version 1.43.2.9, 2021/03/11 20:45:03
|
version 1.46, 2019/04/13 04:24:26
|
Line 48 http://www.lon-capa.org/
|
Line 48 http://www.lon-capa.org/
|
<target dist='suse9.2 suse9.3 sles9'>/etc/httpd/httpd.conf</target> |
<target dist='suse9.2 suse9.3 sles9'>/etc/httpd/httpd.conf</target> |
<target dist='sles10 sles11 sles12 sles15 suse10.1 suse10.2 suse10.3 suse11.1 suse11.2 suse11.3 suse11.4 suse12.1 suse12.2 suse12.3 suse13.1 suse13.2'>/etc/apache2/default-server.conf</target> |
<target dist='sles10 sles11 sles12 sles15 suse10.1 suse10.2 suse10.3 suse11.1 suse11.2 suse11.3 suse11.4 suse12.1 suse12.2 suse12.3 suse13.1 suse13.2'>/etc/apache2/default-server.conf</target> |
<target dist='debian5 debian6 ubuntu6 ubuntu8 ubuntu10 ubuntu12'>/etc/apache2/sites-available/loncapa</target> |
<target dist='debian5 debian6 ubuntu6 ubuntu8 ubuntu10 ubuntu12'>/etc/apache2/sites-available/loncapa</target> |
<target dist='ubuntu14 ubuntu16 ubuntu18 ubuntu20'>/etc/apache2/conf-available/loncapa.conf</target> |
<target dist='ubuntu14 ubuntu16 ubuntu18'>/etc/apache2/conf-available/loncapa</target> |
<note>This is for Apache 1.X for Red Hat 4ES, Fedora 2, 3 and 4, SusSE 9.2 and 9.3, and SLES 9 distributions. This is for Apache 2.X for Fedora 5, Red Hat 5, CentOS 5, Scientific Linux 5, Oracle Linux 5, SuSE 10.1, SLES 10, Debian 5, Ubuntu LTS 8 and later distributions</note> |
<note>This is for Apache 1.X for Red Hat 4ES, Fedora 2, 3 and 4, SusSE 9.2 and 9.3, and SLES 9 distributions. This is for Apache 2.X for Fedora 5, Red Hat 5, CentOS 5, Scientific Linux 5, SuSE 10.1, SLES 10, Debian 5, Ubuntu LTS 8 and later distributions</note> |
<dependencies dist='default'> |
<dependencies dist='default'> |
/etc/httpd/conf/httpd.conf |
/etc/httpd/conf/httpd.conf |
</dependencies> |
</dependencies> |
Line 59 http://www.lon-capa.org/
|
Line 59 http://www.lon-capa.org/
|
<dependencies dist='debian5 debian6 ubuntu6 ubuntu8 ubuntu10 ubuntu12'> |
<dependencies dist='debian5 debian6 ubuntu6 ubuntu8 ubuntu10 ubuntu12'> |
/etc/apache2/sites-available/loncapa |
/etc/apache2/sites-available/loncapa |
</dependencies> |
</dependencies> |
<dependencies dist='ubuntu14 ubuntu16 ubuntu18 ubuntu20'> |
<dependencies dist='ubuntu14 ubuntu16 ubuntu18'> |
/etc/apache2/conf-available/loncapa.conf |
/etc/apache2/conf-available/loncapa |
</dependencies> |
</dependencies> |
<dependencies dist='sles10 sles11 sles12 sles15 suse10.1 suse10.2 suse10.3 suse11.1 suse11.2 suse11.3 suse11.4 suse12.1 suse12.2 suse12.3 suse13.1 suse13.2'> |
<dependencies dist='sles10 sles11 sles12 sles15 suse10.1 suse10.2 suse10.3 suse11.1 suse11.2 suse11.3 suse11.4 suse12.1 suse12.2 suse12.3 suse13.1 suse13.2'> |
/etc/apache2/default-server.conf |
/etc/apache2/default-server.conf |
Line 69 http://www.lon-capa.org/
|
Line 69 http://www.lon-capa.org/
|
# Generated from doc/loncapafiles/webserver.piml |
# Generated from doc/loncapafiles/webserver.piml |
use Socket; |
use Socket; |
use Sys::Hostname::FQDN(); |
use Sys::Hostname::FQDN(); |
|
|
# For ubuntu 14 and later check for loncapa.conf in sites-available, |
|
# and conf-available, and for symlinks in sites-enabled, and conf-enabled |
|
if ('<DIST />' =~ /^ubuntu(\d+)$/) { |
|
my $version = $1; |
|
if ($version > 12) { |
|
if (-l '/etc/apache2/conf-enabled/loncapa.conf') { |
|
my $linkfname = readlink('/etc/apache2/conf-enabled/loncapa.conf'); |
|
unless ($linkfname eq '/etc/apache2/conf-available/loncapa.conf') { |
|
unlink('/etc/apache2/conf-enabled/loncapa.conf'); |
|
} |
|
} |
|
if (-e '/etc/apache2/conf-available/loncapa') { |
|
system('mv /etc/apache2/conf-available/loncapa /etc/apache2/conf-available/loncapa.conf'); |
|
} |
|
unless (-l '/etc/apache2/conf-enabled/loncapa.conf') { |
|
if (-e '/etc/apache2/conf-available/loncapa.conf') { |
|
symlink('/etc/apache2/conf-available/loncapa.conf','/etc/apache2/conf-enabled/loncapa.conf'); |
|
} |
|
} |
|
if (-l '/etc/apache2/sites-enabled/000-default.conf') { |
|
my $linkfname = readlink('/etc/apache2/sites-enabled/000-default.conf'); |
|
if ($linkfname eq '/etc/apache2/sites-available/loncapa') { |
|
unlink('/etc/apache2/sites-enabled/000-default.conf'); |
|
} |
|
} |
|
if (-e '/etc/apache2/sites-available/loncapa') { |
|
system('mv /etc/apache2/sites-available/loncapa /etc/apache2/sites-available/loncapa.conf'); |
|
} |
|
if (-l '/etc/apache2/sites-enabled/loncapa.conf') { |
|
my $linkfname = readlink('/etc/apache2/sites-enabled/loncapa.conf'); |
|
unless ($linkfname eq '/etc/apache2/sites-available/loncapa.conf') { |
|
unlink('/etc/apache2/sites-enabled/loncapa.conf'); |
|
} |
|
} |
|
unless (-l '/etc/apache2/sites-enabled/loncapa.conf') { |
|
if (-e '/etc/apache2/sites-available/loncapa.conf') { |
|
symlink('/etc/apache2/sites-available/loncapa.conf','/etc/apache2/sites-enabled/loncapa.conf'); |
|
} |
|
} |
|
} |
|
} |
|
|
|
unless (-e "<TARGET />") { |
unless (-e "<TARGET />") { |
print '**** ERROR! <TARGET /> should exist! Are you missing the Apache '. |
print '**** ERROR! <TARGET /> should exist! Are you missing the Apache '. |
'software package?'; |
'software package?'; |
Line 119 unless (-e "<TARGET />") {
|
Line 76 unless (-e "<TARGET />") {
|
} |
} |
else { |
else { |
# Append loncapa_apache.conf inclusion to httpd.conf |
# Append loncapa_apache.conf inclusion to httpd.conf |
# (or sites-available/loncapa or conf-available/loncapa.conf) if not present. |
# (or sites-available/loncapa or conf-available/loncapa) if not present. |
$flag=0; |
$flag=0; |
open(IN,'<<TARGET />'); |
open(IN,'<<TARGET />'); |
while (<IN>) { |
while (<IN>) { |
Line 134 else {
|
Line 91 else {
|
close(OUT); |
close(OUT); |
} |
} |
# Remove loncapa.conf inclusion from httpd.conf |
# Remove loncapa.conf inclusion from httpd.conf |
# (or sites-available/loncapa or conf-available/loncapa.conf) if present. |
# (or sites-available/loncapa or conf-available/loncapa) if present. |
$flag=0; |
$flag=0; |
open(IN,'<<TARGET />'); |
open(IN,'<<TARGET />'); |
while (<IN>) { |
while (<IN>) { |
Line 185 else {
|
Line 142 else {
|
$conffile = '/etc/apache2/default-server.conf'; |
$conffile = '/etc/apache2/default-server.conf'; |
} elsif ('<DIST />' =~ /^(debian|ubuntu)/) { |
} elsif ('<DIST />' =~ /^(debian|ubuntu)/) { |
$conffile = '/etc/apache2/sites-available/loncapa'; |
$conffile = '/etc/apache2/sites-available/loncapa'; |
if ('<DIST />' =~ /^ubuntu(\d+)$/) { |
|
my $version = $1; |
|
if ($version > 12) { |
|
$conffile = '/etc/apache2/conf-available/loncapa.conf'; |
|
} |
|
} |
|
} |
} |
print('**** ERROR **** '.$conffile.' has an overlapping definition of '. |
print('**** ERROR **** '.$conffile.' has an overlapping definition of '. |
'ScriptAlias (it is incorrectly set to '.$scriptalias.').'."\n". |
'ScriptAlias (it is incorrectly set to '.$scriptalias.').'."\n". |
Line 246 else {
|
Line 197 else {
|
'of requests for http:// to https:// '."\n".'or:'."\n".$rewrite_off. |
'of requests for http:// to https:// '."\n".'or:'."\n".$rewrite_off. |
' - the file used to disable such rewriting'."\n\n". |
' - the file used to disable such rewriting'."\n\n". |
'This may be because '. $curr_rewrite.' has been '. |
'This may be because '. $curr_rewrite.' has been '. |
'previously customized,'."\n".'or it may be because of a change '. |
'previously customized,'."\n".' or it may be because of a change '. |
'to the files in '.$rewrite_dir."\n"); |
'to the files in '.$rewrite_dir."\n"); |
if (open(my $fh,'<',$curr_rewrite)) { |
if (open(my $fh,'<',$curr_rewrite)) { |
while(<$fh>) { |
while(<$fh>) { |
Line 268 else {
|
Line 219 else {
|
|| '<DIST />' eq 'sles9') { |
|| '<DIST />' eq 'sles9') { |
$ssldir = '/etc/apache/vhosts.d'; |
$ssldir = '/etc/apache/vhosts.d'; |
} elsif ('<DIST />' =~ /^(suse|sles)/) { |
} elsif ('<DIST />' =~ /^(suse|sles)/) { |
$ssldir = '/etc/apache2/vhosts.d'; |
$ssldir = '/etc/apache2/vhosts.d'; |
} elsif ('<DIST />' =~ /^(debian|ubuntu)/) { |
} elsif ('<DIST />' =~ /^(debian|ubuntu)/) { |
$ssldir = '/etc/apache2/sites-available'; |
$ssldir = '/etc/apache2/sites-available'; |
} else { |
} else { |
Line 276 else {
|
Line 227 else {
|
} |
} |
my $hostname = Sys::Hostname::FQDN::fqdn(); |
my $hostname = Sys::Hostname::FQDN::fqdn(); |
my $hostip = Socket::inet_ntoa(scalar(gethostbyname($hostname)) || 'localhost'); |
my $hostip = Socket::inet_ntoa(scalar(gethostbyname($hostname)) || 'localhost'); |
my @expected = ('RewriteEngine on', |
my @expected = ('RewriteCond %{REQUEST_URI} ^/adm/wrapper/ext/(?!https:\/\/)', |
'RewriteCond %{HTTPS} =on', |
|
'RewriteCond %{REQUEST_URI} ^/adm/wrapper/ext/(?!https:)', |
|
'RewriteCond %{QUERY_STRING} (^|&(|amp;))usehttp=1($|&)', |
'RewriteCond %{QUERY_STRING} (^|&(|amp;))usehttp=1($|&)', |
'RewriteRule ^/adm/wrapper/ext/(?!https:) http://%{HTTP_HOST}%{REQUEST_URI} [R,L,NE]', |
'RewriteRule ^/adm/wrapper/ext/(?!https:\/\/) http://%{HTTP_HOST}%{REQUEST_URI} [R,L,NE]', |
'RewriteCond %{REMOTE_ADDR} 127.0.0.1', |
'RewriteCond %{REMOTE_ADDR} 127.0.0.1', |
'RewriteRule (.*) - [L]'); |
'RewriteRule (.*) - [L]'); |
if (($hostip ne '') && ($hostip ne '127.0.0.1')) { |
if (($hostip ne '') && ($hostip ne '127.0.0.1')) { |
Line 294 else {
|
Line 243 else {
|
my @rewrites; |
my @rewrites; |
if (opendir(my $dir,$ssldir)) { |
if (opendir(my $dir,$ssldir)) { |
my @sslconf_files; |
my @sslconf_files; |
foreach my $file (grep(!/^\./,readdir($dir))) { |
foreach my $file (!grep(/^\.$/,readdir($dir))) { |
next if ($file =~ /\.rpmnew$/); |
|
if (open(my $fh,'<',"$ssldir/$file")) { |
if (open(my $fh,'<',"$ssldir/$file")) { |
while (<$fh>) { |
while (<$fh>) { |
if (/^\s*<VirtualHost\s+[^:]*\:443>\s*$/) { |
if (/^\s*<VirtualHost\s+[^:]*\:443>\s*$/) { |
Line 307 else {
|
Line 255 else {
|
} |
} |
} |
} |
if (@sslconf_files) { |
if (@sslconf_files) { |
|
my @rewrites; |
foreach my $file (@sslconf_files) { |
foreach my $file (@sslconf_files) { |
if (open(my $fh,'<',"$ssldir/$file")) { |
if (open(my $fh,'<',"$ssldir/$file")) { |
my ($rewrite,$num) = (0,0); |
my ($rewrite,$num) = (0,0); |
while (<$fh>) { |
while (<$fh>) { |
if ($rewrite) { |
if ($rewrite) { |
if (/^\s*<\/IfModule>/) { |
if (/\s*<\/IfModule>/) { |
$rewrite = 0; |
$rewrite = 0; |
$num ++; |
$num ++; |
} else { |
} else { |
chomp(); |
chomp(); |
s/^\s+|\s+$//g; |
s/^(\s+|\s+)$//g; |
push(@{$rewrites[$num]},$_); |
push(@{$rewrites[$num]},$_); |
} |
} |
} elsif (/^\s*<IfModule\s+mod_rewrite.c>/) { |
} elsif (/^\s*<IfModule\s+mod_rewrite.c>/) { |
$rewrite = 1; |
$rewrite = 1; |
Line 334 else {
|
Line 283 else {
|
foreach my $item (@rewrites) { |
foreach my $item (@rewrites) { |
if (ref($item) eq 'ARRAY') { |
if (ref($item) eq 'ARRAY') { |
my $found = 0; |
my $found = 0; |
foreach my $line (@{$item}) { |
foreach my $item (@rewrites) { |
foreach my $match (@expected) { |
foreach my $match (@expected) { |
if ($match eq $line) { |
if ($match eq $item) { |
$found ++; |
$found ++; |
last; |
last; |
} |
} |
} |
} |
} |
} |
if ($found >= scalar(@expected)) { |
if ($found >= @expected) { |
$gotrules = 1; |
$gotrules = 1; |
last; |
|
} |
} |
} |
} |
} |
} |
} |
} |
} |
} |
unless ($gotrules) { |
unless ($gotrules) { |
print('**** WARNING **** '."\n".$curr_rewrite.' is currently set so rewrites '. |
print('**** WARNING **** '.$curr_rewrite.' is currently set so rewrites '. |
'of http to https are enabled for most URLs.'."\n". |
'of http to https are enabled for most URLs.'."\n". |
'Unless your Apache configuration includes Strict-Transport-Security '. |
'It is recommended to also set rewrites from https to http '. |
'(with max-age > 0), it is recommended to also set rewrites from https to http '. |
'in a file in '.$ssldir.' by including the following:'."\n". |
'for specific URLs in a file in '.$ssldir.' by including the following:'."\n". |
|
"<IfModule mod_rewrite.c>\n".' '. |
"<IfModule mod_rewrite.c>\n".' '. |
join("\n ",@expected)."\n". |
join("\n ",@expected)."\n". |
"</IfModule>\n"); |
"</IfModule>\n"); |