Merge branch 'develop' of git.ispconfig.org:ispconfig/ispconfig3 into develop

Author: florian030

install/dist/tpl/gentoo/apache_ispconfig.vhost.master

@@ -5,11 +5,13 @@
 ######################################################
 
 {vhost_port_listen} Listen {vhost_port}
-NameVirtualHost *:{vhost_port}
+<tmpl_if name='apache_version' op='<' value='2.4' format='version'>
+  NameVirtualHost *:{vhost_port}
+</tmpl_if>
 
 <VirtualHost _default_:{vhost_port}>
   ServerAdmin webmaster@localhost
-  
+
   <IfModule mod_fcgid.c>
     DocumentRoot /var/www/ispconfig/
     SuexecUserGroup ispconfig ispconfig
@@ -25,7 +27,7 @@ NameVirtualHost *:{vhost_port}
     </Directory>
     DirectoryIndex index.php
   </IfModule>
-  
+
   <IfModule mod_php5.c>
     DocumentRoot /usr/local/ispconfig/interface/web/
     AddType application/x-httpd-php .php
@@ -37,11 +39,11 @@ NameVirtualHost *:{vhost_port}
 	  php_value magic_quotes_gpc        0
     </Directory>
   </IfModule>
-  
+
   # ErrorLog /var/log/apache2/error.log
   # CustomLog /var/log/apache2/access.log combined
   ServerSignature Off
-  
+
   <IfModule mod_security2.c>
     SecRuleEngine Off
   </IfModule>
@@ -64,4 +66,3 @@ NameVirtualHost *:{vhost_port}
     Order Deny,Allow
     Deny from all
 </Directory>
-

install/lib/installer_base.lib.php

@@ -2853,21 +2853,21 @@ public function make_ispconfig_ssl_cert() {
 
 			// This script is needed earlier to check and open http port 80 or standalone might fail
 			// Make executable and temporary symlink latest letsencrypt pre, post and renew hook script before install
-			if(file_exists(dirname(getcwd()) . '/server/scripts/letsencrypt_pre_hook.sh') && !file_exists('/usr/local/bin/letsencrypt_pre_hook.sh')) {
-				symlink(dirname(getcwd()) . '/server/scripts/letsencrypt_pre_hook.sh', '/usr/local/bin/letsencrypt_pre_hook.sh');
+			if(file_exists(ISPC_INSTALL_ROOT . '/server/scripts/letsencrypt_pre_hook.sh') && !file_exists('/usr/local/bin/letsencrypt_pre_hook.sh')) {
+				symlink(ISPC_INSTALL_ROOT . '/server/scripts/letsencrypt_pre_hook.sh', '/usr/local/bin/letsencrypt_pre_hook.sh');
+				chown('/usr/local/bin/letsencrypt_pre_hook.sh', 'root');
+				chmod('/usr/local/bin/letsencrypt_pre_hook.sh', 0700);
 			}
-			if(file_exists(dirname(getcwd()) . '/server/scripts/letsencrypt_post_hook.sh') && !file_exists('/usr/local/bin/letsencrypt_post_hook.sh')) {
-				symlink(dirname(getcwd()) . '/server/scripts/letsencrypt_post_hook.sh', '/usr/local/bin/letsencrypt_post_hook.sh');
+			if(file_exists(ISPC_INSTALL_ROOT . '/server/scripts/letsencrypt_post_hook.sh') && !file_exists('/usr/local/bin/letsencrypt_post_hook.sh')) {
+				symlink(ISPC_INSTALL_ROOT . '/server/scripts/letsencrypt_post_hook.sh', '/usr/local/bin/letsencrypt_post_hook.sh');
+				chown('/usr/local/bin/letsencrypt_post_hook.sh', 'root');
+				chmod('/usr/local/bin/letsencrypt_post_hook.sh', 0700);
 			}
-			if(file_exists(dirname(getcwd()) . '/server/scripts/letsencrypt_renew_hook.sh') && !file_exists('/usr/local/bin/letsencrypt_renew_hook.sh')) {
-				symlink(dirname(getcwd()) . '/server/scripts/letsencrypt_renew_hook.sh', '/usr/local/bin/letsencrypt_renew_hook.sh');
+			if(file_exists(ISPC_INSTALL_ROOT . '/server/scripts/letsencrypt_renew_hook.sh') && !file_exists('/usr/local/bin/letsencrypt_renew_hook.sh')) {
+				symlink(ISPC_INSTALL_ROOT . '/server/scripts/letsencrypt_renew_hook.sh', '/usr/local/bin/letsencrypt_renew_hook.sh');
+				chown('/usr/local/bin/letsencrypt_renew_hook.sh', 'root');
+				chmod('/usr/local/bin/letsencrypt_renew_hook.sh', 0700);
 			}
-			chown('/usr/local/bin/letsencrypt_pre_hook.sh', 'root');
-			chown('/usr/local/bin/letsencrypt_post_hook.sh', 'root');
-			chown('/usr/local/bin/letsencrypt_renew_hook.sh', 'root');
-			chmod('/usr/local/bin/letsencrypt_pre_hook.sh', 0700);
-			chmod('/usr/local/bin/letsencrypt_post_hook.sh', 0700);
-			chmod('/usr/local/bin/letsencrypt_renew_hook.sh', 0700);
 
 			// Check http port 80 status as it cannot be determined at post hook stage
 			$port80_status=exec('true &>/dev/null </dev/tcp/127.0.0.1/80 && echo open || echo close');
@@ -2999,6 +2999,10 @@ public function make_ispconfig_ssl_cert() {
 							rename($ssl_pem_file, $ssl_pem_file . '-' . $date->format('YmdHis') . '.bak');
 						}
 
+						$acme_cert_dir = '/etc/letsencrypt/live/' . $hostname;
+						symlink($acme_cert_dir . '/fullchain.pem', $ssl_crt_file);
+						symlink($acme_cert_dir . '/privkey.pem', $ssl_key_file);
+
 						$issued_successfully = true;
 					} else {
 						swriteln('Issuing certificate via certbot failed. Please check log files and make sure that your hostname can be verified by letsencrypt');
@@ -3043,42 +3047,44 @@ public function make_ispconfig_ssl_cert() {
 		}
 
 		// Build ispserver.pem file and chmod it
-		exec("cat $ssl_key_file $ssl_crt_file > $ssl_pem_file; chmod 600 $ssl_pem_file");
+		if(file_exists($ssl_key_file)) {
+			exec("cat $ssl_key_file $ssl_crt_file > $ssl_pem_file; chmod 600 $ssl_pem_file");
 
-		// Extend LE SSL certs to postfix
-		if ($conf['postfix']['installed'] == true && strtolower($this->simple_query('Symlink ISPConfig SSL certs to Postfix?', array('y', 'n'), 'y','ispconfig_postfix_ssl_symlink')) == 'y') {
+			// Extend LE SSL certs to postfix
+			if ($conf['postfix']['installed'] == true && strtolower($this->simple_query('Symlink ISPConfig SSL certs to Postfix?', array('y', 'n'), 'y','ispconfig_postfix_ssl_symlink')) == 'y') {
 
-			// Define folder, file(s)
-			$cf = $conf['postfix'];
-			$postfix_dir = $cf['config_dir'];
-			if(!is_dir($postfix_dir)) $this->error("The Postfix configuration directory '$postfix_dir' does not exist.");
-			$smtpd_crt = $postfix_dir.'/smtpd.cert';
-			$smtpd_key = $postfix_dir.'/smtpd.key';
+				// Define folder, file(s)
+				$cf = $conf['postfix'];
+				$postfix_dir = $cf['config_dir'];
+				if(!is_dir($postfix_dir)) $this->error("The Postfix configuration directory '$postfix_dir' does not exist.");
+				$smtpd_crt = $postfix_dir.'/smtpd.cert';
+				$smtpd_key = $postfix_dir.'/smtpd.key';
 
-			// Backup existing postfix ssl files
-			if (file_exists($smtpd_crt)) rename($smtpd_crt, $smtpd_crt . '-' .$date->format('YmdHis') . '.bak');
-			if (file_exists($smtpd_key)) rename($smtpd_key, $smtpd_key . '-' .$date->format('YmdHis') . '.bak');
+				// Backup existing postfix ssl files
+				if (file_exists($smtpd_crt)) rename($smtpd_crt, $smtpd_crt . '-' .$date->format('YmdHis') . '.bak');
+				if (file_exists($smtpd_key)) rename($smtpd_key, $smtpd_key . '-' .$date->format('YmdHis') . '.bak');
 
-			// Create symlink to ISPConfig SSL files
-			symlink($ssl_crt_file, $smtpd_crt);
-			symlink($ssl_key_file, $smtpd_key);
-		}
+				// Create symlink to ISPConfig SSL files
+				symlink($ssl_crt_file, $smtpd_crt);
+				symlink($ssl_key_file, $smtpd_key);
+			}
 
-		// Extend LE SSL certs to pureftpd
-		if ($conf['pureftpd']['installed'] == true && strtolower($this->simple_query('Symlink ISPConfig SSL certs to Pure-FTPd? Creating dhparam file may take some time.', array('y', 'n'), 'y','ispconfig_pureftpd_ssl_symlink')) == 'y') {
+			// Extend LE SSL certs to pureftpd
+			if ($conf['pureftpd']['installed'] == true && strtolower($this->simple_query('Symlink ISPConfig SSL certs to Pure-FTPd? Creating dhparam file may take some time.', array('y', 'n'), 'y','ispconfig_pureftpd_ssl_symlink')) == 'y') {
 
-			// Define folder, file(s)
-			$pureftpd_dir = '/etc/ssl/private';
-			if(!is_dir($pureftpd_dir)) mkdir($pureftpd_dir, 0755, true);
-			$pureftpd_pem = $pureftpd_dir.'/pure-ftpd.pem';
+				// Define folder, file(s)
+				$pureftpd_dir = '/etc/ssl/private';
+				if(!is_dir($pureftpd_dir)) mkdir($pureftpd_dir, 0755, true);
+				$pureftpd_pem = $pureftpd_dir.'/pure-ftpd.pem';
 
-			// Backup existing pureftpd ssl files
-			if (file_exists($pureftpd_pem)) rename($pureftpd_pem, $pureftpd_pem . '-' .$date->format('YmdHis') . '.bak');
+				// Backup existing pureftpd ssl files
+				if (file_exists($pureftpd_pem)) rename($pureftpd_pem, $pureftpd_pem . '-' .$date->format('YmdHis') . '.bak');
 
-			// Create symlink to ISPConfig SSL files
-			symlink($ssl_pem_file, $pureftpd_pem);
-			if (!file_exists("$pureftpd_dir/pure-ftpd-dhparams.pem"))
-				exec("cd $pureftpd_dir; openssl dhparam -out dhparam2048.pem 2048; ln -sf dhparam2048.pem pure-ftpd-dhparams.pem");
+				// Create symlink to ISPConfig SSL files
+				symlink($ssl_pem_file, $pureftpd_pem);
+				if (!file_exists("$pureftpd_dir/pure-ftpd-dhparams.pem"))
+					exec("cd $pureftpd_dir; openssl dhparam -out dhparam2048.pem 2048; ln -sf dhparam2048.pem pure-ftpd-dhparams.pem");
+			}
 		}
 
 		exec("chown -R root:root $ssl_dir");

install/tpl/apache_ispconfig.conf.master

@@ -132,11 +132,13 @@ CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m
 
 Alias /awstats-icon "/usr/share/awstats/icon"
 
-NameVirtualHost *:80
-NameVirtualHost *:443
-<tmpl_loop name="ip_adresses">
-NameVirtualHost {tmpl_var name="ip_address"}:{tmpl_var name="port"}
-</tmpl_loop>
+<tmpl_if name='apache_version' op='<' value='2.4' format='version'>
+  NameVirtualHost *:80
+  NameVirtualHost *:443
+  <tmpl_loop name="ip_adresses">
+  NameVirtualHost {tmpl_var name="ip_address"}:{tmpl_var name="port"}
+  </tmpl_loop>
+</tmpl_if>
 
 <tmpl_if name='apache_version' op='>=' value='2.3.3' format='version'>
 <IfModule mod_ssl.c>

install/tpl/rspamd_dkim_signing.conf.master

@@ -1,3 +1,4 @@
 try_fallback = false;
+use_esld = false;
 path_map = "/etc/rspamd/local.d/dkim_domains.map";
-selector_map = "/etc/rspamd/local.d/dkim_selectors.map";
+selector_map = "/etc/rspamd/local.d/dkim_selectors.map";

interface/lib/classes/validate_server_directive_snippets.inc.php

@@ -42,10 +42,11 @@ function get_error($errmsg) {
 
 	function validate_snippet($field_name, $field_value, $validator) {
 		global $app;
-        $type=(isset($app->remoting_lib->dataRecord['type']))?$app->remoting_lib->dataRecord['type']:$_POST['type'];
+        $id = (isset($app->remoting_lib->dataRecord['directive_snippets_id']))?$app->remoting_lib->dataRecord['directive_snippets_id']:$_POST['id'];
+		$type=(isset($app->remoting_lib->dataRecord['type']))?$app->remoting_lib->dataRecord['type']:$_POST['type'];
         $types = array('apache','nginx','php','proxy');
         if(!in_array($type,$types)) return $this->get_error('directive_snippets_invalid_type');
-		$check = $app->db->queryAllRecords('SELECT * FROM directive_snippets WHERE name = ? AND type = ?', $field_value, $type);
+		$check = $app->db->queryAllRecords('SELECT * FROM directive_snippets WHERE name = ? AND type = ? AND directive_snippets_id != ?', $field_value, $type, $id);
 		if(!empty($check)) return $this->get_error('directive_snippets_name_error_unique');
 	}
 

interface/web/admin/directive_snippets_del.php

@@ -45,7 +45,31 @@
 //* Check permissions for module
 $app->auth->check_module_permissions('admin');
 
-$app->uses("tform_actions");
-$app->tform_actions->onDelete();
+$app->load("tform_actions");
+
+class page_action extends tform_actions {
+	function onBeforeDelete() {
+		global $app, $conf;
+
+		if($this->dataRecord['type'] === 'php') {
+			$rlike = $this->dataRecord['directive_snippets_id'].'|,'.$this->dataRecord['directive_snippets_id'].'|'.$this->dataRecord['directive_snippets_id'].',';
+			$affected_snippets = $app->db->queryAllRecords('SELECT directive_snippets_id FROM directive_snippets WHERE required_php_snippets REGEXP ? AND type = ?', $rlike, 'apache');
+			if(is_array($affected_snippets) && !empty($affected_snippets)) {
+				foreach($affected_snippets as $snippet) {
+					$sql_in[] = $snippet['directive_snippets_id'];
+				}
+				$affected_sites = $app->db->queryAllRecords('SELECT domain_id FROM web_domain WHERE server_id = ? AND directive_snippets_id IN ?', $conf['server_id'], $sql_in);
+			}
+		} elseif($this->dataRecord['type'] === 'apache' || $this->dataRecord['type'] === 'nginx') {
+			$affected_sites = $app->db->queryAllRecords('SELECT domain_id FROM web_domain WHERE server_id = ? AND directive_snippets_id = ?', $conf['server_id'], $this->dataRecord['directive_snippets_id']);
+		}
+
+		if(!empty($affected_sites)) {
+			$app->error($app->tform->lng('error_delete_snippet_active_sites'));
+		}
+	}
+}
+
+$page = new page_action();
+$page->onDelete();
 
-?>

interface/web/admin/directive_snippets_edit.php

@@ -49,81 +49,58 @@
 
 class page_action extends tform_actions {
 
-	function onShow() {
+	private function getAffectedSites() {
 		global $app, $conf;
-		
-		if($this->id > 0){
-			$record = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ?", $this->id);
-			if($record['master_directive_snippets_id'] > 0){
-				unset($app->tform->formDef["tabs"]['directive_snippets']['fields']['name'], $app->tform->formDef["tabs"]['directive_snippets']['fields']['type'], $app->tform->formDef["tabs"]['directive_snippets']['fields']['snippet'], $app->tform->formDef["tabs"]['directive_snippets']['fields']['required_php_snippets']);
+
+		if($this->dataRecord['type'] === 'php') {
+			$rlike = $this->dataRecord['id'].'|,'.$this->dataRecord['id'].'|'.$this->dataRecord['id'].',';
+			$affected_snippets = $app->db->queryAllRecords('SELECT directive_snippets_id FROM directive_snippets WHERE required_php_snippets REGEXP ? AND type = ?', $rlike, 'apache');
+			if(is_array($affected_snippets) && !empty($affected_snippets)) {
+				foreach($affected_snippets as $snippet) {
+					$sql_in[] = $snippet['directive_snippets_id'];
+				}
+				$affected_sites = $app->db->queryAllRecords('SELECT domain_id FROM web_domain WHERE server_id = ? AND directive_snippets_id IN ?', $conf['server_id'], $sql_in);
 			}
-			unset($record);
+		} elseif($this->dataRecord['type'] === 'apache' || $this->dataRecord['type'] === 'nginx') {
+			$affected_sites = $app->db->queryAllRecords('SELECT domain_id FROM web_domain WHERE server_id = ? AND directive_snippets_id = ?', $conf['server_id'], $this->dataRecord['id']);
 		}
-		
-		parent::onShow();
+
+		return $affected_sites;
 	}
-	
-	function onShowEnd() {
-		global $app, $conf;
-		
-		$is_master = false;
-		if($this->id > 0){
-			if($this->dataRecord['master_directive_snippets_id'] > 0){
-				$is_master = true;
-				$app->tpl->setVar("name", $this->dataRecord['name'], true);
-				$app->tpl->setVar("type", $this->dataRecord['type'], true);
-				$app->tpl->setVar("snippet", $this->dataRecord['snippet'], true);
+
+	public function onBeforeUpdate() {
+		global $app;
+
+		$oldRecord = $app->tform->getDataRecord($this->id);
+
+		if($this->dataRecord['active'] !== 'y' && $oldRecord['active'] === 'y') {
+			$affected_sites = $this->getAffectedSites();
+			if(!empty($affected_sites)) {
+				$app->tform->errorMessage .= $app->tform->lng('error_disable_snippet_active_sites');
+			}
+		} elseif($this->dataRecord['customer_viewable'] !== 'y' && $oldRecord['customer_viewable'] === 'y') {
+			$affected_sites = $this->getAffectedSites();
+			if(!empty($affected_sites)) {
+				$app->tform->errorMessage .= $app->tform->lng('error_hide_snippet_active_sites');
 			}
 		}
-
-		$app->tpl->setVar("is_master", $is_master);
-		
-		parent::onShowEnd();
 	}
-	
-	function onSubmit() {
-		global $app, $conf;
 
-		if($this->id > 0){
-			$record = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ?", $this->id);
-			if($record['master_directive_snippets_id'] > 0){
-				unset($app->tform->formDef["tabs"]['directive_snippets']['fields']['name'], $app->tform->formDef["tabs"]['directive_snippets']['fields']['type'], $app->tform->formDef["tabs"]['directive_snippets']['fields']['snippet'], $app->tform->formDef["tabs"]['directive_snippets']['fields']['required_php_snippets']);
-			}
-	
-			if(isset($this->dataRecord['update_sites'])) {
-				parent::onSubmit();
-			} else {
-				$app->db->query('UPDATE directive_snippets SET name = ?, type = ?, snippet = ?, customer_viewable = ?, required_php_snippets = ?, active = ? WHERE directive_snippets_id = ?', $this->dataRecord['name'], $this->dataRecord['type'], $this->dataRecord['snippet'], $this->dataRecord['customer_viewable'], implode(',', $this->dataRecord['required_php_snippets']), $this->dataRecord['active'], $this->id);
-
-	            if($_REQUEST["next_tab"] == '') {
-    	            $list_name = $_SESSION["s"]["form"]["return_to"];
-                	if($list_name != '' && $_SESSION["s"]["list"][$list_name]["parent_name"] != $app->tform->formDef["name"]) {
-                    	$redirect = "Location: ".$_SESSION["s"]["list"][$list_name]["parent_script"]."?id=".$_SESSION["s"]["list"][$list_name]["parent_id"]."&next_tab=".$_SESSION["s"]["list"][$list_name]["parent_tab"];
-	                    $_SESSION["s"]["form"]["return_to"] = '';
-    	                session_write_close();
-        	            header($redirect);
-                	} elseif (isset($_SESSION["s"]["form"]["return_to_url"]) && $_SESSION["s"]["form"]["return_to_url"] != '') {
-	                    $redirect = $_SESSION["s"]["form"]["return_to_url"];
-    	                $_SESSION["s"]["form"]["return_to_url"] = '';
-        	            session_write_close();
-            	        header("Location: ".$redirect);
-                	    exit;
-                	} else {
-                    	header("Location: ".$app->tform->formDef['list_default']);
-                	}
-                	exit;
+	public function onAfterUpdate() {
+		global $app;
+
+		if(isset($this->dataRecord['update_sites']) && $this->dataRecord['update_sites'] === 'y' && $this->dataRecord['active'] === 'y') {
+			$affected_sites = $this->getAffectedSites();
+
+			if(is_array($affected_sites) && !empty($affected_sites)) {
+				foreach($affected_sites as $site) {
+					$website = $app->db->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = ?', $site['domain_id']);
+					$app->db->datalogUpdate('web_domain', $website, 'domain_id', $site['domain_id'], true);
 				}
 			}
-
-			unset($record);
 		}
-
-		parent::onSubmit();
 	}
-	
 }
 
 $page = new page_action;
-$page->onLoad();
-
-?>
+$page->onLoad();

interface/web/admin/directive_snippets_list.php

@@ -57,8 +57,6 @@ public function prepareDataRow($rec)
 		//* Alternating datarow colors
 		$this->DataRowColor = ($this->DataRowColor == '#FFFFFF') ? '#EEEEEE' : '#FFFFFF';
 		$rec['bgcolor'] = $this->DataRowColor;
-		
-		$rec['is_master'] = $rec['master_directive_snippets_id'];
 
 		//* substitute value for select fields
 		if(is_array($app->listform->listDef['item']) && count($app->listform->listDef['item']) > 0) {
@@ -79,15 +77,8 @@ public function prepareDataRow($rec)
 		$rec['id'] = $rec[$this->idx_key];
 		return $rec;
 	}
-	
+
 }
 $list = new list_action;
 $list->SQLOrderBy = 'ORDER BY directive_snippets.name';
 $list->onLoad();
-
-//$app->listform_actions->SQLExtWhere = 'master_directive_snippets_id = 0';
-/*
-$app->listform_actions->SQLOrderBy = 'ORDER BY directive_snippets.name';
-$app->listform_actions->onLoad();
-*/
-?>