From: rmurray <>
Date: Thu, 13 Mar 2003 03:25:56 +0000 (+0000)
Subject: remove non-https logins
X-Git-Tag: debian_userdir-ldap_0-3-7~73
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=338ed57a1a2c4383dabc59698683d146e3e0dd2a;p=mirror%2Fuserdir-ldap.git
remove non-https logins
---
diff --git a/web/Util.pm b/web/Util.pm
index 08a5f07..8efabfb 100644
--- a/web/Util.pm
+++ b/web/Util.pm
@@ -119,7 +119,7 @@ sub ReadPasswordFromFile {
# check to make sure the time is positive, and that the auth token
# has not expired
my $tdiff = (time - $time);
- &HTMLError("Your authentication token has expired. Please relogin") if (($tdiff < 0) || ($tdiff > $config{authexpires}));
+ &HTMLError("Your authentication token has expired. Please relogin") if (($tdiff < 0) || ($tdiff > $config{authexpires}));
return Decrypt($cipher, $passwd);
}
diff --git a/web/login.cgi b/web/login.cgi
index 55d4d31..0058aa9 100755
--- a/web/login.cgi
+++ b/web/login.cgi
@@ -1,6 +1,6 @@
#!/usr/bin/perl
-# $Id: login.cgi,v 1.7 2000/05/10 05:01:55 tausq Exp $
+# $Id: login.cgi,v 1.8 2003/03/13 04:25:56 rmurray Exp $
# (c) 1999 Randolph Chung. Licensed under the GPL.
use lib '.';
@@ -17,8 +17,8 @@ my %config = &Util::ReadConfigFile;
my $query = new CGI;
my $proto = ($ENV{HTTPS} ? "https" : "http");
-if (!($query->param('username')) || !($query->param('password'))) {
- print "Location: $proto://$ENV{SERVER_NAME}/$config{webloginurl}\n\n";
+if ($proto eq "http" || !($query->param('username')) || !($query->param('password'))) {
+ print "Location: https://$ENV{SERVER_NAME}/$config{webloginurl}\n\n";
exit;
}
diff --git a/web/login.wml b/web/login.wml
index 118bcbf..b3f5f5a 100644
--- a/web/login.wml
+++ b/web/login.wml
@@ -1,7 +1,7 @@
#use wml::db.d.o title="debian.org Developers LDAP Login"
-
diff --git a/web/searchresults.wml b/web/searchresults.wml
index 4af139b..7d70fff 100644
--- a/web/searchresults.wml
+++ b/web/searchresults.wml
@@ -5,7 +5,7 @@
Logout | ?>
-Login (SSL version) | ?>
+Login | ?>
Search again
Number of entries matched: ~count~
@@ -33,6 +33,6 @@ searchresults?>
Logout | ?>
-Login (SSL version) | ?>
+Login | ?>
Search again
diff --git a/web/update.cgi b/web/update.cgi
index 9aabb33..4ad5b88 100755
--- a/web/update.cgi
+++ b/web/update.cgi
@@ -1,6 +1,6 @@
#!/usr/bin/perl
-# $Id: update.cgi,v 1.8 2000/05/13 18:39:05 tausq Exp $
+# $Id: update.cgi,v 1.9 2003/03/13 04:25:56 rmurray Exp $
# (c) 1999 Randolph Chung. Licensed under the GPL.
use lib '.';
@@ -43,7 +43,7 @@ $auth = ($mesg->code == LDAP_SUCCESS);
if (!$auth) {
$ldap->unbind;
- &Util::HTMLError("You have not been authenticated. Please Login");
+ &Util::HTMLError("You have not been authenticated. Please Login");
}
# Authenticated....