| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | allow 127.0.0.1 and localhost for HTTP_REFERER checks | Chris Buechler | 2011-01-09 | 1 | -0/+4 |
| * | Correct webConfgurator auth/error messages | Scott Ullrich | 2010-12-10 | 1 | -2/+2 |
| * | Add log_auth() which with send items to syslogd using LOG_AUTH facilities. U... | Scott Ullrich | 2010-12-10 | 1 | -3/+2 |
| * | Switches must come after the user name when using pw lock/unlock. | Erik Fonnesbeck | 2010-12-03 | 1 | -1/+1 |
| * | Remove authorized_keys file when there are no authorized keys for the user. | Erik Fonnesbeck | 2010-12-03 | 1 | -1/+2 |
| * | Add successful user for sshlockout | Scott Ullrich | 2010-11-30 | 1 | -1/+1 |
| * | Reword auth error message to match ssh for the most part | Scott Ullrich | 2010-11-30 | 1 | -2/+3 |
| * | Revert "Add Active Directory group membership checking Ticket #1009" | Scott Ullrich | 2010-11-29 | 1 | -83/+78 |
| * | Add Active Directory group membership checking Ticket #1009 | Scott Ullrich | 2010-11-29 | 1 | -78/+83 |
| * | Don't consider the HTTP referrer check as passing if it was skipped. Ticket #... | Erik Fonnesbeck | 2010-11-21 | 1 | -1/+2 |
| * | Upon restoring a config, replacing whole sections, or editing config.xml in e... | Erik Fonnesbeck | 2010-11-21 | 1 | -4/+18 |
| * | Various fixes and improvements for the DNS rebind and HTTP referrer checks. | Erik Fonnesbeck | 2010-11-18 | 1 | -33/+34 |
| * | Add workaround for referrer check to not be triggered on the previous IP addr... | Erik Fonnesbeck | 2010-11-17 | 1 | -9/+20 |
| * | Make sure this isn't searching the referrer using a blank host or IP, which w... | Erik Fonnesbeck | 2010-11-15 | 1 | -3/+12 |
| * | Fix case for testing the referrer check setting. Ticket #1011 | Erik Fonnesbeck | 2010-11-15 | 1 | -1/+1 |
| * | Don't perform referer check if display_error_form is not defined (captive por... | Erik Fonnesbeck | 2010-11-14 | 1 | -1/+1 |
| * | Unset this reference before reusing the variable name to prevent corruption o... | Erik Fonnesbeck | 2010-11-13 | 1 | -0/+2 |
| * | Fix a theoretical/potential XSS in the http_referer check warning. | jim-p | 2010-11-12 | 1 | -1/+1 |
| * | Correct HTTP_REFERER check when using an IP Address vs the Firewalls hostname | Scott Ullrich | 2010-11-10 | 1 | -1/+1 |
| * | Remove trailing carriage return | Scott Ullrich | 2010-11-10 | 1 | -1/+1 |
| * | * Adding function get_configured_ip_addresses() which returns all interfaces ... | Scott Ullrich | 2010-11-10 | 1 | -0/+26 |
| * | Do not require LDAP search base DN. Requiring this can prevent some valid LDA... | jim-p | 2010-10-27 | 1 | -1/+1 |
| * | Add a note to the DNS Rebinding protection error letting the user know to try... | jim-p | 2010-10-25 | 1 | -1/+1 |
| * | Convert fullname field on users to descr, so it gains CDATA protection. | jim-p | 2010-10-19 | 1 | -1/+1 |
| * | Test before working on what could be an empty value, otherwise it ends up set... | jim-p | 2010-09-28 | 1 | -0/+2 |
| * | Check for proper type. | Ermal | 2010-09-08 | 1 | -2/+2 |
| * | Avoid a warning on this code when there is no member for a group. | Ermal | 2010-08-17 | 1 | -2/+2 |
| * | Adapt to use 2.0's accounts | Scott Ullrich | 2010-08-15 | 1 | -3/+3 |
| * | Make sure this variable is an array before performing array operations upon it. | jim-p | 2010-08-02 | 1 | -3/+5 |
| * | Move the required once in a more appropriate place. | Ermal | 2010-07-28 | 1 | -1/+2 |
| * | Don't maintain a membership for the 'all' group when it includes everyone. Ju... | jim-p | 2010-07-28 | 1 | -0/+3 |
| * | Require radius.inc if the webGUI is using radius as the method. | Ermal | 2010-07-27 | 1 | -1/+2 |
| * | Flip this back the other way, the group operation will fail if the user isn't... | jim-p | 2010-07-14 | 1 | -5/+5 |
| * | Silence this command | jim-p | 2010-07-14 | 1 | -1/+1 |
| * | Add SSH tunneling privilege to list of available privileges. | Erik Fonnesbeck | 2010-07-12 | 1 | -2/+3 |
| * | Lock out shell accounts that have no OS access, or are expired/disabled. | jim-p | 2010-07-12 | 1 | -0/+11 |
| * | Add check for user-ssh-tunnel to give users access to the ssh tunnel shell | jim-p | 2010-07-12 | 1 | -0/+2 |
| * | Flip this test around so it is easier to follow/read. | jim-p | 2010-07-12 | 1 | -3/+3 |
| * | Sync groups first, since users may rely on group changes. | jim-p | 2010-07-12 | 1 | -5/+5 |
| * | Make sure a user gets deleted from the 'all' group. | jim-p | 2010-07-12 | 1 | -1/+1 |
| * | Clean up this code. | jim-p | 2010-07-12 | 1 | -6/+5 |
| * | Remove home directory when deleting a user. | jim-p | 2010-07-12 | 1 | -1/+5 |
| * | Bypass the DNS Rebind attack checks if accessing by IP address. | jim-p | 2010-07-09 | 1 | -16/+2 |
| * | Check for locally configured IPs in DNS rebind checks, so people who port for... | jim-p | 2010-07-06 | 1 | -0/+14 |
| * | Add a text box where someone can enter in alternate hostnames for the system ... | jim-p | 2010-07-06 | 1 | -0/+7 |
| * | Add a checkbox to disable DNS rebinding checks if needed. | jim-p | 2010-07-06 | 1 | -1/+1 |
| * | More fixes for DNS rebinding checks (Most of this code is Scott's, with some ... | jim-p | 2010-07-06 | 1 | -10/+17 |
| * | Correct check | Scott Ullrich | 2010-07-06 | 1 | -1/+1 |
| * | Correct check | Scott Ullrich | 2010-07-06 | 1 | -1/+1 |
| * | Check for 127.0.0.1 as well | Scott Ullrich | 2010-07-06 | 1 | -0/+2 |
