Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
19 most recent check-ins by user dmitry
|
2012-11-06
| ||
| 18:38 | Make sure file names in file browser don't wrap by adding white-space property to default CSS. check-in: b83278f6ff user: dmitry tags: trunk | |
|
2012-11-04
| ||
| 12:59 | Fix typos. Closed-Leaf check-in: 45065c5c28 user: dmitry tags: spelling | |
|
2011-12-16
| ||
| 22:00 | Add SSL SNI support (suggested by BohwaZ on mailing list). Simplify setting of port for SSL connection. Closed-Leaf check-in: 132dbcedbc user: dmitry tags: dmitry-fixes | |
|
2011-10-04
| ||
| 15:20 | Add HMAC-SHA1 implementation. Closed-Leaf check-in: dcee34b25f user: dmitry tags: multisession | |
| 15:15 | Merge protection against timing attacks into trunk. check-in: d4a341b49d user: dmitry tags: trunk | |
| 14:38 | Merge trunk into dmitry-security branch. Closed-Leaf check-in: f4eb0f5afc user: dmitry tags: dmitry-security | |
| 14:34 | Rename constant_time_eq to constant_time_cmp to better indicate that these functions return 0 when values are equal, like memcmp, strcmp, etc., not truth, to avoid possible mistakes. check-in: d244c484e7 user: dmitry tags: dmitry-security | |
| 14:28 | Revert the previous change after thinking more about it. Login cards in the sync protocol have the following format: login userid nonce signature Nonce is SHA-1 of the message that follows this line, signature is SHA-1 of the concatenation of the nonce and user's shared secret. The successful timing attack can reveal only signature for this p... check-in: 13a9a1244c user: dmitry tags: dmitry-security | |
|
2011-09-30
| ||
| 10:51 | It seems like blob_constant_time_eq() is unnecessary for sync protocol signatures; removed. check-in: 48bcfbd47b user: dmitry tags: dmitry-security | |
| 09:41 | Catch zero length early in blob_constant_time_eq(). check-in: e3d022dffa user: dmitry tags: dmitry-security | |
|
2011-09-29
| ||
| 21:06 | Fix to the previous fix: install function to the correct database. check-in: 3782276da6 user: dmitry tags: dmitry-security | |
| 21:04 | Fix login groups. check-in: 6f29649ef3 user: dmitry tags: dmitry-security | |
| 17:26 | Fix comment. check-in: a0fa120b74 user: dmitry tags: dmitry-security | |
| 17:21 | Protect against timing attacks by using constant-time comparison function to compare passwords and cookies. check-in: 7f110475ec user: dmitry tags: dmitry-security | |
| 14:07 | When creating a manifest, get isExe and isLink bits from filesystem at once instead of doing two stat(2) calls. check-in: 9bfa186be0 user: dmitry tags: trunk | |
| 11:45 | Change file_size() to file_wd_size() in file_is_the_same(). check-in: 13a771ce18 user: dmitry tags: trunk | |
| 11:05 | Cache "manifest" setting in fossil_reserved_name() instead of reading it from the database on every call. This speeds up adding many files. check-in: a369dc7721 user: dmitry tags: trunk | |
|
2011-09-27
| ||
| 19:28 | Call file_wd_isdir() in file_mkdir(). check-in: 13120e9620 user: dmitry tags: trunk | |
| 19:15 | Change a few instances of file_isdir() to file_wd_isdir(). check-in: f1329470c0 user: dmitry tags: trunk | |