projects
/
mirror
/
userdir-ldap-cgi.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
2176e71
)
remove non-https logins
author
rmurray
<>
Thu, 13 Mar 2003 03:25:56 +0000
(
03:25
+0000)
committer
rmurray
<>
Thu, 13 Mar 2003 03:25:56 +0000
(
03:25
+0000)
Util.pm
patch
|
blob
|
history
login.cgi
patch
|
blob
|
history
update.cgi
patch
|
blob
|
history
diff --git
a/Util.pm
b/Util.pm
index
08a5f07
..
8efabfb
100644
(file)
--- a/
Util.pm
+++ b/
Util.pm
@@
-119,7
+119,7
@@
sub ReadPasswordFromFile {
# check to make sure the time is positive, and that the auth token
# has not expired
my $tdiff = (time - $time);
# check to make sure the time is positive, and that the auth token
# has not expired
my $tdiff = (time - $time);
- &HTMLError("Your authentication token has expired. Please <a href=\"$config{webloginhtml}\">relogin</a>") if (($tdiff < 0) || ($tdiff > $config{authexpires}));
+ &HTMLError("Your authentication token has expired. Please <a href=\"
https://$ENV{SERVER_NAME}/
$config{webloginhtml}\">relogin</a>") if (($tdiff < 0) || ($tdiff > $config{authexpires}));
return Decrypt($cipher, $passwd);
}
return Decrypt($cipher, $passwd);
}
diff --git
a/login.cgi
b/login.cgi
index
55d4d31
..
0058aa9
100755
(executable)
--- a/
login.cgi
+++ b/
login.cgi
@@
-1,6
+1,6
@@
#!/usr/bin/perl
#!/usr/bin/perl
-# $Id: login.cgi,v 1.
7 2000/05/10 05:01:55 tausq
Exp $
+# $Id: login.cgi,v 1.
8 2003/03/13 04:25:56 rmurray
Exp $
# (c) 1999 Randolph Chung. Licensed under the GPL. <tausq@debian.org>
use lib '.';
# (c) 1999 Randolph Chung. Licensed under the GPL. <tausq@debian.org>
use lib '.';
@@
-17,8
+17,8
@@
my %config = &Util::ReadConfigFile;
my $query = new CGI;
my $proto = ($ENV{HTTPS} ? "https" : "http");
my $query = new CGI;
my $proto = ($ENV{HTTPS} ? "https" : "http");
-if (!($query->param('username')) || !($query->param('password'))) {
- print "Location:
$proto
://$ENV{SERVER_NAME}/$config{webloginurl}\n\n";
+if (
$proto eq "http" ||
!($query->param('username')) || !($query->param('password'))) {
+ print "Location:
https
://$ENV{SERVER_NAME}/$config{webloginurl}\n\n";
exit;
}
exit;
}
diff --git
a/update.cgi
b/update.cgi
index
9aabb33
..
4ad5b88
100755
(executable)
--- a/
update.cgi
+++ b/
update.cgi
@@
-1,6
+1,6
@@
#!/usr/bin/perl
#!/usr/bin/perl
-# $Id: update.cgi,v 1.
8 2000/05/13 18:39:05 tausq
Exp $
+# $Id: update.cgi,v 1.
9 2003/03/13 04:25:56 rmurray
Exp $
# (c) 1999 Randolph Chung. Licensed under the GPL. <tausq@debian.org>
use lib '.';
# (c) 1999 Randolph Chung. Licensed under the GPL. <tausq@debian.org>
use lib '.';
@@
-43,7
+43,7
@@
$auth = ($mesg->code == LDAP_SUCCESS);
if (!$auth) {
$ldap->unbind;
if (!$auth) {
$ldap->unbind;
- &Util::HTMLError("You have not been authenticated. Please <a href=\"
$proto
://$ENV{SERVER_NAME}/$config{webloginurl}\">Login</a>");
+ &Util::HTMLError("You have not been authenticated. Please <a href=\"
https
://$ENV{SERVER_NAME}/$config{webloginurl}\">Login</a>");
}
# Authenticated....
}
# Authenticated....