Remove unused vhost configuration directives.
They are related to "dial.cgi" and /cgi-bin/dial/, which both do not exist in IPFire.
Signed-off-by: Peter Müller peter.mueller@link38.eu --- diff --git a/config/httpd/vhosts.d/ipfire-interface-ssl.conf b/config/httpd/vhosts.d/ipfire-interface-ssl.conf index bec0d580b..eef2d45e2 100644 --- a/config/httpd/vhosts.d/ipfire-interface-ssl.conf +++ b/config/httpd/vhosts.d/ipfire-interface-ssl.conf @@ -45,29 +45,12 @@ <Files webaccess.cgi> Require all granted </Files> - <Files dial.cgi> - <RequireAll> - Require user admin - Require ssl - </RequireAll> - </Files> - </Directory> - <Directory /srv/web/ipfire/cgi-bin/dial> - AllowOverride None - Options None - AuthName "IPFire - Restricted" - AuthType Basic - AuthUserFile /var/ipfire/auth/users - <RequireAll> - Require user admin dial - Require ssl - </RequireAll> </Directory> <Files ~ ".(cgi|shtml?)$"> - SSLOptions +StdEnvVars + SSLOptions +StdEnvVars </Files> <Directory /srv/web/ipfire/cgi-bin> - SSLOptions +StdEnvVars + SSLOptions +StdEnvVars </Directory> SetEnv HOME /home/nobody SetEnvIf User-Agent ".*MSIE.*" \ diff --git a/config/httpd/vhosts.d/ipfire-interface.conf b/config/httpd/vhosts.d/ipfire-interface.conf index a0537b392..57cf8ba17 100644 --- a/config/httpd/vhosts.d/ipfire-interface.conf +++ b/config/httpd/vhosts.d/ipfire-interface.conf @@ -25,13 +25,6 @@ RewriteCond %{HTTPS} off RewriteRule (.*) https://%%7BSERVER_NAME%7D:444/$1 [R=301,L] </Directory> - <Directory /srv/web/ipfire/cgi-bin/dial> - AllowOverride None - Options SymLinksIfOwnerMatch - RewriteEngine on - RewriteCond %{HTTPS} off - RewriteRule (.*) https://%%7BSERVER_NAME%7D:444/$1 [R=301,L] - </Directory> Alias /updatecache/ /var/updatecache/ <Directory /var/updatecache> Options ExecCGI
Hi,
this patch doesn't apply against next?
Could you please rebase it?
On Mon, 2017-09-25 at 17:59 +0200, Peter Müller wrote:
Remove unused vhost configuration directives.
They are related to "dial.cgi" and /cgi-bin/dial/, which both do not exist in IPFire.
Signed-off-by: Peter Müller peter.mueller@link38.eu
diff --git a/config/httpd/vhosts.d/ipfire-interface-ssl.conf b/config/httpd/vhosts.d/ipfire-interface-ssl.conf index bec0d580b..eef2d45e2 100644 --- a/config/httpd/vhosts.d/ipfire-interface-ssl.conf +++ b/config/httpd/vhosts.d/ipfire-interface-ssl.conf @@ -45,29 +45,12 @@ <Files webaccess.cgi> Require all granted </Files>
<Files dial.cgi><RequireAll>Require user adminRequire ssl
I think that line doesn't exist in next.
</RequireAll></Files></Directory>
- <Directory /srv/web/ipfire/cgi-bin/dial>
AllowOverride NoneOptions NoneAuthName "IPFire - Restricted"AuthType BasicAuthUserFile /var/ipfire/auth/users<RequireAll>Require user admin dialRequire ssl</RequireAll></Directory> <Files ~ "\.(cgi|shtml?)$">
- SSLOptions +StdEnvVars
SSLOptions +StdEnvVars
Indentation has also changed here.
</Files> <Directory /srv/web/ipfire/cgi-bin>
- SSLOptions +StdEnvVars
SSLOptions +StdEnvVars
And here.
</Directory> SetEnv HOME /home/nobody SetEnvIf User-Agent ".*MSIE.*" \diff --git a/config/httpd/vhosts.d/ipfire-interface.conf b/config/httpd/vhosts.d/ipfire-interface.conf index a0537b392..57cf8ba17 100644 --- a/config/httpd/vhosts.d/ipfire-interface.conf +++ b/config/httpd/vhosts.d/ipfire-interface.conf @@ -25,13 +25,6 @@ RewriteCond %{HTTPS} off RewriteRule (.*) https://%%7BSERVER_NAME%7D:444/$1 [R=301,L] </Directory>
- <Directory /srv/web/ipfire/cgi-bin/dial>
AllowOverride NoneOptions SymLinksIfOwnerMatchRewriteEngine onRewriteCond %{HTTPS} offRewriteRule (.*) https://%{SERVER_NAME}:444/$1 [R=301,L]</Directory> Alias /updatecache/ /var/updatecache/ <Directory /var/updatecache> Options ExecCGI
-Michael
Hello Michael,
thanks for the hint.
Hi,
this patch doesn't apply against next?
Could you please rebase it?
Yes, sent in the patch a few seconds ago.
(I included both deleting unused directory configs and forcing TLS for authentications. Of course, one should always split his/her patches, but with these small changes, it does not make sense to me.)
On Mon, 2017-09-25 at 17:59 +0200, Peter Müller wrote:
Remove unused vhost configuration directives.
They are related to "dial.cgi" and /cgi-bin/dial/, which both do not exist in IPFire.
Signed-off-by: Peter Müller peter.mueller@link38.eu
diff --git a/config/httpd/vhosts.d/ipfire-interface-ssl.conf b/config/httpd/vhosts.d/ipfire-interface-ssl.conf index bec0d580b..eef2d45e2 100644 --- a/config/httpd/vhosts.d/ipfire-interface-ssl.conf +++ b/config/httpd/vhosts.d/ipfire-interface-ssl.conf @@ -45,29 +45,12 @@ <Files webaccess.cgi> Require all granted </Files>
<Files dial.cgi><RequireAll>Require user adminRequire sslI think that line doesn't exist in next.
Yes, it was from the old "[v2] force transport encryption for WebUI logins"-patch.
</RequireAll></Files></Directory>
- <Directory /srv/web/ipfire/cgi-bin/dial>
AllowOverride NoneOptions NoneAuthName "IPFire - Restricted"AuthType BasicAuthUserFile /var/ipfire/auth/users<RequireAll>Require user admin dialRequire ssl</RequireAll></Directory> <Files ~ "\.(cgi|shtml?)$">
- SSLOptions +StdEnvVars
SSLOptions +StdEnvVarsIndentation has also changed here.
I see.
The new combined patch should work now. :-)
Best regards, Peter Müller
</Files> <Directory /srv/web/ipfire/cgi-bin>
- SSLOptions +StdEnvVars
SSLOptions +StdEnvVarsAnd here.
</Directory> SetEnv HOME /home/nobody SetEnvIf User-Agent ".*MSIE.*" \diff --git a/config/httpd/vhosts.d/ipfire-interface.conf b/config/httpd/vhosts.d/ipfire-interface.conf index a0537b392..57cf8ba17 100644 --- a/config/httpd/vhosts.d/ipfire-interface.conf +++ b/config/httpd/vhosts.d/ipfire-interface.conf @@ -25,13 +25,6 @@ RewriteCond %{HTTPS} off RewriteRule (.*) https://%%7BSERVER_NAME%7D:444/$1 [R=301,L] </Directory>
- <Directory /srv/web/ipfire/cgi-bin/dial>
AllowOverride NoneOptions SymLinksIfOwnerMatchRewriteEngine onRewriteCond %{HTTPS} offRewriteRule (.*) https://%{SERVER_NAME}:444/$1 [R=301,L]</Directory> Alias /updatecache/ /var/updatecache/ <Directory /var/updatecache> Options ExecCGI
-Michael
Hi,
On Mon, 2017-10-09 at 22:24 +0200, Peter Müller wrote:
Hello Michael,
thanks for the hint.
Hi,
this patch doesn't apply against next?
Could you please rebase it?
Yes, sent in the patch a few seconds ago.
(I included both deleting unused directory configs and forcing TLS for authentications. Of course, one should always split his/her patches, but with these small changes, it does not make sense to me.)
You guessed right. And it does make sense :)
On Mon, 2017-09-25 at 17:59 +0200, Peter Müller wrote:
Remove unused vhost configuration directives.
They are related to "dial.cgi" and /cgi-bin/dial/, which both do not exist in IPFire.
Signed-off-by: Peter Müller peter.mueller@link38.eu
diff --git a/config/httpd/vhosts.d/ipfire-interface-ssl.conf b/config/httpd/vhosts.d/ipfire-interface-ssl.conf index bec0d580b..eef2d45e2 100644 --- a/config/httpd/vhosts.d/ipfire-interface-ssl.conf +++ b/config/httpd/vhosts.d/ipfire-interface-ssl.conf @@ -45,29 +45,12 @@ <Files webaccess.cgi> Require all granted </Files>
<Files dial.cgi><RequireAll>Require user adminRequire sslI think that line doesn't exist in next.
Yes, it was from the old "[v2] force transport encryption for WebUI logins"- patch.
The best way would be to have a patchset then with all of them in it. Or just submit one after the other. Up to you.
</RequireAll></Files></Directory>
- <Directory /srv/web/ipfire/cgi-bin/dial>
AllowOverride NoneOptions NoneAuthName "IPFire - Restricted"AuthType BasicAuthUserFile /var/ipfire/auth/users<RequireAll>Require user admin dialRequire ssl</RequireAll></Directory> <Files ~ "\.(cgi|shtml?)$">
- SSLOptions +StdEnvVars
SSLOptions +StdEnvVarsIndentation has also changed here.
I see.
The new combined patch should work now. :-)
Best regards, Peter Müller
</Files> <Directory /srv/web/ipfire/cgi-bin>
- SSLOptions +StdEnvVars
SSLOptions +StdEnvVarsAnd here.
</Directory> SetEnv HOME /home/nobody SetEnvIf User-Agent ".*MSIE.*" \diff --git a/config/httpd/vhosts.d/ipfire-interface.conf b/config/httpd/vhosts.d/ipfire-interface.conf index a0537b392..57cf8ba17 100644 --- a/config/httpd/vhosts.d/ipfire-interface.conf +++ b/config/httpd/vhosts.d/ipfire-interface.conf @@ -25,13 +25,6 @@ RewriteCond %{HTTPS} off RewriteRule (.*) https://%%7BSERVER_NAME%7D:444/$1 [R=301,L] </Directory>
- <Directory /srv/web/ipfire/cgi-bin/dial>
AllowOverride NoneOptions SymLinksIfOwnerMatchRewriteEngine onRewriteCond %{HTTPS} offRewriteRule (.*) https://%{SERVER_NAME}:444/$1 [R=301,L]</Directory> Alias /updatecache/ /var/updatecache/ <Directory /var/updatecache> Options ExecCGI
-Michael
-Michael
-
Michael Tremer -
Peter Müller