variable

Change-Id: I02267d58a633639e823c79b821eae04ee4257467

3 years agoadd: more tests for revocation by support
Felix Dörre [Sun, 20 Aug 2017 23:14:38 +0000 (01:14 +0200)]
add: more tests for revocation by support

Change-Id: I1022e5e6cb743f1009f40157f9d9ce72645223fa

3 years agofix: style the preferred name indicator better
Felix Dörre [Thu, 24 Aug 2017 22:02:24 +0000 (00:02 +0200)]
fix: style the preferred name indicator better

Change-Id: Iff2244bdbdf3e673c90eaa9190eb11ff9e24ff48

3 years agofix: prompt for confirmation when removing org admins
Felix Dörre [Sun, 20 Aug 2017 23:00:28 +0000 (01:00 +0200)]
fix: prompt for confirmation when removing org admins

Change-Id: I653808751fb3f7ebb8cd65974768fe8614ab72ae

3 years agoadd: tests for support certificates view
Felix Dörre [Fri, 18 Aug 2017 21:47:02 +0000 (23:47 +0200)]
add: tests for support certificates view

Change-Id: Ib56cb3ac8e08c217e4398f2171f253b02f0b130e

3 years agofix: correct authorization checking for support accessing certificates
Felix Dörre [Fri, 18 Aug 2017 20:02:32 +0000 (22:02 +0200)]
fix: correct authorization checking for support accessing certificates

Change-Id: I5a5041e350e0a811f2199cf1b5c30b9ef4de2d05

3 years agoupd: indicate preferred name in support overview
Felix Dörre [Tue, 15 Aug 2017 20:16:48 +0000 (22:16 +0200)]
upd: indicate preferred name in support overview

Change-Id: I2d75b7bcbe4cd4068f9c5d12514db945eeb54300

3 years agoupd: more verbose success message after verification
Felix Dörre [Tue, 15 Aug 2017 19:37:13 +0000 (21:37 +0200)]
upd: more verbose success message after verification

Change-Id: Id6ab26cebe97bc140a326a58ddfbcf1ccd446dcf

3 years agoupd: print correct error message when trying to verify oneself
Felix Dörre [Tue, 15 Aug 2017 19:27:23 +0000 (21:27 +0200)]
upd: print correct error message when trying to verify oneself

Change-Id: I3f46095ebbb1e1ccd4ad2e37a997cde5041df5ba

3 years agofix: sha384 certificates
Felix Dörre [Sat, 12 Aug 2017 18:16:28 +0000 (20:16 +0200)]
fix: sha384 certificates

Change-Id: I3e58ebf50822df13212be9b95f11433dd462ba62

3 years agofix: correct validation of minimum and maximum ages
Felix Dörre [Sat, 22 Jul 2017 21:12:25 +0000 (23:12 +0200)]
fix: correct validation of minimum and maximum ages

Instead of mapping a DayDate to a single point in time, introduce the
concept of an “earliest start” and “latest end” of a date, and use the
appropriate one in various places.

Change-Id: Idbc2aa2daadf15fbdbc99e5079eb98dc7aaca92d

3 years agoadd: code to statically verify SQL call patterns
Felix Dörre [Fri, 4 Aug 2017 16:31:11 +0000 (18:31 +0200)]
add: code to statically verify SQL call patterns

Change-Id: Ib5c0e7a76d9a14f318087f092091bdf2cfa3c174

3 years agoupd: cleanup SQL statements
Felix Dörre [Tue, 1 Aug 2017 18:28:28 +0000 (20:28 +0200)]
upd: cleanup SQL statements

Change-Id: If22b05270d1f097068e38f6ed860d52740926021

3 years agoupd: precise SQL statements for verification
Felix Dörre [Sun, 30 Jul 2017 19:09:00 +0000 (21:09 +0200)]
upd: precise SQL statements for verification

Change-Id: I921b638d0734b14eb2cd1f9389c20e7fb7b15922

3 years agoupd: reactivate test case that is skipped due to failed assumption
Felix Dörre [Sun, 30 Jul 2017 16:22:18 +0000 (18:22 +0200)]
upd: reactivate test case that is skipped due to failed assumption

When this test case was introduced. The semantics of "getById"-Methods
where slightly different. These methods would throw an
IllegalArgumentException when the Object was not found. This behavior
was changed to returning "null" when the Object is not found. When this
change occurred this testcase was missed.

The general intended logic is retained: Guess random ids until one
unused is found (now checking for null and not for an exception). If 20
guesses fail (which is nearly impossible) the test case is skipped
instead of failed.

Change-Id: Id328d3c068f375488862bd06cfa0daf42a8c425f

3 years agofix: cleanup var in Managed Form Page
Felix Dörre [Sat, 29 Jul 2017 21:11:15 +0000 (23:11 +0200)]
fix: cleanup var in Managed Form Page

Change-Id: Idc33785c893aee864f9720d1fc0432b919016d60

3 years agofix: correctly end forms
Felix Dörre [Sat, 29 Jul 2017 21:12:08 +0000 (23:12 +0200)]
fix: correctly end forms

Change-Id: Idc8e498c70cfc040730837242ddaa2384401dc58

3 years agofix: correct styling for radio buttons in cert issue form
Felix Dörre [Sat, 29 Jul 2017 21:10:45 +0000 (23:10 +0200)]
fix: correct styling for radio buttons in cert issue form

Change-Id: Iebacc03c05190faa4807cf4124325a24a6c09971

3 years agofix: use deterministic order of certificates
Felix Dörre [Tue, 4 Jul 2017 19:53:22 +0000 (21:53 +0200)]
fix: use deterministic order of certificates

Change-Id: Ibddd1a9dad32107981d162e44263cbd486a224d7

3 years agofix: ensure that the certificate status is always shown correctly
Felix Dörre [Tue, 4 Jul 2017 19:52:17 +0000 (21:52 +0200)]
fix: ensure that the certificate status is always shown correctly

Change-Id: I57d283ec720031c4930178f5a7483418ccc03920

3 years agoupd: rename view of non-revoked certificates
Felix Dörre [Tue, 4 Jul 2017 19:44:39 +0000 (21:44 +0200)]
upd: rename view of non-revoked certificates

Change-Id: Iffeb5b5f8d92b40782778afda6c57e3070ca8ba4

3 years agoupd: further cleaning of old/unused configs and scripts
Felix Dörre [Tue, 4 Jul 2017 19:30:31 +0000 (21:30 +0200)]
upd: further cleaning of old/unused configs and scripts

closes #129

Change-Id: If820d0688cce3c6a658579a50d0f53db8a39643c

3 years agofix: sometimes various testcases fail
Felix Dörre [Sun, 2 Jul 2017 19:04:08 +0000 (21:04 +0200)]
fix: sometimes various testcases fail

Sometimes TestCases like club.wpia.gigi.pages.admin
TestSEAdminPageUserMailSearch fail e.g. with CSRFExceptions. I debugged
this issue and have come to a conclusion:

Java's URL connection does not necessarily behave correctly, when
"keep-alive" logic and connection re-use is enabled: When a connection
is re-used and the request sometimes fails on the re-used connection
Java re-attempts to send the request. This might not be a good idea for
POST requests. Especially this is not a good idea, as we track forms
very strictly:
When a form gets requested, the instance is stored in the user's session
and can be submitted exactly once. When this POST request is repeated
the form has been submitted and a subsequent request will cause a
CSRFException. Disabling the retry-logic
is possible but also not a good alternative, as it also causes sporadic
POST-fails, which occur far more often that the retry-logic breaks a
Test Case.

The solution I chose ensures to close all HTTP-connections. Therefore
all HTTP requests use the same connection. This prevents timeouts
and does not cause POST retries. In particular I found problems with the
connection done to clear all caches. Using this change I observe that
all requests are made with the same connection and 100 subsequent
executions don't fail.

Change-Id: I1b4ebce92a431e5d35a81cecd8670b8c37eef9e1

3 years agoupd: allow clean testcase setup and teardown
Felix Dörre [Sun, 2 Jul 2017 18:58:51 +0000 (20:58 +0200)]
upd: allow clean testcase setup and teardown

This change allows executing of multiple ManagedTests in one JVM.
This is generally good to have clean code, but more practically it
enables re-running test cases multiple times. This is very useful for
debugging rarely occurring problems.

Change-Id: I0657c057f7504c51be32d2ed28bc8e33cd3a0b7c

3 years agoupd: reduce logging level of good events for OCSP
Felix Dörre [Sat, 1 Jul 2017 22:15:27 +0000 (00:15 +0200)]
upd: reduce logging level of good events for OCSP

Change-Id: I94cb95d12263054931f6c6c70161e22fc243ebe9

3 years agoadd: comments with ASN.1 Syntax for various objects in an OCSP Response
Felix Dörre [Mon, 26 Jun 2017 15:48:59 +0000 (17:48 +0200)]
add: comments with ASN.1 Syntax for various objects in an OCSP Response

Change-Id: Id6c3a3d6fae8a13f2144a4c04ba09c5918280748

3 years agoadd: implement OCSP serving
Felix Dörre [Fri, 11 Dec 2015 11:23:56 +0000 (12:23 +0100)]
add: implement OCSP serving

Change-Id: I2a8aa170d79b9e77dbb951b01ed1c4b5186f3440

3 years agofix: write back the generated expire-date in Simple Signer
Felix Dörre [Fri, 23 Jun 2017 19:19:51 +0000 (21:19 +0200)]
fix: write back the generated expire-date in Simple Signer

fixes #110

Change-Id: Iee8f3a3225dbb2469e6c509440193b7f7f737449

3 years agoupd: cleaned jenkins-config
Felix Dörre [Fri, 23 Jun 2017 18:28:15 +0000 (20:28 +0200)]
upd: cleaned jenkins-config

Change-Id: Ib256959bdd3851e5c52a2caf73a0a260a1197bcc

3 years agoupd: remove unused images
Felix Dörre [Fri, 23 Jun 2017 18:21:36 +0000 (20:21 +0200)]
upd: remove unused images

Change-Id: I64266e10b1ae05e3ac1b9b48ab0258c9a368e03d

3 years agofix: put blanks between name components
Lucas Werkmeister [Tue, 28 Mar 2017 10:20:13 +0000 (12:20 +0200)]
fix: put blanks between name components

The previous commit attempted to fix

     Welcome back, Felix Dörre !

but instead produced

     Welcome back, FelixDörre!

Clearly, while we don’t want spaces around the full name, there should
be spaces in between the individual name parts.

Change-Id: I498ea9a0fdaf0f5b3191a3fc3cc47d0a3187b4f5

3 years agofix: documentation link in gigi-proxy.service
Lucas Werkmeister [Tue, 28 Mar 2017 08:26:21 +0000 (10:26 +0200)]
fix: documentation link in gigi-proxy.service

Also add the Documentation directive to gigi-standalone.service.

Change-Id: Ic50f9461f7c2d3183362ce41eebf01863a3e49f6

3 years agoMerge "fix: avoid blanks after displayed names"
Benny Baumann [Fri, 24 Mar 2017 10:10:30 +0000 (11:10 +0100)]
Merge "fix: avoid blanks after displayed names"

3 years agofix: typo in gigi.properties(5) manpage
Lucas Werkmeister [Thu, 23 Mar 2017 20:12:28 +0000 (21:12 +0100)]
fix: typo in gigi.properties(5) manpage

Change-Id: I268b81b1ef1a69ab9be9b87c7180f4e8a33abcff

3 years agofix: avoid blanks after displayed names
Felix Dörre [Wed, 22 Mar 2017 10:55:07 +0000 (11:55 +0100)]
fix: avoid blanks after displayed names

Change-Id: Id0dfe59eb37fd9253ddfda1064d0fc16139faaaa

3 years agochg: Explicitly bail on invalid lines in imported lists
Benny Baumann [Sun, 19 Mar 2017 23:19:20 +0000 (00:19 +0100)]
chg: Explicitly bail on invalid lines in imported lists

Change-Id: I71afe609e7f736d2e6b7a032a7e971b3b770395a

3 years agoMerge "add: gigi.properties(5) manpage"
Lucas Werkmeister [Wed, 22 Mar 2017 21:42:43 +0000 (22:42 +0100)]
Merge "add: gigi.properties(5) manpage"

3 years agoMerge changes Ie9951caa,I9a57ce72
Lucas Werkmeister [Wed, 22 Mar 2017 21:38:50 +0000 (22:38 +0100)]
Merge changes Ie9951caa,I9a57ce72

* changes:
  fix: Typo pointed out while reviewing change 492
  chg: Make synchronization on the Database layer explicit

3 years agoMerge "fix: Avoid leaking the SSL sockets"
Lucas Werkmeister [Wed, 22 Mar 2017 21:37:48 +0000 (22:37 +0100)]
Merge "fix: Avoid leaking the SSL sockets"

3 years agoMerge "upd: don’t initialize name.suffix from name.www"
Benny Baumann [Wed, 22 Mar 2017 21:05:36 +0000 (22:05 +0100)]
Merge "upd: don’t initialize name.suffix from name.www"

3 years agofix: Typo pointed out while reviewing change 492
Benny Baumann [Sun, 19 Mar 2017 22:48:40 +0000 (23:48 +0100)]
fix: Typo pointed out while reviewing change 492

Change-Id: Ie9951caa590a00059901d5e09d3fc6efd6449a45

3 years agofix: Avoid leaking the SSL sockets
Benny Baumann [Sun, 19 Mar 2017 18:01:48 +0000 (19:01 +0100)]
fix: Avoid leaking the SSL sockets

Change-Id: I0e7b8bbbc868fd1abc7e3c6561ac3f21b46dcb2d

3 years agochg: Make synchronization on the Database layer explicit
Benny Baumann [Sun, 19 Mar 2017 18:18:47 +0000 (19:18 +0100)]
chg: Make synchronization on the Database layer explicit

This avoids a synchronization issue when closing the connection - even though that code is single-threaded ATM.

Change-Id: I9a57ce72664ffce42239f6d1199195bfe72b216b