Merge branch 'stable-3.1' of git.ispconfig.org:ispconfig/ispconfig3 into stable-3.1

Author: Marius Burkard

install/lib/installer_base.lib.php

@@ -585,7 +585,7 @@ public function grant_master_database_rights($verbose = false) {
 					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
 				}
 
-				$query = "GRANT SELECT, UPDATE (`ssl_request`, `ssl_cert`, `ssl_action`, `ssl_key`) ON ?? TO ?@?";
+				$query = "GRANT SELECT, UPDATE (`ssl`, `ssl_letsencrypt`, `ssl_request`, `ssl_cert`, `ssl_action`, `ssl_key`) ON ?? TO ?@?";
 				if ($verbose){
 					echo $query ."\n";
 				}

install/lib/update.lib.php

@@ -394,6 +394,9 @@ function updateDbAndIni() {
 	unset($old_ini_array);
 	unset($tpl_ini_array);
 	unset($new_ini);
+
+	// Truncate sys_session
+	$inst->db->query('TRUNCATE ??', $conf['mysql']['database'].'sys_session');
 }
 
 

install/sql/incremental/upd_0084.sql

@@ -0,0 +1,2 @@
+UPDATE `sys_user` SET `app_theme` = 'default' WHERE 1;
+ALTER TABLE `ftp_user` ADD `user_type` SET('user','system') NOT NULL DEFAULT 'user' AFTER `expires`, ADD `user_config` TEXT NULL AFTER `user_type`;

install/sql/incremental/upd_dev_collection.sql

@@ -0,0 +1 @@
+ALTER TABLE `web_domain` CHANGE `folder_directive_snippets` `folder_directive_snippets` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NULL;

install/sql/ispconfig3.sql

@@ -644,6 +644,8 @@ CREATE TABLE `ftp_user` (
   `ul_bandwidth` int(11) NOT NULL default '-1',
   `dl_bandwidth` int(11) NOT NULL default '-1',
   `expires` datetime NULL DEFAULT NULL,
+  `user_type` set('user','system') NOT NULL DEFAULT 'user',
+  `user_config` text,
   PRIMARY KEY  (`ftp_user_id`),
   KEY `active` (`active`),
   KEY `server_id` (`server_id`),
@@ -1983,7 +1985,7 @@ CREATE TABLE `web_domain` (
   `enable_pagespeed` ENUM('y','n') NOT NULL DEFAULT 'n',
   `http_port` int(11) unsigned NOT NULL DEFAULT '80',
   `https_port` int(11) unsigned NOT NULL DEFAULT '443',
-  `folder_directive_snippets` text NOT NULL,
+  `folder_directive_snippets` text,
   PRIMARY KEY  (`domain_id`),
   UNIQUE KEY `serverdomain` (  `server_id` , `ip_address`,  `domain` )
 ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;

install/tpl/nginx_ispconfig.vhost.master

@@ -5,6 +5,8 @@ server {
 		{ssl_comment}ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
         {ssl_comment}ssl_certificate /usr/local/ispconfig/interface/ssl/ispserver.crt;
         {ssl_comment}ssl_certificate_key /usr/local/ispconfig/interface/ssl/ispserver.key;
+        {ssl_comment}ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
+        {ssl_comment}ssl_prefer_server_ciphers on;
 
 		# redirect to https if accessed with http
 		{ssl_comment}error_page 497 https://$host:{vhost_port}$request_uri;

interface/lib/lang/cz.lng

@@ -154,5 +154,3 @@ $wb['select_directive_snippet_txt'] = 'Directive Snippets';
 $wb['select_master_directive_snippet_txt'] = 'Master Directive Snippets';
 ?>
 
-
-

interface/lib/lang/dk.lng

@@ -146,7 +146,7 @@ $wb['strength_2'] = 'Nogenlunde';
 $wb['strength_3'] = 'God';
 $wb['strength_4'] = 'Stærk';
 $wb['strength_5'] = 'Meget Stærk';
-$wb['weak_password_txt'] = 'Den valgte adgangskode matcher ikke retningslinjerne for sikkerhedsindstillingerne. Det skal være mindst {chars} tegn i længden og have en styrke på \"{strength}\".';
+$wb['weak_password_txt'] = 'Den valgte adgangskode matcher ikke retningslinjerne for sikkerhedsindstillingerne. Det skal være mindst {chars} tegn i længden og have en styrke på \\"{strength}\\".';
 $wb['weak_password_length_txt'] = 'Den valgte adgangskode matcher ikke retningslinjerne for sikkerhedsindstillingerne. Det skal være mindst {chars} tegn i længden.';
 $wb['security_check1_txt'] = 'Check for sikkerheds tilladelse:';
 $wb['security_check2_txt'] = 'mislykkedes.';

interface/lib/lang/tr.lng

@@ -146,7 +146,7 @@ $wb['strength_2'] = 'Yeterli';
 $wb['strength_3'] = 'İyi';
 $wb['strength_4'] = 'Güçlü';
 $wb['strength_5'] = 'Çok Güçlü';
-$wb['weak_password_txt'] = 'Yazdığınız parola güvenlik ilkesine uygun değil. Parola en az {chars} karakter uzunluğunda ve \"{strength}\" güçlüğünde olmalı.';
+$wb['weak_password_txt'] = 'Yazdığınız parola güvenlik ilkesine uygun değil. Parola en az {chars} karakter uzunluğunda ve \\"{strength}\\" güçlüğünde olmalı.';
 $wb['weak_password_length_txt'] = 'Yazdığınız parola güvenlik ilkesine uygun değil. Parola en az {chars} karakter uzunluğunda olmalı.';
 $wb['security_check1_txt'] = 'Güvenlik iznini denetle:';
 $wb['security_check2_txt'] = 'başarısız.';

interface/web/admin/lib/lang/ca_firewall.lng

@@ -6,6 +6,6 @@ $wb['tcp_port_help_txt'] = 'Separated by comma';
 $wb['udp_port_help_txt'] = 'Separated by comma';
 $wb['active_txt'] = 'Active';
 $wb['firewall_error_unique'] = 'There is already a firewall record for this server.';
-$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \":\" and \",\".';
-$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \":\" and \",\".';
+$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
+$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
 ?>