also force TLS when requiring user authentication in WebUI
Commit Message
Force TLS _and_ a valid login when accessing protected directories.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
---
Comments
Same here:
[root@rice-oxley ipfire-2.x]# pwclient git-am -s 1451
Applying patch #1451 using 'git am -s'
Description: also force TLS when requiring user authentication in WebUI
Applying: also force TLS when requiring user authentication in WebUI
error: corrupt patch at line 36
Patch failed at 0001 also force TLS when requiring user authentication in WebUI
The copy of the patch that failed is found in: .git/rebase-apply/patch
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".
'git am' failed with exit status 128
On Tue, 2017-10-10 at 15:39 +0200, Peter Müller wrote:
> Force TLS _and_ a valid login when accessing protected directories.
>
> Signed-off-by: Peter Müller <peter.mueller@link38.eu>
> ---
> diff --git a/config/httpd/vhosts.d/ipfire-interface-ssl.conf
> b/config/httpd/vhosts.d/ipfire-interface-ssl.conf
> index 6f353962e..50e257f16 100644
> --- a/config/httpd/vhosts.d/ipfire-interface-ssl.conf
> +++ b/config/httpd/vhosts.d/ipfire-interface-ssl.conf
> @@ -23,7 +23,10 @@
> AuthName "IPFire - Restricted"
> AuthType Basic
> AuthUserFile /var/ipfire/auth/users
> - Require user admin
> + <RequireAll>
> + Require user admin
> + Require ssl
> + </RequireAll>
> </DirectoryMatch>
> ScriptAlias /cgi-bin/ /srv/web/ipfire/cgi-bin/
> <Directory /srv/web/ipfire/cgi-bin>
> @@ -32,24 +35,16 @@
> AuthName "IPFire - Restricted"
> AuthType Basic
> AuthUserFile /var/ipfire/auth/users
> - Require user admin
> - <Files chpasswd.cgi>
> + <RequireAll>
> + Require user admin
> + Require ssl
> + </RequireAll>
> + <Files chpasswd.cgi>
> Require all granted
> </Files>
> <Files webaccess.cgi>
> Require all granted
> </Files>
> </Directory>
> <Files ~ "\.(cgi|shtml?)$">
> SSLOptions +StdEnvVars
> @@ -85,6 +80,9 @@
> AuthName "IPFire - Restricted"
> AuthType Basic
> AuthUserFile /var/ipfire/auth/users
> - Require user admin
> + <RequireAll>
> + Require user admin
> + Require ssl
> + </RequireAll>
> </Directory>
> </VirtualHost>
@@ -23,7 +23,10 @@
AuthName "IPFire - Restricted"
AuthType Basic
AuthUserFile /var/ipfire/auth/users
- Require user admin
+ <RequireAll>
+ Require user admin
+ Require ssl
+ </RequireAll>
</DirectoryMatch>
ScriptAlias /cgi-bin/ /srv/web/ipfire/cgi-bin/
<Directory /srv/web/ipfire/cgi-bin>
@@ -32,24 +35,16 @@
AuthName "IPFire - Restricted"
AuthType Basic
AuthUserFile /var/ipfire/auth/users
- Require user admin
- <Files chpasswd.cgi>
+ <RequireAll>
+ Require user admin
+ Require ssl
+ </RequireAll>
+ <Files chpasswd.cgi>
Require all granted
</Files>
<Files webaccess.cgi>
Require all granted
</Files>
</Directory>
<Files ~ "\.(cgi|shtml?)$">
SSLOptions +StdEnvVars
@@ -85,6 +80,9 @@
AuthName "IPFire - Restricted"
AuthType Basic
AuthUserFile /var/ipfire/auth/users
- Require user admin
+ <RequireAll>
+ Require user admin
+ Require ssl
+ </RequireAll>
</Directory>
</VirtualHost>