Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Do not override the passwd string. First it prevents the md5 working if the ↵ | Ermal LUÇI | 2015-01-12 | 1 | -4/+2 |
| | | | | crypt() check fails and also is useless to override it since the parameter is passed by value and not by reference. | ||||
* | Fix lineup of copyright lines | Phil Davis | 2015-01-01 | 1 | -32/+32 |
| | | | | | and module names and other bits of formatting and typos in header comment sections. | ||||
* | Fix pw syntax when local_group_set() is called with reset == true, -M always ↵ | Renato Botelho | 2014-11-17 | 1 | -1/+1 |
| | | | | require a parameter | ||||
* | Add an extra protection to avoid having an empty group created | Renato Botelho | 2014-11-13 | 1 | -1/+1 |
| | |||||
* | Actually require group name! | Ermal | 2014-11-11 | 1 | -1/+1 |
| | |||||
* | Do not do operations for empty group members | Ermal | 2014-11-11 | 1 | -1/+4 |
| | |||||
* | remove old DISABLE_PHP_LINT_CHECKING, which dates way back to the CVS days ↵ | Chris Buechler | 2014-11-04 | 1 | -1/+0 |
| | | | | and hasn't been relevant in years. | ||||
* | Detect when protocol changes and invalidate session to get a new cookie with ↵ | Renato Botelho | 2014-07-18 | 1 | -0/+5 |
| | | | | secure flag set according. It fixes #3714 | ||||
* | Always set httponly attribute on cookies | Renato Botelho | 2014-06-18 | 1 | -10/+8 |
| | |||||
* | Add comment I forgot on last commit | Renato Botelho | 2014-06-17 | 1 | -0/+1 |
| | |||||
* | Re-generate session ID on a successful login to avoid session fixation | Renato Botelho | 2014-06-17 | 1 | -0/+1 |
| | |||||
* | Replace Header() calls by lowercase | Renato Botelho | 2014-06-13 | 1 | -1/+1 |
| | |||||
* | Merge branch 'master-br' of https://github.com/ayvis/pfsense into ↵ | Renato Botelho | 2014-03-17 | 1 | -5/+5 |
|\ | | | | | | | ayvis-master-br | ||||
| * | xhtml Compliance | ayvis | 2014-03-14 | 1 | -5/+5 |
| | | | | | | replaced <br>, <br/> and </br> with <br /> | ||||
* | | standardize URLs | Chris Buechler | 2014-03-14 | 1 | -1/+1 |
|/ | |||||
* | Rmoeve register_long_arrays from php.ini and from php code the use of ↵ | Ermal | 2013-12-20 | 1 | -3/+1 |
| | | | | HTTP_*_VARS as its deprecated and luckily low use in pfSense to win memory and compativility | ||||
* | Provide a more safe way to avoid pw userdel being interactive because of a ↵ | Renato Botelho | 2013-11-14 | 1 | -0/+5 |
| | | | | crontab existance | ||||
* | Revert "local_sync_accounts: provides empty STDIN to pw userdel command" | Renato Botelho | 2013-11-14 | 1 | -1/+1 |
| | | | | This reverts commit c6b156bfa537754d079868653ef3561eb1330d8c. | ||||
* | local_sync_accounts: provides empty STDIN to pw userdel command | Ky-Anh Huynh | 2013-11-13 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | The /usr/sbin/pw command may wait for user input. For example, if there is a manual crontab settings for :foobar account, then when this account is requested to be deleted, the command will ask if user wants to delete crontab settings for the account. Because the command waits for user input, the boot process will hang at the "Synchronizing user settings..." step, unless user presses any key. To avoid this problem, we use the /bin/echo command to give empty input for /usr/bin/pw command. This is an alternative of typing "no" or "n". This is a not the best way. Maybe closing STDIN is good. Or force users to change account settings from webUI. See also #852 (pull request). Renato Botelho points out that "pw userdel" will call "crontab -u %user -r" that is interative. "pw groupdel" will never be interative, though. | ||||
* | Revert "Add conf_mount_rw calls on functions that changes user/groups. It ↵ | Renato Botelho | 2013-11-02 | 1 | -12/+0 |
| | | | | | | fixes #3294" This reverts commit b1e5a286bb47d7e4a5b3d589cc27b557b3b13c41. | ||||
* | Add conf_mount_rw calls on functions that changes user/groups. It fixes #3294 | Renato Botelho | 2013-11-01 | 1 | -0/+12 |
| | |||||
* | Add LDAP server options to control UTF8-encoding of parameters. Fixes #2227. ↵ | jim-p | 2013-07-17 | 1 | -5/+19 |
| | | | | While I'm here, add a checkbox to prevent the stripping of @ from the LDAP username if the user wants the full name transmitted. | ||||
* | Ignore errors/warnings from these calls | Ermal | 2013-07-15 | 1 | -6/+6 |
| | |||||
* | Include both dyndns and rfc2136 hosts in referer check | jim-p | 2013-07-02 | 1 | -0/+16 |
| | |||||
* | Include RFC2136 hosts in DNS rebinding checks. | jim-p | 2013-07-02 | 1 | -0/+7 |
| | |||||
* | Set LDAP option to dereference aliases when searching | Andrew MacIsaac | 2013-04-02 | 1 | -0/+4 |
| | |||||
* | Print the error message from LDAP in the log for a bind failure. | jim-p | 2013-03-06 | 1 | -1/+1 |
| | |||||
* | Add a knob in the GUI to set the RADIUS authentication timeout. Previous ↵ | jim-p | 2013-02-13 | 1 | -2/+5 |
| | | | | default was 3s, new is 5s. When using two-factor auth via external (e.g. phone), this needs to be set much higher, 60-120. | ||||
* | Something in the LDAP libraries has changed and it no longer likes spaces in ↵ | jim-p | 2013-01-14 | 1 | -5/+5 |
| | | | | the CA filename. Use the refid for the CA filename since it will always be unqiue, and it will never contain any spaces, unlike authname or the CA's descr. | ||||
* | Removing gettext from strins that should not be translated | Vinicius Coque | 2013-01-05 | 1 | -2/+2 |
| | |||||
* | Put these logs under debug since that's their purpose | Ermal | 2012-11-19 | 1 | -1/+2 |
| | |||||
* | Put these logs under debug since that's their purpose | Ermal | 2012-11-19 | 1 | -2/+4 |
| | |||||
* | authentication, don't log 'errors' on normal procedure | PiBa-NL | 2012-11-18 | 1 | -3/+3 |
| | |||||
* | Not sure why this has been hidden so deep but putting that in the right ↵ | Ermal | 2012-11-15 | 1 | -2/+0 |
| | | | | place should help with error displayed related to HEADER already sent in PHP errors.log | ||||
* | Supress the error message if the ldap bind doesnt happen | Warren Baker | 2012-07-27 | 1 | -1/+1 |
| | |||||
* | Fix LDAP over IPv6 (works fine, just needed slight adjustment to URI) | jim-p | 2012-06-30 | 1 | -5/+9 |
| | |||||
* | Import OpenVPN cisco style radius attributes applying policy to logged in ↵ | Ermal | 2012-06-05 | 1 | -3/+5 |
| | | | | users. Feature #2100 | ||||
* | Do not allow empty passwords since this might cause problems for some ↵ | Ermal | 2012-05-30 | 1 | -2/+2 |
| | | | | authentication servers like ldap. Fixes #2326 | ||||
* | As suggested by wagonza, using SAMEORIGIN for X-Frame-Options is sufficient ↵ | jim-p | 2012-05-15 | 1 | -1/+1 |
| | | | | here, and does allow the traffic graphs to work. Fixes #2419 | ||||
* | Add click jacking support. Ticket #2419 | Scott Ullrich | 2012-05-10 | 1 | -1/+3 |
| | |||||
* | Handle HTTPOnly and Secure flags on cookies | Warren Baker | 2012-05-09 | 1 | -0/+12 |
| | |||||
* | Looking at pw code : chars are invalid in a comment fieldgit diff! Replace ↵ | Ermal | 2012-03-12 | 1 | -1/+2 |
| | | | | those to just space | ||||
* | Another try to eliminate the warning 'PHP Warning: Cannot modify header ↵ | Ermal | 2012-02-08 | 1 | -1/+2 |
| | | | | information - headers already sent by (output started at /etc/inc/authgui.inc:201) in /usr/local/www/guiconfig.inc on line 47' | ||||
* | Revert "Check if a session already exists to avoid errors issued by php on ↵ | Erik Fonnesbeck | 2012-02-07 | 1 | -2/+1 |
| | | | | | | sesion_start being called on existing session" This reverts commit 9b2de7e2a6afab31e1a62ac8d54435975a22a9a7. | ||||
* | Check if a session already exists to avoid errors issued by php on ↵ | Ermal | 2012-02-07 | 1 | -1/+2 |
| | | | | sesion_start being called on existing session | ||||
* | Include admin user in bootup account sync | jim-p | 2012-01-25 | 1 | -6/+2 |
| | |||||
* | Be more careful when creating and removing a user, to only alter a user if ↵ | jim-p | 2012-01-23 | 1 | -3/+15 |
| | | | | | | it really matches the passwd entry. Fixes #2066 pw usershow likes to ignore what you want even with -n and if the user is numeric and doesn't exist, it fetches by uid. Can cause major problems if you try to remove a numeric user. | ||||
* | Unbreak a number of explode() replacements which required preg_split() | smos | 2012-01-20 | 1 | -2/+2 |
| | |||||
* | The function split() is replaced by the function explode(). Starting with ↵ | smos | 2012-01-19 | 1 | -8/+8 |
| | | | | | | PHP 5.3 this is deprecated and with version 6 gone. Replacing it surpresses all the warnings | ||||
* | mhash -> hash change from Ermal | jim-p | 2012-01-19 | 1 | -1/+1 |
| |