pfSense

Make autocomplete on the login form optional.

Allow autocomplete on login form (Fixes saving password on Firefox and Chrome)

• Adding function get_configured_ip_addresses() which returns all interfaces and their configured IP address
• Add checkbox to System -> Advanced -> Admin for HTTP_REFERER checks
• Add and enforce HTTP_REFERER check if checkbox is not checked.

This will prevent HTML pages from crafting HTML GETs against the web interface and will prevent firewall admins from being "tricked" into clicking on links that may be harmful to their firewall.

Fix text.

Wording fix.

No need to use # in color code, it's already set with this

Allow overriding the Nifty corners background color

Handle VIP DNS-Rebinding detection correctly

Fix this function call, it only takes one parameter.

Print a warning on the login screen if you are accessing the router by a non-local IP address (one not configured on the system) to warn about potential MITM attacks.

Overhaul the user login system to use the Servers tab as its base.

Fix quite a few problems down the way.

Recommit #161 changes. It appears a different commit has broken firewall rules edit and firewall nat edit.

Revert "Redirect to / when logging in to avoid posting to forms accidently and clearing the form and causing all kinds of chaos. Ticket #161"

This reverts commit 6af7c40b296e0f95ec308d41aea55b3306c5e1ee.

Redirect to / when logging in to avoid posting to forms accidently and clearing the form and causing all kinds of chaos. Ticket #161

Add priv.defs.inc to authgui.inc

Set 2nd parameter for isAllowedPage. Will be required for #34, 33, 32

Rework includes/require. This saves about 4 megabytes.
Simplify get_memory(). Tested on mips/i386

Add pfSense_BUILDER_BINARIES: and pfSense_MODULE: additions

• Move functions that output html to guiconfig.inc
• Remove some recursive dependency on some includes
• Remove ^M or \r from files
• Remove some entries from functions.inc to avoid including them twice
• Remove some unneccessary includes from some files
  ...

Set focus to the username field

Fix the case when users without access to index.php get an error message.
This redirects the users to the first allowed pagge if they do not have access to index.php and errors out only if no page has been assigned to them.

NOTE: It is strange that a user cannot change its password!

Cleanup some of the authentication code. Fix the problem where you must
navigate away from the initial page twice to get somewhere. Remove some
of the cruft that was no longer used. Don't unconditionally redirect a
user to their homepage if another url was specified pre-login. This will...

Cleanup authentication code. The basic auth method, the passwd, htpasswd
and pam backing functions have been removed. The basic auth method was
legacy code and the backing functions were redundant with no added value
that I could see. A simplified replacement backing function named...

Rewrite portions of the user manager to ensure data is properly synced to
the system password and group databases. This is to provide better support
for centralized user management when local account administration is
preferred.

I also took this opportunity to do some housekeeping. A lot of funtions...

fix IE login

Ticket #1707

Make loginpage more themeable. Only theme that uses this so far is the_wall. Other themes look ugly now (only loginpage) but are usable. Will be fixed within the next day(s).

• Remove blank trailing line
• Allow custom urls that include pkg.php to be saved

Latest LDAP changes from Mark Batchelor

• Remove trailing blank line
• Make sure $search has data before operating on it

Latest eDir / Active Directory tweaks from Mark Batchelor.

Thanks again for him helping us with this project!

• Missing =
• Allow user manager to adhere to admins group

Allow multiple groups to be assigned per user.

Work sponsored-by: Centipede Networks

Adding LDAP backend glue.

Work sponsored-by: Centipede Networks <http://centipedenetworks.com/>

Store global privs list in $g['privs']

Nuke code that does nothing.

Make the error message clickable so that the admin can easily return to the GUI.

Do not logout session if the user does not have access to a page. We should also hide menu items that user does not have access to.

Correctly check for page names by including .php. Strip off / if found so that we can get an exact page match against the URL. My test diagnostics user now works.

Instead of throwing a very vague 401 error actually tell the user which page they do not have access to. This will also help admins troubleshoot group manager page privs.

Correctly show 401 errors.

Fix field display on login screen

Users that have specific page access can now login

• fix: background on login screen

Remove trailing space / cr

Correct style sheet class.

Backport usermanager code from HEAD so I can get it in the snaps and
start testing it properly
There's still some CSS/HTML fixes needed but the code seems to work