s/SSL/TLS/g (almost)
SSL is the old/outdated name. Since 1999, it's called TLS. In this changeset, I did the mostly harmless changes (UI, logs, docs).
This commit is contained in:
parent
8c93414d8d
commit
46008bf2cd
@ -44,10 +44,10 @@ Features
|
||||
accounts - everything supported by python-social-auth package)
|
||||
* Manual IP updates via web interface
|
||||
* Browser-based update client for temporary/adhoc usage
|
||||
* Shows time since last update via api, whether it used SSL or not
|
||||
* Shows time since last update via api, whether it used TLS or not
|
||||
* Shows v4 and v6 IP addresses (from master nameserver records)
|
||||
* Shows client / server fault counters, available and abuse flags
|
||||
* Supports IP v4 and v6, SSL.
|
||||
* Supports IP v4 and v6, TLS.
|
||||
* Easy and simple web interface, it tries to actively help to configure
|
||||
routers / update clients / nameservers.
|
||||
* Made with security and privacy in mind
|
||||
|
@ -28,7 +28,7 @@ PASSWORD = 'pass'
|
||||
HOSTNAME = 'nsupdate-ddns-client-unittest.' + BASEDOMAIN
|
||||
_PASSWORD = 'yUTvxjRwNu' # no problem, is only used for this unit test
|
||||
SERVER = 'ipv4.' + BASEDOMAIN
|
||||
SECURE = False # SSL/SNI support on python 2.x sucks :(
|
||||
SECURE = False # TLS/SNI support on python 2.x sucks :(
|
||||
|
||||
from django.utils.translation import activate
|
||||
|
||||
|
@ -22,7 +22,7 @@ For the router / update client configuration examples we show when creating a
|
||||
update secret, we use update URLs with https: (and we also tell why it might
|
||||
not work).
|
||||
|
||||
On the hosts overview page, we show whether we received the last update via SSL.
|
||||
On the hosts overview page, we show whether we received the last update via TLS.
|
||||
|
||||
|
||||
Login with remote vs. local Account
|
||||
@ -109,8 +109,8 @@ Other Services Update Secret (dyndns2 client)
|
||||
We need to store this secret "as is" into the database for the same reasons as
|
||||
outlined above.
|
||||
|
||||
But: we tell you in the services overview whether we'll use SSL to transmit the
|
||||
update, so at least if SSL is enabled, it won't go unencrypted over the wire.
|
||||
But: we tell you in the services overview whether we'll use TLS to transmit the
|
||||
update, so at least if TLS is enabled, it won't go unencrypted over the wire.
|
||||
|
||||
|
||||
CSRF protection
|
||||
|
@ -307,7 +307,7 @@ def _update(host, hostname, ipaddr, ssl=False, logger=None):
|
||||
:param host: host object
|
||||
:param hostname: hostname (fqdn)
|
||||
:param ipaddr: new ip addr (v4 or v6)
|
||||
:param ssl: True if we use SSL/https
|
||||
:param ssl: True if we use TLS/https
|
||||
:param logger: a logger object
|
||||
:return: Response object with dyndns2 response
|
||||
"""
|
||||
@ -331,7 +331,7 @@ def _update(host, hostname, ipaddr, ssl=False, logger=None):
|
||||
host.poke(kind, ssl)
|
||||
try:
|
||||
update(hostname, ipaddr)
|
||||
logger.info('%s - received good update -> ip: %s ssl: %r' % (hostname, ipaddr, ssl))
|
||||
logger.info('%s - received good update -> ip: %s tls: %r' % (hostname, ipaddr, ssl))
|
||||
# now check if there are other services we shall relay updates to:
|
||||
for hc in host.serviceupdaterhostconfigs.all():
|
||||
if (kind == 'ipv4' and hc.give_ipv4 and hc.service.accept_ipv4
|
||||
@ -350,12 +350,12 @@ def _update(host, hostname, ipaddr, ssl=False, logger=None):
|
||||
logger.exception("the dyndns2 updater raised an exception [%r]" % kwargs)
|
||||
return Response('good %s' % ipaddr)
|
||||
except SameIpError:
|
||||
logger.warning('%s - received no-change update, ip: %s ssl: %r' % (hostname, ipaddr, ssl))
|
||||
logger.warning('%s - received no-change update, ip: %s tls: %r' % (hostname, ipaddr, ssl))
|
||||
host.register_client_fault()
|
||||
return Response('nochg %s' % ipaddr)
|
||||
except (DnsUpdateError, NameServerNotAvailable) as e:
|
||||
msg = str(e)
|
||||
logger.error('%s - received update that resulted in a dns error [%s], ip: %s ssl: %r' % (
|
||||
logger.error('%s - received update that resulted in a dns error [%s], ip: %s tls: %r' % (
|
||||
hostname, msg, ipaddr, ssl))
|
||||
host.register_server_fault()
|
||||
return Response('dnserr')
|
||||
@ -368,7 +368,7 @@ def _delete(host, hostname, ipaddr, ssl=False, logger=None):
|
||||
:param host: host object
|
||||
:param hostname: hostname (fqdn)
|
||||
:param ipaddr: ip addr (to determine record type A or AAAA)
|
||||
:param ssl: True if we use SSL/https
|
||||
:param ssl: True if we use TLS/https
|
||||
:param logger: a logger object
|
||||
:return: Response object with dyndns2 response
|
||||
"""
|
||||
@ -394,12 +394,12 @@ def _delete(host, hostname, ipaddr, ssl=False, logger=None):
|
||||
try:
|
||||
rdtype = 'A' if kind == 'ipv4' else 'AAAA'
|
||||
delete(hostname, rdtype)
|
||||
logger.info('%s - received delete for record %s, ssl: %r' % (hostname, rdtype, ssl))
|
||||
logger.info('%s - received delete for record %s, tls: %r' % (hostname, rdtype, ssl))
|
||||
# XXX unclear what to do for "other services" we relay updates to
|
||||
return Response('deleted %s' % rdtype)
|
||||
except (DnsUpdateError, NameServerNotAvailable) as e:
|
||||
msg = str(e)
|
||||
logger.error('%s - received delete for record %s that resulted in a dns error [%s], ssl: %r' % (
|
||||
logger.error('%s - received delete for record %s that resulted in a dns error [%s], tls: %r' % (
|
||||
hostname, rdtype, msg, ssl))
|
||||
host.register_server_fault()
|
||||
return Response('dnserr')
|
||||
|
@ -234,7 +234,7 @@ class Host(models.Model):
|
||||
def generate_secret(self, secret=None):
|
||||
# note: we use a quick hasher for the update_secret as expensive
|
||||
# more modern hashes might put too much load on the servers. also
|
||||
# many update clients might use http without ssl, so it is not too
|
||||
# many update clients might use http without tls, so it is not too
|
||||
# secure anyway.
|
||||
if secret is None:
|
||||
user_model = get_user_model()
|
||||
@ -278,7 +278,7 @@ class ServiceUpdater(models.Model):
|
||||
help_text="Update Server URL path of this service")
|
||||
secure = models.BooleanField(
|
||||
default=True,
|
||||
help_text="Use https / SSL to contact the Update Server?")
|
||||
help_text="Use https / TLS to contact the Update Server?")
|
||||
|
||||
# what kind(s) of IPs is (are) acceptable to this service:
|
||||
accept_ipv4 = models.BooleanField(default=False)
|
||||
|
@ -35,7 +35,7 @@
|
||||
({{ host.last_update_ipv4|timesince }},
|
||||
{% if not host.ssl_update_ipv4 %}
|
||||
<span class="label label-warning">no {% else %}
|
||||
<span class="label label-success">{% endif %}SSL</span>)
|
||||
<span class="label label-success">{% endif %}TLS</span>)
|
||||
{% else %}
|
||||
(unknown)
|
||||
{% endif %}
|
||||
@ -46,7 +46,7 @@
|
||||
({{ host.last_update_ipv6|timesince }},
|
||||
{% if not host.ssl_update_ipv6 %}
|
||||
<span class="label label-warning">no {% else %}
|
||||
<span class="label label-success">{% endif %}SSL</span>)
|
||||
<span class="label label-success">{% endif %}TLS</span>)
|
||||
{% else %}
|
||||
(unknown)
|
||||
{% endif %}
|
||||
|
@ -21,13 +21,13 @@
|
||||
<dd>{{ hosts_total }}</dd>
|
||||
<dt>Unavailable / Abuse / Abuse-Blocked:</dt>
|
||||
<dd>{{ hosts_unavailable }} / {{ hosts_abuse }} / {{ hosts_abuse_blocked }}</dd>
|
||||
<dt>ip v4 (ssl) / v6 (ssl) updated last 2d:</dt>
|
||||
<dt>ip v4 (tls) / v6 (tls) updated last 2d:</dt>
|
||||
<dd>{{ hosts_ipv4_2d }} ({{ hosts_ipv4_ssl_2d }}) / {{ hosts_ipv6_2d }} ({{ hosts_ipv6_ssl_2d }})</dd>
|
||||
<dt>ip v4 (ssl) / v6 (ssl) updated last 2w:</dt>
|
||||
<dt>ip v4 (tls) / v6 (tls) updated last 2w:</dt>
|
||||
<dd>{{ hosts_ipv4_2w }} ({{ hosts_ipv4_ssl_2w }}) / {{ hosts_ipv6_2w }} ({{ hosts_ipv6_ssl_2w }})</dd>
|
||||
<dt>ip v4 (ssl) / v6 (ssl) updated last 2m:</dt>
|
||||
<dt>ip v4 (tls) / v6 (tls) updated last 2m:</dt>
|
||||
<dd>{{ hosts_ipv4_2m }} ({{ hosts_ipv4_ssl_2m }}) / {{ hosts_ipv6_2m }} ({{ hosts_ipv6_ssl_2m }})</dd>
|
||||
<dt>ip v4 (ssl) / v6 (ssl) updated last 2y:</dt>
|
||||
<dt>ip v4 (tls) / v6 (tls) updated last 2y:</dt>
|
||||
<dd>{{ hosts_ipv4_2y }} ({{ hosts_ipv4_ssl_2y }}) / {{ hosts_ipv6_2y }} ({{ hosts_ipv6_ssl_2y }})</dd>
|
||||
</dl>
|
||||
</div>
|
||||
|
@ -17,7 +17,7 @@
|
||||
</thead>
|
||||
{% for uc in updater_configs %}
|
||||
<tr>
|
||||
<td>{{ uc.service.name }} (SSL: {{ uc.service.secure|yesno }})</td>
|
||||
<td>{{ uc.service.name }} (TLS: {{ uc.service.secure|yesno }})</td>
|
||||
<td><a href="{% url 'updater_hostconfig' uc.pk %}">{{ uc.hostname }}</a></td>
|
||||
<td>{{ uc.give_ipv4|yesno }}</td>
|
||||
<td>{{ uc.give_ipv6|yesno }}</td>
|
||||
|
@ -12,7 +12,7 @@ HOSTNAME = 'nsupdate-ddns-client-unittest.' + BASEDOMAIN
|
||||
INVALID_HOSTNAME = 'nsupdate-ddns-client-nohost.' + BASEDOMAIN
|
||||
USER, PASSWORD = HOSTNAME, 'yUTvxjRwNu' # no problem, is only used for this unit test
|
||||
SERVER = 'ipv4.' + BASEDOMAIN
|
||||
SECURE = False # SSL/SNI support on python 2.x sucks :(
|
||||
SECURE = False # TLS/SNI support on python 2.x sucks :(
|
||||
|
||||
|
||||
class TestDynDns2Client(object):
|
||||
|
@ -24,7 +24,7 @@ def dyndns2_update(name, password,
|
||||
:param hostname: hostname we want to update
|
||||
:param myip: the new ip address for hostname
|
||||
:param path: url path (default: '/nic/update')
|
||||
:param secure: whether to use ssl for the request (default: True)
|
||||
:param secure: whether to use tls for the request (default: True)
|
||||
note: if you use secure=False, it will transmit
|
||||
the given data unencrypted.
|
||||
:param timeout: how long to wait until response has to begin
|
||||
|
Loading…
x
Reference in New Issue
Block a user