| Commit message (Expand) | Author | Age | Files | Lines |
... | |
* | | | | | | | | Various fixes and improvements for the DNS rebind and HTTP referrer checks. | Erik Fonnesbeck | 2010-11-18 | 1 | -33/+34 |
* | | | | | | | | Add workaround for referrer check to not be triggered on the previous IP addr... | Erik Fonnesbeck | 2010-11-17 | 1 | -9/+20 |
| |_|_|_|_|_|/
|/| | | | | | |
|
* | | | | | | | Make sure this isn't searching the referrer using a blank host or IP, which w... | Erik Fonnesbeck | 2010-11-15 | 1 | -3/+12 |
* | | | | | | | Fix case for testing the referrer check setting. Ticket #1011 | Erik Fonnesbeck | 2010-11-15 | 1 | -1/+1 |
* | | | | | | | Don't perform referer check if display_error_form is not defined (captive por... | Erik Fonnesbeck | 2010-11-14 | 1 | -1/+1 |
* | | | | | | | Unset this reference before reusing the variable name to prevent corruption o... | Erik Fonnesbeck | 2010-11-13 | 1 | -0/+2 |
* | | | | | | | Fix a theoretical/potential XSS in the http_referer check warning. | jim-p | 2010-11-12 | 1 | -1/+1 |
* | | | | | | | Correct HTTP_REFERER check when using an IP Address vs the Firewalls hostname | Scott Ullrich | 2010-11-10 | 1 | -1/+1 |
* | | | | | | | Remove trailing carriage return | Scott Ullrich | 2010-11-10 | 1 | -1/+1 |
* | | | | | | | * Adding function get_configured_ip_addresses() which returns all interfaces ... | Scott Ullrich | 2010-11-10 | 1 | -0/+26 |
| |_|_|_|_|/
|/| | | | | |
|
* | | | | | | Do not require LDAP search base DN. Requiring this can prevent some valid LDA... | jim-p | 2010-10-27 | 1 | -1/+1 |
* | | | | | | Add a note to the DNS Rebinding protection error letting the user know to try... | jim-p | 2010-10-25 | 1 | -1/+1 |
* | | | | | | Convert fullname field on users to descr, so it gains CDATA protection. | jim-p | 2010-10-19 | 1 | -1/+1 |
| |_|_|_|/
|/| | | | |
|
* | | | | | Test before working on what could be an empty value, otherwise it ends up set... | jim-p | 2010-09-28 | 1 | -0/+2 |
| |_|_|/
|/| | | |
|
* | | | | Check for proper type. | Ermal | 2010-09-08 | 1 | -2/+2 |
| |_|/
|/| | |
|
* | | | Avoid a warning on this code when there is no member for a group. | Ermal | 2010-08-17 | 1 | -2/+2 |
| |/
|/| |
|
* | | Adapt to use 2.0's accounts | Scott Ullrich | 2010-08-15 | 1 | -3/+3 |
|/ |
|
* | Make sure this variable is an array before performing array operations upon it. | jim-p | 2010-08-02 | 1 | -3/+5 |
* | Move the required once in a more appropriate place. | Ermal | 2010-07-28 | 1 | -1/+2 |
* | Don't maintain a membership for the 'all' group when it includes everyone. Ju... | jim-p | 2010-07-28 | 1 | -0/+3 |
* | Require radius.inc if the webGUI is using radius as the method. | Ermal | 2010-07-27 | 1 | -1/+2 |
* | Flip this back the other way, the group operation will fail if the user isn't... | jim-p | 2010-07-14 | 1 | -5/+5 |
* | Silence this command | jim-p | 2010-07-14 | 1 | -1/+1 |
* | Add SSH tunneling privilege to list of available privileges. | Erik Fonnesbeck | 2010-07-12 | 1 | -2/+3 |
* | Lock out shell accounts that have no OS access, or are expired/disabled. | jim-p | 2010-07-12 | 1 | -0/+11 |
* | Add check for user-ssh-tunnel to give users access to the ssh tunnel shell | jim-p | 2010-07-12 | 1 | -0/+2 |
* | Flip this test around so it is easier to follow/read. | jim-p | 2010-07-12 | 1 | -3/+3 |
* | Sync groups first, since users may rely on group changes. | jim-p | 2010-07-12 | 1 | -5/+5 |
* | Make sure a user gets deleted from the 'all' group. | jim-p | 2010-07-12 | 1 | -1/+1 |
* | Clean up this code. | jim-p | 2010-07-12 | 1 | -6/+5 |
* | Remove home directory when deleting a user. | jim-p | 2010-07-12 | 1 | -1/+5 |
* | Bypass the DNS Rebind attack checks if accessing by IP address. | jim-p | 2010-07-09 | 1 | -16/+2 |
* | Check for locally configured IPs in DNS rebind checks, so people who port for... | jim-p | 2010-07-06 | 1 | -0/+14 |
* | Add a text box where someone can enter in alternate hostnames for the system ... | jim-p | 2010-07-06 | 1 | -0/+7 |
* | Add a checkbox to disable DNS rebinding checks if needed. | jim-p | 2010-07-06 | 1 | -1/+1 |
* | More fixes for DNS rebinding checks (Most of this code is Scott's, with some ... | jim-p | 2010-07-06 | 1 | -10/+17 |
* | Correct check | Scott Ullrich | 2010-07-06 | 1 | -1/+1 |
* | Correct check | Scott Ullrich | 2010-07-06 | 1 | -1/+1 |
* | Check for 127.0.0.1 as well | Scott Ullrich | 2010-07-06 | 1 | -0/+2 |
* | Oops, correct check | Scott Ullrich | 2010-07-06 | 1 | -1/+1 |
* | Add localhost as a valid host for SSH forwarding cases | Scott Ullrich | 2010-07-06 | 1 | -0/+2 |
* | Wrap the dns rebind check in a test to see if our error function exists. If i... | jim-p | 2010-07-06 | 1 | -12/+16 |
* | Move the skel dir to /etc/skel, where it's easier to manage from a build poin... | jim-p | 2010-07-06 | 1 | -1/+1 |
* | Slight fix to dyndns check | jim-p | 2010-07-06 | 1 | -2/+2 |
* | Check dyndns hostnames as well for DNS Rebind issues | Scott Ullrich | 2010-07-06 | 1 | -5/+12 |
* | ^ Potential | Scott Ullrich | 2010-07-01 | 1 | -1/+1 |
* | Binding -> Rebinding | Scott Ullrich | 2010-07-01 | 1 | -1/+1 |
* | Comment what we are doing here and add the ticket #. | Scott Ullrich | 2010-07-01 | 1 | -0/+1 |
* | More dns-rebind checks. Ticket #708 | Scott Ullrich | 2010-07-01 | 1 | -1/+8 |
* | Give users with ssh access a real shell, but make sure that admin still gets ... | jim-p | 2010-06-29 | 1 | -0/+3 |