/[smeserver]/rpms/e-smith-manager/sme9/e-smith-manager-2.4.0-access_sm_from_console_over_plain.patch
ViewVC logotype

Annotation of /rpms/e-smith-manager/sme9/e-smith-manager-2.4.0-access_sm_from_console_over_plain.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (hide annotations) (download)
Wed Jan 6 15:05:33 2016 UTC (8 years, 4 months ago) by vip-ire
Branch: MAIN
CVS Tags: e-smith-manager-2_6_0-23_el6_sme, e-smith-manager-2_6_0-9_el6_sme, e-smith-manager-2_6_0-11_el6_sme, e-smith-manager-2_6_0-19_el6_sme, e-smith-manager-2_6_0-2_el6_sme, e-smith-manager-2_6_0-25_el6_sme, e-smith-manager-2_6_0-22_el6_sme, e-smith-manager-2_6_0-21_el6_sme, e-smith-manager-2_6_0-24_el6_sme, e-smith-manager-2_6_0-3_el6_sme, e-smith-manager-2_6_0-12_el6_sme, e-smith-manager-2_6_0-13_el6_sme, e-smith-manager-2_6_0-10_el6_sme, e-smith-manager-2_6_0-4_el6_sme, e-smith-manager-2_6_0-17_el6_sme, e-smith-manager-2_6_0-20_el6_sme, e-smith-manager-2_6_0-5_el6_sme, e-smith-manager-2_6_0-8_el6_sme, e-smith-manager-2_6_0-6_el6_sme, e-smith-manager-2_6_0-15_el6_sme, e-smith-manager-2_6_0-18_el6_sme, e-smith-manager-2_6_0-14_el6_sme, e-smith-manager-2_6_0-7_el6_sme, e-smith-manager-2_6_0-16_el6_sme, HEAD 
* Wed Jan 6 2015 Daniel Berteaud <daniel@firewall-services.com> 2.6.0-2.sme
- Allow access to the server-manager without SSL from the loopback
  [SME: 9163]
1 vip-ire 1.1 diff -Nur e-smith-manager-2.4.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass e-smith-manager-2.4.0_bz9163/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass
2     --- e-smith-manager-2.4.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass 2007-01-27 02:51:30.000000000 +0100
3     +++ e-smith-manager-2.4.0_bz9163/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass 2016-01-06 16:00:49.100684723 +0100
4     @@ -3,22 +3,28 @@
5    
6     $haveSSL = (exists ${modSSL}{status} and ${modSSL}{status} eq "enabled") ? 'yes' : 'no';
7     $plainTextAccess = ${'httpd-admin'}{PermitPlainTextAccess} || 'no';
8     + $plainPort = ${'httpd-e-smith'}{TCPPort} || '80';
9     + $sslPort = ${modSSL}{TCPPort} || '443';
10    
11     $OUT = '';
12     foreach $place ('server-manager','server-common','user-password')
13     {
14     - if (($port eq "80") && ($haveSSL eq 'yes') && ($plainTextAccess ne 'yes'))
15     + if (($port eq $plainPort) && ($haveSSL eq 'yes') && ($plainTextAccess ne 'yes'))
16     {
17     + $OUT .= ' RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1$' . "\n";
18     $OUT .= " RewriteRule ^/$place(/.*|\$) https://%{HTTP_HOST}/$place\$1 [L,R]\n";
19     - } else {
20     - $OUT .= " ProxyPass /$place http://127.0.0.1:${'httpd-admin'}{TCPPort}/$place\n";
21     - $OUT .= " ProxyPassReverse /$place http://127.0.0.1:${'httpd-admin'}{TCPPort}/$place\n";
22     }
23     + $OUT .= " ProxyPass /$place http://127.0.0.1:${'httpd-admin'}{TCPPort}/$place\n";
24     + $OUT .= " ProxyPassReverse /$place http://127.0.0.1:${'httpd-admin'}{TCPPort}/$place\n";
25    
26     $OUT .= " <Location /$place>\n";
27     $OUT .= " order deny,allow\n";
28     $OUT .= " deny from all\n";
29     - if (($haveSSL eq 'yes') && (($port eq "443") || ($plainTextAccess ne 'yes')))
30     + if ($port eq $plainPort)
31     + {
32     + $OUT .= ' allow from 127.0.0.1' . "\n";
33     + }
34     + elsif (($haveSSL eq 'yes') && (($port eq $sslPort) || ($plainTextAccess ne 'yes')))
35     {
36     $OUT .= " allow from $localAccess $externalSSLAccess\n";
37     } else {
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed