nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
diaspora/lib
History
Jonne Haß 2d98c57cf1 [ci skip] The real issue with GnuTLS is actually a flaw in OpenSSL 
which accepts several server misconfigurations

OpenSSL is very liberal about the order and content of the supplied
cert chain. GnuTLS however is very crucial about it. So to support
GnuTLS we need to tell our community to fix their servers (joindiaspora.com
is broken too). You can check it with
gnutls-cli -V --x506cafile=/etc/ssl/ca-certificates.crt $domain
It will print the certs in the order received and say at the end
if it could be verifed. Note that not only the order is important but
also the content. Many example configurations, especially for Nginx,
include the root cert of the CA in the chain which is wrong.
Note from a GnuTLS maintainer: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23573736#29

Revert "Fix federation with GnuTLS by passing the ca_file to Typhoeus"

This reverts commit 640a0181ab.
2012-01-29 00:08:28 +01:00
..
diaspora make this scary join a scope [ci skip] 2012-01-27 02:23:37 -08:00
messagebus fix for the messagebusmailer to be happy 2012-01-03 23:31:24 -08:00
postzord check for presence in dispatcher 2012-01-27 16:30:02 -08:00
rack add unicorn back in. only use one worker process for now. also, move chrome_frame middleware into the correct load path in lib. [ci skip] 2012-01-24 14:56:55 -08:00
salmon remove splunk logging 2011-12-21 14:24:03 -08:00
stream clean up Person scopes, and re-use one in contact controller to deprecate a controller method 2012-01-27 02:23:38 -08:00
tasks suppress annoying resque errors; add a task to clear Resque failures 2012-01-27 14:57:04 -08:00
admin_rack.rb move admin rack to its own file 2011-09-16 13:33:05 -07:00
collect_user_photos.rb Make Photos not inherit from Posts 2011-10-16 13:58:35 +02:00
csv_generator.rb one more csv generator option 2011-10-11 18:57:02 -07:00
development_mail_interceptor.rb should send the email when a new request is received. emails in dev should be intercepted to email@joindiaspora.com for now 2010-10-22 00:49:01 -07:00
diaspora.rb remove all references to the websocket. bang bang. 2012-01-10 12:28:19 -08:00
direction_detector.rb MS DG update copyright 2011-09-14 11:23:12 -07:00
encryptor.rb use ActiveSupport's Base64 encoding methods instead of calling Array#pack directly; strip new lines. 2011-09-16 08:53:13 -07:00
enviroment_configuration.rb do not rely on hoptoad to insert rack ssl 2012-01-22 18:42:06 +01:00
hcard.rb MS DG update copyright 2011-09-14 11:23:12 -07:00
hydra_wrapper.rb [ci skip] The real issue with GnuTLS is actually a flaw in OpenSSL 2012-01-29 00:08:28 +01:00
i18n_interpolation_fallbacks.rb Fix interaction between I18n fallbacks and our interpolation fallback code. Refactor I18n tests into their own file. Remove some test support code that made it hard to test I18n. 2011-07-30 22:41:46 -07:00
postzord.rb MS DG update copyright 2011-09-14 11:23:12 -07:00
publisher.rb Mention the person who invited a user on first message 2011-10-31 22:16:58 -05:00
pubsubhubbub.rb rescue pubsubhubbub error if your pod is offline (resolves issue when posting public posts in dev mode with no internet connectivity) 2011-12-31 13:47:53 -05:00
rake_helpers.rb fixed the batch email invitations 2011-10-27 18:22:19 -07:00
share_visibility_converter.rb MS DG make share_visibility_converter really defensive :( 2012-01-18 11:48:23 -08:00
statistics.rb added first_name to csv task 2011-11-01 14:20:37 -07:00
stream.rb yeah I need to commit the files i guess 2011-10-13 22:27:07 -07:00
unicorn_killer.rb add unicorn back in. only use one worker process for now. also, move chrome_frame middleware into the correct load path in lib. [ci skip] 2012-01-24 14:56:55 -08:00
webfinger.rb rewrite webfinger client and specs; now this is much easier to maintain. 2012-01-18 01:21:28 -08:00
webfinger_profile.rb remove splunk logging 2011-12-21 14:24:03 -08:00