flo/nsupdate.info
1
0
Fork 0
Code Issues 1 Pull Requests 2 Packages Releases Activity

s/WE_HAVE_SSL/WE_HAVE_TLS/g

Browse Source 
SSL is the old/outdated name. Since 1999, it's called TLS.

Changed the name of the configuration setting.
This commit is contained in:
Thomas Waldmann 2014-05-30 01:18:50 +02:00
parent 46008bf2cd
commit d47793b71c
7 changed files with 13 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES.rst
View File

@ -6,7 +6,8 @@ Release <TBD>
Important notes:
* ...
* WE_HAVE_SSL configuration setting name was changed to WE_HAVE_TLS.
Please update your configuration, if you use it.
New Features:

4
docs/security.rst
View File

@ -10,7 +10,7 @@ Use https for the web interface as well as for the update client (if possible).
Otherwise, your username / password (FQDN / update secret) will be transmitted
in clear text (unencrypted).
The web interface will warn you if you use it via http. If WE_HAVE_SSL is
The web interface will warn you if you use it via http. If WE_HAVE_TLS is
set to True, it will suggest you better use the https site and link there.
Additionally, the service administrator can implement a redirect from the
@ -134,7 +134,7 @@ The software ("as is") uses these cookies:
* "sessionid" (host-only, to keep the session when you have logged-in to the
web interface)
If you have set WE_HAVE_SSL to True (because you run the software on a https
If you have set WE_HAVE_TLS to True (because you run the software on a https
site), you should also set *_COOKIE_SECURE to True to avoid the cookies getting
transmitted via http.

2
nsupdate/context_processors.py
View File

@ -22,7 +22,7 @@ def add_settings(request):
context['WWW_IPV4_HOST'] = settings.WWW_IPV4_HOST
context['WWW_IPV6_HOST'] = settings.WWW_IPV6_HOST
context['SERVICE_CONTACT'] = settings.SERVICE_CONTACT # about view
context['WE_HAVE_SSL'] = settings.WE_HAVE_SSL
context['WE_HAVE_TLS'] = settings.WE_HAVE_TLS
context['COOKIE_SECURE'] = settings.SESSION_COOKIE_SECURE or settings.CSRF_COOKIE_SECURE
return context

2
nsupdate/main/templates/main/includes/tabbed_router_configuration.html
View File

@ -26,7 +26,7 @@
PC software) <em>and</em> the specific nsupdate.info-based service, https might be not supported.
So, if it does not work, you have the choice of using a different update client and/or a different service,
or transmitting your data using an unencrypted connection (using http: instead of https:).<br>
<b>On {{ WWW_HOST }} https is {% if not WE_HAVE_SSL %}not {% endif %}supported.</b>
<b>On {{ WWW_HOST }} https is {% if not WE_HAVE_TLS %}not {% endif %}supported.</b>
</p>
<hr>
<p>

6
nsupdate/settings/dev.py
View File

@ -7,9 +7,9 @@ from .base import *
DEBUG = True
TEMPLATE_DEBUG = DEBUG
WE_HAVE_SSL = False # True if you run a https site also, suggest that site to users if they work on the http site.
CSRF_COOKIE_SECURE = WE_HAVE_SSL
SESSION_COOKIE_SECURE = WE_HAVE_SSL
WE_HAVE_TLS = False # True if you run a https site also, suggest that site to users if they work on the http site.
CSRF_COOKIE_SECURE = WE_HAVE_TLS
SESSION_COOKIE_SECURE = WE_HAVE_TLS
BASEDOMAIN = 'nsupdate.info'
WWW_HOST = 'localhost:8000'

6
nsupdate/settings/prod.py
View File

@ -7,9 +7,9 @@ from .base import *
DEBUG = False
TEMPLATE_DEBUG = DEBUG
WE_HAVE_SSL = True # True if you run a https site also, suggest that site to users if they work on the http site.
CSRF_COOKIE_SECURE = WE_HAVE_SSL
SESSION_COOKIE_SECURE = WE_HAVE_SSL
WE_HAVE_TLS = True # True if you run a https site also, suggest that site to users if they work on the http site.
CSRF_COOKIE_SECURE = WE_HAVE_TLS
SESSION_COOKIE_SECURE = WE_HAVE_TLS
# these are the service host names we deal with
BASEDOMAIN = 'nsupdate.info'

2
nsupdate/templates/base.html
View File

@ -88,7 +88,7 @@
<div class="alert alert-danger">
<button type="button" class="close" data-dismiss="alert">&times;</button>
Your (http) connection is unencrypted and thus insecure.
{% if WE_HAVE_SSL %}
{% if WE_HAVE_TLS %}
Please use our <a href="https://{{ WWW_HOST }}/">secure https site</a>.
{% endif %}
{% if COOKIE_SECURE %}