michael/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2026-03-15 14:52:43 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
18,889 Commits 46 Branches 88 Tags
d1d79c1914ea28644a9863d0d13e06e2bec391ef
Commit Graph

250 Commits

Author SHA1 Message Date
Jamie Cameron
645daaf0cd Needed to show error messages properly in non-SSL mode 2020-06-30 15:02:29 -07:00
Jamie Cameron
f35a49bac8 Hack to handle the case where unicode characters slip through and need to be converted to multi-bytes before printing 2020-06-28 16:54:49 -07:00
Jamie Cameron
ca95ef28ef Remove useless delay to support IE6 2020-06-28 13:10:15 -07:00
Jamie Cameron
bd398649bf Undo recent encoding fixes, add stack trace on failed syswrite 2020-06-27 11:11:01 -07:00
Ilia Rostovtsev
65c2a0f0fb Revert "Decode string in :utf8 binmode, to avoid output desruption" 
This reverts commit e712efb31f.
 2020-06-27 21:07:59 +03:00
Ilia Rostovtsev
e712efb31f Decode string in :utf8 binmode, to avoid output desruption (double-encoding) https://github.com/webmin/webmin/issues/1252 2020-06-27 20:55:21 +03:00
Jamie Cameron
c783eca0a2 UTF-8 mode needs to be enabled, but only when not using SSL 2020-06-27 10:11:08 -07:00
Jamie Cameron
34e63a029f ALways load the ipv6 module https://sourceforge.net/p/webadmin/bugs/5379/ 2020-06-10 20:13:18 -07:00
Jamie Cameron
2807def400 SID is always 32 bytes long 2020-05-25 14:46:10 -07:00
Jamie Cameron
9d7d13b4d9 Drop noisy preload messages 2020-05-22 19:03:39 -07:00
Ilia Rostovtsev
b28a26f1b6 Trim username to remove leading and trailing spaces 
It may be annoying to see this error message if username copy/paste from somewhere and contains unexpected spaces
 2020-05-03 14:02:17 +03:00
Ilia Rostovtsev
938738112e Fix indent 2020-04-06 13:48:21 +03:00
Ilia Rostovtsev
6de435f4b4 Process full request string like POST /stats.cgi?a=1 HTTP/1.1 as well 2020-04-06 13:46:40 +03:00
Ilia Rostovtsev
fa4559cba8 Add better alternative randomness and check for hex stricter 2020-03-20 14:38:18 +03:00
Ilia Rostovtsev
bb55a1025e Fix to get better 'sid' for users with no /dev/urandom 2020-03-19 14:47:29 +03:00
Ilia Rostovtsev
adb4ad1797 Language Transform: Switch to using utf-8 only, drop all convert scripts 2020-02-28 01:17:50 +03:00
Jamie Cameron
ccf75a57e0 In a restart where the process execs itself, the PID file will contain own PID 2020-02-04 22:07:55 -08:00
Ilia Rostovtsev
18a112075d Don't print location info 2020-01-27 00:32:43 +03:00
Jamie Cameron
17cea77c86 Fail fast if PID is already running 2020-01-26 10:34:12 -08:00
Jamie Cameron
b95e63a5b4 Refactor code that builds redirect URLs, and make it customizable 2019-12-13 13:43:42 -08:00
Jamie Cameron
1feaa18d99 Prevent a malicious request from including an XSS in the x-forwarded-for header 2019-08-10 16:16:01 -07:00
Jamie Cameron
d8898a4d89 Turns out that an unbuffered read actually is necessary when reading from a pipe 2019-02-10 21:03:48 -08:00
Jamie Cameron
808ac0cc75 Increase buffer size for reading files 2019-01-23 08:53:34 -08:00
Jamie Cameron
80a633d722 Crons that run only at boot are valid 2018-12-21 23:34:52 -08:00
Jamie Cameron
8021c36859 Ignore sessions that no longer really exist 2018-11-25 18:02:30 -08:00
Jamie Cameron
0b2c65561b Use proper function to read a line of input 2018-11-25 17:52:22 -08:00
vsilvar
c084ebc0d4 Re-check remote IP if trusted, fixes #168 
The fix for #168 was not complete, as the last suggested change was never pulled.
This fixes the problem that IP checks are done before $acptip is updated with the remote IP, by re-checking when set.

Another possible fix would be to only check IP's after reading the headers, but imo it is best to deny access as soon as possible.
 2018-11-12 18:12:09 +00:00
Jamie Cameron
c700387e7a Crons that run at boot are OK 2018-09-23 21:38:16 +00:00
Jamie Cameron
2a6cc0ccfe Don't fire perl warning if nolog is not defined https://sourceforge.net/p/webadmin/bugs/5191/ 2018-09-20 05:05:42 +00:00
Jamie Cameron
f747767aa7 Don't drop twofactor user attributes in LDAP / MySQL mode https://sourceforge.net/p/webadmin/bugs/5070 2018-06-05 18:29:27 -07:00
Jamie Cameron
0b490ddbf2 Headers is local to the log function https://www.virtualmin.com/node/5493501 2018-03-20 23:06:22 -07:00
Jamie Cameron
ee0b68a0ac Config option to disable directory listijng https://github.com/webmin/webmin/issues/874 2018-03-19 20:47:53 -07:00
Jamie Cameron
aae5608dd2 Allow fall-through to unix crypt https://github.com/webmin/webmin/issues/811 2018-02-14 21:34:59 -08:00
Jamie Cameron
c651160844 Added support for SHA512 passwords https://github.com/webmin/webmin/issues/798 2018-02-04 14:17:48 -08:00
Jamie Cameron
8e85ae44bc Fix matching of IPv6 networks https://www.virtualmin.com/node/54905 2018-01-09 21:58:33 -08:00
Jamie Cameron
b30868ce16 Fix twofactor support for LDAP webmin users https://sourceforge.net/p/webadmin/bugs/5070/ 2017-12-24 21:59:51 -08:00
Jamie Cameron
1b833bb4c0 add nolog config directive to skip logging for some regexps https://github.com/webmin/webmin/issues/740 2017-12-24 16:06:06 -08:00
Jamie Cameron
626ca4fba6 Remove successful preload error message https://sourceforge.net/p/webadmin/bugs/5069/ 2017-12-20 15:55:05 -08:00
Jamie Cameron
aa26b75677 IPv6 network size is a number of bits, and so must only be divisble by 8 2017-12-08 23:29:37 -08:00
yangfl
0f9fb77369 Fix typo 2017-11-08 16:43:37 +08:00
Jamie Cameron
2b9c8f9a2a Gracefully deal with unsupported protocols https://sourceforge.net/p/webadmin/bugs/4780/ 2017-07-16 21:40:25 -07:00
Jamie Cameron
e77e26cded Always update last session time 2017-07-10 21:53:34 -07:00
Amish
2ab4bbbb02 Dont log just first message, log everything. 
Say administrator does not want IPv6 support and hence does not have Socket6 module installed. But wants PAM support but forgot to install Authen::PAM.

Since currently webmin prints just $startup_msg[0] (first message) - it will never print that "Perl module Authen::PAM needed for PAM". It will keep printing that "IPv6 support cannot be enabled". So administrator would never know what is the real error (that he needs to install "Authen::PAM")

This patch logs everything instead of just first line.
 2017-06-29 14:29:01 +05:30
Amish
27c428e613 Log if no_pam and pam_only both are set 
Some old config has no_pam set to 1. Now if administrator enables pam_only too then both are conflicting. Which makes webmin to exit with PAM error. But administrator can not figure out why? This logs additional line so that administrator know the reason.
 2017-06-29 07:39:37 +05:30
Jamie Cameron
640bc8495c IPv6 addresses need [ ] in the URL https://sourceforge.net/p/webadmin/bugs/4949/ 2017-04-27 23:23:14 -07:00
Jamie Cameron
37f0eb519e Detect the browser seen on the galaxy s6 https://www.virtualmin.com/node/51987 2017-04-27 09:04:52 -07:00
Jamie Cameron
036f695e19 Assume all .cgi scripts with #! lines that reference perl are executable internally 2017-04-08 16:51:41 -07:00
Jamie Cameron
80ea8d8b2e Close DH params file to avoid FS leakage 2017-03-26 11:54:37 -07:00
Jamie Cameron
5a19fe2e6c Deal with older Net::SSLeay versions 2017-03-12 18:02:02 -07:00
Jamie Cameron
24cf47dde0 Completed webmin per-domain cert support 2017-03-12 17:42:03 -07:00