[koha-commits] main Koha release repository branch 16.05.x updated. v16.05.08-22-gaa5139f
Git repo owner
gitmaster at git.koha-community.org
Tue Jan 31 01:52:10 CET 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".
The branch, 16.05.x has been updated
via aa5139f1ed81188eaa42312a68fe015affe82882 (commit)
via 8de18241aaf73d4b841cc9c795dd2fd315da65e2 (commit)
via 3e64a621ea1ce306a7c2ad6991ce683c20db68d1 (commit)
from 0a336684d6dfd1049591e1e5a0f7fae2c68b2385 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit aa5139f1ed81188eaa42312a68fe015affe82882
Author: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
Date: Fri Jul 29 12:35:22 2016 +0200
Bug 16929: [QA Follow-up] Add dependency for Bytes::Random::Secure
Signed-off-by: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
Signed-off-by: Marc <veron at veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart at bugs.koha-community.org>
commit 8de18241aaf73d4b841cc9c795dd2fd315da65e2
Author: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
Date: Thu Jul 21 08:48:01 2016 +0200
Bug 16929: [QA Follow-up] Shortcut methods and use statements
Resolves the following comments:
I'd prefer to see a generate_csrf method than a CSRF flag.
It'd be better to use instead of require the 2 modules.
Signed-off-by: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
Signed-off-by: Marc <veron at veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart at bugs.koha-community.org>
commit 3e64a621ea1ce306a7c2ad6991ce683c20db68d1
Author: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
Date: Fri Jul 15 14:16:07 2016 +0200
Bug 16929: Prevent opac-memberentry waiting for random chars
Move calls to WWW::CSRF to Koha::Token.
Send a safe random string to WWW::CSRF instead of letting CSRF make a
blocking call to Bytes::Random::Secure. If your server has not enough
entropy, opac-memberentry will hang waiting for more characters in
dev/random. Koha::Token uses Bytes::Random::Secure with the NonBlocking
flag.
Test plan:
[1] Do not yet apply this patch.
[2] If your server has not enough entropy, calling opac-memberentry may
take a while. But this not may be the case for you (no worries).
[3] Apply this patch.
[4] Verify that opac-memberentry still works as expected.
[5] Run t/Token.t
Signed-off-by: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
Yes, my server had entropy trouble (reason for finding the problem).
This patch resolves the delay.
Tested all 3 patches together, works as expected.
Signed-off-by: Marc <veron at veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart at bugs.koha-community.org>
Signed-off-by: Mason James <mtj at kohaaloha.com>
-----------------------------------------------------------------------
Summary of changes:
C4/Installer/PerlDependencies.pm | 5 ++
Koha/Token.pm | 182 ++++++++++++++++++++++++++++++++++++++
opac/opac-memberentry.pl | 24 ++++-
t/Token.t | 45 ++++++++++
4 files changed, 255 insertions(+), 1 deletion(-)
create mode 100644 Koha/Token.pm
create mode 100644 t/Token.t
hooks/post-receive
--
main Koha release repository
More information about the koha-commits
mailing list