maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Merge remote-tracking branch 'origin/master' into 0.10.0

Browse Source
This commit is contained in:
Michael Kaufmann
2018-09-25 08:14:16 +02:00
parent 174739bc0c bd036a0fde
commit 738e629eec
16 changed files with 150 additions and 113 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
install/froxlor.sql
View File

@@ -198,6 +198,7 @@ CREATE TABLE `panel_customers` (
`lepublickey` mediumtext default NULL, `lepublickey` mediumtext default NULL,
`leprivatekey` mediumtext default NULL, `leprivatekey` mediumtext default NULL,
`leregistered` tinyint(1) NOT NULL default '0', `leregistered` tinyint(1) NOT NULL default '0',
`leaccount` varchar(255) default '',
`allowed_phpconfigs` varchar(500) NOT NULL default '', `allowed_phpconfigs` varchar(500) NOT NULL default '',
PRIMARY KEY (`customerid`), PRIMARY KEY (`customerid`),
UNIQUE KEY `loginname` (`loginname`) UNIQUE KEY `loginname` (`loginname`)
@@ -654,6 +655,7 @@ opcache.interned_strings_buffer'),
('system', 'hsts_incsub', '0'), ('system', 'hsts_incsub', '0'),
('system', 'hsts_preload', '0'), ('system', 'hsts_preload', '0'),
('system', 'leregistered', '0'), ('system', 'leregistered', '0'),
('system', 'leaccount', ''),
('system', 'nssextrausers', '0'), ('system', 'nssextrausers', '0'),
('system', 'disable_le_selfcheck', '0'), ('system', 'disable_le_selfcheck', '0'),
('system', 'ssl_protocols', 'TLSv1,TLSv1.2'), ('system', 'ssl_protocols', 'TLSv1,TLSv1.2'),
@@ -694,7 +696,7 @@ opcache.interned_strings_buffer'),
('panel', 'password_special_char', '!?<>§$%+#=@'), ('panel', 'password_special_char', '!?<>§$%+#=@'),
('panel', 'customer_hide_options', ''), ('panel', 'customer_hide_options', ''),
('panel', 'version', '0.10.0'), ('panel', 'version', '0.10.0'),
('panel', 'db_version', '201805290'); ('panel', 'db_version', '201809180');
DROP TABLE IF EXISTS `panel_tasks`; DROP TABLE IF EXISTS `panel_tasks`;

123
install/lib/class.FroxlorInstall.php
View File

@@ -964,84 +964,39 @@ class FroxlorInstall
} else { } else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']); $content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
} }
// check for session-extension
$this->_requirementCheckFor($content, $_die, 'session', false, 'phpsession');
// check for ctype-extension
$this->_requirementCheckFor($content, $_die, 'ctype', false, 'phpctype');
// check for SimpleXML-extension
$this->_requirementCheckFor($content, $_die, 'simplexml', false, 'phpsimplexml');
// check for xml-extension // check for xml-extension
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpxml']); $this->_requirementCheckFor($content, $_die, 'xml', false, 'phpxml');
if (! extension_loaded('xml')) {
$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
$_die = true;
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for filter-extension // check for filter-extension
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpfilter']); $this->_requirementCheckFor($content, $_die, 'filter', false, 'phpfilter');
if (! extension_loaded('filter')) {
$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
$_die = true;
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for posix-extension // check for posix-extension
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpposix']); $this->_requirementCheckFor($content, $_die, 'posix', false, 'phpposix');
if (! extension_loaded('posix')) {
$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
$_die = true;
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for mbstring-extension // check for mbstring-extension
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpmbstring']); $this->_requirementCheckFor($content, $_die, 'mbstring', false, 'phpmbstring');
if (! extension_loaded('mbstring')) {
$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
$_die = true;
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for curl extension // check for curl extension
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpcurl']); $this->_requirementCheckFor($content, $_die, 'curl', false, 'phpcurl');
if (! extension_loaded('curl')) {
$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
$_die = true;
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for json extension // check for json extension
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpjson']); $this->_requirementCheckFor($content, $_die, 'json', false, 'phpjson');
if (! extension_loaded('json')) {
$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
$_die = true;
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for bcmath extension // check for bcmath extension
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpbcmath']); $this->_requirementCheckFor($content, $_die, 'bcmath', true, 'phpbcmath', 'bcmathdescription');
if (! extension_loaded('bcmath')) {
$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements']['bcmathdescription']);
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for zip extension // check for zip extension
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpzip']); $this->_requirementCheckFor($content, $_die, 'zip', true, 'phpzip', 'zipdescription');
if (! extension_loaded('zip')) {
$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements']['zipdescription']);
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for open_basedir // check for open_basedir
$content .= $this->_status_message('begin', $this->_lng['requirements']['openbasedir']); $content .= $this->_status_message('begin', $this->_lng['requirements']['openbasedir']);
@@ -1051,6 +1006,16 @@ class FroxlorInstall
} else { } else {
$content .= $this->_status_message('green', 'off'); $content .= $this->_status_message('green', 'off');
} }
// check for mysqldump binary in order to backup existing database
$content .= $this->_status_message('begin', $this->_lng['requirements']['mysqldump']);
if (file_exists("/usr/bin/mysqldump") || file_exists("/usr/local/bin/mysqldump")) {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
} else {
$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements']['mysqldumpmissing']);
}
$content .= "</table>"; $content .= "</table>";
// check if we have unrecoverable errors // check if we have unrecoverable errors
@@ -1073,6 +1038,22 @@ class FroxlorInstall
'pagenavigation' => $navigation 'pagenavigation' => $navigation
); );
} }
private function _requirementCheckFor(&$content, &$_die, $ext = '', $optional = false, $lng_txt = "", $lng_desc = "")
{
$content .= $this->_status_message('begin', $this->_lng['requirements'][$lng_txt]);
if (! extension_loaded($ext)) {
if (!$optional) {
$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
$_die = true;
} else {
$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements'][$lng_desc]);
}
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
}
/** /**
* send no-caching headers and set the default timezone * send no-caching headers and set the default timezone
@@ -1141,12 +1122,24 @@ class FroxlorInstall
} }
} }
$lngfile = $this->_basepath . '/install/lng/' . $this->_activelng . '.lng.php'; // require english base language as fallback
$lngfile = $this->_basepath . '/install/lng/' . $standardlanguage . '.lng.php';
if (file_exists($lngfile)) { if (file_exists($lngfile)) {
// includes file /lng/$language.lng.php if it exists // includes file /lng/$language.lng.php if it exists
require $lngfile; require $lngfile;
$this->_lng = $lng; $this->_lng = $lng;
} }
// require chosen language if not english
if ($this->_activelng != $standardlanguage)
{
$lngfile = $this->_basepath . '/install/lng/' . $this->_activelng . '.lng.php';
if (file_exists($lngfile)) {
// includes file /lng/$language.lng.php if it exists
require $lngfile;
$this->_lng = $lng;
}
}
} }
/** /**

5
install/lng/english.lng.php
View File

@@ -28,6 +28,9 @@ $lng['requirements']['newerphpprefered'] = 'Good, but php-5.6 is prefered.';
$lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime...'; $lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime...';
$lng['requirements']['phpmagic_quotes_runtime_description'] = 'PHP setting "magic_quotes_runtime" must be set to "Off". We have disabled it temporary for now please fix the coresponding php.ini.'; $lng['requirements']['phpmagic_quotes_runtime_description'] = 'PHP setting "magic_quotes_runtime" must be set to "Off". We have disabled it temporary for now please fix the coresponding php.ini.';
$lng['requirements']['phppdo'] = 'PHP PDO extension and PDO-MySQL driver...'; $lng['requirements']['phppdo'] = 'PHP PDO extension and PDO-MySQL driver...';
$lng['requirements']['phpsession'] = 'PHP session-extension...';
$lng['requirements']['phpctype'] = 'PHP ctype-extension...';
$lng['requirements']['phpsimplexml'] = 'PHP SimpleXML-extension...';
$lng['requirements']['phpxml'] = 'PHP XML-extension...'; $lng['requirements']['phpxml'] = 'PHP XML-extension...';
$lng['requirements']['phpfilter'] = 'PHP filter-extension...'; $lng['requirements']['phpfilter'] = 'PHP filter-extension...';
$lng['requirements']['phpposix'] = 'PHP posix-extension...'; $lng['requirements']['phpposix'] = 'PHP posix-extension...';
@@ -40,6 +43,8 @@ $lng['requirements']['bcmathdescription'] = 'Traffic-calculation related functio
$lng['requirements']['zipdescription'] = 'The auto-update feature requires the zip extension.'; $lng['requirements']['zipdescription'] = 'The auto-update feature requires the zip extension.';
$lng['requirements']['openbasedir'] = 'open_basedir...'; $lng['requirements']['openbasedir'] = 'open_basedir...';
$lng['requirements']['openbasedirenabled'] = 'Froxlor will not work properly with open_basedir enabled. Please disable open_basedir for Froxlor in the coresponding php.ini'; $lng['requirements']['openbasedirenabled'] = 'Froxlor will not work properly with open_basedir enabled. Please disable open_basedir for Froxlor in the coresponding php.ini';
$lng['requirements']['mysqldump'] = 'MySQL dump tool';
$lng['requirements']['mysqldumpmissing'] = 'Automatic backup of possible existing database is not possible. Please install mysql-client tools';
$lng['requirements']['diedbecauseofrequirements'] = 'Cannot install Froxlor without these requirements! Try to fix them and retry.'; $lng['requirements']['diedbecauseofrequirements'] = 'Cannot install Froxlor without these requirements! Try to fix them and retry.';
$lng['requirements']['froxlor_succ_checks'] = 'All requirements are satisfied'; $lng['requirements']['froxlor_succ_checks'] = 'All requirements are satisfied';

5
install/lng/german.lng.php
View File

@@ -28,6 +28,9 @@ $lng['requirements']['newerphpprefered'] = 'Passt, aber php-5.6 wird bevorzugt.'
$lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime'; $lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime';
$lng['requirements']['phpmagic_quotes_runtime_description'] = 'Die PHP Einstellung "magic_quotes_runtime" muss deaktiviert sein ("Off"). Die Einstellung wurde temporär deaktiviert, bitte ändern Sie diese in der entsprechenden php.ini.'; $lng['requirements']['phpmagic_quotes_runtime_description'] = 'Die PHP Einstellung "magic_quotes_runtime" muss deaktiviert sein ("Off"). Die Einstellung wurde temporär deaktiviert, bitte ändern Sie diese in der entsprechenden php.ini.';
$lng['requirements']['phppdo'] = 'PHP PDO Erweiterung und PDO-MySQL Treiber...'; $lng['requirements']['phppdo'] = 'PHP PDO Erweiterung und PDO-MySQL Treiber...';
$lng['requirements']['phpsession'] = 'PHP session-Erweiterung...';
$lng['requirements']['phpctype'] = 'PHP ctype-Erweiterung...';
$lng['requirements']['phpsimplexml'] = 'PHP SimpleXML-Erweiterung...';
$lng['requirements']['phpxml'] = 'PHP XML-Erweiterung...'; $lng['requirements']['phpxml'] = 'PHP XML-Erweiterung...';
$lng['requirements']['phpfilter'] = 'PHP filter-Erweiterung...'; $lng['requirements']['phpfilter'] = 'PHP filter-Erweiterung...';
$lng['requirements']['phpposix'] = 'PHP posix-Erweiterung...'; $lng['requirements']['phpposix'] = 'PHP posix-Erweiterung...';
@@ -40,6 +43,8 @@ $lng['requirements']['bcmathdescription'] = 'Traffic-Berechnungs bezogene Funkti
$lng['requirements']['zipdescription'] = 'Die Auto-Update Funktion benötigt die zip Erweiterung.'; $lng['requirements']['zipdescription'] = 'Die Auto-Update Funktion benötigt die zip Erweiterung.';
$lng['requirements']['openbasedir'] = 'open_basedir genutzt wird...'; $lng['requirements']['openbasedir'] = 'open_basedir genutzt wird...';
$lng['requirements']['openbasedirenabled'] = 'Froxlor wird mit aktiviertem open_basedir nicht vollständig funktionieren. Bitte deaktivieren Sie open_basedir für Froxlor in der entsprechenden php.ini'; $lng['requirements']['openbasedirenabled'] = 'Froxlor wird mit aktiviertem open_basedir nicht vollständig funktionieren. Bitte deaktivieren Sie open_basedir für Froxlor in der entsprechenden php.ini';
$lng['requirements']['mysqldump'] = 'MySQL dump Tool';
$lng['requirements']['mysqldumpmissing'] = 'Ein automatisches Backup einer möglicherweise schon existierenden Datenbank nicht möglich. Bitte mysql-client installieren';
$lng['requirements']['diedbecauseofrequirements'] = 'Kann Froxlor ohne diese Voraussetzungen nicht installieren! Beheben Sie die angezeigten Probleme und versuchen Sie es erneut.'; $lng['requirements']['diedbecauseofrequirements'] = 'Kann Froxlor ohne diese Voraussetzungen nicht installieren! Beheben Sie die angezeigten Probleme und versuchen Sie es erneut.';
$lng['requirements']['froxlor_succ_checks'] = 'Alle Vorraussetzungen sind erfüllt'; $lng['requirements']['froxlor_succ_checks'] = 'Alle Vorraussetzungen sind erfüllt';

13
install/updates/froxlor/0.9/update_0.9.inc.php
View File

@@ -3998,3 +3998,16 @@ if (isDatabaseVersion('201805241')) {
updateToDbVersion('201805290'); updateToDbVersion('201805290');
} }
} }
if (isDatabaseVersion('201805290')) {
showUpdateStep("Adding leaccount field to panel customers");
Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` ADD COLUMN `leaccount` varchar(255) default '' AFTER `leregistered`;");
lastStepStatus(0);
showUpdateStep("Adding system setting for let's-encrypt account");
Settings::AddNew('system.leaccount', "");
lastStepStatus(0);
updateToDbVersion('201809180');
}

6
lib/classes/cURL/class.HttpClient.php
View File

@@ -10,13 +10,15 @@ class HttpClient
* *
* @return array * @return array
*/ */
public static function urlGet($url) public static function urlGet($url, $follow_location = true)
{ {
include FROXLOR_INSTALL_DIR . '/lib/version.inc.php'; include FROXLOR_INSTALL_DIR . '/lib/version.inc.php';
$ch = curl_init(); $ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_USERAGENT, 'Froxlor/' . $version); curl_setopt($ch, CURLOPT_USERAGENT, 'Froxlor/' . $version);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); if ($follow_location) {
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
}
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$output = curl_exec($ch); $output = curl_exec($ch);
if ($output === false) { if ($output === false) {

6
lib/classes/ssl/class.lescript.php
View File

@@ -82,7 +82,7 @@ class lescript
Settings::Set('system.leprivatekey', $keys['private']); Settings::Set('system.leprivatekey', $keys['private']);
Settings::Set('system.leregistered', 0); // key is not registered Settings::Set('system.leregistered', 0); // key is not registered
} else { } else {
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private, `leregistered` = :registered " . "WHERE `customerid` = :customerid;"); $upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private, `leregistered` = :registered WHERE `customerid` = :customerid;");
Database::pexecute($upd_stmt, array( Database::pexecute($upd_stmt, array(
'public' => $keys['public'], 'public' => $keys['public'],
'private' => $keys['private'], 'private' => $keys['private'],
@@ -216,7 +216,7 @@ class lescript
// simple self check // simple self check
if (Settings::Get('system.disable_le_selfcheck') == '0') if (Settings::Get('system.disable_le_selfcheck') == '0')
{ {
$selfcheckpayload = HttpClient::urlGet($uri); $selfcheckpayload = HttpClient::urlGet($uri, false);
if ($payload !== trim($selfcheckpayload)) { if ($payload !== trim($selfcheckpayload)) {
$errmsg = json_encode(error_get_last()); $errmsg = json_encode(error_get_last());
if ($errmsg != "null") { if ($errmsg != "null") {
@@ -342,7 +342,7 @@ class lescript
if ($this->isFroxlorVhost) { if ($this->isFroxlorVhost) {
Settings::Set('system.leregistered', $state); Settings::Set('system.leregistered', $state);
} else { } else {
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered " . "WHERE `customerid` = :customerid;"); $upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered WHERE `customerid` = :customerid;");
Database::pexecute($upd_stmt, array( Database::pexecute($upd_stmt, array(
'registered' => $state, 'registered' => $state,
'customerid' => $this->customerId 'customerid' => $this->customerId

85
lib/classes/ssl/class.lescript_v2.php
View File

@@ -76,6 +76,7 @@ class lescript_v2
$this->customerId = (! $isFroxlorVhost ? $certrow['customerid'] : null); $this->customerId = (! $isFroxlorVhost ? $certrow['customerid'] : null);
$this->isFroxlorVhost = $isFroxlorVhost; $this->isFroxlorVhost = $isFroxlorVhost;
$this->isLeProduction = (Settings::Get('system.letsencryptca') == 'production'); $this->isLeProduction = (Settings::Get('system.letsencryptca') == 'production');
$this->_acc_location = $certrow['leaccount'];
$leregistered = $certrow['leregistered']; $leregistered = $certrow['leregistered'];
@@ -93,7 +94,7 @@ class lescript_v2
Settings::Set('system.leprivatekey', $keys['private']); Settings::Set('system.leprivatekey', $keys['private']);
Settings::Set('system.leregistered', 0); // key is not registered Settings::Set('system.leregistered', 0); // key is not registered
} else { } else {
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private, `leregistered` = :registered " . "WHERE `customerid` = :customerid;"); $upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private, `leregistered` = :registered WHERE `customerid` = :customerid;");
Database::pexecute($upd_stmt, array( Database::pexecute($upd_stmt, array(
'public' => $keys['public'], 'public' => $keys['public'],
'private' => $keys['private'], 'private' => $keys['private'],
@@ -149,42 +150,55 @@ class lescript_v2
// start domains authentication // start domains authentication
// ---------------------------- // ----------------------------
// Prepare order
$domains_in_order = array();
foreach ($domains as $domain) { foreach ($domains as $domain) {
$domains_in_order []= array(
"type" => "dns",
"value" => $domain
);
}
// Send new-order request
$response = $this->signedRequest($this->_req_uris['newOrder'], array(
"identifiers" => $domains_in_order
), false);
if ($this->client->getLastCode() == 403) {
$this->log("Got status 403 - setting LE status to unregistered.");
$this->_acc_location = '';
$this->setLeRegisteredState(0);
throw new RuntimeException("Got 'unauthorized' response - we need to re-register at next run. Whole response: " . json_encode($response));
}
// if response is not an array but a string, it's most likely a server-error, e.g.
// <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>An error occurred while processing your request.
// <p>Reference&#32;&#35;179&#46;d8be1402&#46;1458059103&#46;3613c4db</BODY></HTML>
if (! is_array($response)) {
throw new RuntimeException("Invalid response from LE for domain $domain. Whole response: " . json_encode($response));
}
if (! array_key_exists('authorizations', $response)) {
throw new RuntimeException("No authorizations received for $domain. Whole response: " . json_encode($response));
}
$authorizations = $response['authorizations'];
$finalizeLink = $response['finalize'];
$i = 0;
foreach ($authorizations as $authorization) {
// 1. getting available authentication options // 1. getting available authentication options
// ------------------------------------------- // -------------------------------------------
$domain = $response['identifiers'][$i++]['value'];
$this->log("Requesting challenge for $domain"); $this->log("Requesting challenge for $domain");
$response = $this->signedRequest($this->_req_uris['newOrder'], array(
"identifiers" => array(
array(
"type" => "dns",
"value" => $domain
)
)
), false);
if ($this->client->getLastCode() == 403) {
$this->log("Got status 403 - setting LE status to unregistered.");
$this->setLeRegisteredState(0);
throw new RuntimeException("Got 'unauthorized' response - we need to re-register at next run. Whole response: " . json_encode($response));
}
// if response is not an array but a string, it's most likely a server-error, e.g.
// <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>An error occurred while processing your request.
// <p>Reference&#32;&#35;179&#46;d8be1402&#46;1458059103&#46;3613c4db</BODY></HTML>
if (! is_array($response)) {
throw new RuntimeException("Invalid response from LE for domain $domain. Whole response: " . json_encode($response));
}
if (! array_key_exists('authorizations', $response)) {
throw new RuntimeException("No authorizations received for $domain. Whole response: " . json_encode($response));
}
// get authorization // get authorization
$auth_response = $this->client->get($response['authorizations'][0]); $auth_response = $this->client->get($authorization);
if (! array_key_exists('challenges', $auth_response)) { if (! array_key_exists('challenges', $auth_response)) {
throw new RuntimeException("No challenges received for $domain. Whole response: " . json_encode($auth_response)); throw new RuntimeException("No challenges received for $domain. Whole response: " . json_encode($auth_response));
@@ -201,7 +215,6 @@ class lescript_v2
$this->log("Got challenge token for $domain"); $this->log("Got challenge token for $domain");
$location = $challenge['url']; $location = $challenge['url'];
$finalizeLink = $response['finalize'];
// 2. saving authentication token for web verification // 2. saving authentication token for web verification
// --------------------------------------------------- // ---------------------------------------------------
@@ -233,7 +246,7 @@ class lescript_v2
// simple self check // simple self check
if (Settings::Get('system.disable_le_selfcheck') == '0') { if (Settings::Get('system.disable_le_selfcheck') == '0') {
$selfcheckpayload = HttpClient::urlGet($uri); $selfcheckpayload = HttpClient::urlGet($uri, false);
if ($payload !== trim($selfcheckpayload)) { if ($payload !== trim($selfcheckpayload)) {
$errmsg = json_encode(error_get_last()); $errmsg = json_encode(error_get_last());
if ($errmsg != "null") { if ($errmsg != "null") {
@@ -336,10 +349,12 @@ class lescript_v2
if ($this->isLeProduction) { if ($this->isLeProduction) {
if ($this->isFroxlorVhost) { if ($this->isFroxlorVhost) {
Settings::Set('system.leregistered', $state); Settings::Set('system.leregistered', $state);
Settings::Set('system.leaccount', $this->_acc_location);
} else { } else {
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered " . "WHERE `customerid` = :customerid;"); $upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered, `leaccount` = :kid WHERE `customerid` = :customerid;");
Database::pexecute($upd_stmt, array( Database::pexecute($upd_stmt, array(
'registered' => $state, 'registered' => $state,
'kid' => $this->_acc_location,
'customerid' => $this->customerId 'customerid' => $this->customerId
)); ));
} }
@@ -495,8 +510,8 @@ class Client
private function curl($method, $url, $data = null) private function curl($method, $url, $data = null)
{ {
$headers = array( $headers = array(
'Accept: application/json', 'Accept: application/jose+json',
'Content-Type: application/json' 'Content-Type: application/jose+json'
); );
$handle = curl_init(); $handle = curl_init();
curl_setopt($handle, CURLOPT_URL, preg_match('~^http~', $url) ? $url : $this->base . $url); curl_setopt($handle, CURLOPT_URL, preg_match('~^http~', $url) ? $url : $this->base . $url);
@@ -550,7 +565,7 @@ class Client
return trim($matches[1]); return trim($matches[1]);
} }
$this->curl('GET', '/directory'); $this->curl('GET', '/acme/new-nonce');
return $this->getLastNonce(); return $this->getLastNonce();
} }

2
lib/configfiles/gentoo.xml
View File

@@ -2138,7 +2138,7 @@ protocol lda {
driver = mysql driver = mysql
connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD> connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
default_pass_scheme = CRYPT default_pass_scheme = CRYPT
password_query = "SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota,'M') AS userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve')" password_query = "SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota,'M') AS userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))"
user_query = "SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('*:storage=', quota,'M') AS quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u')" user_query = "SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('*:storage=', quota,'M') AS quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u')"
iterate_query = "SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1)" iterate_query = "SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1)"
]]> ]]>

2
lib/configfiles/jessie.xml
View File

@@ -2719,7 +2719,7 @@ user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir
# SELECT userid AS user, password, \ # SELECT userid AS user, password, \
# home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \ # home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
# FROM users WHERE userid = '%u' # FROM users WHERE userid = '%u'
password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve') password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))
# Query to get a list of all usernames. # Query to get a list of all usernames.
#iterate_query = SELECT username AS user FROM users #iterate_query = SELECT username AS user FROM users

2
lib/configfiles/precise.xml
View File

@@ -1034,7 +1034,7 @@ userdb {
driver = mysql driver = mysql
connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD> connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
default_pass_scheme = CRYPT default_pass_scheme = CRYPT
password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve') password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))
user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('maildir:storage=', (quota*1024)) as quota FROM mail_users WHERE (username = '%u' OR email = '%u') user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('maildir:storage=', (quota*1024)) as quota FROM mail_users WHERE (username = '%u' OR email = '%u')
iterate_query = SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1) iterate_query = SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1)
]]> ]]>

2
lib/configfiles/rhel_centos.xml
View File

@@ -1774,7 +1774,7 @@ default_pass_scheme = CRYPT
#password_query = \ #password_query = \
# SELECT username, domain, password \ # SELECT username, domain, password \
# FROM users WHERE username = '%n' AND domain = '%d' # FROM users WHERE username = '%n' AND domain = '%d'
password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve') password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))
#password_query = SELECT username as user, password, '/var/vmail/%d/%n' as userdb_home, 'maildir:/var/vmail/%d/%n' as userdb_mail, 150 as userdb_uid, 12 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1' #password_query = SELECT username as user, password, '/var/vmail/%d/%n' as userdb_home, 'maildir:/var/vmail/%d/%n' as userdb_mail, 150 as userdb_uid, 12 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1'
# userdb query to retrieve the user information. It can return fields: # userdb query to retrieve the user information. It can return fields:

2
lib/configfiles/stretch.xml
View File

@@ -2728,7 +2728,7 @@ user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir
# SELECT userid AS user, password, \ # SELECT userid AS user, password, \
# home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \ # home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
# FROM users WHERE userid = '%u' # FROM users WHERE userid = '%u'
password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve') password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))
# Query to get a list of all usernames. # Query to get a list of all usernames.
#iterate_query = SELECT username AS user FROM users #iterate_query = SELECT username AS user FROM users

2
lib/configfiles/trusty.xml
View File

@@ -1048,7 +1048,7 @@ auth_mechanisms = plain login
driver = mysql driver = mysql
connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD> connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
default_pass_scheme = CRYPT default_pass_scheme = CRYPT
password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve') password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))
user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('*:storage=', quota, 'M') as quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('*:storage=', quota, 'M') as quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u')
iterate_query = SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1) iterate_query = SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1)
]]> ]]>

2
lib/configfiles/xenial.xml
View File

@@ -2739,7 +2739,7 @@ user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir
# SELECT userid AS user, password, \ # SELECT userid AS user, password, \
# home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \ # home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
# FROM users WHERE userid = '%u' # FROM users WHERE userid = '%u'
password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve') password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))
# Query to get a list of all usernames. # Query to get a list of all usernames.
#iterate_query = SELECT username AS user FROM users #iterate_query = SELECT username AS user FROM users

2
scripts/jobs/cron_letsencrypt_v2.php
View File

@@ -45,6 +45,7 @@ $certificates_stmt = Database::query("
cust.`leprivatekey`, cust.`leprivatekey`,
cust.`lepublickey`, cust.`lepublickey`,
cust.`leregistered`, cust.`leregistered`,
cust.`leaccount`,
cust.`customerid`, cust.`customerid`,
cust.`loginname` cust.`loginname`
FROM FROM
@@ -109,6 +110,7 @@ if (Settings::Get('system.le_froxlor_enabled') == '1') {
'leprivatekey' => Settings::Get('system.leprivatekey'), 'leprivatekey' => Settings::Get('system.leprivatekey'),
'lepublickey' => Settings::Get('system.lepublickey'), 'lepublickey' => Settings::Get('system.lepublickey'),
'leregistered' => Settings::Get('system.leregistered'), 'leregistered' => Settings::Get('system.leregistered'),
'leaccount' => Settings::Get('system.leaccount'),
'ssl_redirect' => Settings::Get('system.le_froxlor_redirect'), 'ssl_redirect' => Settings::Get('system.le_froxlor_redirect'),
'expirationdate' => null, 'expirationdate' => null,
'ssl_cert_file' => null, 'ssl_cert_file' => null,