/[smeserver]/rpms/e-smith-manager/sme9/e-smith-manager-2.4.0-access_sm_from_console_over_plain.patch
ViewVC logotype

Contents of /rpms/e-smith-manager/sme9/e-smith-manager-2.4.0-access_sm_from_console_over_plain.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (show annotations) (download)
Wed Jan 6 15:05:33 2016 UTC (8 years, 4 months ago) by vip-ire
Branch: MAIN
CVS Tags: e-smith-manager-2_6_0-23_el6_sme, e-smith-manager-2_6_0-9_el6_sme, e-smith-manager-2_6_0-11_el6_sme, e-smith-manager-2_6_0-19_el6_sme, e-smith-manager-2_6_0-2_el6_sme, e-smith-manager-2_6_0-25_el6_sme, e-smith-manager-2_6_0-22_el6_sme, e-smith-manager-2_6_0-21_el6_sme, e-smith-manager-2_6_0-24_el6_sme, e-smith-manager-2_6_0-3_el6_sme, e-smith-manager-2_6_0-12_el6_sme, e-smith-manager-2_6_0-13_el6_sme, e-smith-manager-2_6_0-10_el6_sme, e-smith-manager-2_6_0-4_el6_sme, e-smith-manager-2_6_0-17_el6_sme, e-smith-manager-2_6_0-20_el6_sme, e-smith-manager-2_6_0-5_el6_sme, e-smith-manager-2_6_0-8_el6_sme, e-smith-manager-2_6_0-6_el6_sme, e-smith-manager-2_6_0-15_el6_sme, e-smith-manager-2_6_0-18_el6_sme, e-smith-manager-2_6_0-14_el6_sme, e-smith-manager-2_6_0-7_el6_sme, e-smith-manager-2_6_0-16_el6_sme, HEAD 
* Wed Jan 6 2015 Daniel Berteaud <daniel@firewall-services.com> 2.6.0-2.sme
- Allow access to the server-manager without SSL from the loopback
  [SME: 9163]
1 diff -Nur e-smith-manager-2.4.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass e-smith-manager-2.4.0_bz9163/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass
2 --- e-smith-manager-2.4.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass 2007-01-27 02:51:30.000000000 +0100
3 +++ e-smith-manager-2.4.0_bz9163/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass 2016-01-06 16:00:49.100684723 +0100
4 @@ -3,22 +3,28 @@
5
6 $haveSSL = (exists ${modSSL}{status} and ${modSSL}{status} eq "enabled") ? 'yes' : 'no';
7 $plainTextAccess = ${'httpd-admin'}{PermitPlainTextAccess} || 'no';
8 + $plainPort = ${'httpd-e-smith'}{TCPPort} || '80';
9 + $sslPort = ${modSSL}{TCPPort} || '443';
10
11 $OUT = '';
12 foreach $place ('server-manager','server-common','user-password')
13 {
14 - if (($port eq "80") && ($haveSSL eq 'yes') && ($plainTextAccess ne 'yes'))
15 + if (($port eq $plainPort) && ($haveSSL eq 'yes') && ($plainTextAccess ne 'yes'))
16 {
17 + $OUT .= ' RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1$' . "\n";
18 $OUT .= " RewriteRule ^/$place(/.*|\$) https://%{HTTP_HOST}/$place\$1 [L,R]\n";
19 - } else {
20 - $OUT .= " ProxyPass /$place http://127.0.0.1:${'httpd-admin'}{TCPPort}/$place\n";
21 - $OUT .= " ProxyPassReverse /$place http://127.0.0.1:${'httpd-admin'}{TCPPort}/$place\n";
22 }
23 + $OUT .= " ProxyPass /$place http://127.0.0.1:${'httpd-admin'}{TCPPort}/$place\n";
24 + $OUT .= " ProxyPassReverse /$place http://127.0.0.1:${'httpd-admin'}{TCPPort}/$place\n";
25
26 $OUT .= " <Location /$place>\n";
27 $OUT .= " order deny,allow\n";
28 $OUT .= " deny from all\n";
29 - if (($haveSSL eq 'yes') && (($port eq "443") || ($plainTextAccess ne 'yes')))
30 + if ($port eq $plainPort)
31 + {
32 + $OUT .= ' allow from 127.0.0.1' . "\n";
33 + }
34 + elsif (($haveSSL eq 'yes') && (($port eq $sslPort) || ($plainTextAccess ne 'yes')))
35 {
36 $OUT .= " allow from $localAccess $externalSSLAccess\n";
37 } else {
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed