hifis.net issueshttps://codebase.helmholtz.cloud/hifis/overall/hifis.net/-/issues2023-09-14T10:28:55+02:00https://codebase.helmholtz.cloud/hifis/overall/hifis.net/-/issues/465LEOSS.sero-survey platform UC update2023-09-14T10:28:55+02:00Sophie Servan (DESY)LEOSS.sero-survey platform UC updateUpdate and add pictures to the [2020-08-03 use case](https://www.hifis.net/news/use-case/2020/08/03/HZI.html).
- [x] Mail to Dr. Berit Lange, who is responsible (2022-04-28)
- [ ] ReviveUpdate and add pictures to the [2020-08-03 use case](https://www.hifis.net/news/use-case/2020/08/03/HZI.html).
- [x] Mail to Dr. Berit Lange, who is responsible (2022-04-28)
- [ ] ReviveSophie Servan (DESY)Sophie Servan (DESY)https://codebase.helmholtz.cloud/hifis/overall/hifis.net/-/issues/421Liquid exceptions in builds ('tainted?' method)2023-09-14T11:45:58+02:00Uwe Jandt (DESY, HIFIS)Liquid exceptions in builds ('tainted?' method)See e.g. https://codebase.helmholtz.cloud/hifis/overall/hifis.net/-/jobs/825161#L5322
```
Liquid Exception: undefined method `tainted?' for "/assets/img/":String in /builds/hifis/overall/hifis.net/_posts/2019/10/2019-10-29-Blog-Post-Fe...See e.g. https://codebase.helmholtz.cloud/hifis/overall/hifis.net/-/jobs/825161#L5322
```
Liquid Exception: undefined method `tainted?' for "/assets/img/":String in /builds/hifis/overall/hifis.net/_posts/2019/10/2019-10-29-Blog-Post-Features.md
```
not sure from first glimpse where this comes from...
@hueser93 @hueser93 could you please have a look?Huste, TobiasHuste, Tobiashttps://codebase.helmholtz.cloud/hifis/overall/hifis.net/-/issues/400german (partial) version needed?2024-03-13T14:48:42+01:00Lisa Berenike Kuhli (Desy)lisa.klaffki@desy.degerman (partial) version needed?do we need German versions for some parts of the website?
- [x] Basic hints on "Contact us in German as well" !684, !685
- [ ] Start page
- [ ] HIFIS for IT support
- [ ] AAI Tutorial
- [ ] FAQs
---
- technically it is supported and ...do we need German versions for some parts of the website?
- [x] Basic hints on "Contact us in German as well" !684, !685
- [ ] Start page
- [ ] HIFIS for IT support
- [ ] AAI Tutorial
- [ ] FAQs
---
- technically it is supported and very rarely used, e.g. in <https://hifis.net/news/2020/07/08/haicore-kit>, <https://hifis.net/news/2020/06/08/hifis-in-the-egi-newsletter>
- German equivalents are located in <https://codebase.helmholtz.cloud/hifis/overall/hifis.net/-/tree/master/de>Sophie Servan (DESY)Sophie Servan (DESY)https://codebase.helmholtz.cloud/hifis/overall/hifis.net/-/issues/385FAQ: Users report a problem with one of your services. Whom can I contact / c...2023-09-14T11:31:06+02:00Lisa Berenike Kuhli (Desy)lisa.klaffki@desy.deFAQ: Users report a problem with one of your services. Whom can I contact / can I see somewhere, which service is down atm?Enhance the FAQsHuste, TobiasHuste, Tobiashttps://codebase.helmholtz.cloud/hifis/overall/hifis.net/-/issues/366Image-scaling.css: Text flow from lists around pictures does not work correctly2023-09-14T10:46:44+02:00Uwe Jandt (DESY, HIFIS)Image-scaling.css: Text flow from lists around pictures does not work correctlyIn !579, [image-scaling.scss](https://gitlab.hzdr.de/hifis/overall/hifis.net/-/blob/master/assets/css/image-scaling.scss) was added to allow more flexible inclusion of left-right pictures in texts. Thanks @hueser93 !
However, the text f...In !579, [image-scaling.scss](https://gitlab.hzdr.de/hifis/overall/hifis.net/-/blob/master/assets/css/image-scaling.scss) was added to allow more flexible inclusion of left-right pictures in texts. Thanks @hueser93 !
However, the text flow seems to be buggy in lists: If the first bullet point in a lengthy list is rendered with narrow width, all the remaining points of the same list are rendered equally narrow, although space would be available. For example in !512:
![image](/uploads/f4b8784e5dce052dc463e0613683b72f/image.png)
This can be circumvented somewhat by separating lists manually into many sections, but this is not very handy and looks ugly otherwise (large distance between bullet points)
Is there any solution to this?Hueser, ChristianHueser, Christianhttps://codebase.helmholtz.cloud/hifis/overall/hifis.net/-/issues/463UC Trusted Network between AWI and hereon2023-09-14T10:02:11+02:00Uwe Jandt (DESY, HIFIS)UC Trusted Network between AWI and hereonChristian Schäfer-Neth (head IT in AWI) mentioned a use case for the trusted network ([Helmholtz Backbone](https://hifis.net/doc/core-services/backbone-network/)) for trusted transfers between AWI and hereon. He should be contacted for f...Christian Schäfer-Neth (head IT in AWI) mentioned a use case for the trusted network ([Helmholtz Backbone](https://hifis.net/doc/core-services/backbone-network/)) for trusted transfers between AWI and hereon. He should be contacted for further details.Sophie Servan (DESY)Sophie Servan (DESY)https://codebase.helmholtz.cloud/hifis/overall/hifis.net/-/issues/321Improvements / Pitfalls for "S/MIME Signing Git Commits"2023-09-14T10:51:03+02:00Hannes FuchsImprovements / Pitfalls for "S/MIME Signing Git Commits"I stumbled on some issues while following
[S/MIME Signing Git Commits](https://www.hifis.net/tutorial/2020/04/15/smime-signing-git-commits.html)
## 1. `gpgsm` can not handle long passwords
If the PKCS#12 file is protected by a very lon...I stumbled on some issues while following
[S/MIME Signing Git Commits](https://www.hifis.net/tutorial/2020/04/15/smime-signing-git-commits.html)
## 1. `gpgsm` can not handle long passwords
If the PKCS#12 file is protected by a very long password / passphrase it will
fail with `password too long` (limit is hard coded in the source):
```console
$ gpgsm --import <filename>.pfx/p12
gpgsm: 5544 bytes of RC2 encrypted text
gpgsm: password too long
…
gpgsm: password too long
gpgsm: encryptedData error at "outer.outer.seq", offset 2
gpgsm: possibly bad passphrase given
gpgsm: error at "bag.encryptedData", offset 49
gpgsm: error parsing or decrypting the PKCS#12 file
gpgsm: total number processed: 0
```
As work around create new temporarily one with new short (16 characters) password:
```console
$ keytool -importkeystore -destkeystore new.p12 -deststoretype pkcs12 -srckeystore <filename>.pfx/p12
Importing keystore <filename>.pfx/p12 to new.p12...
Enter destination keystore password:
Re-enter new password:
Enter source keystore password:
Entry for alias 1 successfully imported.
Import command completed: 1 entries successfully imported, 0 entries failed or cancelled
```
## 2. `gpgsm` fails with "data error at …"
Try to import:
```console
$ gpgsm --import new.p12
gpgsm: keybox '…/.gnupg/pubring.kbx' created
…
gpgsm: data error at "pkcs5PBES2-params", offset 118
gpgsm: error at "bag-sequence", offset 49
gpgsm: error parsing or decrypting the PKCS#12 file
gpgsm: total number processed: 0
```
Looks like `gpgsm` doesn't like the CA files in the PKCS#12 file. So you have
to create a PKCS#12 only containing the key and certificate.
Extract certificate, key and create new PKCS#12 file:
```console
# Extract user certificate
$ openssl pkcs12 -in <filename>.pfx/p12 -clcerts -nokeys -out usr.crt
Enter Import Password:
# Extract private key
$ openssl pkcs12 -in <filename>.pfx/p12 -nocerts -out usr.key
Enter Import Password:
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
# Merge them back into a p12 file
$ openssl pkcs12 -export -in usr.crt -inkey usr.key -out new.p12
Enter pass phrase for usr.key:
Enter Export Password:
Verifying - Enter Export Password:
```
Based on: [Signed commits with KIT-CA Certificate on Linux](https://git.scc.kit.edu/-/snippets/572)
Finally import the new generated PKCS#12 file:
```console
$ gpgsm --import new.p12
…
gpgsm: total number processed: 2
gpgsm: imported: 1
gpgsm: secret keys read: 1
gpgsm: secret keys imported: 1
```
## 3. SIGNINGKEY (ID) is not grepped when Subject contains `ID`
If the subject contains `ID` (for example in the `OU`) it will use the first
part of the Subject (for example: `/CN=John`). This can be fixed by adjusting
the command slightly:
```console
$ export SIGNINGKEY=$( gpgsm --list-secret-keys | egrep '(key usage|ID:)' | grep -B 1 digitalSignature | awk '/ID:/ {print $2}' )
```
or
```console
$ export SIGNINGKEY=$( gpgsm --list-secret-keys | egrep '(key usage|\s+ID)' | grep -B 1 digitalSignature | awk '/\s+ID/ {print $2}' )
```
## Suggestions
Add a troubleshooting section for the common errors with workarounds. I could add a MR to discuss.