michael/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2026-02-03 14:13:29 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
24,451 Commits 45 Branches 88 Tags
dev/check-https-redirect-later
Commit Graph

407 Commits

Author SHA1 Message Date
Ilia Ross
d694649872 Fix to safely get user hostname from URL 2025-10-03 03:19:54 +03:00
Ilia Ross
991795c296 Fix to redirect to HTTPS when we get the host from the browser URL 2025-10-02 15:52:14 +03:00
Ilia Ross
fc4e2751dc Fix broken redirect when there is no way to get FQDN 
*Note: "$host = &get_socket_name(SOCK, $ipv6fhs{$s});" won't return FQDN if it can't be resolved (or if it isn't in /etc/hosts), breaking some redirects, most likely proxied ones that aren't using HTTPS in its config.
 2025-10-01 01:03:45 +03:00
Jamie Cameron
388f51843f Merge pull request #2558 from webmin/dev/remove-bottleneck-of-shelling-out 
Fix to remove significant bottleneck of shelling out
 2025-09-25 20:28:21 -07:00
Ilia Ross
a027ad5dd6 Fix variable names to avoid ambiguity 
* Note: Discussed here:
https://github.com/webmin/webmin/pull/2553#issuecomment-3328436525
 2025-09-25 15:23:06 +03:00
Ilia Ross
d99a24b045 Fix to remove significant bottleneck of shelling out 2025-09-25 14:48:14 +03:00
Jamie Cameron
d5a22a592f Cache reads of the same cert file 2025-09-23 17:10:55 -07:00
Jamie Cameron
890a4ffd3f Valid http host header against cert name, as it may be different from the SSL hostname 2025-09-23 17:05:32 -07:00
Jamie Cameron
eb02824bfc Detect if SSL hostname is valid for the cert being used, and pass it to an environment variable 2025-09-22 21:13:46 -07:00
Ilia Ross
6191a222ae Revert "Fix to make sure the mail URL uses a well-known host name" 
This reverts commit e88a77d32a.
 2025-09-23 02:22:17 +03:00
Ilia Ross
2ac82016aa Revert "Perfect previous code" 
This reverts commit 8f987d21a9.
 2025-09-23 02:22:06 +03:00
Ilia Ross
8f987d21a9 Perfect previous code 2025-09-21 22:54:25 +03:00
Ilia Ross
e88a77d32a Fix to make sure the mail URL uses a well-known host name 2025-09-21 21:47:12 +03:00
Ilia Ross
6935174133 Fix to consider it a bad request only if there is one 2025-07-13 17:43:47 +03:00
Jamie Cameron
0a0ad2f119 Only update session time when there is actually websockets traffic 
https://github.com/webmin/webmin/pull/2510
 2025-07-10 04:31:36 -07:00
Jamie Cameron
0f721a17ae Merge pull request #1718 from tgurr/sslrenegotiation 
Disable SSL/TLS renegotiation
 2025-07-07 17:20:37 +10:00
Ilia Ross
f353ae31d8 Fix typos 2025-07-06 20:44:35 +03:00
Ilia Ross
6b75672534 Add ability to enforce SSL by default 2025-07-06 20:02:34 +03:00
Jamie Cameron
f1e96e3097 Re-open the debug and error logs if cleared periodically 2025-07-03 15:11:10 -07:00
Jamie Cameron
af07c6c9d9 The notimeout flag is never set 2025-07-02 16:21:11 -07:00
Jamie Cameron
740f5b9d49 delete support for the webmin_notimeout param, which as far as I can tell is never used 2025-07-02 15:10:19 -07:00
Ilia Ross
56b62346b4 Fix not to use SSL unless clients wants it explicitly 2025-06-29 01:04:30 +03:00
Ilia Ross
a223243db4 Fix comment for clarity 2025-06-27 04:01:15 +03:00
Ilia Ross
b59bdc4f1a Fix latest SSLeay support for redirects to SSL work 2025-06-27 03:57:06 +03:00
Ilia Ross
d428f4d4c1 Fix comment 
49ceeebbf8 (commitcomment-160355697)
 2025-06-22 01:02:51 +03:00
Ilia Ross
49ceeebbf8 Add ability to redirect to enforced host 2025-06-17 20:28:49 +03:00
Jamie Cameron
693f3c792e Allow sessions to have a max lifetime 2025-05-19 22:18:33 -07:00
Jamie Cameron
1f33234db2 Differentiate temporary session IDs for single-use logins from real sessions 2025-05-19 21:55:56 -07:00
Ilia Ross
ff4e0ae386 Fix to split lines up 
https://github.com/webmin/webmin/pull/2462#pullrequestreview-2797791341
 2025-04-28 03:33:52 +03:00
Ilia Ross
19bfe18e0f Add ability to make authentication in two steps 2025-04-28 00:55:59 +03:00
Ilia Ross
b48f6d3406 Fix to drop obsolete code 2025-04-28 00:51:04 +03:00
Jamie Cameron
d9dbcd9746 More work on forgotten password support 2025-04-14 22:44:55 -07:00
Jamie Cameron
18a4c86e2f Work on forgotten password page 2025-04-12 11:00:30 -07:00
Jamie Cameron
a768e731cf Allow anonymous access to the forgotten password CGIs 2025-04-11 22:25:17 -07:00
Jamie Cameron
4c1b063654 Keep old config options for proxy trust 2025-02-13 20:44:54 -08:00
Ilia Ross
1696eb4e48 Add better way to handle trust level for proxy headers option 2025-02-14 01:43:27 +02:00
Jamie Cameron
efae1cf754 Add UI option to control if SSL client cert is trusted 2024-12-17 21:45:00 -08:00
Jamie Cameron
80e99b7b25 Don't use error handler that doesn't exist 2024-11-21 20:37:56 -08:00
Jamie Cameron
7cd747d82f Stop trusting remote client IP address for logging unless it's enabled 2024-09-15 19:24:32 -07:00
Jamie Cameron
f8ce246b37 If there is a password change CGI setup, rate limit how often it can be called to prevent brute-force guessing attacks 2024-08-23 21:36:34 -07:00
Ilia Ross
a721f60f9c Fix to allow service-worker.js in unauth [build] 2024-07-20 15:57:40 +03:00
Jamie Cameron
9817085c70 Delete PID file on shutdown 2024-05-29 13:22:47 -07:00
Ilia Ross
2641985b98 Fix typo 2024-05-20 19:06:18 +03:00
Ilia Ross
736e514766 Fix to always use log function 2024-05-20 18:48:44 +03:00
Jamie Cameron
35e9f0a01d Limit UDP replies to 1 every 5 seconds per IP 2024-05-11 15:20:19 -07:00
Jamie Cameron
c4c2c5c38e Add a 10 second timeout to handle the case where a client connects but doesn't start a valid SSL session 2023-10-09 22:55:18 -07:00
Jamie Cameron
bbe7e78516 Log timeout to wait for 2023-10-09 21:59:50 -07:00
Jamie Cameron
3d482d2bf5 Support CF-Connecting-IPv6 header 2023-08-22 18:46:43 -07:00
Jamie Cameron
31af9f996c Also support CF-Connecting-IP https://github.com/webmin/webmin/issues/1956 2023-08-21 10:04:16 -07:00
Jamie Cameron
fd06605f51 Add support for True-Client-IP header as used by Cloudflare https://github.com/webmin/webmin/issues/1956 2023-08-20 21:22:08 -07:00