diff options
author | Ivan Kohler <ivan@freeside.biz> | 2012-06-07 16:55:45 -0700 |
---|---|---|
committer | Ivan Kohler <ivan@freeside.biz> | 2012-06-07 16:55:45 -0700 |
commit | c24d6e2242ae0e026684b8f95decf156aba6e75e (patch) | |
tree | 8597d00e2e6bf2cf400437b9344f43b1500da412 /rt/etc | |
parent | 6686c29104e555ea23446fe1db330664fa110bc0 (diff) |
rt 4.0.6
Diffstat (limited to 'rt/etc')
-rw-r--r-- | rt/etc/RT_Config.pm.in | 72 | ||||
-rw-r--r-- | rt/etc/schema.mysql | 2 | ||||
-rwxr-xr-x | rt/etc/upgrade/vulnerable-passwords.in | 3 |
3 files changed, 66 insertions, 11 deletions
diff --git a/rt/etc/RT_Config.pm.in b/rt/etc/RT_Config.pm.in index 925f0cabe..de7660a19 100644 --- a/rt/etc/RT_Config.pm.in +++ b/rt/etc/RT_Config.pm.in @@ -350,13 +350,8 @@ Set($StoreLoops, undef); C<$MaxAttachmentSize> sets the maximum size (in bytes) of attachments stored in the database. -For MySQL and Oracle, we set this size to 10 megabytes. If you're -running a PostgreSQL version earlier than 7.1, you will need to drop -this to 8192. (8k) - =cut - Set($MaxAttachmentSize, 10_000_000); =item C<$TruncateLongAttachments> @@ -892,6 +887,8 @@ Set($CanonicalizeRedirectURLs, 0); A list of JavaScript files to be included in head. Removing any of the default entries is not suggested. +If you're a plugin author, refer to RT->AddJavaScript. + =cut Set(@JSFiles, qw/ @@ -928,6 +925,8 @@ directory, or from http://www.crockford.com/javascript/jsmin.html A list of additional CSS files to be included in head. +If you're a plugin author, refer to RT->AddStyleSheets. + =cut Set(@CSSFiles, qw//); @@ -1789,8 +1788,50 @@ This disables RT's clickjacking protection. Set($Framebusting, 1); +=item C<$RestrictReferrer> + +If set to a false value, the HTTP C<Referer> (sic) header will not be +checked to ensure that requests come from RT's own domain. As RT allows +for GET requests to alter state, disabling this opens RT up to +cross-site request forgery (CSRF) attacks. + +=cut + +Set($RestrictReferrer, 1); + +=item C<$RestrictLoginReferrer> + +If set to a false value, RT will allow the user to log in from any link +or request, merely by passing in C<user> and C<pass> parameters; setting +it to a true value forces all logins to come from the login box, so the +user is aware that they are being logged in. The default is off, for +backwards compatability. + +=cut + +Set($RestrictLoginReferrer, 0); + +=item C<$ReferrerWhitelist> + +This is a list of hostname:port combinations that RT will treat as being +part of RT's domain. This is particularly useful if you access RT as +multiple hostnames or have an external auth system that needs to +redirect back to RT once authentication is complete. + + Set(@ReferrerWhitelist, qw(www.example.com:443 www3.example.com:80)); + +If the "RT has detected a possible cross-site request forgery" error is triggered +by a host:port sent by your browser that you believe should be valid, you can copy +the host:port from the error message into this list. + +=cut + +Set(@ReferrerWhitelist, qw()); + =back + + =head1 Authorization and user configuration =over 4 @@ -1856,10 +1897,9 @@ Set($AutoCreate, undef); =item C<$WebSessionClass> -C<$WebSessionClass> is the class you wish to use for managing -Sessions. It defaults to use your SQL database, but if you are using -MySQL 3.x and plans to use non-ascii Queue names, uncomment and add -this line to F<RT_SiteConfig.pm> to prevent session corruption. +C<$WebSessionClass> is the class you wish to use for managing sessions. +It defaults to use your SQL database, except on Oracle, where it +defaults to files on disk. =cut @@ -2206,6 +2246,14 @@ be changed to this value. When an approval is denied, the status of depending tickets will be changed to this value. +=item reminder_on_open + +When a reminder is opened, the status will be changed to this value. + +=item reminder_on_resolve + +When a reminder is resolved, the status will be changed to this value. + =back =head2 Transitions between statuses and UI actions @@ -2352,6 +2400,8 @@ Set(%Lifecycles, on_merge => 'resolved', approved => 'open', denied => 'rejected', + reminder_on_open => 'open', + reminder_on_resolve => 'resolved', }, transitions => { @@ -2425,6 +2475,8 @@ Set(%Lifecycles, defaults => { on_create => 'new', on_merge => 'resolved', + reminder_on_open => 'open', + reminder_on_resolve => 'resolved', }, transitions => { @@ -2529,7 +2581,7 @@ Set(%AdminSearchResultFormat, Queues => q{'<a href="__WebPath__/Admin/Queues/Modify.html?id=__id__">__id__</a>/TITLE:#'} .q{,'<a href="__WebPath__/Admin/Queues/Modify.html?id=__id__">__Name__</a>/TITLE:Name'} - .q{,__Description__,__Address__,__Priority__,__DefaultDueIn__,__Disabled__}, + .q{,__Description__,__Address__,__Priority__,__DefaultDueIn__,'__Disabled__,__Lifecycle__}, Groups => q{'<a href="__WebPath__/Admin/Groups/Modify.html?id=__id__">__id__</a>/TITLE:#'} diff --git a/rt/etc/schema.mysql b/rt/etc/schema.mysql index c313aaf54..9ed0337aa 100644 --- a/rt/etc/schema.mysql +++ b/rt/etc/schema.mysql @@ -413,7 +413,7 @@ CREATE TABLE Attributes ( id INTEGER NOT NULL AUTO_INCREMENT, Name varchar(255) NULL , Description varchar(255) NULL , - Content BLOB, + Content LONGBLOB, ContentType varchar(16) CHARACTER SET ascii, ObjectType varchar(64) CHARACTER SET ascii, ObjectId integer, # foreign key to anything diff --git a/rt/etc/upgrade/vulnerable-passwords.in b/rt/etc/upgrade/vulnerable-passwords.in index 728786fb6..a3d719c31 100755 --- a/rt/etc/upgrade/vulnerable-passwords.in +++ b/rt/etc/upgrade/vulnerable-passwords.in @@ -89,6 +89,9 @@ push @{$users->{'restrictions'}{ "main.Password" }}, "AND", { value => '40', }; +# we want to update passwords on disabled users +$users->{'find_disabled_rows'} = 1; + my $count = $users->Count; if ($count == 0) { print "No users with unsalted or weak cryptography found.\n"; |