Merge branch 'stable-3.1' of git.ispconfig.org:ispconfig/ispconfig3 into stable-3.1

Author: Marius Burkard

install/dist/lib/debian60.lib.php

@@ -136,6 +136,12 @@ public function configure_dovecot()
 						caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 					}
 				}
+				//remove #2.3+ comment
+				$content = file_get_contents($config_dir.'/'.$configfile);
+				$content = str_replace('#2.3+','',$content);
+				file_put_contents($config_dir.'/'.$configfile,$content);
+				unset($content);
+				
 			} else {
 				// remove settings which are not supported in Dovecot < 2.3
 				removeLine($config_dir.'/'.$configfile, 'ssl_min_protocol =');

install/dist/lib/fedora.lib.php

@@ -449,6 +449,38 @@ public function configure_dovecot()
 				file_put_contents($config_dir.'/'.$configfile,$content);
 				unset($content);
 			}
+			if(version_compare($dovecot_version,2.3) >= 0) {
+				// Remove deprecated setting(s)
+				removeLine($config_dir.'/'.$configfile, 'ssl_protocols =');
+				
+				// Check if we have a dhparams file and if not, create it
+				if(!file_exists('/etc/dovecot/dh.pem')) {
+					swriteln('Creating new DHParams file, this takes several minutes. Do not interrupt the script.');
+					if(file_exists('/var/lib/dovecot/ssl-parameters.dat')) {
+						// convert existing ssl parameters file
+						$command = 'dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam -inform der > /etc/dovecot/dh.pem';
+						caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+					} else {
+						/*
+						   Create a new dhparams file. We use 2048 bit only as it simply takes too long
+						   on smaller systems to generate a 4096 bit dh file (> 30 minutes). If you need
+						   a 4096 bit file, create it manually before you install ISPConfig
+						*/
+						$command = 'openssl dhparam -out /etc/dovecot/dh.pem 2048';
+						caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+					}
+				}
+				//remove #2.3+ comment
+				$content = file_get_contents($config_dir.'/'.$configfile);
+				$content = str_replace('#2.3+','',$content);
+				file_put_contents($config_dir.'/'.$configfile,$content);
+				unset($content);
+				
+			} else {
+				// remove settings which are not supported in Dovecot < 2.3
+				removeLine($config_dir.'/'.$configfile, 'ssl_min_protocol =');
+				removeLine($config_dir.'/'.$configfile, 'ssl_dh =');
+			}
 			replaceLine($config_dir.'/'.$configfile, 'postmaster_address = postmaster@example.com', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0);
 			replaceLine($config_dir.'/'.$configfile, 'postmaster_address = webmaster@localhost', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0);
 		} else {

install/lib/installer_base.lib.php

@@ -1304,6 +1304,38 @@ public function configure_dovecot() {
 				file_put_contents($config_dir.'/'.$configfile,$content);
 				unset($content);
 			}
+			if(version_compare($dovecot_version,2.3) >= 0) {
+				// Remove deprecated setting(s)
+				removeLine($config_dir.'/'.$configfile, 'ssl_protocols =');
+				
+				// Check if we have a dhparams file and if not, create it
+				if(!file_exists('/etc/dovecot/dh.pem')) {
+					swriteln('Creating new DHParams file, this takes several minutes. Do not interrupt the script.');
+					if(file_exists('/var/lib/dovecot/ssl-parameters.dat')) {
+						// convert existing ssl parameters file
+						$command = 'dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam -inform der > /etc/dovecot/dh.pem';
+						caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+					} else {
+						/*
+						   Create a new dhparams file. We use 2048 bit only as it simply takes too long
+						   on smaller systems to generate a 4096 bit dh file (> 30 minutes). If you need
+						   a 4096 bit file, create it manually before you install ISPConfig
+						*/
+						$command = 'openssl dhparam -out /etc/dovecot/dh.pem 2048';
+						caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+					}
+				}
+				//remove #2.3+ comment
+				$content = file_get_contents($config_dir.'/'.$configfile);
+				$content = str_replace('#2.3+','',$content);
+				file_put_contents($config_dir.'/'.$configfile,$content);
+				unset($content);
+				
+			} else {
+				// remove settings which are not supported in Dovecot < 2.3
+				removeLine($config_dir.'/'.$configfile, 'ssl_min_protocol =');
+				removeLine($config_dir.'/'.$configfile, 'ssl_dh =');
+			}
 		}
 
 		//* dovecot-lmtpd
@@ -2322,6 +2354,7 @@ public function configure_apps_vhost() {
 				|| file_exists('/var/run/php/php7.1-fpm.sock')
 				|| file_exists('/var/run/php/php7.2-fpm.sock')
 				|| file_exists('/var/run/php/php7.3-fpm.sock')
+				|| file_exists('/var/run/php/php7.4-fpm.sock')
 			){
 				$use_tcp = '#';
 				$use_socket = '';
@@ -2340,6 +2373,8 @@ public function configure_apps_vhost() {
 			if(file_exists('/var/run/php/php7.0-fpm.sock'))	$content = str_replace('/var/run/php5-fpm.sock', '/var/run/php/php7.0-fpm.sock', $content);
 			if(file_exists('/var/run/php/php7.1-fpm.sock'))	$content = str_replace('/var/run/php5-fpm.sock', '/var/run/php/php7.1-fpm.sock', $content);
 			if(file_exists('/var/run/php/php7.2-fpm.sock'))	$content = str_replace('/var/run/php5-fpm.sock', '/var/run/php/php7.2-fpm.sock', $content);
+			if(file_exists('/var/run/php/php7.3-fpm.sock'))	$content = str_replace('/var/run/php5-fpm.sock', '/var/run/php/php7.3-fpm.sock', $content);
+			if(file_exists('/var/run/php/php7.4-fpm.sock'))	$content = str_replace('/var/run/php5-fpm.sock', '/var/run/php/php7.4-fpm.sock', $content);
 
 			wf($vhost_conf_dir.'/apps.vhost', $content);
 

install/tpl/debian6_dovecot2.conf.master

@@ -68,3 +68,18 @@ protocol lmtp {
   postmaster_address = webmaster@localhost
   mail_plugins = quota sieve
 }
+
+#2.3+ service stats {
+#2.3+     unix_listener stats-reader {
+#2.3+         user = vmail
+#2.3+         group = vmail
+#2.3+         mode = 0660
+#2.3+     }
+#2.3+ 
+#2.3+     unix_listener stats-writer {
+#2.3+         user = vmail
+#2.3+         group = vmail
+#2.3+         mode = 0660
+#2.3+     }
+#2.3+ }
+

install/tpl/debian_dovecot2.conf.master

@@ -64,4 +64,19 @@ protocol lmtp {
   postmaster_address = webmaster@localhost
   mail_plugins = quota sieve
 }
+
 mail_plugins = $mail_plugins quota
+
+#2.3+ service stats {
+#2.3+     unix_listener stats-reader {
+#2.3+         user = vmail
+#2.3+         group = vmail
+#2.3+         mode = 0660
+#2.3+     }
+#2.3+ 
+#2.3+     unix_listener stats-writer {
+#2.3+         user = vmail
+#2.3+         group = vmail
+#2.3+         mode = 0660
+#2.3+     }
+#2.3+ }

install/tpl/fedora_dovecot2.conf.master

@@ -61,4 +61,19 @@ protocol lmtp {
   postmaster_address = webmaster@localhost
   mail_plugins = quota sieve
 }
+
 mail_plugins = $mail_plugins quota
+
+#2.3+ service stats {
+#2.3+     unix_listener stats-reader {
+#2.3+         user = vmail
+#2.3+         group = vmail
+#2.3+         mode = 0660
+#2.3+     }
+#2.3+ 
+#2.3+     unix_listener stats-writer {
+#2.3+         user = vmail
+#2.3+         group = vmail
+#2.3+         mode = 0660
+#2.3+     }
+#2.3+ }

install/tpl/opensuse_dovecot2.conf.master

@@ -60,4 +60,19 @@ protocol lmtp {
   postmaster_address = webmaster@localhost
   mail_plugins = quota sieve
 }
+
 mail_plugins = $mail_plugins quota
+
+#2.3+ service stats {
+#2.3+     unix_listener stats-reader {
+#2.3+         user = vmail
+#2.3+         group = vmail
+#2.3+         mode = 0660
+#2.3+     }
+#2.3+ 
+#2.3+     unix_listener stats-writer {
+#2.3+         user = vmail
+#2.3+         group = vmail
+#2.3+         mode = 0660
+#2.3+     }
+#2.3+ }

server/plugins-available/bind_plugin.inc.php

@@ -391,7 +391,7 @@ function soa_delete($event_name, $data) {
 		$app->log("Deleting BIND domain file: ".$zone_file_name, LOGLEVEL_DEBUG);
 
  		//* DNSSEC-Implementation
- 		if($data['old']['dnssec_initialized'] == 'Y') {
+ 		if($data['old']['dnssec_initialized'] == 'Y' && file_exists('/usr/local/ispconfig/server/scripts/dnssec-delete.sh')) {
 			//delete keys
 			$app->system->exec_safe('/usr/local/ispconfig/server/scripts/dnssec-delete.sh ?', $data['old']['origin']);
 		}