Revision 734:1d1b8170c2f7
| extra/soundsoftware/SoundSoftware.pm | ||
|---|---|---|
| 215 | 215 |
$dbh->disconnect(); |
| 216 | 216 |
undef $dbh; |
| 217 | 217 |
|
| 218 |
my $auth_ssl_reqd = will_require_ssl_auth($r); |
|
| 219 |
|
|
| 218 | 220 |
if ($status == 1) { # public
|
| 219 | 221 |
|
| 220 | 222 |
print STDERR "SoundSoftware.pm:$$: Project is public\n"; |
| ... | ... | |
| 231 | 233 |
# fall through, this is the normal case |
| 232 | 234 |
} |
| 233 | 235 |
|
| 236 |
} elsif ($auth_ssl_reqd and $r->unparsed_uri =~ m/cmd=branchmap/) {
|
|
| 237 |
|
|
| 238 |
# A hac^H^H^Hspecial case. We want to ensure we switch to |
|
| 239 |
# https (if it will be necessarily for authentication) |
|
| 240 |
# before the first POST request, and this is what I think |
|
| 241 |
# will give us suitable warning for Mercurial. |
|
| 242 |
|
|
| 243 |
print STDERR "SoundSoftware.pm:$$: Switching to HTTPS in preparation\n"; |
|
| 244 |
# fall through, this is the normal case |
|
| 245 |
|
|
| 234 | 246 |
} else {
|
| 235 | 247 |
# Public project, read-only method -- this is the only |
| 236 | 248 |
# case we can decide for certain to accept in this function |
| ... | ... | |
| 245 | 257 |
# fall through |
| 246 | 258 |
} |
| 247 | 259 |
|
| 248 |
my $cfg = Apache2::Module::get_config |
|
| 249 |
(__PACKAGE__, $r->server, $r->per_dir_config); |
|
| 250 |
if ($cfg->{SoundSoftwareSslRequired} eq "on") {
|
|
| 251 |
if ($r->dir_config('HTTPS') eq "on") {
|
|
| 252 |
return OK; |
|
| 253 |
} else {
|
|
| 254 |
my $redir_to = "https://" . $r->hostname() . $r->unparsed_uri(); |
|
| 255 |
print STDERR "SoundSoftware.pm:$$: Need to switch to HTTPS, redirecting to $redir_to\n"; |
|
| 256 |
$r->headers_out->add('Location' => $redir_to);
|
|
| 257 |
return REDIRECT; |
|
| 258 |
} |
|
| 259 |
} elsif ($cfg->{SoundSoftwareSslRequired} eq "off") {
|
|
| 260 |
return OK; |
|
| 260 |
if ($auth_ssl_reqd) {
|
|
| 261 |
my $redir_to = "https://" . $r->hostname() . $r->unparsed_uri(); |
|
| 262 |
print STDERR "SoundSoftware.pm:$$: Need to switch to HTTPS, redirecting to $redir_to\n"; |
|
| 263 |
$r->headers_out->add('Location' => $redir_to);
|
|
| 264 |
return REDIRECT; |
|
| 261 | 265 |
} else {
|
| 262 |
print STDERR "WARNING: SoundSoftware.pm:$$: SoundSoftwareSslRequired should be either 'on' or 'off'\n"; |
|
| 263 |
return OK; |
|
| 266 |
return OK; |
|
| 264 | 267 |
} |
| 265 | 268 |
} |
| 266 | 269 |
|
| ... | ... | |
| 340 | 343 |
$ret; |
| 341 | 344 |
} |
| 342 | 345 |
|
| 346 |
sub will_require_ssl_auth {
|
|
| 347 |
my $r = shift; |
|
| 348 |
|
|
| 349 |
my $cfg = Apache2::Module::get_config |
|
| 350 |
(__PACKAGE__, $r->server, $r->per_dir_config); |
|
| 351 |
|
|
| 352 |
if ($cfg->{SoundSoftwareSslRequired} eq "on") {
|
|
| 353 |
if ($r->dir_config('HTTPS') eq "on") {
|
|
| 354 |
# already have ssl |
|
| 355 |
return 0; |
|
| 356 |
} else {
|
|
| 357 |
# require ssl for auth, don't have it yet |
|
| 358 |
return 1; |
|
| 359 |
} |
|
| 360 |
} elsif ($cfg->{SoundSoftwareSslRequired} eq "off") {
|
|
| 361 |
# don't require ssl for auth |
|
| 362 |
return 0; |
|
| 363 |
} else {
|
|
| 364 |
print STDERR "WARNING: SoundSoftware.pm:$$: SoundSoftwareSslRequired should be either 'on' or 'off'\n"; |
|
| 365 |
# this is safer |
|
| 366 |
return 1; |
|
| 367 |
} |
|
| 368 |
} |
|
| 369 |
|
|
| 343 | 370 |
sub project_repo_is_readonly {
|
| 344 | 371 |
my $dbh = shift; |
| 345 | 372 |
my $project_id = shift; |
Also available in: Unified diff