added comments for the use with 'pound'
replaced some nearly-static english texts reduced resolution of language_selection icon to 64x64
This commit is contained in:
parent
dfbb2c0ba3
commit
99bb459d58
6 changed files with 42 additions and 8 deletions
37
README.ssl
37
README.ssl
|
@ -1,13 +1,21 @@
|
|||
Encrypting the communication with the CryptoBox webserver with SSL
|
||||
Encrypting the http traffic to the CryptoBox webserver with SSL
|
||||
|
||||
This file describes how to encrypt your connection to the CryptoBox webserver.
|
||||
This is highly recommended as the encryption password for your data could be
|
||||
exposed to intruders in your local network otherwise.
|
||||
|
||||
There are two ways for setting up a SSL connection:
|
||||
There are several ways for setting up a SSL connection:
|
||||
- run the CryptoBox webserver behind an ssl-enabled webserver
|
||||
- use stunnel to provide an SSL socket
|
||||
- use the a proxy server (e.g. pound)
|
||||
- ...
|
||||
|
||||
At the end of this document you will find some information on how to turn off
|
||||
SSL detection of the CryptoBox. You should read it, if there is no solution
|
||||
for your specific setup available or if you are _very_ sure, that you do not
|
||||
need encrypted http connections.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
|
||||
1) CryptoBox behind an ssl-enabled webserver
|
||||
Read the documentation of your favourite webserver to learn how to enable
|
||||
|
@ -28,6 +36,8 @@ There are two ways for setting up a SSL connection:
|
|||
TODO
|
||||
|
||||
|
||||
-------------------------------------------------------------------
|
||||
|
||||
2) CryptoBox behind stunnel
|
||||
You may want to tunnel the traffic between the cryptobox-server
|
||||
and your browser. "stunnel" is an excellent candidate for this job.
|
||||
|
@ -46,7 +56,28 @@ There are two ways for setting up a SSL connection:
|
|||
And maybe you want to add the last command to your bootup scripts.
|
||||
|
||||
|
||||
3) Problems with SSL detection?
|
||||
-------------------------------------------------------------------
|
||||
|
||||
3) CryptoBox behind a proxy server
|
||||
As there are many proxy servers around, we cannot describe all of them. As
|
||||
an example, we will explain the setup of the load-balancing proxy 'pound'.
|
||||
|
||||
Just add the following lines to you /etc/pound/pound.cfg:
|
||||
# Remove the X-SSL-Request header from incoming
|
||||
# connections to prevent hackers from spoofing it
|
||||
HeadRemove "X-SSL-Request"
|
||||
|
||||
# Add an extra header to tell the CryptoBox that
|
||||
# the external connection is secure
|
||||
HTTPSHeaders 0 "X-SSL-Request: 1"
|
||||
|
||||
This example is taken from:
|
||||
http://jamesthornton.com/writing/openacs-pound.html
|
||||
|
||||
|
||||
-------------------------------------------------------------------
|
||||
|
||||
4) Problems with SSL detection?
|
||||
If the CryptoBox continues to complain about the unencrypted connection, even
|
||||
if it runs behind an ssl-enabled webserver or behind stunnel, then you can do
|
||||
one of the following things:
|
||||
|
|
Binary file not shown.
Before Width: | Height: | Size: 7 KiB After Width: | Height: | Size: 2.8 KiB |
Binary file not shown.
Before Width: | Height: | Size: 13 KiB After Width: | Height: | Size: 5.3 KiB |
|
@ -38,7 +38,7 @@
|
|||
loop: index = #0, #100, #1 ?><?cs
|
||||
each:x = Settings.PluginList ?><?cs if:(x.Rank == index) && x.Types.volume
|
||||
?><?cs set: run_counter = run_counter + 1 ?><tr>
|
||||
<td style="text-align:left"><a name="<?cs var:html_escape(name(x)) ?>"><?cs var:html_escape(x.Name) ?></a></td>
|
||||
<td style="text-align:left"><a name="<?cs var:html_escape(name(x)) ?>"><?cs var:html_escape(Lang.Plugins[name(x)].Name) ?></a></td>
|
||||
<td><input type="checkbox" name="<?cs var:name(x) ?>_visible_volume" <?cs if:x.Visible.volume ?>checked="checked"<?cs /if ?> /></td>
|
||||
<td><input type="checkbox" name="<?cs var:name(x) ?>_visible_properties" <?cs if:x.Visible.properties ?>checked="checked"<?cs /if ?> /></td>
|
||||
<td><input type="checkbox" name="<?cs var:name(x) ?>_auth" <?cs if:x.RequestAuth ?>checked="checked"<?cs /if ?> /></td>
|
||||
|
@ -94,7 +94,7 @@ each:x = Settings.PluginList ?><?cs if:(x.Rank == index) && x.Types.volume
|
|||
loop:index = #0, #100, #1 ?><?cs
|
||||
each:x = Settings.PluginList ?><?cs if:(x.Rank == index) && x.Types.system
|
||||
?><?cs set: run_counter = run_counter + 1 ?><tr>
|
||||
<td style="text-align:left"><a name="<?cs var:html_escape(name(x)) ?>"><?cs var:html_escape(x.Name) ?></a></td>
|
||||
<td style="text-align:left"><a name="<?cs var:html_escape(name(x)) ?>"><?cs var:html_escape(Lang.Plugins[name(x)].Name) ?></a></td>
|
||||
<td><input type="checkbox" name="<?cs var:name(x) ?>_visible_menu" <?cs if:x.Visible.menu ?>checked="checked"<?cs /if ?> /></td>
|
||||
<td><input type="checkbox" name="<?cs var:name(x) ?>_visible_preferences" <?cs if:x.Visible.preferences ?>checked="checked"<?cs /if ?> /></td>
|
||||
<td><input type="checkbox" name="<?cs var:name(x) ?>_auth" <?cs if:x.RequestAuth ?>checked="checked"<?cs /if ?> /></td>
|
||||
|
|
|
@ -201,8 +201,6 @@ class WebInterfaceDataset(dict):
|
|||
del self[key]
|
||||
lang_data = plugin.get_language_data()
|
||||
self[entry_name] = plugin.get_name()
|
||||
self[entry_name + ".Name"] = lang_data.getValue("Name", plugin.get_name())
|
||||
self[entry_name + ".Link"] = lang_data.getValue("Link", plugin.get_name())
|
||||
self[entry_name + ".Rank"] = plugin.get_rank()
|
||||
self[entry_name + ".RequestAuth"] = plugin.is_auth_required() and "1" or "0"
|
||||
for capy in plugin.plugin_capabilities:
|
||||
|
|
|
@ -28,7 +28,12 @@
|
|||
<td <?cs if:markPlugin == name(x)
|
||||
?>class="volume_plugin_active"<?cs
|
||||
else ?>class="volume_plugin_passive"<?cs
|
||||
/if ?>><a href="<?cs call:link(name(x),'device',Data.CurrentDisk.device,'','') ?>" title="<?cs var:html_escape(x.Link) ?>"><img src="<?cs call:link("icons/" + name(x),'','','','') ?>" alt="icon: <?cs var:html_escape(name(x)) ?>" /> <?cs var:html_escape(x.Link) ?></a></td><!-- add some space --><td> </td><?cs
|
||||
/if ?>><a href="<?cs call:link(name(x),'device',Data.CurrentDisk.device,'','')
|
||||
?>" title="<?cs var:html_escape(Lang.Plugins[name(x)].Link)
|
||||
?>"><img src="<?cs call:link("icons/" + name(x),'','','','')
|
||||
?>" alt="icon: <?cs var:html_escape(name(x)) ?>" /> <?cs
|
||||
var:html_escape(Lang.Plugins[name(x)].Link)
|
||||
?></a></td><!-- add some space --><td> </td><?cs
|
||||
/if ?><?cs
|
||||
/each ?><?cs
|
||||
/loop ?>
|
||||
|
|
Loading…
Reference in a new issue