3 years agoMerge changes I47ec8fcb,I2cd200f3
Benny Baumann [Sat, 27 Jan 2018 21:07:21 +0000 (22:07 +0100)]
Merge changes I47ec8fcb,I2cd200f3

* changes:
  chg: refactor script to fetch external libraries
  add: dnsjava 2.1.8 dependency and sanity test

3 years agochg: adjust text to current settings
INOPIAE [Sun, 21 Jan 2018 06:27:07 +0000 (07:27 +0100)]
chg: adjust text to current settings

Change-Id: I784a97dc0f558116a77380174a8402e10344b65e

3 years agochg: refactor script to fetch external libraries
Lucas Werkmeister [Wed, 17 Jan 2018 23:23:55 +0000 (00:23 +0100)]
chg: refactor script to fetch external libraries

With this formulation of the script, we only need to change one place in
the script to update or add libraries. (However, the separate .gitignore
and checksums.txt files still need to be updated as well.)

(The unquoted $(basename ...) is safe because we know the basenames
cannot contain spaces – at worst, they would be URL-encoded as %20.)

Change-Id: I47ec8fcb1e1c581df52a9e31f726bcc35fe8f94b

3 years agoadd: dnsjava 2.1.8 dependency and sanity test
Felix Dörre [Tue, 16 Jan 2018 23:01:06 +0000 (00:01 +0100)]
add: dnsjava 2.1.8 dependency and sanity test

Change-Id: I2cd200f3c63f9482cfe23c33a873525f8d0e6261

3 years agoMerge "add: certificate status check via web form"
Felix Dörre [Thu, 18 Jan 2018 10:05:20 +0000 (11:05 +0100)]
Merge "add: certificate status check via web form"

3 years agochg: create superclass for SE tests
INOPIAE [Wed, 17 Jan 2018 11:28:30 +0000 (12:28 +0100)]
chg: create superclass for SE tests

Change-Id: I30261f79e4f3a4babf62ce2d824716ec4b808609

3 years agoadd: revocation state in the result list of support cert search
INOPIAE [Wed, 30 Aug 2017 05:15:27 +0000 (07:15 +0200)]
add: revocation state in the result list of support cert search

Change-Id: I1b18cfdd2fc4dfb88cb33d0ff468f848f69fa4fd

3 years agoMerge "chg: hide "Show advanced options" checkbox when javascript is disabled"
Benny Baumann [Wed, 17 Jan 2018 08:37:17 +0000 (09:37 +0100)]
Merge "chg: hide "Show advanced options" checkbox when javascript is disabled"

3 years agoMerge "fix: spelling"
Benny Baumann [Wed, 17 Jan 2018 08:33:53 +0000 (09:33 +0100)]
Merge "fix: spelling"

3 years agoadd: certificate status check via web form
INOPIAE [Thu, 17 Aug 2017 06:24:40 +0000 (08:24 +0200)]
add: certificate status check via web form

fixes issue #144

Change-Id: I8cecf73879a55106c5ce8512175f0e95df0753f5

3 years agochg: hide "Show advanced options" checkbox when javascript is disabled
Felix Dörre [Tue, 9 Jan 2018 19:55:00 +0000 (20:55 +0100)]
chg: hide "Show advanced options" checkbox when javascript is disabled

Change-Id: Ic3c4a6fb2037d7fc8f227752e6f737b14b72cb56

3 years agofix: spelling
Lucas Werkmeister [Tue, 16 Jan 2018 20:52:32 +0000 (21:52 +0100)]
fix: spelling

“departement” or “département” is French (or German borrowed from
French); in English one of the ‘e’s is dropped. (Compare to the variable
one line below, which is already spelled correctly.)

Change-Id: I9a9f0157b63eb63260ecdeb384e2a2361f4543d8

3 years agochg: cleanup locateCertificate method
Felix Dörre [Sun, 14 Jan 2018 14:18:56 +0000 (15:18 +0100)]
chg: cleanup locateCertificate method

Change-Id: I9254473df87895df0548331c817d833efe170944

3 years agochg: enhance type safety of serials
Felix Dörre [Sun, 14 Jan 2018 14:43:54 +0000 (15:43 +0100)]
chg: enhance type safety of serials

Change-Id: I07cebd21bd795803fb5f6e42dc18990918cb8c9c

3 years agoadd: serial normalization
Felix Dörre [Sun, 14 Jan 2018 14:16:17 +0000 (15:16 +0100)]
add: serial normalization

Change-Id: I2d273e7686f014aa7e90cc446f019b1d41e637ef

3 years agochg: factor out certificate locating logic
Felix Dörre [Sun, 14 Jan 2018 13:57:46 +0000 (14:57 +0100)]
chg: factor out certificate locating logic

Change-Id: I5436574b597ca5108b4badc093f93ec67193955b

3 years agochg: sign development gigi certificates for longer time periods
Felix Dörre [Tue, 9 Jan 2018 19:56:19 +0000 (20:56 +0100)]
chg: sign development gigi certificates for longer time periods

Change-Id: I733affd7b8e9e5a027377076b0561818c63aa792

3 years agochg: make description work for certificate, save and display description
INOPIAE [Wed, 27 Dec 2017 07:14:13 +0000 (08:14 +0100)]
chg: make description work for certificate, save and display description

fixes issue #53

Change-Id: Ib21db362fd593428731269661fd01417d95114d3

3 years agofix: add missing timecondition during init process
INOPIAE [Thu, 4 Jan 2018 11:05:16 +0000 (12:05 +0100)]
fix: add missing timecondition during init process

Change-Id: Id1d14d9edae4ac8689b3c9b9c1f04ac36b883913

3 years agoMerge "chg: format show history link"
Lucas Werkmeister [Thu, 4 Jan 2018 21:47:57 +0000 (22:47 +0100)]
Merge "chg: format show history link"

3 years agoMerge "chg: don’t use printf with variable format strings"
Felix Dörre [Thu, 4 Jan 2018 12:02:15 +0000 (13:02 +0100)]
Merge "chg: don’t use printf with variable format strings"

3 years agochg: don’t use printf with variable format strings
Lucas Werkmeister [Thu, 28 Dec 2017 12:37:15 +0000 (13:37 +0100)]
chg: don’t use printf with variable format strings

Except in very exceptional cases, the format string to printf should
never be variable (and for maximum clarity, it should always be
single-quoted even if it happens to contain no shell special
characters). This commit changes one format string from double to single
quotes and rewrites two more to use substitution sequences instead of
substituting variables directly into the format (which is dangerous if
they could contain ‘%’ characters).

With this change, the following search finds no results:

    git grep "printf (?:>&2 )? [^']"

Change-Id: Ieeae16c483a7e568cd5812260a6ac54375c33340

3 years agoMerge "add: script to generate changelog based on git info"
Benny Baumann [Thu, 28 Dec 2017 19:18:42 +0000 (20:18 +0100)]
Merge "add: script to generate changelog based on git info"

3 years agoadd: script to generate changelog based on git info
Felix Dörre [Mon, 6 Nov 2017 21:02:00 +0000 (22:02 +0100)]
add: script to generate changelog based on git info

Extract version and date of the debian/changelog file from git.

Additionally adjust the jenkins template with general updates and
invocation of the new generation script.

Change-Id: I2c286e7c4411385fabecdbde74a6a1e6cfbb803e

3 years agoMerge "upd: remove alert settings from register process"
Felix Dörre [Mon, 25 Dec 2017 01:40:34 +0000 (02:40 +0100)]
Merge "upd: remove alert settings from register process"

3 years agoMerge "chg: adjust ticket number handling according to current number scheme"
Felix Dörre [Mon, 25 Dec 2017 01:40:31 +0000 (02:40 +0100)]
Merge "chg: adjust ticket number handling according to current number scheme"

3 years agoupd: remove alert settings from register process
INOPIAE [Thu, 7 Dec 2017 05:29:09 +0000 (06:29 +0100)]
upd: remove alert settings from register process

Change-Id: I511ceed2f00c15902c46d31564ba4f8454fef774

3 years agofix: ensure that Users and Organisations only are inserted completely
Felix Dörre [Sat, 9 Dec 2017 23:18:03 +0000 (00:18 +0100)]
fix: ensure that Users and Organisations only are inserted completely

Change-Id: I2c9fc5140ad46020c55325622fb102a0d1a073db

3 years agoMerge changes I86c1045b,I9fc533ac
Benny Baumann [Wed, 20 Dec 2017 22:27:40 +0000 (23:27 +0100)]
Merge changes I86c1045b,I9fc533ac

* changes:
  chg: revoke certificates if repeated ping failed
  fix: the "generateBrokenKeypair" can sometimes hang indefinitely

3 years agoMerge changes I2f1b08c0,Ie38a6b51
Felix Dörre [Mon, 18 Dec 2017 23:42:25 +0000 (00:42 +0100)]
Merge changes I2f1b08c0,Ie38a6b51

* changes:
  chg: move email and domain to verification menu
  chg: adjust wording to have a consequent wording over all pages displayed to the user

3 years agochg: adjust ticket number handling according to current number scheme
INOPIAE [Sun, 17 Dec 2017 06:15:48 +0000 (07:15 +0100)]
chg: adjust ticket number handling according to current number scheme

Change-Id: I48d298bc4b4b9f11befdb00ec87a4cc83ebbcc2c

3 years agochg: revoke certificates if repeated ping failed
Felix Dörre [Fri, 1 Dec 2017 22:18:38 +0000 (23:18 +0100)]
chg: revoke certificates if repeated ping failed

Change-Id: I86c1045bb0ab1e47657cc445af4f1eb8c53e031c

3 years agofix: the "generateBrokenKeypair" can sometimes hang indefinitely
Felix Dörre [Wed, 13 Dec 2017 19:34:15 +0000 (20:34 +0100)]
fix: the "generateBrokenKeypair" can sometimes hang indefinitely

The value of "p" can be too small so no value for "q" can be found.

The problem can be resolved by re-choosing both p and q when the result
is too small. The old "swap and only re-generate the smaller prime" does
not work anymore as p and q are not generated with equal length.

Change-Id: I9fc533ac6ece769b15deeb4186385f2a72188e72

3 years agofix: allow dev-certificates to be regenerated (with different serials)
Felix Dörre [Fri, 1 Dec 2017 22:12:15 +0000 (23:12 +0100)]
fix: allow dev-certificates to be regenerated (with different serials)

When old auto-generated certificates expire, it is necessary to
regenerate gigi's certificates. It is more comfortable to use different
serials there.

Change-Id: I0773d73e4cf392c7a5b7b1c400844b30171a9ebf

3 years agochg: format show history link
INOPIAE [Sun, 10 Dec 2017 11:59:58 +0000 (12:59 +0100)]
chg: format show history link

Change-Id: I121af08191c13978781854ce3c873dd95c1516ca

3 years agochg: move email and domain to verification menu
INOPIAE [Sat, 9 Dec 2017 13:29:06 +0000 (14:29 +0100)]
chg: move email and domain to verification menu

Change-Id: I2f1b08c0ba6d0500efcc7f04d54433900afeb8b3

3 years agochg: adjust wording to have a consequent wording over all pages
INOPIAE [Sat, 9 Dec 2017 06:35:29 +0000 (07:35 +0100)]
chg: adjust wording to have a consequent wording over all pages
displayed to the user

Change-Id: Ie38a6b517a266790f0dc0fc80c5fa0561fe6925c

3 years agoupd: clean output of Test-Manager Pinger-Forwarding
Felix Dörre [Fri, 1 Dec 2017 22:01:48 +0000 (23:01 +0100)]
upd: clean output of Test-Manager Pinger-Forwarding

Change-Id: I6c19430bbe09ede13ca90d070f2309ce23a6f547

3 years agofix: clean up "SECURE_REFERENCE"-Page
Felix Dörre [Fri, 1 Dec 2017 15:19:45 +0000 (16:19 +0100)]
fix: clean up "SECURE_REFERENCE"-Page

Change-Id: I866cb02ae3c8206c29dba980fc35f01f4c527585

3 years agochg: get wording to be the same as in
INOPIAE [Tue, 14 Nov 2017 20:53:40 +0000 (21:53 +0100)]
chg: get wording to be the same as in

Change-Id: I88b6a9aaa4108120074b8551960f0841c141054b

3 years agofix: create config variables for email addresses
INOPIAE [Tue, 14 Nov 2017 20:18:36 +0000 (21:18 +0100)]
fix: create config variables for email addresses

fixes issue #74

Change-Id: I9761e4c27fd92365cb647b9be8f954c4c02ffba2

3 years agoMerge "chg: improve information about password strength"
Felix Dörre [Tue, 14 Nov 2017 18:24:12 +0000 (19:24 +0100)]
Merge "chg: improve information about password strength"

3 years agoMerge "upd: get default variables into outputables for error messages"
Benny Baumann [Sat, 11 Nov 2017 13:56:01 +0000 (14:56 +0100)]
Merge "upd: get default variables into outputables for error messages"

3 years agoMerge "chg: wording on root cert page"
Benny Baumann [Sat, 11 Nov 2017 12:48:14 +0000 (13:48 +0100)]
Merge "chg: wording on root cert page"

3 years agoMerge changes Icf0b8af5,I2f8a5077
Benny Baumann [Sat, 11 Nov 2017 12:38:57 +0000 (13:38 +0100)]
Merge changes Icf0b8af5,I2f8a5077

* changes:
  add: table to store certificate logs
  chg: manage more resources explicitly

3 years agochg: improve information about password strength
INOPIAE [Wed, 11 Oct 2017 06:29:26 +0000 (08:29 +0200)]
chg: improve information about password strength

Change-Id: Ib9ef93fd4961df8bbc6bd667af8d1e0b5f49d602

3 years agoupd: get default variables into outputables for error messages
Felix Dörre [Wed, 11 Oct 2017 11:29:00 +0000 (13:29 +0200)]
upd: get default variables into outputables for error messages

Change-Id: I01c09aa503158d8cdbcfb3e15b03b61e9ac29d21

3 years agochg: wording on root cert page
INOPIAE [Thu, 9 Nov 2017 18:01:05 +0000 (19:01 +0100)]
chg: wording on root cert page

Change-Id: Ic05ec9747487bb1102e82e81e7d952f505a1c19e

3 years agoadd: table to store certificate logs
Felix Dörre [Mon, 6 Nov 2017 21:00:58 +0000 (22:00 +0100)]
add: table to store certificate logs

Change-Id: Icf0b8af5b7c40264acdf0d08f395f5f235962dfc

3 years agochg: manage more resources explicitly
Felix Dörre [Tue, 7 Nov 2017 20:06:55 +0000 (21:06 +0100)]
chg: manage more resources explicitly

When a constructor that gets a resource fails, it might prevent the
resource from being closed. By giving the resource explicitly to the
try-with-resources, this is prevented.

Change-Id: I2f8a50773de71f699c00729b51048892a44033e6

3 years agochg: use GCD of pre-multiplied list of primes to check for known factors
Benny Baumann [Tue, 7 Nov 2017 20:20:05 +0000 (21:20 +0100)]
chg: use GCD of pre-multiplied list of primes to check for known factors

Change-Id: Iae10d67814bed36a8864cccf4d7e33ad3dbefeab

3 years agoMerge changes I46ae11f8,I6d71e70e,Ie19e3229
Benny Baumann [Tue, 7 Nov 2017 19:55:40 +0000 (20:55 +0100)]
Merge changes I46ae11f8,I6d71e70e,Ie19e3229

* changes:
  chg: remove csr_name and crt_name columns from certs
  chg: use certificate attachment to store CRT and CSR files
  add: text-attachments for certificates

3 years agoMerge "add: show more certificates on the "roots" page"
Lucas Werkmeister [Tue, 7 Nov 2017 19:36:37 +0000 (20:36 +0100)]
Merge "add: show more certificates on the "roots" page"

3 years agochg: remove csr_name and crt_name columns from certs
Felix Dörre [Sat, 4 Nov 2017 23:25:22 +0000 (00:25 +0100)]
chg: remove csr_name and crt_name columns from certs

Change-Id: I46ae11f8a158547f4b1c1e1ddf062f6016e36af0

3 years agochg: use certificate attachment to store CRT and CSR files
Felix Dörre [Sat, 4 Nov 2017 23:04:39 +0000 (00:04 +0100)]
chg: use certificate attachment to store CRT and CSR files

Note: requires an updated version of cassiopeia

Change-Id: I6d71e70ec84a95a0323ab945e69bc6e29c332a81

3 years agoadd: text-attachments for certificates
Felix Dörre [Sat, 4 Nov 2017 22:50:45 +0000 (23:50 +0100)]
add: text-attachments for certificates

Change-Id: Ie19e3229557f829f4c6ec9617daa34f3238b1e85

3 years agoadd: functionality check for rejection of broken keys
Benny Baumann [Thu, 2 Nov 2017 23:05:44 +0000 (00:05 +0100)]
add: functionality check for rejection of broken keys

Change-Id: Ic7b3ef5515af2417057d04855b249a60e08f9cf8

3 years agoMerge changes Iabf8ec0b,Ia60382fc,I84138914,If8bc2638,Ia7813913
Benny Baumann [Thu, 2 Nov 2017 23:10:40 +0000 (00:10 +0100)]
Merge changes Iabf8ec0b,Ia60382fc,I84138914,If8bc2638,Ia7813913

* changes:
  add: check for keys using acceptable algorithms
  chg: update debian/copyright file based on upstream spec
  add: public key check testing for ROCA (Return of Coppersmith Attack) vulnerability
  add: public key check searching for small primes (less than 10k)
  add: initial class for performing arbitrary checks to validate public keys

3 years agoadd: check for keys using acceptable algorithms
Benny Baumann [Fri, 27 Oct 2017 17:40:44 +0000 (19:40 +0200)]
add: check for keys using acceptable algorithms

Change-Id: Iabf8ec0bc22ff4b117073ad0d068409bbf00040e

3 years agochg: update debian/copyright file based on upstream spec
Benny Baumann [Thu, 26 Oct 2017 20:47:33 +0000 (22:47 +0200)]
chg: update debian/copyright file based on upstream spec

Change-Id: Ia60382fc3b516543418bcafb9af34fee181eac89

3 years agoadd: public key check testing for ROCA (Return of Coppersmith Attack) vulnerability
Benny Baumann [Wed, 18 Oct 2017 23:31:23 +0000 (01:31 +0200)]
add: public key check testing for ROCA (Return of Coppersmith Attack) vulnerability

Check based on code from

Change-Id: I84138914ad944fcc089f50cc8d84dbcd38723ff8

3 years agoadd: public key check searching for small primes (less than 10k)
Benny Baumann [Wed, 18 Oct 2017 23:28:46 +0000 (01:28 +0200)]
add: public key check searching for small primes (less than 10k)

Change-Id: If8bc26381bb2e8f4f267cfd211f1154bcb3a7d65

3 years agoadd: initial class for performing arbitrary checks to validate public keys
Benny Baumann [Wed, 18 Oct 2017 23:25:59 +0000 (01:25 +0200)]
add: initial class for performing arbitrary checks to validate public keys

Change-Id: Ia7813913b1f5922747ddba4af9a21e4fbaf07c9e

3 years agoupd: enforce that test cases receive all mails explicitly
Felix Dörre [Sat, 28 Oct 2017 06:44:39 +0000 (08:44 +0200)]
upd: enforce that test cases receive all mails explicitly

Change-Id: I7a9335f13b125d473f6f12bd05d3f2da6d535785

3 years agofix: more spontaneous failing test cases
Felix Dörre [Thu, 26 Oct 2017 22:05:16 +0000 (00:05 +0200)]
fix: more spontaneous failing test cases

Change-Id: I5bd3df024d647ca7793bc895f866c60aa6d9d55c

3 years agoadd: show more certificates on the "roots" page
Felix Dörre [Sun, 8 Oct 2017 15:22:05 +0000 (17:22 +0200)]
add: show more certificates on the "roots" page

Change-Id: I2a2acbba4636bc54b93d4f3022543a66a296ec6c

3 years agoadd: message while reporting private key compromise
Felix Dörre [Fri, 25 Aug 2017 22:52:48 +0000 (00:52 +0200)]
add: message while reporting private key compromise

Change-Id: I164ed07804c65e9e9396166d61e3cba645ae308e

3 years agoadd: process to report compromised certificates
Felix Dörre [Sat, 29 Jul 2017 21:12:54 +0000 (23:12 +0200)]
add: process to report compromised certificates

Change-Id: I0f124a48ea18740d19fc413dd99b9a69bd1eb33e

3 years agoadd: key-compromise revocation
Felix Dörre [Fri, 25 Aug 2017 14:45:55 +0000 (16:45 +0200)]
add: key-compromise revocation

Change-Id: If52127f976f6a0238ed4ec3673b848f1aba0181a

3 years agoupd: modifications in jenkins job to use newest NRE
Felix Dörre [Thu, 5 Oct 2017 16:58:29 +0000 (18:58 +0200)]
upd: modifications in jenkins job to use newest NRE

Change-Id: I938cd266ffaa371194f9dbbd1802fab357df59e0

3 years agoupd: enhance "generateTruststoreNRE"-script to generate gigi-keys
Felix Dörre [Thu, 5 Oct 2017 16:43:15 +0000 (18:43 +0200)]
upd: enhance "generateTruststoreNRE"-script to generate gigi-keys

... for development

Change-Id: I1ebb0c157fb6bcca8a83e27037b9f26c7d707019

3 years agoadd: improve error message on SQL syntax error
Felix Dörre [Tue, 26 Sep 2017 19:01:16 +0000 (21:01 +0200)]
add: improve error message on SQL syntax error

Change-Id: I8f27402492c12c4a7c3d236f60dde7789c1d9157

3 years agoupd: store different types of revocation
Felix Dörre [Sat, 12 Aug 2017 18:31:57 +0000 (20:31 +0200)]
upd: store different types of revocation

Change-Id: Ie2a51a16eed420b284f9fd5660e057da1069b740

3 years agofix: get dependencies in build-xml straight
Felix Dörre [Tue, 26 Sep 2017 19:05:13 +0000 (21:05 +0200)]
fix: get dependencies in build-xml straight

Change-Id: If1c02f5ddc3a51066310810eb24ee51342dc7f9b

3 years agoupd: mark unverified names of agents in points overview
Felix Dörre [Sun, 27 Aug 2017 00:27:05 +0000 (02:27 +0200)]
upd: mark unverified names of agents in points overview

Change-Id: I72d4e357775c72215995b0974c768edac43b5cb9

3 years agofix: move Some CA to variable
INOPIAE [Tue, 29 Aug 2017 06:28:42 +0000 (08:28 +0200)]
fix: move Some CA to variable

Change-Id: I02267d58a633639e823c79b821eae04ee4257467

3 years agoadd: more tests for revocation by support
Felix Dörre [Sun, 20 Aug 2017 23:14:38 +0000 (01:14 +0200)]
add: more tests for revocation by support

Change-Id: I1022e5e6cb743f1009f40157f9d9ce72645223fa

3 years agofix: style the preferred name indicator better
Felix Dörre [Thu, 24 Aug 2017 22:02:24 +0000 (00:02 +0200)]
fix: style the preferred name indicator better

Change-Id: Iff2244bdbdf3e673c90eaa9190eb11ff9e24ff48

3 years agofix: prompt for confirmation when removing org admins
Felix Dörre [Sun, 20 Aug 2017 23:00:28 +0000 (01:00 +0200)]
fix: prompt for confirmation when removing org admins

Change-Id: I653808751fb3f7ebb8cd65974768fe8614ab72ae

3 years agoadd: tests for support certificates view
Felix Dörre [Fri, 18 Aug 2017 21:47:02 +0000 (23:47 +0200)]
add: tests for support certificates view

Change-Id: Ib56cb3ac8e08c217e4398f2171f253b02f0b130e

3 years agofix: correct authorization checking for support accessing certificates
Felix Dörre [Fri, 18 Aug 2017 20:02:32 +0000 (22:02 +0200)]
fix: correct authorization checking for support accessing certificates

Change-Id: I5a5041e350e0a811f2199cf1b5c30b9ef4de2d05

3 years agoupd: indicate preferred name in support overview
Felix Dörre [Tue, 15 Aug 2017 20:16:48 +0000 (22:16 +0200)]
upd: indicate preferred name in support overview

Change-Id: I2d75b7bcbe4cd4068f9c5d12514db945eeb54300

3 years agoupd: more verbose success message after verification
Felix Dörre [Tue, 15 Aug 2017 19:37:13 +0000 (21:37 +0200)]
upd: more verbose success message after verification

Change-Id: Id6ab26cebe97bc140a326a58ddfbcf1ccd446dcf

3 years agoupd: print correct error message when trying to verify oneself
Felix Dörre [Tue, 15 Aug 2017 19:27:23 +0000 (21:27 +0200)]
upd: print correct error message when trying to verify oneself

Change-Id: I3f46095ebbb1e1ccd4ad2e37a997cde5041df5ba

3 years agofix: sha384 certificates
Felix Dörre [Sat, 12 Aug 2017 18:16:28 +0000 (20:16 +0200)]
fix: sha384 certificates

Change-Id: I3e58ebf50822df13212be9b95f11433dd462ba62

3 years agofix: correct validation of minimum and maximum ages
Felix Dörre [Sat, 22 Jul 2017 21:12:25 +0000 (23:12 +0200)]
fix: correct validation of minimum and maximum ages

Instead of mapping a DayDate to a single point in time, introduce the
concept of an “earliest start” and “latest end” of a date, and use the
appropriate one in various places.

Change-Id: Idbc2aa2daadf15fbdbc99e5079eb98dc7aaca92d

3 years agoadd: code to statically verify SQL call patterns
Felix Dörre [Fri, 4 Aug 2017 16:31:11 +0000 (18:31 +0200)]
add: code to statically verify SQL call patterns

Change-Id: Ib5c0e7a76d9a14f318087f092091bdf2cfa3c174

3 years agoupd: cleanup SQL statements
Felix Dörre [Tue, 1 Aug 2017 18:28:28 +0000 (20:28 +0200)]
upd: cleanup SQL statements

Change-Id: If22b05270d1f097068e38f6ed860d52740926021

3 years agoupd: precise SQL statements for verification
Felix Dörre [Sun, 30 Jul 2017 19:09:00 +0000 (21:09 +0200)]
upd: precise SQL statements for verification

Change-Id: I921b638d0734b14eb2cd1f9389c20e7fb7b15922

3 years agoupd: reactivate test case that is skipped due to failed assumption
Felix Dörre [Sun, 30 Jul 2017 16:22:18 +0000 (18:22 +0200)]
upd: reactivate test case that is skipped due to failed assumption

When this test case was introduced. The semantics of "getById"-Methods
where slightly different. These methods would throw an
IllegalArgumentException when the Object was not found. This behavior
was changed to returning "null" when the Object is not found. When this
change occurred this testcase was missed.

The general intended logic is retained: Guess random ids until one
unused is found (now checking for null and not for an exception). If 20
guesses fail (which is nearly impossible) the test case is skipped
instead of failed.

Change-Id: Id328d3c068f375488862bd06cfa0daf42a8c425f

3 years agofix: cleanup var in Managed Form Page
Felix Dörre [Sat, 29 Jul 2017 21:11:15 +0000 (23:11 +0200)]
fix: cleanup var in Managed Form Page

Change-Id: Idc33785c893aee864f9720d1fc0432b919016d60

3 years agofix: correctly end forms
Felix Dörre [Sat, 29 Jul 2017 21:12:08 +0000 (23:12 +0200)]
fix: correctly end forms

Change-Id: Idc8e498c70cfc040730837242ddaa2384401dc58

3 years agofix: correct styling for radio buttons in cert issue form
Felix Dörre [Sat, 29 Jul 2017 21:10:45 +0000 (23:10 +0200)]
fix: correct styling for radio buttons in cert issue form

Change-Id: Iebacc03c05190faa4807cf4124325a24a6c09971

3 years agofix: use deterministic order of certificates
Felix Dörre [Tue, 4 Jul 2017 19:53:22 +0000 (21:53 +0200)]
fix: use deterministic order of certificates

Change-Id: Ibddd1a9dad32107981d162e44263cbd486a224d7

3 years agofix: ensure that the certificate status is always shown correctly
Felix Dörre [Tue, 4 Jul 2017 19:52:17 +0000 (21:52 +0200)]
fix: ensure that the certificate status is always shown correctly

Change-Id: I57d283ec720031c4930178f5a7483418ccc03920

3 years agoupd: rename view of non-revoked certificates
Felix Dörre [Tue, 4 Jul 2017 19:44:39 +0000 (21:44 +0200)]
upd: rename view of non-revoked certificates

Change-Id: Iffeb5b5f8d92b40782778afda6c57e3070ca8ba4

3 years agoupd: further cleaning of old/unused configs and scripts
Felix Dörre [Tue, 4 Jul 2017 19:30:31 +0000 (21:30 +0200)]
upd: further cleaning of old/unused configs and scripts

closes #129

Change-Id: If820d0688cce3c6a658579a50d0f53db8a39643c

3 years agofix: sometimes various testcases fail
Felix Dörre [Sun, 2 Jul 2017 19:04:08 +0000 (21:04 +0200)]
fix: sometimes various testcases fail

Sometimes TestCases like club.wpia.gigi.pages.admin
TestSEAdminPageUserMailSearch fail e.g. with CSRFExceptions. I debugged
this issue and have come to a conclusion:

Java's URL connection does not necessarily behave correctly, when
"keep-alive" logic and connection re-use is enabled: When a connection
is re-used and the request sometimes fails on the re-used connection
Java re-attempts to send the request. This might not be a good idea for
POST requests. Especially this is not a good idea, as we track forms
very strictly:
When a form gets requested, the instance is stored in the user's session
and can be submitted exactly once. When this POST request is repeated
the form has been submitted and a subsequent request will cause a
CSRFException. Disabling the retry-logic
is possible but also not a good alternative, as it also causes sporadic
POST-fails, which occur far more often that the retry-logic breaks a
Test Case.

The solution I chose ensures to close all HTTP-connections. Therefore
all HTTP requests use the same connection. This prevents timeouts
and does not cause POST retries. In particular I found problems with the
connection done to clear all caches. Using this change I observe that
all requests are made with the same connection and 100 subsequent
executions don't fail.

Change-Id: I1b4ebce92a431e5d35a81cecd8670b8c37eef9e1

3 years agoupd: allow clean testcase setup and teardown
Felix Dörre [Sun, 2 Jul 2017 18:58:51 +0000 (20:58 +0200)]
upd: allow clean testcase setup and teardown

This change allows executing of multiple ManagedTests in one JVM.
This is generally good to have clean code, but more practically it
enables re-running test cases multiple times. This is very useful for
debugging rarely occurring problems.

Change-Id: I0657c057f7504c51be32d2ed28bc8e33cd3a0b7c

3 years agoupd: reduce logging level of good events for OCSP
Felix Dörre [Sat, 1 Jul 2017 22:15:27 +0000 (00:15 +0200)]
upd: reduce logging level of good events for OCSP

Change-Id: I94cb95d12263054931f6c6c70161e22fc243ebe9