Hello Michael,

well, actually I used spaces instead of tabs.

Second, git format-patch crashed before, and some global configuration
options (mail address, ...) needed to be set. Quite strange, but well.

I never really used these git functions before, just ran git diff [changed
file] > patch and pasted the content with Signed-off-by in my MUA.

Now, I take the output of git format-patch, remove all those mail headers,
and paste the content in my MUA...

As Einstein said: "Make things as easy as you can - but not easier."
Quite right...

Best regards,
Peter Müller

> It was. What did you change?
> 
> -Michael
> 
> On Wed, 2017-10-11 at 16:52 +0200, Peter Müller wrote:
> > Well, I hope the third try is working now...
> >   
> > > Nope.
> > > 
> > > [root(a)rice-oxley ipfire-2.x]# pwclient git-am -s 1460
> > > Applying patch #1460 using 'git am -s'
> > > Description: [v2] redirect to TLS WebUI if authorisation required
> > > Applying: redirect to TLS WebUI if authorisation required
> > > error: corrupt patch at line 41
> > > Patch failed at 0001 redirect to TLS WebUI if authorisation required
> > > The copy of the patch that failed is found in: .git/rebase-apply/patch
> > > When you have resolved this problem, run "git am --continue".
> > > If you prefer to skip this patch, run "git am --skip" instead.
> > > To restore the original branch and stop patching, run "git am --abort".
> > > 'git am' failed with exit status 128
> > > 
> > > 
> > > On Wed, 2017-10-11 at 15:55 +0200, Peter Müller wrote:  
> > > > Do not allow credentials being submitted in plaintext to Apache.
> > > > Instead, redirect the user with a 301 to the TLS version of IPFire's
> > > > web interface.
> > > > 
> > > > Signed-off-by: Peter Müller <peter.mueller(a)link38.eu>
> > > > ---
> > > > diff --git a/config/httpd/vhosts.d/ipfire-interface.conf
> > > > b/config/httpd/vhosts.d/ipfire-interface.conf
> > > > index 619f90fcc..41d10c874 100644
> > > > --- a/config/httpd/vhosts.d/ipfire-interface.conf
> > > > +++ b/config/httpd/vhosts.d/ipfire-interface.conf
> > > > @@ -12,36 +12,17 @@
> > > >          Require all granted
> > > >      </Directory>
> > > >      <DirectoryMatch "/srv/web/ipfire/html/(graphs|sgraph)">
> > > > -        AuthName "IPFire - Restricted"
> > > > -        AuthType Basic
> > > > -        AuthUserFile /var/ipfire/auth/users
> > > > -        Require user admin
> > > > +	Options SymLinksIfOwnerMatch
> > > > +	RewriteEngine on
> > > > +	RewriteCond %{HTTPS} off
> > > > +	RewriteRule (.*) https://%{SERVER_NAME}:444/$1 [R=301,L]
> > > >      </DirectoryMatch>
> > > >      ScriptAlias /cgi-bin/ /srv/web/ipfire/cgi-bin/
> > > >      <Directory /srv/web/ipfire/cgi-bin>
> > > > -        AllowOverride None
> > > > -        Options None
> > > > -        AuthName "IPFire - Restricted"
> > > > -        AuthType Basic
> > > > -        AuthUserFile /var/ipfire/auth/users
> > > > -        Require user admin
> > > > -         <Files chpasswd.cgi>
> > > > -            Require all granted
> > > > -        </Files>
> > > > -        <Files webaccess.cgi>
> > > > -            Require all granted
> > > > -        </Files>
> > > > -    </Directory>
> > > > +	Options SymLinksIfOwnerMatch
> > > > +	RewriteEngine on
> > > > +	RewriteCond %{HTTPS} off
> > > > +	RewriteRule (.*) https://%{SERVER_NAME}:444/$1 [R=301,L]
> > > >      </Directory>
> > > >      Alias /updatecache/ /var/updatecache/
> > > >  	<Directory /var/updatecache>    
> > 
> >