| File TODO changed (mode: 100644) (index 8daa2f2..09a528c) |
| 1 |
1 |
== Where I stopped last time == |
== Where I stopped last time == |
|
2 |
|
[ ] Replace all 'who_nice' open coded stuff with rg_user_nice. |
|
3 |
|
[ ] ldap: What should happen when we update plan_id. |
|
4 |
|
What about other fields? |
|
5 |
|
[ ] ldap: If I remember correctly, the password attribute was editable! |
|
6 |
|
[ ] ldap: document what 'Session time' means. |
|
7 |
|
Other fields need an explanation also. |
|
8 |
|
[ ] Pushing by http but using ssh 2fa feature to unlock an IP is working? |
|
9 |
|
Should work? |
|
10 |
|
[ ] Test push by http with an empty user! CRITICAL! |
|
11 |
|
[ ] scratch_codes table: we should have an 'id' column for deletion. |
|
12 |
|
[ ] test: move rg_test_sc_generate into 'totp.inc.php'. |
|
13 |
|
[ ] 2fa: test pushing by http(by_http.php)/ssh(?). |
|
14 |
|
[ ] Compare: mouse over is not working on touch-screens! |
|
15 |
|
[ ] Aug 18 15:10:04 rg2 audit[29395]: AVC avc: denied { map } for pid=29395 comm="git" path="/var/lib/rocketgit/repos/by_id/00/00/00/7B/0000007B/repos/by_id/125.git/objects/pack/pack-dbb7e352e05eec6b15b74679d813897b29fa0b62.idx" dev="dm-0" ino=133117 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:rocketgit_var_t:s0 tclass=file permissive=1 |
|
16 |
|
[ ] When pushing/fetching, log also the debug id. |
|
17 |
|
[ ] Truncate big descriptions. |
|
18 |
|
[ ] report how many repos/users/etc. were removed. |
|
19 |
|
[ ] Investigate WWW-Authenticate HTTP header. |
|
20 |
|
[ ] ldap: delete a server: we must not have a user in 'users', without |
|
21 |
|
a uid in ldap_cache: maybe a transaction needed? |
|
22 |
|
Why? Because we will not delete that user! |
|
23 |
|
When I delete a server, I have to ask the user if s/he wants to delete |
|
24 |
|
also the users in 'users' table. |
| 2 |
25 |
[ ] ldap: func test when ldap_password changes, but we have the user inserted |
[ ] ldap: func test when ldap_password changes, but we have the user inserted |
| 3 |
26 |
in 'users' |
in 'users' |
| 4 |
27 |
[ ] Will the moving of user_edit_no_check call into ldap would simplify code? |
[ ] Will the moving of user_edit_no_check call into ldap would simplify code? |
|
28 |
|
[ ] ldap: ldap_cache.prio is needed?! Not anymore! |
|
29 |
|
[ ] ldap: editing a server: |
|
30 |
|
- I have to update the plan_id for all users in 'users' table, if different. |
|
31 |
|
- if admin changes 'uid_attr', I have to set 'username' to '', to signal the |
|
32 |
|
invalidation of the entry. |
|
33 |
|
Take care of the cache! Invalidate it! |
| 5 |
34 |
[ ] Can I update users.plan_id on demand, when user logs in? |
[ ] Can I update users.plan_id on demand, when user logs in? |
| 6 |
35 |
No, because the statistics are not good! |
No, because the statistics are not good! |
| 7 |
36 |
[ ] If we change the 'uid' attribute, we must invalidate the whole cache. |
[ ] If we change the 'uid' attribute, we must invalidate the whole cache. |
| 8 |
|
But, we cannot delete anything. We need the link between uuid and uid. |
|
|
37 |
|
But, we cannot delete anything. We need the link between ldap_cache and users. |
| 9 |
38 |
Just mark it as unavailable. |
Just mark it as unavailable. |
| 10 |
39 |
[ ] Recover password must be enabled for ldap users? |
[ ] Recover password must be enabled for ldap users? |
| 11 |
40 |
[ ] 'deleted' field must be respected by ldap? |
[ ] 'deleted' field must be respected by ldap? |
| 12 |
41 |
If admin blocks/deletes/suspends an ldap account, what should we do? |
If admin blocks/deletes/suspends an ldap account, what should we do? |
|
42 |
|
I think I must respect it. |
| 13 |
43 |
[ ] I think I should not allow the login by e-mail! If user can change the |
[ ] I think I should not allow the login by e-mail! If user can change the |
| 14 |
44 |
e-mail in LDAP, I have a problem. I think I can keep it. |
e-mail in LDAP, I have a problem. I think I can keep it. |
| 15 |
45 |
The password must match. Check! |
The password must match. Check! |
| 16 |
46 |
What about recovering e-mail? |
What about recovering e-mail? |
| 17 |
47 |
[ ] memberof must be stored in ldap_cache. |
[ ] memberof must be stored in ldap_cache. |
| 18 |
|
[ ] rg_ldap_session_time to be set by the ldap server add form. |
|
| 19 |
48 |
[ ] Password must be sent encrypted from ldap_cache to 'users' (update_no_check)). |
[ ] Password must be sent encrypted from ldap_cache to 'users' (update_no_check)). |
| 20 |
|
[ ] When getting data from cache, I have to populate correctly the $ui. |
|
| 21 |
|
It is a valid case for replication: we will have entries in |
|
| 22 |
|
ldap_cache with 'uid' 0. |
|
| 23 |
49 |
[ ] ldap: we do not have the membership and we cannot extract is_admin. |
[ ] ldap: we do not have the membership and we cannot extract is_admin. |
| 24 |
|
Probably other fields. |
|
| 25 |
|
[ ] ldap: ce se intimpla daca schimb cimpul 'uid'? Sa permit asta? |
|
| 26 |
|
Probably I have to clean the cache. |
|
| 27 |
|
Because I do not store all fields in cache and the new uid field |
|
| 28 |
|
probably is missing. Maybe I should test if the field is present and |
|
| 29 |
|
do not delete the cache? Neh... But, if I delete the cache, I lose |
|
| 30 |
|
the links between 'users' and ldap_cache! |
|
| 31 |
|
Mark the ldap_cache entries as 'stalled' and use them only to link to |
|
| 32 |
|
uid? |
|
| 33 |
|
[ ] ldap: default for uid_attr is uid? |
|
|
50 |
|
Probably other fields. Not clear. |
| 34 |
51 |
[ ] ldap: what rights should I give for users added by ldap? |
[ ] ldap: what rights should I give for users added by ldap? |
|
52 |
|
Is still needed to have rights in users? |
| 35 |
53 |
[ ] Pass also the ldap server info, next to 'post', to be able to update |
[ ] Pass also the ldap server info, next to 'post', to be able to update |
| 36 |
54 |
plan_id. |
plan_id. |
| 37 |
|
[ ] ldap: ldap_login: user not found in cache, binding is ok, we are at the |
|
| 38 |
|
end of the function. We should store $ui in cache, but we do not have |
|
| 39 |
|
the users.uid! What to do?! Should I return $ui and insert the user |
|
| 40 |
|
in users and call a callback to update the cache because we have the |
|
| 41 |
|
users.uid? Should it be in a transaction? |
|
| 42 |
|
So login_by_user_pass |
|
| 43 |
|
try to find in in users.db |
|
| 44 |
|
if not found |
|
| 45 |
|
try to search it in ldap_cache |
|
| 46 |
|
if not found |
|
| 47 |
|
search on ldap server |
|
| 48 |
|
if found |
|
| 49 |
|
return $ui |
|
| 50 |
|
now, we have $ui, but the uid may be 0 |
|
| 51 |
|
if 0 |
|
| 52 |
|
insert the new user in database |
|
| 53 |
|
call a callback to update ldap_cache with the |
|
| 54 |
|
uid. |
|
| 55 |
|
should not be in transaction, because next |
|
| 56 |
|
time we will return without uid and we will do |
|
| 57 |
|
an insert into db. NOT GOOD! We must not |
|
| 58 |
|
duplicate users (anyway, it wouldn't work). |
|
| 59 |
|
So, we need a transaction. But, what happends |
|
| 60 |
|
when we delete stuff from the ldap_cache?! |
|
| 61 |
|
Should we mark the users as deleted? |
|
| 62 |
|
Should I use the uuid to not update ldap_cache? |
|
| 63 |
|
|
|
| 64 |
|
If I do link 'users' and 'ldap_cache' by uid: |
|
| 65 |
|
I have to call a 'post' callback, in a transaction to also update ldap_cache.uid |
|
| 66 |
|
Nope. Cannot work. Another login will try to insert the same username. |
|
| 67 |
|
Transactions cannot help! |
|
| 68 |
|
|
|
| 69 |
|
CPU1 CPU2 |
|
| 70 |
|
SELECT FROM users WHERE username = ... |
|
| 71 |
|
SELECT FROM ldap_cache (not found) |
|
| 72 |
|
SELECT FROM users WHERE username = ... |
|
| 73 |
|
SELECT FROM ldap_cache (not found) |
|
| 74 |
|
INSERT INTO users (ok) |
|
| 75 |
|
INSERT INTO users (fail) |
|
| 76 |
|
|
|
| 77 |
|
If I link them by uuid: |
|
| 78 |
|
- No 'post' hook needed |
|
| 79 |
|
- At login time, ldap_cache will give the uuid and I have to |
|
| 80 |
|
search by it in users table. Ugly. |
|
| 81 |
|
For both, I have to update users.username field if different. Event? |
|
| 82 |
|
|
|
| 83 |
|
I can use an advisory lock. |
|
| 84 |
|
|
|
| 85 |
|
Let's see what happens if I link by uuid: |
|
| 86 |
|
first login: ldap_cache is emty |
|
| 87 |
|
ldap_login is called |
|
| 88 |
|
cache is empty, so I continue |
|
| 89 |
|
bind correctly in ldap |
|
| 90 |
|
insert into ldap_cache(..., uuid, ...) |
|
| 91 |
|
return $ui with everything from ldap |
|
| 92 |
|
insert into users with external_id = uuid |
|
| 93 |
|
second login: ldap_cache has the user now |
|
| 94 |
|
ldap_login is called |
|
| 95 |
|
found in users |
|
| 96 |
|
third login: users entry expired |
|
| 97 |
|
found in users but is expired |
|
| 98 |
|
ldap_login is called |
|
| 99 |
|
return $ui with everything from ldap_cache |
|
| 100 |
|
|
|
| 101 |
|
CPU1 CPU2 CPU3 |
|
| 102 |
|
SELECT FROM users (by username/pass) |
|
| 103 |
|
SELECT FROM users (by username/pass) |
|
| 104 |
|
SELECT FROM ldap_cache (by ?) (not found) |
|
| 105 |
|
ldap_bind & co. |
|
| 106 |
|
SELECT FROM ldap_cache (not found) |
|
| 107 |
|
ldap_bind & co. |
|
| 108 |
|
LOCK ldap_cache |
|
| 109 |
|
LOCK ldap_cache |
|
| 110 |
|
SELECT FROM ldap_cache (not found) |
|
| 111 |
|
INSERT INTO users (ok) - to find the uid; nobody can do it concurrently! |
|
| 112 |
|
INSERT INTO ldap_cache (...uid/uuid...) |
|
| 113 |
|
UNLOCK ldap_cache |
|
| 114 |
|
SELECT FROM ldap_cache (found) SELECT FROM users (by username/pass) (expired) |
|
| 115 |
|
SELECT FROM ldap_cache (found) |
|
| 116 |
|
UNLOCK ldap_cache |
|
| 117 |
|
|
|
| 118 |
|
I should try to do a select in ldap_cache, if not found lock the table, |
|
| 119 |
|
do again the select in ldap_cache (someone may insert between select and lock). |
|
| 120 |
|
So, if found in cache, I will not lock the table. |
|
| 121 |
|
One problem: I should not do the bind with the lock taken. Fixed. |
|
| 122 |
|
|
|
| 123 |
|
If I use uuid, when the ldap_cache returns something, I have to do |
|
| 124 |
|
a select in db after uuid to obtain the entry! |
|
| 125 |
|
Another query, another index... |
|
| 126 |
|
|
|
| 127 |
|
What if I would insert into ldap_cache, under lock and then return? |
|
| 128 |
|
Then, two threads will try to insert into 'users'! |
|
| 129 |
|
|
|
| 130 |
|
What if I link 'users' and 'ldap_cache' by username?! |
|
| 131 |
|
|
|
| 132 |
|
=== New plan: ignore 'duplicate unique' errors === |
|
| 133 |
|
CPU1 |
|
| 134 |
|
SELECT FROM users (by username/pass) (not found / expired) |
|
| 135 |
|
SELECT FROM ldap_cache (by mail/ldap_uid/cn) (not found / expired) |
|
| 136 |
|
contact ldap server (binding/search) |
|
| 137 |
|
INSERT INTO ldap_cache (...uid/uuid...) |
|
| 138 |
|
INSERT INTO users (ok) - to find the uid; ignore error |
|
| 139 |
|
apelez un callback care face update la ldap_cache.uid? |
|
| 140 |
|
|
|
| 141 |
|
Pot insera in cache prima data (ce se intimpla daca e deja? update?) |
|
| 142 |
|
Problema e ca e posibil sa nu gasesc row-ul in 'users' ca |
|
| 143 |
|
sa-i fac update si inserez unul nou. Ar trebui sa-l caut mai |
|
| 144 |
|
intii. As putea face update si daca nu merge sa fac insert. |
|
| 145 |
|
Dar, la update, ce WHERE folosesc? external_id? |
|
| 146 |
|
|
|
| 147 |
55 |
[ ] ldap: we may want to check AuthLDAPGroupAttributeIsDN from apache. |
[ ] ldap: we may want to check AuthLDAPGroupAttributeIsDN from apache. |
| 148 |
56 |
[ ] ldap: should we have a 'source' field in users table to signal from where |
[ ] ldap: should we have a 'source' field in users table to signal from where |
| 149 |
57 |
the user come from (web, ldap etc.)? |
the user come from (web, ldap etc.)? |
| 150 |
58 |
[ ] ldap: When updating a server prio, we have to update also the ldap_cache |
[ ] ldap: When updating a server prio, we have to update also the ldap_cache |
| 151 |
59 |
table. Should I use a JOIN to get rid of ldap_cache.prio? |
table. Should I use a JOIN to get rid of ldap_cache.prio? |
| 152 |
60 |
[ ] ldap: Do not store password in clear in database! |
[ ] ldap: Do not store password in clear in database! |
| 153 |
|
[ ] ldap: add a timeout for every server. |
|
| 154 |
|
[ ] ldap: gather all sync stuff and commit in the end for sync=ro? |
|
| 155 |
61 |
[ ] ldap: take care to not allow logins as admins if the group name is user |
[ ] ldap: take care to not allow logins as admins if the group name is user |
| 156 |
62 |
controlled. Should we use ^/$ by default? |
controlled. Should we use ^/$ by default? |
| 157 |
63 |
[ ] ldap: https://github.com/thorin/redmine_ldap_sync |
[ ] ldap: https://github.com/thorin/redmine_ldap_sync |
| |
| 159 |
65 |
[ ] ldap: how to specify if an account is disabled? Some regex needed? |
[ ] ldap: how to specify if an account is disabled? Some regex needed? |
| 160 |
66 |
[ ] ldap: server settings: select between one level or subtree. |
[ ] ldap: server settings: select between one level or subtree. |
| 161 |
67 |
[ ] ldap: what indexes are needed for ldap_* tables? |
[ ] ldap: what indexes are needed for ldap_* tables? |
| 162 |
|
[ ] ldap: Remember, I may have the full ldap db in ldap_cache table, |
|
| 163 |
|
without a link with uid! When a ldap users login for the first time, |
|
| 164 |
|
I can do the link (store uid in ldap_cache table). |
|
| 165 |
|
[ ] ldap: I have to learn entryUUID now! |
|
| 166 |
|
[ ] ldap: when a user logins, she/he uses the e-mail, or uid or something |
|
| 167 |
|
decided by LDAP admin. |
|
| 168 |
|
I have to identify the user in 'users'. How can I? |
|
| 169 |
|
With a table containing: |
|
| 170 |
|
server_id [3] - to be able to remove a server or to not have clashes? |
|
| 171 |
|
uid [55] - may be 0 if the user did not logged in yet |
|
| 172 |
|
ldap_uid [catalinux] |
|
| 173 |
|
userPassword [] - we must be able to decrypt it using the same algo |
|
| 174 |
|
sn |
|
| 175 |
|
givenName |
|
| 176 |
|
gidNumber |
|
| 177 |
|
entryUUID [12345-12345-12345-12345-12345] |
|
| 178 |
|
- to be used when sync data |
|
| 179 |
|
mail [catalinux@rocketgit.com] |
|
| 180 |
|
Do not forget about the groups! |
|
| 181 |
|
When a user connects, I need to search by one of the ldap attributes |
|
| 182 |
|
to obtain the uid, then: |
|
| 183 |
|
if password is not valid, search next entry. |
|
| 184 |
|
if ldap_cache.uid == 0, insert a new entry in 'users' table and update ldap_cache.uid |
|
| 185 |
|
if ldap_cache.uid != 0, we have the uid |
|
| 186 |
|
Can we optimize the search? |
|
| 187 |
|
[] We should try another entry/server if the password does not match. |
|
| 188 |
|
[ ] ldap: somehow delete old ldap servers. Also from cache. |
|
| 189 |
|
[ ] ldap: test: login by email. |
|
| 190 |
|
[ ] ldap: user logins by DN, and, of course, I cannot find it in the database. |
|
| 191 |
|
I have to search for it based on entryUUID. |
|
| 192 |
|
[ ] ldap: now the dilemma is how to add a user from inside ldap_login function! |
|
| 193 |
|
Should we return a special flag which instructs the login function |
|
| 194 |
|
to add the user? |
|
| 195 |
|
[ ] ldap: what plan should have the users? Select it when adding the servers. |
|
| 196 |
|
What if the plan is gone? Use the first one and notify admin? |
|
| 197 |
|
[ ] ldap: now, what field will be the future username in db? uid? Configurable? |
|
| 198 |
|
[ ] ldap: admin: add servers |
|
| 199 |
|
Should we have a daemon to sync with the ldap server? |
|
| 200 |
|
[ ] When upgrading and cache was not up, on rocketgit.com, logged in as admin |
|
| 201 |
|
it asked about initial account! This is not good! |
|
|
68 |
|
[ ] ldap: tests?: somehow delete old ldap servers. Also from cache. |
| 202 |
69 |
[ ] 'meronos' user is with lower 'm', but in the /var/lib/rocketgit/repos/ |
[ ] 'meronos' user is with lower 'm', but in the /var/lib/rocketgit/repos/ |
| 203 |
70 |
folder is with bigger M! Does he renamed the user and I did not updated |
folder is with bigger M! Does he renamed the user and I did not updated |
| 204 |
71 |
the link? |
the link? |
| |
| 219 |
86 |
[ ] Allow download of files in the repo. |
[ ] Allow download of files in the repo. |
| 220 |
87 |
[ ] Username must not contain '::' to not break cache! |
[ ] Username must not contain '::' to not break cache! |
| 221 |
88 |
Hm. Any string containing :: is at risk?! Or the = makes the diff? |
Hm. Any string containing :: is at risk?! Or the = makes the diff? |
| 222 |
|
[ ] Plan for LDAP sync: |
|
| 223 |
|
Should I have a different password in 'users' table for backup? |
|
| 224 |
|
I have to create the users. |
|
| 225 |
|
I have to take it step by step: |
|
| 226 |
|
All posible LDAP servers are verified by priority |
|
| 227 |
|
All servers have some flags (or a single) type: |
|
| 228 |
|
- if a direct connection is made (with or without cache) |
|
| 229 |
|
- if ro repl is used |
|
| 230 |
|
- if rp repl is used |
|
| 231 |
|
But, all may be used. ro/rp replications are pretty the same. |
|
| 232 |
|
Direct connection should be used if anything fails. |
|
| 233 |
|
The cache may be used only if admin decided on how many seconds |
|
| 234 |
|
a cache is valid. |
|
| 235 |
|
ro/rp repl should populate the cache only - a user must |
|
| 236 |
|
not be created in db if the user did not login. |
|
| 237 |
|
So, a user tries to login: |
|
| 238 |
|
- check database - first time the user is not there |
|
| 239 |
|
Second time? |
|
| 240 |
|
Should we mark the entry as being ldap? |
|
| 241 |
|
- go to ldap function |
|
| 242 |
|
- select in ldap cache table if a user is matching (order prio) |
|
| 243 |
|
- if not found, do a direct lookup |
|
| 244 |
|
- update the database? |
|
| 245 |
|
We must insert into database to obtain the uid. |
|
| 246 |
|
The sync process will update the database if needed (entryUUID). |
|
|
89 |
|
[ ] Re-test totp urlencode text |
|
90 |
|
[ ] Feb 16 05:59:01 r1.embedromix.ro crond[21105]: pam_systemd(crond:session): Failed to create session: Maximum number of sessions (8192) reached, refusing further sessions. |
|
91 |
|
[ ] Why php-fpm is active on rg2?! |
|
92 |
|
[ ] When doing opertions, log also the date/time, to be able to easily find |
|
93 |
|
user copy/pasterd errors. |
|
94 |
|
[ ] 2 users, 1 private repo, granted Access rights, but no 'refs' rights. |
|
95 |
|
Trying to clone the repo by the non-owner, gives an errors as repo |
|
96 |
|
does not exists! This is not correct. The user must know that the repo |
|
97 |
|
is there because of the 'Access' rights. So, improve the error message! |
|
98 |
|
[ ] |
| 247 |
99 |
|
|
| 248 |
100 |
== BEFORE NEXT RELEASE == |
== BEFORE NEXT RELEASE == |
|
101 |
|
[ ] Sec: must read https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-zheng-updated.pdf |
|
102 |
|
[ ] Allow authentication by certificate. |
|
103 |
|
[ ] passwords: we need multiple round of hashing. |
|
104 |
|
[ ] sess: do not store the cookie in clear, but hashed. |
|
105 |
|
[ ] ldap: if user is deleted from ldap, destroy all sessions. |
|
106 |
|
[ ] When we are on /user/X page, do not show the username in the first column. |
|
107 |
|
[ ] Zebra for tables! |
|
108 |
|
tr:nth-child(even) { |
|
109 |
|
background-color: #f2f2f2 |
|
110 |
|
} |
|
111 |
|
[ ] Should I allow duplicate e-mails? |
|
112 |
|
[ ] Limit CI disk space and report such errors |
|
113 |
|
[ ] https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence |
|
114 |
|
[ ] ldap: add tags based on some fields and use the tags in filtering/etc. |
|
115 |
|
[ ] totp: we check 2 in the past! Do we test if a past one was not already used? |
|
116 |
|
[ ] Investigate: 'add_header X-Content-Type-Options nosniff;' |
|
117 |
|
[ ] Let admin/user what tls protocols are accepted. |
|
118 |
|
[ ] Basic e-mail validation at sign-up. |
|
119 |
|
[ ] Cache http password |
|
120 |
|
http://stackoverflow.com/questions/5343068/ddg#5343146 |
|
121 |
|
[ ] Add bitbucket into comparison. |
|
122 |
|
Version 5.6.2 has 268MiB! Nice! Not! |
|
123 |
|
[ ] Rights for login: control IP/time/2fa/etc. |
|
124 |
|
[ ] Add possibility to revert a push if the test fails. |
|
125 |
|
Or test the push first and then commit if passed. |
|
126 |
|
[ ] Add pahole as a checker for the binaries. Next to cppcheck. |
|
127 |
|
[ ] In Admin -> Users, show also the size. |
|
128 |
|
Also, we need sorting. |
|
129 |
|
[ ] Add webhook for mastodon (fedrated microblogging) |
|
130 |
|
[ ] Limit resources for a git process (for example how many threads for gc). |
|
131 |
|
[ ] https://letsencrypt.org/become-a-sponsor/ |
|
132 |
|
[ ] Use 'tr:nth-child(2n) { ... } + tr:nth-child(2n + 1) { ... } for stripes. |
|
133 |
|
[ ] Run test wh_http on CentOS / Debian! The client side cert test may fail. |
|
134 |
|
Generic, run the functional tests also on other OSes. |
|
135 |
|
[ ] ldap: gather all sync stuff and commit in the end for sync=ro? |
|
136 |
|
[ ] ldap: The cache may be used only if admin decided on how many seconds |
|
137 |
|
a cache is valid. |
|
138 |
|
[ ] ldap: What if the plan is gone? Use the first one and notify admin? |
|
139 |
|
Or prevent the deletion if is used? |
|
140 |
|
[ ] ldap: after switching to C, add support for replication (both ro and rp). |
|
141 |
|
ro/rp repl should populate the cache only - a user must |
|
142 |
|
not be created in db if the user did not login. |
|
143 |
|
[ ] Seems I do not respect users.rights field. |
|
144 |
|
[ ] Split 'C' user right into 'create public repo' and 'createprivate repo'. |
| 249 |
145 |
[ ] Add compression for JS/CSS. Think about enabling compression for html, |
[ ] Add compression for JS/CSS. Think about enabling compression for html, |
| 250 |
146 |
but, implement some randomization on content to defend against BREACH. |
but, implement some randomization on content to defend against BREACH. |
| 251 |
147 |
For CSRF tokens there is a simple and effective defence, which is to randomize the token by masking it with a different (random) value on every response. The masking does not hide the token (whoever has the token can easily reverse the masking), but it does defeat the attack technique. Guessing is impossible when the secret is changing all the time. Thus, we can expect that most frameworks will adopt this technique. Those who rely on frameworks will only need to upgrade to take advantage of the defence. Those who don’t will have to fix their code. |
For CSRF tokens there is a simple and effective defence, which is to randomize the token by masking it with a different (random) value on every response. The masking does not hide the token (whoever has the token can easily reverse the masking), but it does defeat the attack technique. Guessing is impossible when the secret is changing all the time. Thus, we can expect that most frameworks will adopt this technique. Those who rely on frameworks will only need to upgrade to take advantage of the defence. Those who don’t will have to fix their code. |
| File compare.csv changed (mode: 100644) (index f595a9b..0da219f) |
| 1 |
1 |
"Features / Product","RocketGit","Gitlab CE","GitHub","gitolite","Pagure.io","Gogs.io" |
"Features / Product","RocketGit","Gitlab CE","GitHub","gitolite","Pagure.io","Gogs.io" |
| 2 |
2 |
"[Legal]",,,,,, |
"[Legal]",,,,,, |
| 3 |
3 |
"License","Affero GPLv3+/#0f0","MIT/#0f0","Proprietary/#f00","GPLv2/#0f0","GPLv2 or later/#0f0","MIT/#0f0" |
"License","Affero GPLv3+/#0f0","MIT/#0f0","Proprietary/#f00","GPLv2/#0f0","GPLv2 or later/#0f0","MIT/#0f0" |
| 4 |
|
"Developers keep copyright when contributing {This is about contributing to the Git hosting project, not about projects hosted inside. Signing/agreeing a Contributor Licence Agreement (CLA) is very bad for free software.}","Yes","No","n/a/#f00","Yes","Yes","?" |
|
|
4 |
|
"Developers keep copyright when contributing {This is about contributing to the Git hosting project, not about projects hosted inside. Signing/agreeing a Contributor Licence Agreement (CLA) is very bad for free software.}","Yes","Yes?","n/a/#f00","Yes","Yes","?" |
| 5 |
5 |
"GNU Ethical Repository Criteria Evaluations (see 3)","A (-A4, +A+0, +A+1, +A+2, +A+5)/#0f0","C/#f00","F/#f00","?","A?/#0f0","?" |
"GNU Ethical Repository Criteria Evaluations (see 3)","A (-A4, +A+0, +A+1, +A+2, +A+5)/#0f0","C/#f00","F/#f00","?","A?/#0f0","?" |
| 6 |
6 |
,,,,,, |
,,,,,, |
| 7 |
7 |
"[Features]",,,,,, |
"[Features]",,,,,, |
| 8 |
8 |
"Easy installation {How easy can you install the software on your server?}","Yes","Yes","Yes?","Yes","Yes","Yes" |
"Easy installation {How easy can you install the software on your server?}","Yes","Yes","Yes?","Yes","Yes","Yes" |
| 9 |
9 |
"SELinux policy {SELinux is an application firewall used to improve the security}","Yes","No","?","not needed/#0f0","?","?" |
"SELinux policy {SELinux is an application firewall used to improve the security}","Yes","No","?","not needed/#0f0","?","?" |
| 10 |
|
"Distro friendly {Is a 'yum/dnf/apt-get/etc. update' is enough to update the software? Is it free of a inner package manager?}","Yes","No (see 1)","No (see 1)","Yes","Yes?","Yes?" |
|
|
10 |
|
"Distro friendly {Is a 'yum/dnf/apt-get/etc. update' enough to update the software? Is it free of a inner package manager?}","Yes","No (see 1)","No (see 1)","Yes","Yes?","Yes?" |
| 11 |
11 |
"Bug tracker","Yes","Yes","Yes","No","Yes","?" |
"Bug tracker","Yes","Yes","Yes","No","Yes","?" |
| 12 |
|
"CLI commands (SSH) {Allow SSH commands to show the list of repositories show a repo status etc.}","Yes","No","?","?","?","?" |
|
|
12 |
|
"CLI commands (SSH) {Allow SSH commands to show the list of repositories, show a repo status etc.}","Yes","No","?","?","?","?" |
| 13 |
13 |
"API","Yes","Yes","Yes","?","Yes","?" |
"API","Yes","Yes","Yes","?","Yes","?" |
| 14 |
14 |
"Anonymous push {With no user created, clone, make changes, will push result in a merge request, making it super easy to contribute to a project?}","Yes","No","No","No?","No","?" |
"Anonymous push {With no user created, clone, make changes, will push result in a merge request, making it super easy to contribute to a project?}","Yes","No","No","No?","No","?" |
| 15 |
15 |
"Languages available (i18n)",1,"?","?",1,"?",14 |
"Languages available (i18n)",1,"?","?",1,"?",14 |
| |
| 55 |
55 |
"Page speed: Desktop","96/#0f0","?","81/#0f0","n/a","64/#f00","26/#f00" |
"Page speed: Desktop","96/#0f0","?","81/#0f0","n/a","64/#f00","26/#f00" |
| 56 |
56 |
"CSS size","9KiB/#0f0","250KiB/#f00","560KiB/#f00","n/a","130KiB/#0f0","520KiB/#f00" |
"CSS size","9KiB/#0f0","250KiB/#f00","560KiB/#f00","n/a","130KiB/#0f0","520KiB/#f00" |
| 57 |
57 |
"JS size","0KiB/#0f0","1170KiB/#f00","670KiB/#f00","n/a","450KiB/#f00","350KiB/#f00" |
"JS size","0KiB/#0f0","1170KiB/#f00","670KiB/#f00","n/a","450KiB/#f00","350KiB/#f00" |
|
58 |
|
"Runtime memory footprint","?","?","?","?","?","?" |
| 58 |
59 |
,,,,,, |
,,,,,, |
| 59 |
60 |
"[Notes]",,,,,, |
"[Notes]",,,,,, |
| 60 |
61 |
"*","1) It has a not standard package manager; upgrading distro does not update the git software (pip, gem etc.). Or is a big archive including packages already found in the distribution.",,,,, |
"*","1) It has a not standard package manager; upgrading distro does not update the git software (pip, gem etc.). Or is a big archive including packages already found in the distribution.",,,,, |