Art Cancro [Mon, 2 Jun 2008 03:04:23 +0000 (03:04 +0000)]
Completed the delete-user hook to remove any associated
OpenID records. Also completed an auto-purger function to delete any
stale OpenID associations. Still need to add dump/load code. Now I
remember why I tend to avoid adding top-level database tables.
Dave West [Wed, 28 May 2008 15:15:02 +0000 (15:15 +0000)]
Added a step to setup to get a password for the admin user.
Now when setup is run after it starts the server it will attempt to
create the admin user and set its password. This makes things a little
more obvious for new users setting up a Citadel system for the first
time.
Also it has the added effect of closing the small security hole.
On a new installation setup will grab user 1 before anyone else can thus
ensuring user 1 priviledges and/or it will set the password and user for
whoever the system admin is set to thus preventing the unlikely
situation where some attacker gets there first.
Dave West [Wed, 28 May 2008 00:40:47 +0000 (00:40 +0000)]
Now we name all the private contexts.
Auto purger will complain if a user 0 has no name or does not have a
SYS_* type name as this is considered a bug.
upgrade module will try to fix up names of user 0 and will delete any
user 0 that does not fit the criteria without warning.
User name Citadel is no longer reserved but all usernames starting SYS_*
are.
Art Cancro [Tue, 27 May 2008 03:51:38 +0000 (03:51 +0000)]
Worked around a bug in phpMyID. I *think* this completes the
implementation of OpenID 1.1 protocol (though I'm sure we'll find some edge
cases), and now the only thing left to be done is to write the code to glue
it into Citadel and WebCit authentication.
Art Cancro [Sat, 24 May 2008 04:14:51 +0000 (04:14 +0000)]
libcurl is teh r0x0r, it gives us access to the 'effective' URL
after normalization and redirects, which happens to be exactly what we need
in order to use the URL as a Claimed ID. Implemented the code to do this.
Art Cancro [Fri, 23 May 2008 19:42:42 +0000 (19:42 +0000)]
In order to circumvent AOL's broken OpenID server, and save
some time in the process, we're going to implement stateless mode
instead. Began implementation...
Art Cancro [Wed, 21 May 2008 21:43:26 +0000 (21:43 +0000)]
* More work on OpenID 1.1 Relying Party support
* Changed the startup order to put the citadel.control lock check happen *before* the databases
are opened. Otherwise it can corrupt the databases before the lock check shuts it down.
Art Cancro [Wed, 21 May 2008 17:24:41 +0000 (17:24 +0000)]
* Commented out the 'PrintFlat' and 'PrintFile' functions
because they are only used in debug tests that are also commented
out. Silences a compiler warning.
* Removed parse_url() from libcitadel. No longer necessary because
libcurl handles all this stuff for us now.
Art Cancro [Mon, 19 May 2008 03:33:03 +0000 (03:33 +0000)]
Moved all the OpenID Relying Party code that I've written so far
into the Citadel server, with only glue code in WebCit. This
will allow Relying Party support to be implemented without requiring
a highly trusted webcit client, and it also eliminates the need to
link libcurl into webcit.
Art Cancro [Mon, 19 May 2008 01:36:58 +0000 (01:36 +0000)]
RSS client now uses libcurl instead of the crappy built-in
HTTP client I wrote for this purpose. Not only is it more robust,
but it should be able to handle HTTPS as well. Please note that
because of this change, libcurl is now a dependency.
Art Cancro [Sun, 18 May 2008 04:42:58 +0000 (04:42 +0000)]
Some more tinkering with OpenID.
Also changed webcit.c so that if DEBUG_URLSTRINGS is defined,
all urlstrings will be displayed for each transaction, eliminating
the need to uncomment that code.
Dave West [Fri, 16 May 2008 23:22:22 +0000 (23:22 +0000)]
Added code to report Aide messages if there appears to be something
wrong with IGNet configuration.
It now reports connection attempts from unknown nodes or bad passwords.
It also attempts to validate the nodename of the node it is attempting
to connect to by checking the greeting message. In this case the
connection will proceed with an Aide warning message if they differ.
Situations such as this WILL result in duplication of messages but at
least we now get a warning.
Dave West [Fri, 16 May 2008 22:07:46 +0000 (22:07 +0000)]
Sieve will now only process messages that are newer than its script.
This fixes bug #297
To impliment this I created a new API call CtdlGetCurrentMessageNumber()
this returns the message number currently in use IE the last one
allocated. This is good enough for Sieve in this case and probably good
enough for other things too.
Art Cancro [Thu, 15 May 2008 02:54:23 +0000 (02:54 +0000)]
When printing a message, the page title is now the user's
display name instead of 'Printable view'. This seems to be the
standard practice, presumably to designate the owner of a print
job when using a shared printer.
Art Cancro [Mon, 12 May 2008 02:36:05 +0000 (02:36 +0000)]
* Eliminated the sometimes-wonky resize behavior by changing
the resize handle from an <img> tag to a CSS background-image attribute.
* Override the InPlaceEditor hover events in order to eliminate
that garish highlight effect.
Art Cancro [Mon, 12 May 2008 02:08:07 +0000 (02:08 +0000)]
* Sticky note color selection is now feature complete,
including saving the new color to the server.
* Moved the resize handle to be flush with the corner where it belongs.
Art Cancro [Sun, 11 May 2008 04:52:22 +0000 (04:52 +0000)]
Color selector for sticky notes is now opaque instead
of translucent; it no longer gets covered up by the in-place editor when the mouse
moves into the div, and it disappears when the palette icon is clicked a second
time. Now all that's left to do is write the selector.