Fix TLSProtocol compatibility for old versions of ProFTPD (hestiacp#3790)

* Disable TLS 1.3 support for ProFTPD versions older than v1.3.7a due to incompatibility

Author: myrevery

install/hst-install-debian.sh

@@ -1543,6 +1543,11 @@ if [ "$proftpd" = 'yes' ]; then
 	cp -f $HESTIA_INSTALL_DIR/proftpd/proftpd.conf /etc/proftpd/
 	cp -f $HESTIA_INSTALL_DIR/proftpd/tls.conf /etc/proftpd/
 
+	# Disable TLS 1.3 support for ProFTPD versions older than v1.3.7a
+	if [ "$release" -eq 10 ]; then
+		sed -i 's/TLSProtocol                             TLSv1.2 TLSv1.3/TLSProtocol                             TLSv1.2/' /etc/proftpd/tls.conf
+	fi
+
 	update-rc.d proftpd defaults > /dev/null 2>&1
 	systemctl start proftpd >> $LOG
 	check_result $? "proftpd start failed"

install/hst-install-ubuntu.sh

@@ -1559,6 +1559,11 @@ if [ "$proftpd" = 'yes' ]; then
 	cp -f $HESTIA_INSTALL_DIR/proftpd/proftpd.conf /etc/proftpd/
 	cp -f $HESTIA_INSTALL_DIR/proftpd/tls.conf /etc/proftpd/
 
+	# Disable TLS 1.3 support for ProFTPD versions older than v1.3.7a
+	if [ "$release" = '20.04' ]; then
+		sed -i 's/TLSProtocol                             TLSv1.2 TLSv1.3/TLSProtocol                             TLSv1.2/' /etc/proftpd/tls.conf
+	fi
+
 	update-rc.d proftpd defaults > /dev/null 2>&1
 	systemctl start proftpd >> $LOG
 	check_result $? "proftpd start failed"

install/upgrade/versions/1.8.1.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Hestia Control Panel upgrade script for target version 1.8.0
+# Hestia Control Panel upgrade script for target version 1.8.1
 
 #######################################################################################
 #######                      Place additional commands below.                   #######

install/upgrade/versions/1.8.2.sh

@@ -0,0 +1,37 @@
+#!/bin/bash
+
+# Hestia Control Panel upgrade script for target version 1.8.2
+
+#######################################################################################
+#######                      Place additional commands below.                   #######
+#######################################################################################
+####### upgrade_config_set_value only accepts true or false.                    #######
+#######                                                                         #######
+####### Pass through information to the end user in case of a issue or problem  #######
+#######                                                                         #######
+####### Use add_upgrade_message "My message here" to include a message          #######
+####### in the upgrade notification email. Example:                             #######
+#######                                                                         #######
+####### add_upgrade_message "My message here"                                   #######
+#######                                                                         #######
+####### You can use \n within the string to create new lines.                   #######
+#######################################################################################
+
+upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false'
+upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false'
+upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false'
+upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'false'
+upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false'
+
+# Disable TLS 1.3 support for ProFTPD versions older than v1.3.7a
+if [ "$FTP_SYSTEM" = "proftpd" ]; then
+	os_release="$(lsb_release -s -i | tr "[:upper:]" "[:lower:]")-$(lsb_release -s -r)"
+
+	if [ "$os_release" = "debian-10" ] || [ "$os_release" = "ubuntu-20.04" ]; then
+		if grep -qw "^TLSProtocol                             TLSv1.2 TLSv1.3$" test.conf 2> /dev/null; then
+			sed -i 's/TLSProtocol                             TLSv1.2 TLSv1.3/TLSProtocol                             TLSv1.2/' /etc/proftpd/tls.conf
+		else
+			sed -i '/^TLSProtocol .\+$/d;/TLSServerCipherPreference               on$/i TLSProtocol                             TLSv1.2' /etc/proftpd/tls.conf
+		fi
+	fi
+fi