OpenACS / openacs-4 / packages / acs-tcl / tcl

security-procs.tcl

Tools

Line History

Line Count Graph
Line Count Graph

Stats

Commits this week: 0
Total Committers: 22
Last Commit: 25 Jun
Commits this week: 0
Total Lines of Code (LoC): 2,822
Net change in LoC this week: 0

Commit Activity

Commits By Day In Week
52 week commits volume
Commits By Day In Week
Commits by day
Commits By Day In Week
Commits by hour
Commits By Hour In Day
Commit calendar
 

Most active committers (90 days)

loading
loading
  • last updated 2 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Friday 16 Aug 2013
8:57 pm

gustafn

- reduce hard-coded config-section names in code

Options
    • -9
    • +38
    ./security-procs.tcl
Monday 08 Apr 2013
5:50 pm

gustafn

Performance improvements for rp_filter and parameter:

- improve performance of rp_filter (which is run on every

non-resources request) significantly (often a factor of 2)

- improve scalability by reducing number of required mutex locks

(e.g. for secret token handling)

Options
    • -52
    • +68
    ./security-procs.tcl
  2. … 8 more files in changeset.
Friday 29 Mar 2013
5:30 pm

gustafn

- store secret tokens as described in the comment per thread (previously it did not)

- use tcl 8.5 language construct to shorten code

Options
    • -34
    • +12
    ./security-procs.tcl
Tuesday 19 Apr 2011
2:08 am

daveb

Fixed to handler cookies from previous version correctly. Add back in inf max_age for session cookie when Remember Me is checked so it passes the expiration test.

Options
    • -4
    • +11
    ./security-procs.tcl
Monday 18 Apr 2011
11:25 pm

daveb

Put the strict check in the wrong place.

Options
    • -3
    • +8
    ./security-procs.tcl
10:57 pm

daveb

use -strict when checking for integer as empty string returns true without it

Options
    • -2
    • +2
    ./security-procs.tcl
7:48 pm

daveb

Fix so if the session renew time is NOT included in the cookie (ie: cookies created before this fix) will be renewed

Options
    • -3
    • +2
    ./security-procs.tcl
5:03 pm

daveb

Include last session renew time in ad_session_id cookie so we can compare expiration independent of validity

Options
    • -17
    • +12
    ./security-procs.tcl
2:24 am

daveb

Don't discard session cookie if its expired, go to login handler.

Options
    • -13
    • +20
    ./security-procs.tcl
Friday 15 Apr 2011
5:16 pm

daveb

Added fix to make session_id cookie persistent if you checked remember me

Options
    • -6
    • +8
    ./security-procs.tcl
Thursday 24 Feb 2011
10:42 am

victorg

Typo on proc docu.

Options
    • -3
    • +3
    ./security-procs.tcl
Monday 14 Feb 2011
5:49 pm

daveb

Fix remember me checkbox. Conditionally set login cookie discard_p setting based on value of the remember me checkbox when creating or renewing the login cookie.

Options
    • -14
    • +36
    ./security-procs.tcl
Monday 08 Nov 2010
4:38 pm

victorg

Removing query text that was moved previosly to its respective xql file.

Options
    • -5
    • +2
    ./security-procs.tcl
Sunday 17 Oct 2010
11:06 pm

donb

Merged oacs-5-6 to HEAD. HEAD now installs and passes all core tests. There

may still be some lingering problems due to my screwing up the oacs-5-6

branch earlier, I'll be looking into this later.

Options
    • -2
    • +2
    ./security-procs.tcl
  2. … 214 more files in changeset.
Sunday 23 May 2010
4:02 pm

gustafn

- fix test files__tcl_file_common_errors

- report errors as such in aa-test (wrote warnings into error log, this was ignored since ages)

- fixed naming in acs-tcl, acs-mail-lite and acs-subsite

Options
    • -2
    • +2
    ./security-procs.tcl
  2. … 5 more files in changeset.
Monday 15 Mar 2010
1:10 am

gustafn

- bind session cookie to IP address to avoid session highjacking

Options
    • -6
    • +18
    ./security-procs.tcl
Thursday 11 Mar 2010
12:20 pm

gustafn

- normalize string expressions

Options
    • -2
    • +2
    ./security-procs.tcl
  2. … 3 more files in changeset.
Monday 04 Jan 2010
6:06 pm

donb

Fix Torben blunder.

Options
    • -2
    • +2
    ./security-procs.tcl
Thursday 26 Nov 2009
3:10 pm

torbenb

bumping version because of adding parameter UseHostnameDomainforReg for easier management of host_node mapped domains that share main domain's HTTPS connection for secure sessions and login, revised ad_get_login_url accordingly, defaults to no change with prior version.

Options
    • -7
    • +113
    ./security-procs.tcl
  2. … 1 more file in changeset.
Thursday 12 Feb 2009
4:38 pm

jeffd

OCD repair of the hard coded @cvs-id strings

Options
    • -1
    • +1
    ./security-procs.tcl
  2. … 14 more files in changeset.
Tuesday 23 Dec 2008
8:19 pm

torbenb

updating security::locations logic to match get_https_port and not show a secure location if there is none.

Options
    • -16
    • +26
    ./security-procs.tcl
7:40 pm

torbenb

removing ecommerce dependency

Options
    • -7
    • +2
    ./security-procs.tcl
1:22 pm

gustafn

remove deprecated calls to ad_parameter

Options
    • -5
    • +6
    ./security-procs.tcl
  2. … 11 more files in changeset.
Tuesday 16 Dec 2008
10:36 am

torbenb

fixing security::get_https_port, minor host_name calc in security::locations, added ecommerce exception per long standing ecommerce requirement, and made a few more code optimizations and less clunky comments for security::locations

Options
    • -19
    • +51
    ./security-procs.tcl
Friday 31 Oct 2008
1:13 am

daveb

Add new by default external URL checking to ad_returnredirect. Modify security::locations to be simpler, not rely on ecommerce at all, and use util_current_location to determine the host name.

Options
    • -33
    • +30
    ./security-procs.tcl
  2. … 2 more files in changeset.
Tuesday 23 Sep 2008
10:39 pm

donb

Needed a default value for this new acs-tcl parameter, otherwise you can't

log in to upgrade.

Options
    • -2
    • +2
    ./security-procs.tcl
Sunday 07 Sep 2008
6:56 am

torbenb

removing diagnostic ns_logs I added by mistake, and adding case of possible third 3 variant to locations (when behind reverse proxy)

Options
    • -2
    • +7
    ./security-procs.tcl
  2. … 1 more file in changeset.
Saturday 06 Sep 2008
6:00 am

torbenb

fixing faulty wrong domain message by using a reliable ecommerce method to determine locations, creating security::locations

Options
    • -0
    • +79
    ./security-procs.tcl
  2. … 1 more file in changeset.
Saturday 09 Aug 2008
11:21 pm

torbenb

added plain english to proc, so admins like me can find it if/when we need to

Options
    • -1
    • +1
    ./security-procs.tcl
Saturday 07 Jun 2008
10:28 pm

donb

Merged from 5.4.2

Options
    • -1
    • +1
    ./security-procs.tcl
  2. … 283 more files in changeset.