michael/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2026-02-07 16:02:14 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
14,203 Commits 45 Branches 88 Tags
604c22513b4fd58a9324da170365df2ea8b93f4f
Commit Graph

235 Commits

Author SHA1 Message Date
Ilia Rostovtsev
adb4ad1797 Language Transform: Switch to using utf-8 only, drop all convert scripts 2020-02-28 01:17:50 +03:00
Jamie Cameron
ccf75a57e0 In a restart where the process execs itself, the PID file will contain own PID 2020-02-04 22:07:55 -08:00
Ilia Rostovtsev
18a112075d Don't print location info 2020-01-27 00:32:43 +03:00
Jamie Cameron
17cea77c86 Fail fast if PID is already running 2020-01-26 10:34:12 -08:00
Jamie Cameron
b95e63a5b4 Refactor code that builds redirect URLs, and make it customizable 2019-12-13 13:43:42 -08:00
Jamie Cameron
1feaa18d99 Prevent a malicious request from including an XSS in the x-forwarded-for header 2019-08-10 16:16:01 -07:00
Jamie Cameron
d8898a4d89 Turns out that an unbuffered read actually is necessary when reading from a pipe 2019-02-10 21:03:48 -08:00
Jamie Cameron
808ac0cc75 Increase buffer size for reading files 2019-01-23 08:53:34 -08:00
Jamie Cameron
80a633d722 Crons that run only at boot are valid 2018-12-21 23:34:52 -08:00
Jamie Cameron
8021c36859 Ignore sessions that no longer really exist 2018-11-25 18:02:30 -08:00
Jamie Cameron
0b2c65561b Use proper function to read a line of input 2018-11-25 17:52:22 -08:00
vsilvar
c084ebc0d4 Re-check remote IP if trusted, fixes #168 
The fix for #168 was not complete, as the last suggested change was never pulled.
This fixes the problem that IP checks are done before $acptip is updated with the remote IP, by re-checking when set.

Another possible fix would be to only check IP's after reading the headers, but imo it is best to deny access as soon as possible.
 2018-11-12 18:12:09 +00:00
Jamie Cameron
c700387e7a Crons that run at boot are OK 2018-09-23 21:38:16 +00:00
Jamie Cameron
2a6cc0ccfe Don't fire perl warning if nolog is not defined https://sourceforge.net/p/webadmin/bugs/5191/ 2018-09-20 05:05:42 +00:00
Jamie Cameron
f747767aa7 Don't drop twofactor user attributes in LDAP / MySQL mode https://sourceforge.net/p/webadmin/bugs/5070 2018-06-05 18:29:27 -07:00
Jamie Cameron
0b490ddbf2 Headers is local to the log function https://www.virtualmin.com/node/5493501 2018-03-20 23:06:22 -07:00
Jamie Cameron
ee0b68a0ac Config option to disable directory listijng https://github.com/webmin/webmin/issues/874 2018-03-19 20:47:53 -07:00
Jamie Cameron
aae5608dd2 Allow fall-through to unix crypt https://github.com/webmin/webmin/issues/811 2018-02-14 21:34:59 -08:00
Jamie Cameron
c651160844 Added support for SHA512 passwords https://github.com/webmin/webmin/issues/798 2018-02-04 14:17:48 -08:00
Jamie Cameron
8e85ae44bc Fix matching of IPv6 networks https://www.virtualmin.com/node/54905 2018-01-09 21:58:33 -08:00
Jamie Cameron
b30868ce16 Fix twofactor support for LDAP webmin users https://sourceforge.net/p/webadmin/bugs/5070/ 2017-12-24 21:59:51 -08:00
Jamie Cameron
1b833bb4c0 add nolog config directive to skip logging for some regexps https://github.com/webmin/webmin/issues/740 2017-12-24 16:06:06 -08:00
Jamie Cameron
626ca4fba6 Remove successful preload error message https://sourceforge.net/p/webadmin/bugs/5069/ 2017-12-20 15:55:05 -08:00
Jamie Cameron
aa26b75677 IPv6 network size is a number of bits, and so must only be divisble by 8 2017-12-08 23:29:37 -08:00
yangfl
0f9fb77369 Fix typo 2017-11-08 16:43:37 +08:00
Jamie Cameron
2b9c8f9a2a Gracefully deal with unsupported protocols https://sourceforge.net/p/webadmin/bugs/4780/ 2017-07-16 21:40:25 -07:00
Jamie Cameron
e77e26cded Always update last session time 2017-07-10 21:53:34 -07:00
Amish
2ab4bbbb02 Dont log just first message, log everything. 
Say administrator does not want IPv6 support and hence does not have Socket6 module installed. But wants PAM support but forgot to install Authen::PAM.

Since currently webmin prints just $startup_msg[0] (first message) - it will never print that "Perl module Authen::PAM needed for PAM". It will keep printing that "IPv6 support cannot be enabled". So administrator would never know what is the real error (that he needs to install "Authen::PAM")

This patch logs everything instead of just first line.
 2017-06-29 14:29:01 +05:30
Amish
27c428e613 Log if no_pam and pam_only both are set 
Some old config has no_pam set to 1. Now if administrator enables pam_only too then both are conflicting. Which makes webmin to exit with PAM error. But administrator can not figure out why? This logs additional line so that administrator know the reason.
 2017-06-29 07:39:37 +05:30
Jamie Cameron
640bc8495c IPv6 addresses need [ ] in the URL https://sourceforge.net/p/webadmin/bugs/4949/ 2017-04-27 23:23:14 -07:00
Jamie Cameron
37f0eb519e Detect the browser seen on the galaxy s6 https://www.virtualmin.com/node/51987 2017-04-27 09:04:52 -07:00
Jamie Cameron
036f695e19 Assume all .cgi scripts with #! lines that reference perl are executable internally 2017-04-08 16:51:41 -07:00
Jamie Cameron
80ea8d8b2e Close DH params file to avoid FS leakage 2017-03-26 11:54:37 -07:00
Jamie Cameron
5a19fe2e6c Deal with older Net::SSLeay versions 2017-03-12 18:02:02 -07:00
Jamie Cameron
24cf47dde0 Completed webmin per-domain cert support 2017-03-12 17:42:03 -07:00
Jamie Cameron
258490b256 Don't log empty sessions 2017-03-11 13:10:43 -08:00
Jamie Cameron
1ff6413c04 Allow : in redirect URL 2017-03-09 17:50:47 -08:00
Jamie Cameron
082c0644d6 Remove message about timeout of logged out user 2017-02-27 19:26:03 -08:00
Jamie Cameron
aec4a83306 Don't try IPv6 resolution if not enabled 2017-01-23 18:48:32 -08:00
Jamie Cameron
ce0da729ee Handle case where getaddrinfo is not available 2017-01-18 15:27:21 -08:00
Jamie Cameron
475cc4fbdf Strip out unsafe HTML from error messages 2016-10-21 15:46:23 -07:00
Jamie Cameron
0bf336d761 Fix PFS support by creating and using DH params file https://github.com/webmin/webmin/issues/413 2016-10-09 21:56:23 -07:00
Jamie Cameron
5881b223b4 inet6 constants are now in the Socket package https://www.virtualmin.com/node/40065 2016-07-24 13:12:25 -07:00
Jamie Cameron
1c9dc7b727 Log failed logins, and display in Webmin Actions Log module 2016-05-30 16:09:51 -07:00
Jamie Cameron
a6b71554c5 Pass all params to login script 2016-05-29 16:00:26 -07:00
Jamie Cameron
1cf689e931 Support interval-based webmincron time specs 2016-01-17 21:04:45 -08:00
Jamie Cameron
650c06300a Fix method of getting username from LDAP object https://sourceforge.net/p/webadmin/bugs/4695/ 2016-01-02 13:19:52 -08:00
Jamie Cameron
2feeabf152 LDAP matches aren't case sensitive http://virtualmin.com/node/38803 2015-12-08 20:50:44 -08:00
Jamie Cameron
7e95339909 Remove noisy debug line 2015-12-02 13:23:27 -08:00
Jamie Cameron
1dbe198aa3 Support config option to limit sessions to the original IP https://github.com/webmin/webmin/issues/244 2015-08-24 21:41:23 -07:00