1 |
diff -Nur --no-dereference smeserver-git-1.2.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/29GitRepositories smeserver-git-1.2.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/29GitRepositories |
2 |
--- smeserver-git-1.2.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/29GitRepositories 2022-07-22 02:56:15.846000000 -0400 |
3 |
+++ smeserver-git-1.2.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/29GitRepositories 2022-07-22 03:07:22.029000000 -0400 |
4 |
@@ -98,13 +98,13 @@ |
5 |
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
6 |
#~~~ Gitweb default access permissions for viewing |
7 |
|
8 |
- my $gitweb_allow = '127.0.0.1'; # Catch incorrect values, including empty ones |
9 |
+ my $gitweb_allow = 'ip 127.0.0.1'; # Catch incorrect values, including empty ones |
10 |
# Setup the rules from which address range we allow access |
11 |
if( $git{'gitweb_access_from'} ) { |
12 |
if ($git{'gitweb_access_from'} eq 'internet') { |
13 |
- $gitweb_allow = 'All'; |
14 |
+ $gitweb_allow = 'all granted'; |
15 |
} elsif ($git{'gitweb_access_from'} eq 'local') { |
16 |
- $gitweb_allow = $localAccess; |
17 |
+ $gitweb_allow = "ip $localAccess"; |
18 |
} |
19 |
} |
20 |
|
21 |
@@ -262,16 +262,14 @@ |
22 |
$OUT .= " # Access permissions for the git root directory\n"; |
23 |
$OUT .= " <Directory \"$GitRepositoryRoot\">\n"; |
24 |
$OUT .= " Options +ExecCGI\n"; |
25 |
- $OUT .= " Order Allow,Deny\n"; |
26 |
- $OUT .= " Allow from All\n"; |
27 |
+ $OUT .= " Require all granted\n"; |
28 |
$OUT .= " </Directory>\n"; |
29 |
$OUT .= "\n"; |
30 |
|
31 |
$OUT .= " # Access permissions for git backend scripts\n"; |
32 |
$OUT .= " <Directory \"$GitHttpBackendPath\">\n"; |
33 |
$OUT .= " Options +ExecCGI +Indexes\n"; |
34 |
- $OUT .= " Order Allow,Deny\n"; |
35 |
- $OUT .= " Allow from All\n"; |
36 |
+ $OUT .= " Require all granted\n"; |
37 |
$OUT .= " </Directory>\n"; |
38 |
$OUT .= "\n"; |
39 |
|
40 |
@@ -338,16 +336,14 @@ |
41 |
$OUT .= " AllowOverride None\n"; |
42 |
$OUT .= " AddHandler cgi-script .cgi\n"; |
43 |
$OUT .= " DirectoryIndex gitweb.cgi\n"; |
44 |
- $OUT .= " Order Allow,Deny\n"; |
45 |
- $OUT .= " Allow from $gitweb_allow\n"; |
46 |
+ $OUT .= " Require $gitweb_allow\n"; |
47 |
$OUT .= " </Directory>\n\n"; |
48 |
|
49 |
if( $gitweb_theme eq 'enabled' ) { |
50 |
$OUT .= " # Access permissions for additional gitweb theme files\n"; |
51 |
$OUT .= " <Directory \"/etc/e-smith/web/common/gitweb\">\n"; |
52 |
$OUT .= " AllowOverride None\n"; |
53 |
- $OUT .= " Order Allow,Deny\n"; |
54 |
- $OUT .= " Allow from $gitweb_allow\n"; |
55 |
+ $OUT .= " Require $gitweb_allow\n"; |
56 |
$OUT .= " </Directory>\n\n"; |
57 |
} |
58 |
} else { |
59 |
@@ -367,12 +363,12 @@ |
60 |
|
61 |
# Retrieve the network access rules for the repository |
62 |
my $satisfy = 'All'; |
63 |
- my $allow_from_network = '127.0.0.1'; # Catch incorrect values, including empty ones |
64 |
+ my $allow_from_network = 'ip 127.0.0.1'; # Catch incorrect values, including empty ones |
65 |
if( $properties{'allow_access_from'} ) { |
66 |
if( $properties{'allow_access_from'} eq 'internet' ) { |
67 |
- $allow_from_network = 'All'; |
68 |
+ $allow_from_network = 'all granted'; |
69 |
} elsif ($properties{'allow_access_from'} eq 'local') { |
70 |
- $allow_from_network = $localAccess; |
71 |
+ $allow_from_network = "ip $localAccess"; |
72 |
} |
73 |
} |
74 |
|
75 |
@@ -403,6 +399,8 @@ |
76 |
|
77 |
$OUT .= " <LocationMatch \"^$gitpath/(gitweb.cgi/|)$git_repository.git\"> # PULL access to $gitpath/$git_repository.git\n"; |
78 |
|
79 |
+ $OUT .= " <RequireAll>\n"; |
80 |
+ |
81 |
if( $effective_pull_users ) { |
82 |
$OUT .= " # PULL Access Control\n"; |
83 |
$OUT .= " AuthName \"Git repository: $git_repository\.git (" . ($properties{'description'} || "ERROR - DESCRIPTION NOT CONFIGURED!"). ")\"\n"; |
84 |
@@ -414,15 +412,13 @@ |
85 |
} else { |
86 |
$OUT .= " # Anonymous PULL Access\n"; |
87 |
} |
88 |
- if( $allow_from_network ne 'All' ) { |
89 |
+ if( $allow_from_network ne 'all granted' ) { |
90 |
$OUT .= " # Restricted network access\n"; |
91 |
- $OUT .= " Order Deny,Allow\n"; |
92 |
- $OUT .= " Deny from All\n"; |
93 |
- $OUT .= " Allow from $allow_from_network\n"; |
94 |
+ $OUT .= " Require $allow_from_network\n"; |
95 |
} else { |
96 |
- $OUT .= " # Internet access enabled\n"; |
97 |
+ $OUT .= " Require all granted \n # Internet access enabled\n"; |
98 |
} |
99 |
- $OUT .= " Satisfy All\n"; |
100 |
+ $OUT .= " </RequireAll>\n"; |
101 |
|
102 |
$OUT .= " </LocationMatch> # $gitpath/$git_repository.git\n\n"; |
103 |
|
104 |
@@ -433,6 +429,7 @@ |
105 |
|
106 |
$OUT .= " <Location \"/push$gitpath/$git_repository.git\"> # PUSH access to $gitpath/$git_repository.git\n"; |
107 |
|
108 |
+ $OUT .= " <RequireAll>\n"; |
109 |
if( $effective_push_users ) { |
110 |
$OUT .= " # PUSH Access Control\n"; |
111 |
$OUT .= " AuthName \"Git repository: $git_repository\.git (" . ($properties{'description'} || "ERROR - DESCRIPTION NOT CONFIGURED!"). ")\"\n"; |
112 |
@@ -444,15 +441,13 @@ |
113 |
} else { |
114 |
$OUT .= " # Anonymous PUSH Access\n"; |
115 |
} |
116 |
- if( $allow_from_network ne 'All' ) { |
117 |
+ if( $allow_from_network ne 'all granted' ) { |
118 |
$OUT .= " # Restricted network access\n"; |
119 |
- $OUT .= " Order Deny,Allow\n"; |
120 |
- $OUT .= " Deny from All\n"; |
121 |
- $OUT .= " Allow from $allow_from_network\n"; |
122 |
+ $OUT .= " Require $allow_from_network\n"; |
123 |
} else { |
124 |
- $OUT .= " # Internet access enabled\n"; |
125 |
+ $OUT .= " Require all granted \n # Internet access enabled\n"; |
126 |
} |
127 |
- $OUT .= " Satisfy All\n"; |
128 |
+ $OUT .= " </RequireAll>\n"; |
129 |
|
130 |
$OUT .= " </Location> # /push$gitpath/$git_repository.git\n\n"; |
131 |
} |