Jamie Cameron
|
615d2a0255
|
Add extra protection against shelllshock, but blocking headers that look like shell functions
|
2014-09-29 10:32:57 -07:00 |
|
Jamie Cameron
|
48260ea268
|
Use remote IP for all authentication if trusted https://github.com/webmin/webmin/issues/168
|
2014-09-01 15:12:34 -07:00 |
|
Jamie Cameron
|
b544e9fe5c
|
Add forgotted directory close
|
2014-08-20 23:02:01 -07:00 |
|
Jamie Cameron
|
10723c36da
|
Undo passthrough for link.cgi as it doesn't work and may be unsafe
|
2014-06-28 17:53:10 -07:00 |
|
Jamie Cameron
|
39c21f7429
|
Fixes need to allow access to file.jar with correct cookie http://sourceforge.net/p/webadmin/bugs/4437/
|
2014-06-28 17:49:34 -07:00 |
|
Jamie Cameron
|
7514112784
|
Remove empty block
|
2014-05-23 16:00:32 -07:00 |
|
Jamie Cameron
|
e99250fb68
|
Don't use text function in miniserv.pl http://virtualmin.com/node/33257
|
2014-05-22 09:44:50 -07:00 |
|
Jamie Cameron
|
fad4bc9fde
|
Fix twofactor validation for sudo capable users http://sourceforge.net/p/webadmin/bugs/4406/
|
2014-05-20 21:43:30 -07:00 |
|
Jamie Cameron
|
43a7f6f809
|
Sometimes there is no space before a cookie http://virtualmin.com/node/33174
|
2014-05-19 21:22:24 -07:00 |
|
Jamie Cameron
|
cc935c6883
|
Deny cookies to javascript
|
2014-05-14 16:53:04 -07:00 |
|
Jamie Cameron
|
f3613ed051
|
Handle missing SOMAXCONN
|
2014-03-25 18:54:27 -07:00 |
|
Jamie Cameron
|
41240a21e0
|
Use 'Document follows' instead of 'Bad request' for SSL redirect suggestion, as apparently this breaks some proxies https://sourceforge.net/p/webadmin/bugs/4362/
|
2014-01-25 10:30:31 -08:00 |
|
Jamie Cameron
|
5de6687c9a
|
Add new sudo output format
|
2014-01-20 17:44:36 -08:00 |
|
Jamie Cameron
|
2969f2f207
|
Add option to trust remote IP from proxy
|
2014-01-17 09:28:21 -08:00 |
|
Jamie Cameron
|
0f4d806930
|
Completed IPv6 network matching
|
2013-11-03 13:33:58 -08:00 |
|
Jamie Cameron
|
d79c017faf
|
Match IPv6 address exactly in access control
|
2013-11-03 12:54:57 -08:00 |
|
Jamie Cameron
|
b178d99667
|
two-factor is incompatible with http auth:
|
2013-10-06 11:47:02 -07:00 |
|
Jamie Cameron
|
4ec798e1bc
|
More work on two-factor support, including new API for provider UI
|
2013-09-29 12:25:20 -07:00 |
|
Jamie Cameron
|
7b95e948a3
|
Two-factor disenroll button, other fixes for authy support
|
2013-09-28 11:42:58 -07:00 |
|
Jamie Cameron
|
caaff31794
|
Two-factor integration with miniserv
|
2013-09-27 17:02:30 -07:00 |
|
Jamie Cameron
|
567b881709
|
Fix syntax for setting SSL no compression https://sourceforge.net/p/webadmin/bugs/4249/
|
2013-06-05 14:30:28 -07:00 |
|
Jamie Cameron
|
391da09d1e
|
Log remote IP to syslog https://sourceforge.net/tracker/?func=detail&atid=117457&aid=3606188&group_id=17457
|
2013-02-27 11:52:35 -08:00 |
|
Jamie Cameron
|
0f8ad77f44
|
Add cache-control header
|
2013-02-18 09:09:34 -08:00 |
|
Jamie Cameron
|
3716799d41
|
Add option for server-defined SSL cipher order
|
2013-02-09 18:26:10 -08:00 |
|
Jamie Cameron
|
352cad94f4
|
Close sockets for webmincron processes, to prevent restart fails
|
2013-01-27 16:33:27 -08:00 |
|
Jamie Cameron
|
c8f1e8afdb
|
Add debugging lines
|
2013-01-12 14:37:45 -08:00 |
|
Jamie Cameron
|
cc7e11d0a3
|
Add option to disable SSL compression
|
2013-01-08 15:03:01 -08:00 |
|
Jamie Cameron
|
16abebcb74
|
Max line length of only 10k? This is 2012
|
2012-12-06 10:51:45 -08:00 |
|
Jamie Cameron
|
1fd931d339
|
Escape URLs in error messages
|
2012-12-06 10:31:04 -08:00 |
|
Jamie Cameron
|
04fc8be9c8
|
Fix per-user allow and deny address lists using IPv6 https://sourceforge.net/tracker/?func=detail&atid=117457&aid=3586380&group_id=17457
|
2012-11-12 10:49:48 -08:00 |
|
Jamie Cameron
|
6984d30516
|
Make message clearer when deleting corrupt session
|
2012-10-08 10:32:27 -07:00 |
|
Jamie Cameron
|
09abf15596
|
Fix IPv6 URL redirects https://sourceforge.net/tracker/?func=detail&atid=117457&aid=3565339&group_id=17457
|
2012-09-06 15:55:51 -07:00 |
|
Jamie Cameron
|
6cd12da434
|
Minutes can be zero https://sourceforge.net/tracker/?func=detail&atid=117457&aid=3545092&group_id=17457
|
2012-07-17 16:44:29 -07:00 |
|
Jamie Cameron
|
456345dab5
|
Log real client IP for proxied requests
|
2012-07-12 22:30:08 -07:00 |
|
Jamie Cameron
|
c3d71ffaff
|
Option to sync time at boot
|
2012-06-28 17:47:41 -07:00 |
|
Jamie Cameron
|
5751a71a39
|
SSL client callback function has been renamed https://sourceforge.net/tracker/index.php?func=detail&aid=3526687&group_id=17457&atid=117457#
|
2012-05-15 22:15:12 -07:00 |
|
Jamie Cameron
|
0b22adb515
|
Stop calling pam_end unless a config option to enable it is explictly set, as this causes crashes on CentOS 5 https://www.virtualmin.com/node/21963
|
2012-04-28 10:03:00 -07:00 |
|
Jamie Cameron
|
491978ce11
|
Move close of stdin down to just before we re-open it, to prevent use by LDAP NSS client code
|
2012-04-10 15:03:21 -07:00 |
|
Jamie Cameron
|
3e992328af
|
Call pam_end properly https://sourceforge.net/tracker/?func=detail&atid=117457&aid=3498407&group_id=17457
|
2012-03-07 09:34:53 -08:00 |
|
Jamie Cameron
|
41a03c07d8
|
Better check that MD5 module actually works https://sourceforge.net/tracker/index.php?func=detail&aid=3490132&group_id=17457&atid=117457#
|
2012-02-22 22:22:36 -08:00 |
|
Jamie Cameron
|
839a550bd2
|
Fix PAM constants https://sourceforge.net/tracker/?func=detail&atid=117457&aid=3482979&group_id=17457
|
2012-02-01 21:43:44 -08:00 |
|
Jamie Cameron
|
9eade50932
|
Set username environment variable when sudoing
|
2011-12-12 22:14:31 -08:00 |
|
TJ
|
d07c64dd7d
|
19961: IP Access control should accept IPv4 ranges
|
2011-10-25 15:24:36 +01:00 |
|
Jamie Cameron
|
42a626bbc3
|
https://sourceforge.net/tracker/?func=detail&atid=117457&aid=3398912&group_id=17457
Include all groups when running sudo
|
2011-08-29 16:45:47 -07:00 |
|
Jamie Cameron
|
fb963cace1
|
Add charset to error messages
|
2011-08-17 15:14:15 -07:00 |
|
Jamie Cameron
|
9fd08c6ec4
|
Android tablets don't need mobile theme
|
2011-07-28 12:11:49 -07:00 |
|
Jamie Cameron
|
69f1bb1906
|
Fix validation errors
https://www.virtualmin.com/node/18939
|
2011-07-24 17:09:48 -07:00 |
|
Jamie Cameron
|
38cc46aa58
|
Explicitly reject CONNECT requests
|
2011-07-20 22:19:14 -07:00 |
|
Jamie Cameron
|
8177212b75
|
Add timeout to post-login script
|
2011-07-06 16:22:07 -07:00 |
|
Jamie Cameron
|
e926425cfb
|
Close main socket before SSL init, to prevent hangs (I hope)
|
2011-06-28 00:07:23 -04:00 |
|