| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
So we can ship px5g-wolfssl by default in the release image, but still
make the HTTPS for LuCI optional. This small change with addition of
`CONFIG_PACKAGE_px5g-wolfssl=y` into the buildbot's seed config for the
next release should provide optional HTTPS in the next release.
Disabling the current default automatic uhttpd's redirect to HTTPS
should make the HTTPS optional. That's it, user would either need to
switch to HTTPS by manually switching to https:// protocol in the URL or
by issuing the following commands to make the HTTPS automatic redirect
permanent:
$ uci set uhttpd.main.redirect_https=1
$ uci commit uhttpd
$ service uhttpd reload
Signed-off-by: Petr Štetiar <ynezz@true.cz>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The uhttpd package takes care of creating self-signed certificates if
px5g is installed. This improves the security of router management as it
encrypts the LuCI connection.
The EC P-256 curve is faster than RSA which which improves the user
experience on embedded devices. EC P-256 is support for as old devices
as Android 4.4.
Signed-off-by: Paul Spooren <mail@aparcar.org>
|
| |
|
|
| |
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |
|
|
|
|
|
|
| |
This adds the key_type and ec_curve options to enable the generation of
EC keys during initialization, using openssl or the new options added to
px5g.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This reverts commit c6aa9ff38870a30dbe6da17e4edad6039fe10ddf.
Further testing has revealed that we will need to allow concurrent
requests after all, especially for situations where CGI processes
initiate further HTTP requests to the local host.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
|
| |
In order to avoid straining CPU and memory resources on lower end devices,
avoid running multiple CGI requests in parallel.
Ref: https://forum.openwrt.org/t/high-load-fix-on-openwrt-luci/29006
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update to latest git HEAD in order to support configuring multiple
concurrent Lua prefixes in a single uhttpd instance:
b741dec lua: support multiple Lua prefixes
Additionally rework the init script and update the default configuration
example to treat the lua_prefix option as key=value uci list, similar to
the interpreter extension mapping. Support for the old "option lua_prefix"
plus "option lua_handler" notation is still present.
Finally drop the sed postinstall hack in uhttpd-mod-lua to avoid mangling
files belonging to other packages. Since Lua prefixes have precedence
over CGI prefixes, simply register `/cgi-bin/luci` as Lua handler which
will only become active if both luci-base and uhttpd-mod-lua is installed.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
| |
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
|
| |
|
|
|
|
| |
We enabled lua interpreter by default as it doesn't make any problem in the uhttpd config file and we modify the index page to use it.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We add an 'httpauth' section type that contains the options:
prefix: What virtual or real URL is being protected
username: The username for the Basic Auth dialogue
password: Hashed (crypt()) or plaintext password for the Basic Auth dialogue
httpauth section names are given included as list
items to the instances to which they are to be applied.
Further any existing httpd.conf file (really whatever
is configured in the instance, but default of
/etc/httpd.conf) is appended to the per-instance httpd.conf
Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
|
| |
|
|
|
|
|
| |
Now that the uhttpd init script can generate certificates using openssl as
well, update the section name and related comment to be more generic.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
| |
Signed-off-by: John Crispin <blogic@openwrt.org>
|
| |
|
|
|
|
|
|
|
|
| |
RSA keys should be generated with sufficient length.
Using 1024 bits is considered unsafe.
In other packages the used key length is 2048 bits.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
SVN-Revision: 48494
|
| |
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 48385
|
| |
|
|
|
|
| |
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
SVN-Revision: 46688
|
| |
|
|
|
|
|
|
| |
Also set HTTPS environment variable for CGI programs on SSL connections.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 45852
|
| |
|
|
| |
SVN-Revision: 41114
|
| |
|
|
| |
SVN-Revision: 36932
|
|
|
SVN-Revision: 33688
|
