| Commit message (Expand) | Author | Age |
|---|
| * | t/git-untrusted.t: Fix redundant declaration•••Signed-off-by: Simon McVittie <smcv@debian.org>
| Simon McVittie | 2017-10-01 |
| * | t/git-untrusted.t: New test case for untrusted pushes•••This also exercises the typical centralized git repository workflow,
where changes flow from a non-bare clone (for example on a laptop)
to a centralized bare repository, then from the centralized bare
repository to a non-bare clone that is ikiwiki's srcdir.
Signed-off-by: Simon McVittie <smcv@debian.org>
| Simon McVittie | 2017-10-01 |
| * | t/img.t: test determinism of PNG resizing. | intrigeri | 2017-09-01 |
| * | t/img.t: Give better diagnostics if we can't load an image | Simon McVittie | 2017-06-22 |
| * | color, toc: Fix `make test` | Simon McVittie | 2017-05-16 |
| * | color: Use markup for the preserved CSS, not character data•••This still smuggles it past the sanitize step, but avoids having
other plugins that want to capture text content without markup
(notably toc) see the CSS as if it was text content.
| Simon McVittie | 2017-05-16 |
| * | color: Add a unit test | Simon McVittie | 2017-05-16 |
| * | Add a simple unit test for [[!toc]] | Simon McVittie | 2017-05-16 |
| * | Add a test-case for Markdown options | Simon McVittie | 2017-05-16 |
| * | t/git-cgi.t: Wait 1 second before doing a revert that should succeed•••This hopefully fixes a race condition in which the test failed
around 6% of the time.
If we don't wait, the mtime (which is rounded down to 1 second precision
in the APIs we use) will not necessarily change, so the update will not
necessarily cause the page to be refreshed.
Bug-Debian: https://bugs.debian.org/862494
| Simon McVittie | 2017-05-14 |
| * | t/passwordauth.t: new automated test for passwordauth•••In particular this includes an exploit for OVE-20170111-0001.
(cherry picked from commit fbe207212b1f4a395dc297fb274ef07afd7d68f3)
| Simon McVittie | 2017-01-11 |
| * | git-cgi.t: when committing directly, make sure we have a valid author•••In the environment used on ci.debian.net, we have neither a name nor
an email address.
| Simon McVittie | 2017-01-09 |
| * | t/git-cgi.t: fix race condition•••We need the changes to take place at least 1 second after the first
rebuild, so that the changed files are seen to have changed.
| Simon McVittie | 2017-01-09 |
| * | git: Add test coverage for reverting attachments | Simon McVittie | 2016-12-28 |
| * | Add automated test for using the CGI with git, including CVE-2016-10026 | Simon McVittie | 2016-12-28 |
| * | git_revert test: reinstate ikiwiki.setup, and make it work uninstalled•••Previously it was relying on running with an installed ikiwiki
and being able to copy in recentchanges.mdwn and wikiicons/ from the
underlay in /usr. The underlay in ./underlays/basewiki can't be used
(yet) because ikiwiki doesn't allow following symlinks, even from
underlays.
I'd like to make ikiwiki follow symlinks whose destinations can be
verified to be safe (for example making it willing to expose
/usr/share/javascript to the web, but not /etc/passwd), at least from
underlays, but this is security-sensitive so I'm not going to rush
into it.
| Simon McVittie | 2016-12-28 |
| * | Add a manual test for reverting git commits•••Signed-off-by: Simon McVittie <smcv@debian.org>
| Simon McVittie | 2016-12-19 |
| * | Exclude working directory from library path (CVE-2016-1238)•••Current Perl versions put '.' at the end of the library search path
@INC, although this will be fixed in a future Perl release. This means
that when software loads an optionally-present module, it will be
looked for in the current working directory before giving up. An
attacker could use this to execute arbitrary Perl code from ikiwiki's
current working directory.
Removing '.' from the library search path in Perl is the correct
fix for this vulnerability, but is not trivial to do due to
backwards-compatibility concerns. Mitigate this (even if ikiwiki is run
with a vulnerable Perl version) by explicitly removing '.' from the
search path, and instead looking for ikiwiki's own modules relative
to the absolute path of the executable when run from the source
directory.
In tests that specifically want to use the current working directory,
use "-I".getcwd instead of "-I." so we use its absolute path, which
is immune to the removal of ".".
| Simon McVittie | 2016-07-28 |
| * | Wrapper: allocate new environment dynamically•••Otherwise, if third-party plugins extend newenviron by more than
3 entries, we could overflow the array. It seems unlikely that any
third-party plugin manipulates newenviron in practice, so this
is mostly theoretical. Just in case, I have deliberately avoided
using "i" as the variable name, so that any third-party plugin
that was manipulating newenviron directly will now result in the
wrapper failing to compile.
I have not assumed that realloc(NULL, ...) works as an equivalent of
malloc(...), in case there are still operating systems where that
doesn't work.
| Simon McVittie | 2016-05-11 |
| * | img test: exercise upper-case extensions for image files | Simon McVittie | 2016-05-09 |
| * | Fix spelling of "ratio" in test. | Amitai Schlair | 2016-05-08 |
| * | img: make img_allowed_formats case-insensitive | Simon McVittie | 2016-05-07 |
| * | update test suite for svg passthrough by img directive•••Remove build dependency libmagickcore-6.q16-2-extra which was only there
for this test.
| Joey Hess | 2016-05-06 |
| * | img: check magic number before giving common formats to ImageMagick•••This mitigates CVE-2016-3714 and similar vulnerabilities by
avoiding passing obviously-wrong input to ImageMagick decoders.
| Simon McVittie | 2016-05-05 |
| * | img: restrict to JPEG, PNG and GIF images by default•••This mitigates CVE-2016-3714. Wiki administrators who know that they
have prevented arbitrary code execution via other formats can re-enable
the other formats if desired.
| Simon McVittie | 2016-05-05 |
| * | Fix CVS tests by uninverting $installed (cdfb4ab). | Amitai Schlair | 2016-02-18 |
| * | Compose relative URLs in RSS feeds correctly•••If the relative link from the (page generating the) RSS to the target
would start with "./" or "../", just concatenating it with the URL to
the directory containing the RSS is not sufficient. Go via
URI::new_abs to fix this.
| Simon McVittie | 2016-01-21 |
| * | Don't fail to syslog if the wiki name contains %s•••This is a corner case spotted while fixing UTF-8 syslogging.
| Simon McVittie | 2016-01-21 |
| * | Force log messages to be bytestrings•••Sys::Syslog is not UTF-8-literate.
| Simon McVittie | 2016-01-21 |
| * | img test: use the right filenames when testing that deletion occurs•••Also use a less misleading name for the sample SVG: it is no longer empty.
Since commit 105f285a it has contained a blue square.
| Simon McVittie | 2016-01-19 |
| * | img test: skip testing PDFs if unsupported | Simon McVittie | 2016-01-19 |
| * | Merge remote-tracking branch 'smcv/ready/limit' | Simon McVittie | 2015-11-30 |
| |\ |
|
| | * | Rename show parameter of [[!inline]] and [[!pagestats]] to limit•••The old name still works, if its value is numeric.
This name allows a non-numeric "show" to mean the same thing
it does for [[!map]] (show title, show description, etc.).
| Simon McVittie | 2014-09-14 |
| * | | Add a test for unconfigured git identity | Simon McVittie | 2015-11-30 |
| * | | tests: consistently use done_testing instead of no_plan | Simon McVittie | 2015-11-30 |
| * | | t/img.t: do not spuriously skip | Simon McVittie | 2015-11-30 |
| * | | Run autopkgtest tests using autodep8 and the pkg-perl team's infrastructure | Simon McVittie | 2015-11-30 |
| * | | Fix [[!meta name=foo]] by closing the open quote. | Amitai Schlair | 2015-08-22 |
| * | | Sans ImageMagick, bail gracefully. | Amitai Schlair | 2015-08-22 |
| * | | Mark a few straggling test scripts +x. | Amitai Schlair | 2015-08-18 |
| * | | Test many behaviors of the meta directive. | Amitai Schlair | 2015-08-15 |
| * | | Squelch regex deprecation warnings from Perl 5.22.•••Specifically:
"Unescaped left brace in regex is deprecated, passed through in regex"
| Amitai Schlair | 2015-06-14 |
| * | | img test: set old timestamp on source file that will change•••This is so that the test will pass even if it takes less than 1 second.
| Simon McVittie | 2015-06-14 |
| * | | img: stop ImageMagick trying to be clever if filenames contain a colon•••$im->Read() takes a filename-like argument with several sets of special
syntax. Most of the possible metacharacters are escaped by the
default `wiki_file_chars` (and in any case not particularly disruptive),
but the colon ":" is not.
It seems the way to force ImageMagick to treat colons within the
filename as literal is to prepend a colon, so do that.
| Simon McVittie | 2015-06-13 |
| * | | t/inline.t: accept translations of "Add a new post titled:" (Closes: #779365) | Simon McVittie | 2015-03-01 |
| * | | Standardize on --long-option instead of -long-option•••[[forum/refresh_and_setup]] indicates some confusion between --setup
and -setup. Both work, but it's clearer if we stick to one in
documentation and code.
A 2012 commit to [[plugins/theme]] claims that "-setup" is required
and "--setup" won't work, but I cannot find any evidence in ikiwiki's
source code that this has ever been the case.
| Simon McVittie | 2015-03-01 |
| * | | textile-double-escape-bug.t: tolerate any valid encoding•••Discount in current Debian unstable turns the IURI href into a URI
by encoding the Unicode as UTF-8 and %-escaping each byte.
That is valid, and matches Wikipedia's expectations, but was breaking
this test for me.
It would also be entirely valid (and lead to equivalent parsing) if the
รถ was represented as ö, ö or ö in the text and/or the href.
| Simon McVittie | 2015-01-06 |
| * | | Turn positive test for wrong behaviour into a TODO test for right behaviour•••We don't want ikiwiki's tests to stop passing when
Text::Textile is fixed.
| Simon McVittie | 2015-01-06 |
| * | | Document an annoying Text::Textile encoding bug. | Amitai Schlair | 2014-12-22 |
| * | | Add regression test for libdir/libdirs | Simon McVittie | 2014-12-09 |