[koha-commits] main Koha release repository branch 16.05.x updated. v16.05.08-22-gaa5139f

Git repo owner gitmaster at git.koha-community.org
Tue Jan 31 01:52:10 CET 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".

The branch, 16.05.x has been updated
       via  aa5139f1ed81188eaa42312a68fe015affe82882 (commit)
       via  8de18241aaf73d4b841cc9c795dd2fd315da65e2 (commit)
       via  3e64a621ea1ce306a7c2ad6991ce683c20db68d1 (commit)
      from  0a336684d6dfd1049591e1e5a0f7fae2c68b2385 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit aa5139f1ed81188eaa42312a68fe015affe82882
Author: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
Date:   Fri Jul 29 12:35:22 2016 +0200

    Bug 16929: [QA Follow-up] Add dependency for Bytes::Random::Secure
    
    Signed-off-by: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
    
    Signed-off-by: Marc <veron at veron.ch>
    
    Signed-off-by: Jonathan Druart <jonathan.druart at bugs.koha-community.org>

commit 8de18241aaf73d4b841cc9c795dd2fd315da65e2
Author: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
Date:   Thu Jul 21 08:48:01 2016 +0200

    Bug 16929: [QA Follow-up] Shortcut methods and use statements
    
    Resolves the following comments:
    
    I'd prefer to see a generate_csrf method than a CSRF flag.
    It'd be better to use instead of require the 2 modules.
    
    Signed-off-by: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
    
    Signed-off-by: Marc <veron at veron.ch>
    
    Signed-off-by: Jonathan Druart <jonathan.druart at bugs.koha-community.org>

commit 3e64a621ea1ce306a7c2ad6991ce683c20db68d1
Author: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
Date:   Fri Jul 15 14:16:07 2016 +0200

    Bug 16929: Prevent opac-memberentry waiting for random chars
    
    Move calls to WWW::CSRF to Koha::Token.
    Send a safe random string to WWW::CSRF instead of letting CSRF make a
    blocking call to Bytes::Random::Secure. If your server has not enough
    entropy, opac-memberentry will hang waiting for more characters in
    dev/random. Koha::Token uses Bytes::Random::Secure with the NonBlocking
    flag.
    
    Test plan:
    [1] Do not yet apply this patch.
    [2] If your server has not enough entropy, calling opac-memberentry may
        take a while. But this not may be the case for you (no worries).
    [3] Apply this patch.
    [4] Verify that opac-memberentry still works as expected.
    [5] Run t/Token.t
    
    Signed-off-by: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
    Yes, my server had entropy trouble (reason for finding the problem).
    This patch resolves the delay.
    
    Tested all 3 patches together, works as expected.
    Signed-off-by: Marc <veron at veron.ch>
    
    Signed-off-by: Jonathan Druart <jonathan.druart at bugs.koha-community.org>
    Signed-off-by: Mason James <mtj at kohaaloha.com>

-----------------------------------------------------------------------

Summary of changes:
 C4/Installer/PerlDependencies.pm |    5 ++
 Koha/Token.pm                    |  182 ++++++++++++++++++++++++++++++++++++++
 opac/opac-memberentry.pl         |   24 ++++-
 t/Token.t                        |   45 ++++++++++
 4 files changed, 255 insertions(+), 1 deletion(-)
 create mode 100644 Koha/Token.pm
 create mode 100644 t/Token.t


hooks/post-receive
-- 
main Koha release repository

More information about the koha-commits mailing list