Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-09-02 | Separate directories for code and data | Tzafrir Cohen | |
2013-09-02 | post- scripts: handle configuration files | Tzafrir Cohen | |
2013-08-27 | Debian packaging | Tzafrir Cohen | |
2013-06-26 | Merge pull request #11 from tomgalloway/master | Nick Daly | |
Withsqlite is now added as a submodule. | |||
2013-04-25 | Added withsqlite submodule. | Tom Galloway | |
2013-04-24 | If needed instead of an elif. | Tom Galloway | |
2013-04-23 | Add hosting and auto-archive-creation. | Nick Daly | |
The makefile has three new targets: 1. hosting: Publish repository and automagically build the archives to serve to clients. 2. current-checkout.tar.gz: Create an archive of the current project directory. 3. current-repository.tar.gz: Create an archive of the current project directory along with the source repository metadata so that the archive is a full checkout of the project. | |||
2013-04-23 | Merged with James's upstream. | Nick Daly | |
Hope I did it right. If I screwed up, withsqlite is borked. | |||
2013-03-23 | Updated links issue. | Nick Daly | |
2013-03-23 | Unify authentication errors. | Nick Daly | |
Give the same error if the username doesn't exist or if the password is wrong. If we deliver separate errors, we tell the attacker whether they've picked a valid password or not. Also, if username doesn't exist, hash the password anyway to avoid this timing side-channel attack: 1. Invalid Username: A. User tries to log in with invalid username. B. User name is not found in database. C. Password is never hashed. 2. Invalid Password: A. User tries to log in with valid username. B. User name is found in database. C. Password is hashed. Given that proper password hashing will take a minute, *not* hashing the password takes so much less time that we've effectively indicated to the attacker that the username didn't exist, regardless of the error message. This way, no such error occurs. | |||
2013-03-23 | Don't crash if we couldn't import ExMachina. | Nick Daly | |
2013-03-23 | Added "run make". | Nick Daly | |
2013-03-23 | Build files are now stored in ./vendor/ | Nick Daly | |
2013-02-12 | template fiddling, but who cares. We're going to simplify that way down and ↵ | James Vasile | |
likely delete this file. | |||
2013-02-12 | add text hidden type | James Vasile | |
2013-02-12 | more intro screen work | James Vasile | |
2013-02-09 | remove order line (we don't need it). Don't require auth for firstboot | James Vasile | |
2013-02-09 | log the html root for debugging purposes | James Vasile | |
2013-02-09 | First boot hijacks root if needed | James Vasile | |
2013-02-09 | start to handle state storage and transition | James Vasile | |
2013-02-09 | remove dead code, edit directions to user, minor bug fix | James Vasile | |
2013-02-09 | Make template handle columns, stop using many different versions | James Vasile | |
* adjust template to remove nav and top menu for first boot * base on login_nav.tmpl * add login and nav to template * no need for two_cols, don't populate nav unless one exists | |||
2013-02-09 | use 'with' construct to open file | James Vasile | |
2013-02-09 | new commits | James Vasile | |
2013-02-09 | resolve conflict | James Vasile | |
2013-02-09 | adjust name of sqlite file bc withsqlite will add the extension | James Vasile | |
2013-02-09 | don't track backup text files, don't worry about cherrypy.config | James Vasile | |
2013-02-09 | Adjust how modules are imported | James Vasile | |
* change to u. notation for util, since from foo import * is evil * make import vendor.foo possible * vendor dir is part of the repo now, no need to mkdir * use the vendor.foo notation | |||
2013-02-08 | Yay for first boot screens | James Vasile | |
* import withsqlite into plinth.py and start detecting first boot * new url page and start on forms * update license intro and (c) statement | |||
2013-02-08 | added some more documentation | James Vasile | |
2013-02-07 | use my repo | James Vasile | |
2013-02-07 | add __init__.py | James Vasile | |
2013-02-07 | Update withsqlite | James Vasile | |
2013-02-07 | bit of Makefile reorganization | James Vasile | |
2013-02-07 | adjust makefile to use submodules | James Vasile | |
2013-02-07 | add ex machina as a submodule | James Vasile | |
2013-02-07 | add withsqlite as a subproject | James Vasile | |
2013-02-07 | add missing pieces to make uninstall | James Vasile | |
2013-02-07 | remove some lies from README | James Vasile | |
2013-02-07 | quote the wildcards in rsync excludes | James Vasile | |
2013-02-07 | Don't set DESTDIR in the Makefile | James Vasile | |
See http://www.gnu.org/prep/standards/html_node/DESTDIR.html#DESTDIR | |||
2013-02-07 | no need for this with the new cfg parsing | James Vasile | |
2013-02-07 | Fix paths in installed version | James Vasile | |
* Read python.config from script dir * Make dirs for pid and run Maybe making DESTDIR/var/run during make install is not needed because we can expect the target system to have /var/run, but if it's missing the CherryPy engine will fail when it tries to write the pid. So I added it. | |||
2013-02-07 | Fix CherryPy Config | James Vasile | |
* fixed improperly specified path * don't write cherrpy.config, just pass it as a dict | |||
2013-02-07 | no need to write a cherryp.config | James Vasile | |
2013-02-07 | Makefile improvements | James Vasile | |
* Remove commented out git pull lines. We shouldn't update so automatically. * Use rsync because it gives us --exclude * Put docs where the webserver can find them | |||
2013-02-07 | put man page in place during make install | James Vasile | |
2013-02-06 | tell people to use the issue tracker if they want to complain about a 404 | James Vasile | |
2013-02-06 | silencing some things in Makefile | James Vasile | |
2013-02-06 | copy sample config | James Vasile | |