Merged revisions 3596-3670 from 3.0.5 stable branch.

Author: tbrehm

install/dist/lib/fedora.lib.php

@@ -875,8 +875,15 @@ public function install_ispconfig()
 		exec("chmod -R 770 $install_dir/server/aps_packages");
 
 		//* make sure that the server config file (not the interface one) is only readable by the root user
-		exec("chmod 600 $install_dir/server/lib/$configfile");
-		exec("chown root:root $install_dir/server/lib/$configfile");
+		chmod($install_dir.'/server/lib/config.inc.php', 0600);
+		chown($install_dir.'/server/lib/config.inc.php', 'root');
+		chgrp($install_dir.'/server/lib/config.inc.php', 'root');
+		
+		//* Make sure thet the interface config file is readable by user ispconfig only
+		chmod($install_dir.'/interface/lib/config.inc.php', 0600);
+		chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
+		chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
+		
 		if(@is_file("$install_dir/server/lib/mysql_clientdb.conf")) {
 			exec("chmod 600 $install_dir/server/lib/mysql_clientdb.conf");
 			exec("chown root:root $install_dir/server/lib/mysql_clientdb.conf");

install/dist/lib/gentoo.lib.php

@@ -864,9 +864,14 @@ public function install_ispconfig()
 		exec("chmod -R 770 $install_dir/server/aps_packages");
 
 	    //* make sure that the server config file (not the interface one) is only readable by the root user
-    	chmod($install_dir.'/server/lib/'.$configfile, 0600);
-		chown($install_dir.'/server/lib/'.$configfile, 'root');
-		chgrp($install_dir.'/server/lib/'.$configfile, 'root');
+		chmod($install_dir.'/server/lib/config.inc.php', 0600);
+		chown($install_dir.'/server/lib/config.inc.php', 'root');
+		chgrp($install_dir.'/server/lib/config.inc.php', 'root');
+		
+		//* Make sure thet the interface config file is readable by user ispconfig only
+		chmod($install_dir.'/interface/lib/config.inc.php', 0600);
+		chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
+		chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
 
 		chmod($install_dir.'/server/lib/remote_action.inc.php', 0600);
 		chown($install_dir.'/server/lib/remote_action.inc.php', 'root');

install/dist/lib/opensuse.lib.php

@@ -914,8 +914,15 @@ public function install_ispconfig()
 		exec("chmod -R 770 $install_dir/server/aps_packages");
 
 		//* make sure that the server config file (not the interface one) is only readable by the root user
-		exec("chmod 600 $install_dir/server/lib/$configfile");
-		exec("chown root:root $install_dir/server/lib/$configfile");
+		chmod($install_dir.'/server/lib/config.inc.php', 0600);
+		chown($install_dir.'/server/lib/config.inc.php', 'root');
+		chgrp($install_dir.'/server/lib/config.inc.php', 'root');
+		
+		//* Make sure thet the interface config file is readable by user ispconfig only
+		chmod($install_dir.'/interface/lib/config.inc.php', 0600);
+		chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
+		chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
+		
 		if(@is_file("$install_dir/server/lib/mysql_clientdb.conf")) {
 			exec("chmod 600 $install_dir/server/lib/mysql_clientdb.conf");
 			exec("chown root:root $install_dir/server/lib/mysql_clientdb.conf");

install/lib/install.lib.php

@@ -757,18 +757,19 @@ function is_ispconfig_ssl_enabled() {
 function find_hash_file($hash, $dir, $basedir = '') {
     $res = opendir($dir);
     if(!$res) return false;
-    
+   
+    if(substr($basedir, -1) === '/') $basedir = substr($basedir, 0, strlen($basedir) - 1);
     if(substr($dir, -1) === '/') $dir = substr($dir, 0, strlen($dir) - 1);
     if($basedir === '') $basedir = $dir;
-    
+   
     while($cur = readdir($res)) {
         if($cur == '.' || $cur == '..') continue;
         $entry = $dir.'/'.$cur;
         if(is_dir($entry)) {
             $result = find_hash_file($hash, $entry, $basedir);
             if($result !== false) return $result;
         } elseif(md5_file($entry) === $hash) {
-            $entry = substr($entry, strlen($basedir));
+            $entry = substr($entry, strlen($basedir) + 1);
             if(substr($entry, 0, 7) === '/posix/') $entry = substr($entry, 7);
             return $entry;
         }
@@ -782,23 +783,28 @@ function find_hash_file($hash, $dir, $basedir = '') {
   (c) 2012 Marius Cramer, pixcept KG, m.cramer@pixcept.de
 */
 function get_system_timezone() {
-	if(is_link('/etc/localtime')) {
-		$timezone = readlink('/etc/localtime');
-		$timezone = str_replace('/usr/share/zoneinfo/', '', $timezone);
-		if(substr($timezone, 0, 6) === 'posix/') $timezone = substr($timezone, 6);
-	} else {
-		$hash = md5_file('/etc/localtime');
-		$timezone = find_hash_file($hash, '/usr/share/zoneinfo');
-	}
+    $timezone = false;
+    if(file_exists('/etc/timezone') && is_readable('/etc/timezone')) {
+        $timezone = trim(file_get_contents('/etc/timezone'));
+        if(file_exists('/usr/share/zoneinfo/' . $timezone) == false) $timezone = false;
+    }
+    
+    if(!$timezone && is_link('/etc/localtime')) {
+        $timezone = readlink('/etc/localtime');
+        $timezone = str_replace('/usr/share/zoneinfo/', '', $timezone);
+        if(substr($timezone, 0, 6) === 'posix/') $timezone = substr($timezone, 6);
+    } elseif(!$timezone) {
+        $hash = md5_file('/etc/localtime');
+        $timezone = find_hash_file($hash, '/usr/share/zoneinfo');
+    }
 
-	if(!$timezone) {
-		exec('date +%Z', $tzinfo);
-		$timezone = $tzinfo[0];
-	}
+    if(!$timezone) {
+        exec('date +%Z', $tzinfo);
+        $timezone = $tzinfo[0];
+    }
 
-	return $timezone;
+    return $timezone;
 }
 
 
-
 ?>

install/lib/installer_base.lib.php

@@ -423,7 +423,7 @@ public function grant_master_database_rights($verbose = false) {
 				$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
 			}
 
-			$query = "GRANT SELECT, UPDATE (`ssl_request`, `ssl_cert`, `ssl_action`) ON ".$value['db'].".`web_domain` TO '".$value['user']."'@'".$host."' ";
+			$query = "GRANT SELECT, UPDATE (`ssl_request`, `ssl_cert`, `ssl_action`, `ssl_key`) ON ".$value['db'].".`web_domain` TO '".$value['user']."'@'".$host."' ";
 			if ($verbose){
 				echo $query ."\n";
 			}
@@ -1816,9 +1816,14 @@ public function install_ispconfig() {
 		exec("chmod -R 770 $install_dir/server/aps_packages");
 
 		//* make sure that the server config file (not the interface one) is only readable by the root user
-		chmod($install_dir.'/server/lib/'.$configfile, 0600);
-		chown($install_dir.'/server/lib/'.$configfile, 'root');
-		chgrp($install_dir.'/server/lib/'.$configfile, 'root');
+		chmod($install_dir.'/server/lib/config.inc.php', 0600);
+		chown($install_dir.'/server/lib/config.inc.php', 'root');
+		chgrp($install_dir.'/server/lib/config.inc.php', 'root');
+		
+		//* Make sure thet the interface config file is readable by user ispconfig only
+		chmod($install_dir.'/interface/lib/config.inc.php', 0600);
+		chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
+		chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
 
 		chmod($install_dir.'/server/lib/remote_action.inc.php', 0600);
 		chown($install_dir.'/server/lib/remote_action.inc.php', 'root');

install/sql/incremental/upd_0044.sql

@@ -0,0 +1,4 @@
+ALTER TABLE `client` ADD `paypal_email` VARCHAR( 255 ) NULL DEFAULT NULL AFTER `bank_account_swift` ;
+ALTER TABLE `web_domain` ADD `proxy_directives` MEDIUMTEXT NULL DEFAULT NULL ;
+
+

install/sql/ispconfig3.sql

@@ -166,6 +166,7 @@ CREATE TABLE `client` (
   `bank_name` varchar(255) DEFAULT NULL,
   `bank_account_iban` varchar(255) DEFAULT NULL,
   `bank_account_swift` varchar(255) DEFAULT NULL,
+  `paypal_email` varchar(255) DEFAULT NULL,
   `default_mailserver` int(11) unsigned NOT NULL DEFAULT '1',
   `limit_maildomain` int(11) NOT NULL DEFAULT '-1',
   `limit_mailbox` int(11) NOT NULL DEFAULT '-1',
@@ -1750,6 +1751,7 @@ CREATE TABLE `web_domain` (
   `active` enum('n','y') NOT NULL default 'y',
   `traffic_quota_lock` enum('n','y') NOT NULL default 'n',
   `fastcgi_php_version` varchar(255) DEFAULT NULL,
+  `proxy_directives` mediumtext,
   PRIMARY KEY  (`domain_id`)
 ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
 

install/tpl/apache_ispconfig.vhost.master

@@ -10,6 +10,10 @@ NameVirtualHost *:{vhost_port}
 <VirtualHost _default_:{vhost_port}>
   ServerAdmin webmaster@localhost
 
+  <FilesMatch "\.ph(p3?|tml)$">
+    SetHandler None
+  </FilesMatch>
+  
   <IfModule mod_fcgid.c>
     DocumentRoot /var/www/ispconfig/
     SuexecUserGroup ispconfig ispconfig
@@ -23,18 +27,18 @@ NameVirtualHost *:{vhost_port}
     </Directory>
   </IfModule>
 
-  <IfModule mod_php5.c>
-    DocumentRoot /usr/local/ispconfig/interface/web/
-    AddType application/x-httpd-php .php
-    <Directory /usr/local/ispconfig/interface/web>
-      # php_admin_value open_basedir "/usr/local/ispconfig/interface:/usr/share:/tmp"
-      Options FollowSymLinks
-      AllowOverride None
-      Order allow,deny
-      Allow from all
-	  php_value magic_quotes_gpc        0
-    </Directory>
-  </IfModule>
+#  <IfModule mod_php5.c>
+#    DocumentRoot /usr/local/ispconfig/interface/web/
+#    AddType application/x-httpd-php .php
+#    <Directory /usr/local/ispconfig/interface/web>
+#      # php_admin_value open_basedir "/usr/local/ispconfig/interface:/usr/share:/tmp"
+#      Options FollowSymLinks
+#      AllowOverride None
+#      Order allow,deny
+#      Allow from all
+#	  php_value magic_quotes_gpc        0
+#    </Directory>
+#  </IfModule>
 
   # ErrorLog /var/log/apache2/error.log
   # CustomLog /var/log/apache2/access.log combined

install/tpl/debian6_dovecot-sql.conf.master

@@ -14,5 +14,8 @@ connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_se
 default_pass_scheme = CRYPT
 
 password_query = SELECT password FROM mail_user WHERE login = '%u' AND disable%Ls = 'n'
-# user_query = SELECT email AS user, maildir AS home, CONCAT('*:storage=', quota , 'B') AS quota_rule FROM mail_user WHERE login = '%u' AND disable%Ls = 'n'
 user_query = SELECT email as user, maildir as home, CONCAT('maildir:', maildir, '/Maildir') as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND disable%Ls = 'n'
+
+# The iterate_query is required for the doveadm command only and works only on dovecot 2 servers.
+# Do not enable it on Dovecot 1.x servers
+# iterate_query = SELECT email as user FROM mail_user

install/tpl/debian_dovecot-sql.conf.master

@@ -121,7 +121,9 @@ connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_se
 default_pass_scheme = CRYPT
 
 password_query = SELECT password FROM mail_user WHERE login = '%u' AND disable%Ls = 'n'
-# user_query = SELECT email as user, maildir as home, CONCAT('maildir:', maildir, '/Maildir') as mail, uid, gid, CONCAT('maildir:storage=', floor(quota/1024)) AS quota, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE login = '%u' AND disable%Ls = 'n'
 user_query = SELECT email as user, maildir as home, CONCAT('maildir:', maildir, '/Maildir') as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND disable%Ls = 'n'
 
+# The iterate_query is required for the doveadm command only and works only on dovecot 2 servers.
+# Do not enable it on Dovecot 1.x servers
+# iterate_query = SELECT email as user FROM mail_user