flo/nsupdate.info
1
0
Fork 0
Code Issues 1 Pull Requests 2 Packages Releases Activity

s/WE_HAVE_SSL/WE_HAVE_TLS/g

Browse Source 
SSL is the old/outdated name. Since 1999, it's called TLS.

Changed the name of the configuration setting.
This commit is contained in:
Thomas Waldmann 2014-05-30 01:18:50 +02:00
parent 46008bf2cd
commit d47793b71c
7 changed files with 13 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES.rst
View File

@ -6,7 +6,8 @@ Release <TBD>
Important notes: Important notes:
* ... * WE_HAVE_SSL configuration setting name was changed to WE_HAVE_TLS.
Please update your configuration, if you use it.
New Features: New Features:

4
docs/security.rst
View File

@ -10,7 +10,7 @@ Use https for the web interface as well as for the update client (if possible).
Otherwise, your username / password (FQDN / update secret) will be transmitted Otherwise, your username / password (FQDN / update secret) will be transmitted
in clear text (unencrypted). in clear text (unencrypted).
The web interface will warn you if you use it via http. If WE_HAVE_SSL is The web interface will warn you if you use it via http. If WE_HAVE_TLS is
set to True, it will suggest you better use the https site and link there. set to True, it will suggest you better use the https site and link there.
Additionally, the service administrator can implement a redirect from the Additionally, the service administrator can implement a redirect from the
@ -134,7 +134,7 @@ The software ("as is") uses these cookies:
* "sessionid" (host-only, to keep the session when you have logged-in to the * "sessionid" (host-only, to keep the session when you have logged-in to the
web interface) web interface)
If you have set WE_HAVE_SSL to True (because you run the software on a https If you have set WE_HAVE_TLS to True (because you run the software on a https
site), you should also set *_COOKIE_SECURE to True to avoid the cookies getting site), you should also set *_COOKIE_SECURE to True to avoid the cookies getting
transmitted via http. transmitted via http.

2
nsupdate/context_processors.py
View File

@ -22,7 +22,7 @@ def add_settings(request):
context['WWW_IPV4_HOST'] = settings.WWW_IPV4_HOST context['WWW_IPV4_HOST'] = settings.WWW_IPV4_HOST
context['WWW_IPV6_HOST'] = settings.WWW_IPV6_HOST context['WWW_IPV6_HOST'] = settings.WWW_IPV6_HOST
context['SERVICE_CONTACT'] = settings.SERVICE_CONTACT # about view context['SERVICE_CONTACT'] = settings.SERVICE_CONTACT # about view
context['WE_HAVE_SSL'] = settings.WE_HAVE_SSL context['WE_HAVE_TLS'] = settings.WE_HAVE_TLS
context['COOKIE_SECURE'] = settings.SESSION_COOKIE_SECURE or settings.CSRF_COOKIE_SECURE context['COOKIE_SECURE'] = settings.SESSION_COOKIE_SECURE or settings.CSRF_COOKIE_SECURE
return context return context

2
nsupdate/main/templates/main/includes/tabbed_router_configuration.html
View File

@ -26,7 +26,7 @@
PC software) <em>and</em> the specific nsupdate.info-based service, https might be not supported. PC software) <em>and</em> the specific nsupdate.info-based service, https might be not supported.
So, if it does not work, you have the choice of using a different update client and/or a different service, So, if it does not work, you have the choice of using a different update client and/or a different service,
or transmitting your data using an unencrypted connection (using http: instead of https:).<br> or transmitting your data using an unencrypted connection (using http: instead of https:).<br>
<b>On {{ WWW_HOST }} https is {% if not WE_HAVE_SSL %}not {% endif %}supported.</b> <b>On {{ WWW_HOST }} https is {% if not WE_HAVE_TLS %}not {% endif %}supported.</b>
</p> </p>
<hr> <hr>
<p> <p>

6
nsupdate/settings/dev.py
View File

@ -7,9 +7,9 @@ from .base import *
DEBUG = True DEBUG = True
TEMPLATE_DEBUG = DEBUG TEMPLATE_DEBUG = DEBUG
WE_HAVE_SSL = False # True if you run a https site also, suggest that site to users if they work on the http site. WE_HAVE_TLS = False # True if you run a https site also, suggest that site to users if they work on the http site.
CSRF_COOKIE_SECURE = WE_HAVE_SSL CSRF_COOKIE_SECURE = WE_HAVE_TLS
SESSION_COOKIE_SECURE = WE_HAVE_SSL SESSION_COOKIE_SECURE = WE_HAVE_TLS
BASEDOMAIN = 'nsupdate.info' BASEDOMAIN = 'nsupdate.info'
WWW_HOST = 'localhost:8000' WWW_HOST = 'localhost:8000'

6
nsupdate/settings/prod.py
View File

@ -7,9 +7,9 @@ from .base import *
DEBUG = False DEBUG = False
TEMPLATE_DEBUG = DEBUG TEMPLATE_DEBUG = DEBUG
WE_HAVE_SSL = True # True if you run a https site also, suggest that site to users if they work on the http site. WE_HAVE_TLS = True # True if you run a https site also, suggest that site to users if they work on the http site.
CSRF_COOKIE_SECURE = WE_HAVE_SSL CSRF_COOKIE_SECURE = WE_HAVE_TLS
SESSION_COOKIE_SECURE = WE_HAVE_SSL SESSION_COOKIE_SECURE = WE_HAVE_TLS
# these are the service host names we deal with # these are the service host names we deal with
BASEDOMAIN = 'nsupdate.info' BASEDOMAIN = 'nsupdate.info'

2
nsupdate/templates/base.html
View File

@ -88,7 +88,7 @@
<div class="alert alert-danger"> <div class="alert alert-danger">
<button type="button" class="close" data-dismiss="alert">&times;</button> <button type="button" class="close" data-dismiss="alert">&times;</button>
Your (http) connection is unencrypted and thus insecure. Your (http) connection is unencrypted and thus insecure.
{% if WE_HAVE_SSL %} {% if WE_HAVE_TLS %}
Please use our <a href="https://{{ WWW_HOST }}/">secure https site</a>. Please use our <a href="https://{{ WWW_HOST }}/">secure https site</a>.
{% endif %} {% endif %}
{% if COOKIE_SECURE %} {% if COOKIE_SECURE %}