added comments for the use with 'pound'
replaced some nearly-static english texts reduced resolution of language_selection icon to 64x64
This commit is contained in:
parent
dfbb2c0ba3
commit
99bb459d58
37
README.ssl
37
README.ssl
|
@ -1,13 +1,21 @@
|
||||||
Encrypting the communication with the CryptoBox webserver with SSL
|
Encrypting the http traffic to the CryptoBox webserver with SSL
|
||||||
|
|
||||||
This file describes how to encrypt your connection to the CryptoBox webserver.
|
This file describes how to encrypt your connection to the CryptoBox webserver.
|
||||||
This is highly recommended as the encryption password for your data could be
|
This is highly recommended as the encryption password for your data could be
|
||||||
exposed to intruders in your local network otherwise.
|
exposed to intruders in your local network otherwise.
|
||||||
|
|
||||||
There are two ways for setting up a SSL connection:
|
There are several ways for setting up a SSL connection:
|
||||||
- run the CryptoBox webserver behind an ssl-enabled webserver
|
- run the CryptoBox webserver behind an ssl-enabled webserver
|
||||||
- use stunnel to provide an SSL socket
|
- use stunnel to provide an SSL socket
|
||||||
|
- use the a proxy server (e.g. pound)
|
||||||
|
- ...
|
||||||
|
|
||||||
|
At the end of this document you will find some information on how to turn off
|
||||||
|
SSL detection of the CryptoBox. You should read it, if there is no solution
|
||||||
|
for your specific setup available or if you are _very_ sure, that you do not
|
||||||
|
need encrypted http connections.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
|
||||||
1) CryptoBox behind an ssl-enabled webserver
|
1) CryptoBox behind an ssl-enabled webserver
|
||||||
Read the documentation of your favourite webserver to learn how to enable
|
Read the documentation of your favourite webserver to learn how to enable
|
||||||
|
@ -28,6 +36,8 @@ There are two ways for setting up a SSL connection:
|
||||||
TODO
|
TODO
|
||||||
|
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
|
||||||
2) CryptoBox behind stunnel
|
2) CryptoBox behind stunnel
|
||||||
You may want to tunnel the traffic between the cryptobox-server
|
You may want to tunnel the traffic between the cryptobox-server
|
||||||
and your browser. "stunnel" is an excellent candidate for this job.
|
and your browser. "stunnel" is an excellent candidate for this job.
|
||||||
|
@ -46,7 +56,28 @@ There are two ways for setting up a SSL connection:
|
||||||
And maybe you want to add the last command to your bootup scripts.
|
And maybe you want to add the last command to your bootup scripts.
|
||||||
|
|
||||||
|
|
||||||
3) Problems with SSL detection?
|
-------------------------------------------------------------------
|
||||||
|
|
||||||
|
3) CryptoBox behind a proxy server
|
||||||
|
As there are many proxy servers around, we cannot describe all of them. As
|
||||||
|
an example, we will explain the setup of the load-balancing proxy 'pound'.
|
||||||
|
|
||||||
|
Just add the following lines to you /etc/pound/pound.cfg:
|
||||||
|
# Remove the X-SSL-Request header from incoming
|
||||||
|
# connections to prevent hackers from spoofing it
|
||||||
|
HeadRemove "X-SSL-Request"
|
||||||
|
|
||||||
|
# Add an extra header to tell the CryptoBox that
|
||||||
|
# the external connection is secure
|
||||||
|
HTTPSHeaders 0 "X-SSL-Request: 1"
|
||||||
|
|
||||||
|
This example is taken from:
|
||||||
|
http://jamesthornton.com/writing/openacs-pound.html
|
||||||
|
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
|
||||||
|
4) Problems with SSL detection?
|
||||||
If the CryptoBox continues to complain about the unencrypted connection, even
|
If the CryptoBox continues to complain about the unencrypted connection, even
|
||||||
if it runs behind an ssl-enabled webserver or behind stunnel, then you can do
|
if it runs behind an ssl-enabled webserver or behind stunnel, then you can do
|
||||||
one of the following things:
|
one of the following things:
|
||||||
|
|
Binary file not shown.
Before Width: | Height: | Size: 7.0 KiB After Width: | Height: | Size: 2.8 KiB |
Binary file not shown.
Before Width: | Height: | Size: 13 KiB After Width: | Height: | Size: 5.3 KiB |
|
@ -38,7 +38,7 @@
|
||||||
loop: index = #0, #100, #1 ?><?cs
|
loop: index = #0, #100, #1 ?><?cs
|
||||||
each:x = Settings.PluginList ?><?cs if:(x.Rank == index) && x.Types.volume
|
each:x = Settings.PluginList ?><?cs if:(x.Rank == index) && x.Types.volume
|
||||||
?><?cs set: run_counter = run_counter + 1 ?><tr>
|
?><?cs set: run_counter = run_counter + 1 ?><tr>
|
||||||
<td style="text-align:left"><a name="<?cs var:html_escape(name(x)) ?>"><?cs var:html_escape(x.Name) ?></a></td>
|
<td style="text-align:left"><a name="<?cs var:html_escape(name(x)) ?>"><?cs var:html_escape(Lang.Plugins[name(x)].Name) ?></a></td>
|
||||||
<td><input type="checkbox" name="<?cs var:name(x) ?>_visible_volume" <?cs if:x.Visible.volume ?>checked="checked"<?cs /if ?> /></td>
|
<td><input type="checkbox" name="<?cs var:name(x) ?>_visible_volume" <?cs if:x.Visible.volume ?>checked="checked"<?cs /if ?> /></td>
|
||||||
<td><input type="checkbox" name="<?cs var:name(x) ?>_visible_properties" <?cs if:x.Visible.properties ?>checked="checked"<?cs /if ?> /></td>
|
<td><input type="checkbox" name="<?cs var:name(x) ?>_visible_properties" <?cs if:x.Visible.properties ?>checked="checked"<?cs /if ?> /></td>
|
||||||
<td><input type="checkbox" name="<?cs var:name(x) ?>_auth" <?cs if:x.RequestAuth ?>checked="checked"<?cs /if ?> /></td>
|
<td><input type="checkbox" name="<?cs var:name(x) ?>_auth" <?cs if:x.RequestAuth ?>checked="checked"<?cs /if ?> /></td>
|
||||||
|
@ -94,7 +94,7 @@ each:x = Settings.PluginList ?><?cs if:(x.Rank == index) && x.Types.volume
|
||||||
loop:index = #0, #100, #1 ?><?cs
|
loop:index = #0, #100, #1 ?><?cs
|
||||||
each:x = Settings.PluginList ?><?cs if:(x.Rank == index) && x.Types.system
|
each:x = Settings.PluginList ?><?cs if:(x.Rank == index) && x.Types.system
|
||||||
?><?cs set: run_counter = run_counter + 1 ?><tr>
|
?><?cs set: run_counter = run_counter + 1 ?><tr>
|
||||||
<td style="text-align:left"><a name="<?cs var:html_escape(name(x)) ?>"><?cs var:html_escape(x.Name) ?></a></td>
|
<td style="text-align:left"><a name="<?cs var:html_escape(name(x)) ?>"><?cs var:html_escape(Lang.Plugins[name(x)].Name) ?></a></td>
|
||||||
<td><input type="checkbox" name="<?cs var:name(x) ?>_visible_menu" <?cs if:x.Visible.menu ?>checked="checked"<?cs /if ?> /></td>
|
<td><input type="checkbox" name="<?cs var:name(x) ?>_visible_menu" <?cs if:x.Visible.menu ?>checked="checked"<?cs /if ?> /></td>
|
||||||
<td><input type="checkbox" name="<?cs var:name(x) ?>_visible_preferences" <?cs if:x.Visible.preferences ?>checked="checked"<?cs /if ?> /></td>
|
<td><input type="checkbox" name="<?cs var:name(x) ?>_visible_preferences" <?cs if:x.Visible.preferences ?>checked="checked"<?cs /if ?> /></td>
|
||||||
<td><input type="checkbox" name="<?cs var:name(x) ?>_auth" <?cs if:x.RequestAuth ?>checked="checked"<?cs /if ?> /></td>
|
<td><input type="checkbox" name="<?cs var:name(x) ?>_auth" <?cs if:x.RequestAuth ?>checked="checked"<?cs /if ?> /></td>
|
||||||
|
|
|
@ -201,8 +201,6 @@ class WebInterfaceDataset(dict):
|
||||||
del self[key]
|
del self[key]
|
||||||
lang_data = plugin.get_language_data()
|
lang_data = plugin.get_language_data()
|
||||||
self[entry_name] = plugin.get_name()
|
self[entry_name] = plugin.get_name()
|
||||||
self[entry_name + ".Name"] = lang_data.getValue("Name", plugin.get_name())
|
|
||||||
self[entry_name + ".Link"] = lang_data.getValue("Link", plugin.get_name())
|
|
||||||
self[entry_name + ".Rank"] = plugin.get_rank()
|
self[entry_name + ".Rank"] = plugin.get_rank()
|
||||||
self[entry_name + ".RequestAuth"] = plugin.is_auth_required() and "1" or "0"
|
self[entry_name + ".RequestAuth"] = plugin.is_auth_required() and "1" or "0"
|
||||||
for capy in plugin.plugin_capabilities:
|
for capy in plugin.plugin_capabilities:
|
||||||
|
|
|
@ -28,7 +28,12 @@
|
||||||
<td <?cs if:markPlugin == name(x)
|
<td <?cs if:markPlugin == name(x)
|
||||||
?>class="volume_plugin_active"<?cs
|
?>class="volume_plugin_active"<?cs
|
||||||
else ?>class="volume_plugin_passive"<?cs
|
else ?>class="volume_plugin_passive"<?cs
|
||||||
/if ?>><a href="<?cs call:link(name(x),'device',Data.CurrentDisk.device,'','') ?>" title="<?cs var:html_escape(x.Link) ?>"><img src="<?cs call:link("icons/" + name(x),'','','','') ?>" alt="icon: <?cs var:html_escape(name(x)) ?>" /> <?cs var:html_escape(x.Link) ?></a></td><!-- add some space --><td> </td><?cs
|
/if ?>><a href="<?cs call:link(name(x),'device',Data.CurrentDisk.device,'','')
|
||||||
|
?>" title="<?cs var:html_escape(Lang.Plugins[name(x)].Link)
|
||||||
|
?>"><img src="<?cs call:link("icons/" + name(x),'','','','')
|
||||||
|
?>" alt="icon: <?cs var:html_escape(name(x)) ?>" /> <?cs
|
||||||
|
var:html_escape(Lang.Plugins[name(x)].Link)
|
||||||
|
?></a></td><!-- add some space --><td> </td><?cs
|
||||||
/if ?><?cs
|
/if ?><?cs
|
||||||
/each ?><?cs
|
/each ?><?cs
|
||||||
/loop ?>
|
/loop ?>
|
||||||
|
|
Loading…
Reference in New Issue