On Fri, 2014-05-02 at 12:22 +0800, Paul Wise wrote: > Here is a version that covers the *.alioth.debian.org wildcard site too.
Missed wildcard in exclusion pattern in Debian-self-signed.xml, fixed. -- bye, pabs http://bonedaddy.net/pabs3/
From 9c08a0f7f21d085a737a05ffcbae47c38dcf7efe Mon Sep 17 00:00:00 2001 From: Paul Wise <[email protected]> Date: Fri, 2 May 2014 09:41:31 +0800 Subject: [PATCH] Update the Debian SSL domain list --- src/chrome/content/rules/Debian-self-signed.xml | 20 ++------------------ src/chrome/content/rules/Debian.xml | 12 ++---------- 2 files changed, 4 insertions(+), 28 deletions(-) diff --git a/src/chrome/content/rules/Debian-self-signed.xml b/src/chrome/content/rules/Debian-self-signed.xml index fe68d29..996cd0b 100644 --- a/src/chrome/content/rules/Debian-self-signed.xml +++ b/src/chrome/content/rules/Debian-self-signed.xml @@ -7,38 +7,22 @@ - mentors.debian.net - paste.debian.net - - debian.org subdomains: - - - alioth - - lists.alioth - - buildd - - db - - ftp-master - - lists - - nagios - - nm - --> <ruleset name="Debian (self-signed)" default_off="self-signed"> <target host="*.debian.net" /> <!--exclusion pattern="^http://screenshots\.debian\.net/"; /--> - <target host="alioth.debian.org" /> - <target host="lists.alioth.debian.org" /> <!-- Nonfunctional: --> - <!--exclusion pattern="^http://(anonscm|ca|cvs|incoming|packages|people|popcon|qa|packages.qa|search|svn)\.debian\.org/" /--> + <!--exclusion pattern="^http://(ca|incoming|people|popcon|qa|packages.qa|search)\.debian\.org/" /--> <!-- Handled in Debian.xml: --> - <!--exclusion pattern="^http://(bugs|buildd|db|ftp-master|lists|nagios|nm|wiki|www)\.debian\.org/" /--> + <!--exclusion pattern="^http://(anonscm|(?:[^/:@]+\.)?alioth|arch|bugs(?:-master)?|buildd|bzr|contributors|cvs|darcs|db|dsa|ftp-master|git|hg|lists|munin|nagios|nm|openstack.bm|packages|piuparts|puppet-dashboard|release|rt|rtc|security-(?:tracker|master)|sip-ws|sso|svn|udd|vote|wiki|www)\.debian\.org/" /--> <rule from="^http://(mentors|paste)\.debian\.net/" to="https://$1.debian.net/"; /> - <rule from="^http://(lists\.)?alioth\.debian\.org/" - to="https://$1alioth.debian.org/"; /> - </ruleset> diff --git a/src/chrome/content/rules/Debian.xml b/src/chrome/content/rules/Debian.xml index 154a8fd..7c09965 100644 --- a/src/chrome/content/rules/Debian.xml +++ b/src/chrome/content/rules/Debian.xml @@ -9,13 +9,9 @@ Nonfunctional domains: - - screenshots.debian.net ¹ - - debian.org subdomains: - - anonscm ² - ca (shows db; mismatched, CN: db.debian.org) - - cvs ² - incoming (shows ftp-master; mismatched, CN: ftp-master.debian.org) - people (reset; people.debian.org/~joerg/ is displayed after fetching gpg.ganneff.de over http...) @@ -23,10 +19,8 @@ - qa ¹ - packages.qa ¹ - search (shows www; mismatched, CN: debian.org) - - svn ² ¹ Refused - ² Shows alioth; mismatched, CN: alioth.debian.org Problematic domains: @@ -36,12 +30,9 @@ - debian.org subdomains: - - alioth ¹ - - lists.alioth ² - cdimage (refused) ¹ Works, self-signed - ² Works, self-signed, mismatched, CN: alioth.debian.org Partially covered domains: @@ -60,6 +51,7 @@ - nagios - nm - wiki + - ... altnames that don't exist: @@ -89,7 +81,7 @@ <securecookie host="^nm\.debian\.org$" name=".+" /> - <rule from="^http://((?:bugs|buildd|contributors|db|dsa|ftp-master|lists|munin|nagios|nm|packages|piuparts|release|rt|security-tracker|sso|udd|vote|wiki|www)\.)?debian\.org/" + <rule from="^http://((?:anonscm|(?:[^/:@]+\.)?alioth|arch|bugs(?:-master)?|buildd|bzr|contributors|cvs|darcs|db|dsa|ftp-master|git|hg|lists|munin|nagios|nm|openstack.bm|packages|piuparts|puppet-dashboard|release|rt|rtc|security-(?:tracker|master)|sip-ws|sso|svn|udd|vote|wiki|www)\.)?debian\.org/" to="https://$1debian.org/"; /> <rule from="^http://(france|screenshots)\.debian\.net/" -- 2.0.0.rc0
signature.asc
Description: This is a digitally signed message part
