diff options
author | Renato Botelho <garga@FreeBSD.org> | 2015-03-11 14:03:29 -0300 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2015-03-11 14:04:38 -0300 |
commit | 8304fb462a0afebd93546af043ce741096a5ee1b (patch) | |
tree | a7bf7cfae14f1737cdbfe78b93ff113595b92b46 /usr | |
parent | 3d50cb09c62cd068ae27c5556616b503f08e279a (diff) | |
download | pfsense-8304fb462a0afebd93546af043ce741096a5ee1b.zip pfsense-8304fb462a0afebd93546af043ce741096a5ee1b.tar.gz |
Remove BEAST protection option since default cipher is now good and works with hifn cards
Diffstat (limited to 'usr')
-rw-r--r-- | usr/local/www/system_advanced_admin.php | 37 |
1 files changed, 0 insertions, 37 deletions
diff --git a/usr/local/www/system_advanced_admin.php b/usr/local/www/system_advanced_admin.php index 11dc981..36eb7a3 100644 --- a/usr/local/www/system_advanced_admin.php +++ b/usr/local/www/system_advanced_admin.php @@ -58,7 +58,6 @@ $pconfig['disableconsolemenu'] = isset($config['system']['disableconsolemenu']); $pconfig['noantilockout'] = isset($config['system']['webgui']['noantilockout']); $pconfig['nodnsrebindcheck'] = isset($config['system']['webgui']['nodnsrebindcheck']); $pconfig['nohttpreferercheck'] = isset($config['system']['webgui']['nohttpreferercheck']); -$pconfig['beast_protection'] = isset($config['system']['webgui']['beast_protection']); $pconfig['pagenamefirst'] = isset($config['system']['webgui']['pagenamefirst']); $pconfig['loginautocomplete'] = isset($config['system']['webgui']['loginautocomplete']); $pconfig['althostnames'] = $config['system']['webgui']['althostnames']; @@ -171,11 +170,6 @@ if ($_POST) { else unset($config['system']['webgui']['nohttpreferercheck']); - if ($_POST['beast_protection'] == "yes") - $config['system']['webgui']['beast_protection'] = true; - else - unset($config['system']['webgui']['beast_protection']); - if ($_POST['pagenamefirst'] == "yes") $config['system']['webgui']['pagenamefirst'] = true; else @@ -257,21 +251,6 @@ if ($_POST) { } } -unset($hwcrypto); -$fd = @fopen("{$g['varlog_path']}/dmesg.boot", "r"); -if ($fd) { - while (!feof($fd)) { - $dmesgl = fgets($fd); - if (preg_match("/^hifn.: (.*?),/", $dmesgl, $matches)) { - unset($pconfig['beast_protection']); - $disable_beast_option = "disabled"; - $hwcrypto = $matches[1]; - break; - } - } - fclose($fd); -} - $pgtitle = array(gettext("System"),gettext("Advanced: Admin Access")); include("head.inc"); @@ -488,22 +467,6 @@ function prot_change() { </td> </tr> <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("BEAST Attack Protection"); ?></td> - <td width="78%" class="vtable"> - <input name="beast_protection" type="checkbox" id="beast_protection" value="yes" <?php if ($pconfig['beast_protection']) echo "checked=\"checked\""; ?> <?= $disable_beast_option ?>/> - <strong><?=gettext("Mitigate the BEAST SSL Attack"); ?></strong> - <br /> - <?php echo gettext("When this is checked, the webConfigurator can mitigate BEAST SSL attacks. ") ?> - <br /> - <?php if ($disable_beast_option) { - echo "<br />" . sprintf(gettext("This option has been automatically disabled because a conflicting cryptographic accelerator card has been detected (%s)."), $hwcrypto) . "<br /><br />"; - } ?> - <?php echo gettext("This option is off by default because Hifn accelerators do NOT work with this option, and the GUI will not function. " . - "It is possible that other accelerators have a similar problem that is not yet known/documented. " . - "More information on BEAST is available from <a target='_blank' href='https://en.wikipedia.org/wiki/Transport_Layer_Security#BEAST_attack'>Wikipedia</a>."); ?> - </td> - </tr> - <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Browser tab text"); ?></td> <td width="78%" class="vtable"> <input name="pagenamefirst" type="checkbox" id="pagenamefirst" value="yes" <?php if ($pconfig['pagenamefirst']) echo "checked=\"checked\""; ?> /> |