1 |
diff -Nur --no-dereference smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares |
2 |
--- smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2022-07-25 02:05:42.911000000 -0400 |
3 |
+++ smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2022-07-25 02:50:54.087000000 -0400 |
4 |
@@ -11,10 +11,14 @@ |
5 |
my $key = $share->key; |
6 |
|
7 |
my $allow; |
8 |
+ my $allow24; |
9 |
my $pass; |
10 |
my $satisfy; |
11 |
+ my $satisfy24begin; |
12 |
+ my $satisfy24end; |
13 |
my $davreaders; |
14 |
my $davwallow = ''; |
15 |
+ my $davwallow24 = ''; |
16 |
my $webdav = (($properties{'WebDav'} || 'disabled') =~ m/^(enabled|on|yes)$/i) ? 1 : 0; |
17 |
|
18 |
# Find which users have read or write access |
19 |
@@ -65,33 +69,49 @@ |
20 |
if ($properties{'httpAccess'}) { |
21 |
if ($properties{'httpAccess'} eq 'local') { |
22 |
$allow = "$localAccess $externalSSLAccess"; |
23 |
+ $allow24 = "ip $localAccess $externalSSLAccess"; |
24 |
$pass = 0; |
25 |
$satisfy = 'all'; |
26 |
+ $satisfy24begin = "<RequireAll>"; |
27 |
+ $satisfy24end = "</RequireAll>"; |
28 |
$davreaders = ''; |
29 |
} |
30 |
elsif ($properties{'httpAccess'} eq 'local-pw') { |
31 |
$allow = "$localAccess $externalSSLAccess"; |
32 |
+ $allow24 = "ip $localAccess $externalSSLAccess"; |
33 |
$pass = 1; |
34 |
$satisfy = 'all'; |
35 |
+ $satisfy24begin = "<RequireAll>"; |
36 |
+ $satisfy24end = "</RequireAll>"; |
37 |
$davreaders = "Require user $readers"; |
38 |
} |
39 |
elsif ($properties{'httpAccess'} eq 'global') { |
40 |
$allow = 'all'; |
41 |
+ $allow24 = "all granted"; |
42 |
$pass = 0; |
43 |
$satisfy = 'all'; |
44 |
+ $satisfy24begin = "<RequireAll>"; |
45 |
+ $satisfy24end = "</RequireAll>"; |
46 |
$davreaders = ''; |
47 |
} |
48 |
elsif ($properties{'httpAccess'} eq 'global-pw') { |
49 |
$allow = 'all'; |
50 |
+ $allow24 = "all granted"; |
51 |
$pass = 1; |
52 |
$satisfy = 'all'; |
53 |
+ $satisfy24begin = "<RequireAll>"; |
54 |
+ $satisfy24end = "</RequireAll>"; |
55 |
$davreaders = "Require user $readers"; |
56 |
} |
57 |
elsif ($properties{'httpAccess'} eq 'global-pw-remote') { |
58 |
$allow = "$localAccess $externalSSLAccess"; |
59 |
+ $allow24 = "ip $localAccess $externalSSLAccess"; |
60 |
$davwallow = 'all'; |
61 |
+ $davwallow24 = "all granted"; |
62 |
$pass = 1; |
63 |
$satisfy = 'any'; |
64 |
+ $satisfy24begin = "<RequireAny>"; |
65 |
+ $satisfy24end = "</RequireAny>"; |
66 |
$davreaders = "Require user $readers"; |
67 |
} |
68 |
else { |
69 |
@@ -99,6 +119,7 @@ |
70 |
} |
71 |
} |
72 |
$davwallow = $allow if ($davwallow eq ''); |
73 |
+ $davwallow24 = $allow24 if ($davwallow24 eq ''); |
74 |
my $allowOverride = $properties{'AllowOverride'} || "None"; |
75 |
my $followSymLinks = $properties{'FollowSymLinks'} || "disabled"; |
76 |
my $indexes = $properties{'Indexes'} || "enabled"; |
77 |
@@ -152,26 +173,41 @@ |
78 |
$OUT .= " DirectoryIndex index.shtml index.htm index.html\n"; |
79 |
$OUT .= " Options +IncludesNOEXEC\n"; |
80 |
$OUT .= " <FilesMatch \"\\.(php|php3|phtml|cgi|pl)\$\">\n"; |
81 |
+ $OUT .= " <IfModule mod_access_compat.c>\n"; |
82 |
$OUT .= " order deny,allow\n"; |
83 |
$OUT .= " Deny from all\n"; |
84 |
+ $OUT .= " </IfModule>\n"; |
85 |
+ $OUT .= " <IfModule !mod_access_compat.c>\n"; |
86 |
+ $OUT .= " Require all denied\n"; |
87 |
+ $OUT .= " </IfModule>\n"; |
88 |
$OUT .= " </FilesMatch>\n"; |
89 |
} |
90 |
|
91 |
$OUT .= " AllowOverride $allowOverride\n"; |
92 |
unless ($webdav){ |
93 |
- $OUT .=<<"HERE"; |
94 |
- order deny,allow |
95 |
- deny from all |
96 |
- allow from $allow |
97 |
-HERE |
98 |
+ $OUT .= " <IfModule mod_access_compat.c>\n"; |
99 |
+ $OUT .= " order deny,allow\n"; |
100 |
+ $OUT .= " deny from all\n"; |
101 |
+ $OUT .= " allow from $allow\n"; |
102 |
+ $OUT .= " </IfModule>\n"; |
103 |
+ $OUT .= " <IfModule !mod_access_compat.c>\n"; |
104 |
+ $OUT .= " $satisfy24begin\n"; |
105 |
+ $OUT .= " require user $readers\n" if ($pass); |
106 |
+ $OUT .= " Require $allow24\n"; |
107 |
+ $OUT .= " $satisfy24end\n"; |
108 |
+ $OUT .= " </IfModule>\n"; |
109 |
} |
110 |
if ($pass || $webdav) { |
111 |
$OUT .= " AuthName \"$properties{'Name'}\"\n"; |
112 |
$OUT .= " AuthType Basic\n"; |
113 |
$OUT .= " AuthExternal pwauth\n"; |
114 |
$OUT .= " AuthBasicProvider external\n"; |
115 |
- $OUT .= " require user $readers\n" unless ($webdav); |
116 |
- $OUT .= " Satisfy $satisfy\n" unless ($webdav); |
117 |
+ $OUT .= " <IfModule mod_access_compat.c>\n" unless ($webdav); |
118 |
+ $OUT .= " require user $readers\n" unless ($webdav); |
119 |
+ $OUT .= " Satisfy $satisfy\n" unless ($webdav); |
120 |
+ $OUT .= " </IfModule>\n" unless ($webdav); |
121 |
+ |
122 |
+ |
123 |
} |
124 |
# WebDav is enabled only when auth is required |
125 |
if ($webdav) { |
126 |
@@ -180,19 +216,35 @@ |
127 |
Dav on |
128 |
# Read only access |
129 |
<Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT> |
130 |
+ <IfModule mod_access_compat.c> |
131 |
order deny,allow |
132 |
deny from all |
133 |
allow from $allow |
134 |
$davreaders |
135 |
Satisfy $satisfy |
136 |
+ </IfModule> |
137 |
+ <IfModule !mod_access_compat.c> |
138 |
+ $satisfy24begin |
139 |
+ Require $allow24 |
140 |
+ $davreaders |
141 |
+ $satisfy24end |
142 |
+ </IfModule> |
143 |
</Limit> |
144 |
# Write access through webdav always requires authentication |
145 |
<LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT> |
146 |
+ <IfModule mod_access_compat.c> |
147 |
order deny,allow |
148 |
deny from all |
149 |
allow from $davwallow |
150 |
Require user $writers |
151 |
Satisfy all |
152 |
+ </IfModule> |
153 |
+ <IfModule !mod_access_compat.c> |
154 |
+ <RequireAll> |
155 |
+ Require $davwallow |
156 |
+ Require user $writers |
157 |
+ </RequireAll> |
158 |
+ </IfModule> |
159 |
</LimitExcept> |
160 |
|
161 |
HERE |
162 |
@@ -206,8 +258,13 @@ |
163 |
} |
164 |
else { |
165 |
$OUT .= "<DirectoryMatch /home/e-smith/files/shares/$key/files/cgi-bin>\n"; |
166 |
- $OUT .= " order deny,allow\n"; |
167 |
- $OUT .= " Deny from all\n"; |
168 |
+ $OUT .= " <IfModule mod_access_compat.c>\n"; |
169 |
+ $OUT .= " order deny,allow\n"; |
170 |
+ $OUT .= " Deny from all\n"; |
171 |
+ $OUT .= " </IfModule>\n"; |
172 |
+ $OUT .= " <IfModule !mod_access_compat.c>\n"; |
173 |
+ $OUT .= " Require all denied\n"; |
174 |
+ $OUT .= " </IfModule>\n"; |
175 |
$OUT .= "</DirectoryMatch>\n"; |
176 |
} |
177 |
} |
178 |
diff -Nur --no-dereference smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares |
179 |
--- smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2022-08-01 00:04:59.295000000 -0400 |
180 |
+++ smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2022-08-01 00:15:44.054000000 -0400 |
181 |
@@ -13,11 +13,9 @@ |
182 |
my $allow; |
183 |
my $allow24; |
184 |
my $pass; |
185 |
- my $satisfy; |
186 |
my $satisfy24begin; |
187 |
my $satisfy24end; |
188 |
my $davreaders; |
189 |
- my $davwallow = ''; |
190 |
my $davwallow24 = ''; |
191 |
my $webdav = (($properties{'WebDav'} || 'disabled') =~ m/^(enabled|on|yes)$/i) ? 1 : 0; |
192 |
|
193 |
@@ -68,48 +66,37 @@ |
194 |
|
195 |
if ($properties{'httpAccess'}) { |
196 |
if ($properties{'httpAccess'} eq 'local') { |
197 |
- $allow = "$localAccess $externalSSLAccess"; |
198 |
$allow24 = "ip $localAccess $externalSSLAccess"; |
199 |
$pass = 0; |
200 |
- $satisfy = 'all'; |
201 |
$satisfy24begin = "<RequireAll>"; |
202 |
$satisfy24end = "</RequireAll>"; |
203 |
$davreaders = ''; |
204 |
} |
205 |
elsif ($properties{'httpAccess'} eq 'local-pw') { |
206 |
- $allow = "$localAccess $externalSSLAccess"; |
207 |
$allow24 = "ip $localAccess $externalSSLAccess"; |
208 |
$pass = 1; |
209 |
- $satisfy = 'all'; |
210 |
$satisfy24begin = "<RequireAll>"; |
211 |
$satisfy24end = "</RequireAll>"; |
212 |
$davreaders = "Require user $readers"; |
213 |
} |
214 |
elsif ($properties{'httpAccess'} eq 'global') { |
215 |
- $allow = 'all'; |
216 |
$allow24 = "all granted"; |
217 |
$pass = 0; |
218 |
- $satisfy = 'all'; |
219 |
$satisfy24begin = "<RequireAll>"; |
220 |
$satisfy24end = "</RequireAll>"; |
221 |
$davreaders = ''; |
222 |
} |
223 |
elsif ($properties{'httpAccess'} eq 'global-pw') { |
224 |
- $allow = 'all'; |
225 |
$allow24 = "all granted"; |
226 |
$pass = 1; |
227 |
- $satisfy = 'all'; |
228 |
$satisfy24begin = "<RequireAll>"; |
229 |
$satisfy24end = "</RequireAll>"; |
230 |
$davreaders = "Require user $readers"; |
231 |
} |
232 |
elsif ($properties{'httpAccess'} eq 'global-pw-remote') { |
233 |
- $allow = "$localAccess $externalSSLAccess"; |
234 |
$allow24 = "ip $localAccess $externalSSLAccess"; |
235 |
- $davwallow = 'all'; |
236 |
$davwallow24 = "all granted"; |
237 |
$pass = 1; |
238 |
- $satisfy = 'any'; |
239 |
$satisfy24begin = "<RequireAny>"; |
240 |
$satisfy24end = "</RequireAny>"; |
241 |
$davreaders = "Require user $readers"; |
242 |
@@ -118,7 +105,6 @@ |
243 |
next; |
244 |
} |
245 |
} |
246 |
- $davwallow = $allow if ($davwallow eq ''); |
247 |
$davwallow24 = $allow24 if ($davwallow24 eq ''); |
248 |
my $allowOverride = $properties{'AllowOverride'} || "None"; |
249 |
my $followSymLinks = $properties{'FollowSymLinks'} || "disabled"; |
250 |
@@ -173,41 +159,22 @@ |
251 |
$OUT .= " DirectoryIndex index.shtml index.htm index.html\n"; |
252 |
$OUT .= " Options +IncludesNOEXEC\n"; |
253 |
$OUT .= " <FilesMatch \"\\.(php|php3|phtml|cgi|pl)\$\">\n"; |
254 |
- $OUT .= " <IfModule mod_access_compat.c>\n"; |
255 |
- $OUT .= " order deny,allow\n"; |
256 |
- $OUT .= " Deny from all\n"; |
257 |
- $OUT .= " </IfModule>\n"; |
258 |
- $OUT .= " <IfModule !mod_access_compat.c>\n"; |
259 |
- $OUT .= " Require all denied\n"; |
260 |
- $OUT .= " </IfModule>\n"; |
261 |
+ $OUT .= " Require all denied\n"; |
262 |
$OUT .= " </FilesMatch>\n"; |
263 |
} |
264 |
|
265 |
$OUT .= " AllowOverride $allowOverride\n"; |
266 |
unless ($webdav){ |
267 |
- $OUT .= " <IfModule mod_access_compat.c>\n"; |
268 |
- $OUT .= " order deny,allow\n"; |
269 |
- $OUT .= " deny from all\n"; |
270 |
- $OUT .= " allow from $allow\n"; |
271 |
- $OUT .= " </IfModule>\n"; |
272 |
- $OUT .= " <IfModule !mod_access_compat.c>\n"; |
273 |
$OUT .= " $satisfy24begin\n"; |
274 |
$OUT .= " require user $readers\n" if ($pass); |
275 |
$OUT .= " Require $allow24\n"; |
276 |
$OUT .= " $satisfy24end\n"; |
277 |
- $OUT .= " </IfModule>\n"; |
278 |
} |
279 |
if ($pass || $webdav) { |
280 |
$OUT .= " AuthName \"$properties{'Name'}\"\n"; |
281 |
$OUT .= " AuthType Basic\n"; |
282 |
$OUT .= " AuthExternal pwauth\n"; |
283 |
$OUT .= " AuthBasicProvider external\n"; |
284 |
- $OUT .= " <IfModule mod_access_compat.c>\n" unless ($webdav); |
285 |
- $OUT .= " require user $readers\n" unless ($webdav); |
286 |
- $OUT .= " Satisfy $satisfy\n" unless ($webdav); |
287 |
- $OUT .= " </IfModule>\n" unless ($webdav); |
288 |
- |
289 |
- |
290 |
} |
291 |
# WebDav is enabled only when auth is required |
292 |
if ($webdav) { |
293 |
@@ -216,35 +183,17 @@ |
294 |
Dav on |
295 |
# Read only access |
296 |
<Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT> |
297 |
- <IfModule mod_access_compat.c> |
298 |
- order deny,allow |
299 |
- deny from all |
300 |
- allow from $allow |
301 |
- $davreaders |
302 |
- Satisfy $satisfy |
303 |
- </IfModule> |
304 |
- <IfModule !mod_access_compat.c> |
305 |
$satisfy24begin |
306 |
Require $allow24 |
307 |
$davreaders |
308 |
$satisfy24end |
309 |
- </IfModule> |
310 |
</Limit> |
311 |
# Write access through webdav always requires authentication |
312 |
<LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT> |
313 |
- <IfModule mod_access_compat.c> |
314 |
- order deny,allow |
315 |
- deny from all |
316 |
- allow from $davwallow |
317 |
- Require user $writers |
318 |
- Satisfy all |
319 |
- </IfModule> |
320 |
- <IfModule !mod_access_compat.c> |
321 |
<RequireAll> |
322 |
- Require $davwallow |
323 |
+ Require $davwallow24 |
324 |
Require user $writers |
325 |
</RequireAll> |
326 |
- </IfModule> |
327 |
</LimitExcept> |
328 |
|
329 |
HERE |
330 |
@@ -258,13 +207,7 @@ |
331 |
} |
332 |
else { |
333 |
$OUT .= "<DirectoryMatch /home/e-smith/files/shares/$key/files/cgi-bin>\n"; |
334 |
- $OUT .= " <IfModule mod_access_compat.c>\n"; |
335 |
- $OUT .= " order deny,allow\n"; |
336 |
- $OUT .= " Deny from all\n"; |
337 |
- $OUT .= " </IfModule>\n"; |
338 |
- $OUT .= " <IfModule !mod_access_compat.c>\n"; |
339 |
- $OUT .= " Require all denied\n"; |
340 |
- $OUT .= " </IfModule>\n"; |
341 |
+ $OUT .= " Require all denied\n"; |
342 |
$OUT .= "</DirectoryMatch>\n"; |
343 |
} |
344 |
} |