Forum OpenACS Development: Re: ssl(https) bug-Enhancement

Collapse
Posted by Byron Linares on
That’s right they are optional, I added a parameter in acs-tcl for this.
The patch is in the bug-tracker
http://www.openacs.org/bugtracker/openacs/bug?bug_number=3184

you can find it here:

http://home.galileo.edu/~bhlr/security-procs.tcl

modified procs

security::https_available_p
security::secure_conn_p
security::locations
security::get_secure_location

Collapse
Posted by Torben Brosten on

Byron Linares,

It seems it doesn't affect other cases. I'd recommend this change to your file to simplify the logic:

1672c1672
<     if { $sdriver ne "" || [parameter::get -parameter ReverseProxyForSsl -package_id [apm_package_id_from_key acs-tcl] -default 0] } {
---
>     if { $sdriver ne "" } {
1678c1678,1681
<     } 
---
>     } elseif {[parameter::get -parameter ReverseProxyForSsl -package_id [apm_package_id_from_key acs-tcl] -default 0] } {
>       # cosider if we are behind a reverse proxy and don't uses the aolserver ssl modules
>         lappend locations "https://${host_name}"
>     }

Assuming that revision works, I would say go ahead with the change on head since it doesn't (or isn't supposed to) affect existing systems... be sure to also add the new parameter and increase the version number in acs-tcl/acs-tcl.info.

cheers,
Torben