maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity
3,614 Commits 6 Branches 188 Tags
7cc17b9ca591c36a3bc98197574eb6de3ad0ca56
Commit Graph

547 Commits

Author SHA1 Message Date
Michael Kaufmann (d00p)
5789e9a8a4 re-add old IDNA class so we do not have to force the php-5.6 requirement for froxlor 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-06-19 18:59:44 +02:00
Michael Kaufmann (d00p)
843845a825 Update Idna-Converter to version 1.0.2 (default IDNA standard is now 2008) 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-06-16 11:03:02 +02:00
Florian Klink
7a36f5edac lng: fix typo decending -> descending 2016-06-07 22:33:24 +02:00
Oliver Hader
2e7133d619 [SECURITY] Information disclosure on database failures 
In case the database is not responding, e.g. due to "too many connections"
cut-off database credentials might be shown and system path be revealed.
In terms of security this is considered as information disclosure.
 2016-06-04 20:41:03 +02:00
Michael Kaufmann (d00p)
151d8f8c5c Merge remote-tracking branch 'origin/master' into dns-editor 2016-05-23 15:55:24 +02:00
Michael Kaufmann (d00p)
08563e9298 add more opcache-php.ini directives for php-fpm, fixes #1624 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-05-23 13:01:05 +02:00
Michael Kaufmann (d00p)
94af32fb82 Merge remote-tracking branch 'origin/master' into dns-editor 2016-05-18 13:40:41 +02:00
Michael Kaufmann (d00p)
d97957e558 array short-syntax is only PHP >= 5.4 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-05-18 12:12:34 +02:00
Michael Kaufmann (d00p)
9d16790f5b Update phpMailer to 5.2.15 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-05-18 10:43:16 +02:00
Michael Kaufmann (d00p)
11e923453e Merge remote-tracking branch 'origin/master' into dns-editor 2016-05-16 19:59:27 +02:00
Daniel Reichelt
f3e05742b5 LE: change semantics of setting.letsencryptreuseold 
Previously setting.letsencryptreuseold determined wheter both a domain's
private key and a CSR should be re-generated.

Preparing support of alias domains in LE certificates, this is changed to
only determine the re-generation of the private key. CSRs now are always
re-generated.
 2016-05-16 17:35:51 +02:00
Daniel Reichelt
001f10f74e LE: catch error due to rate-limited account registration 
and fix bad english in log message
 2016-05-16 17:35:51 +02:00
Daniel Reichelt
0ae0178b4c LE: PSR-2 formatting 2016-05-16 17:35:51 +02:00
Michael Kaufmann (d00p)
68fa0e6576 let createDomainZone() return the DnsZone object for better use later 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-05-15 09:56:48 +02:00
Michael Kaufmann (d00p)
8d8da0986a fix typo in DnsEntry class 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-05-15 08:53:47 +02:00
Michael Kaufmann (d00p)
e0e748a0bc outsource record-generation and zone-generation to classes for better handling 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-05-15 08:46:23 +02:00
Michael Kaufmann (d00p)
84f1d94ad6 check for php-curl installed when cron_letsencrypt runs; format source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-04-11 08:02:18 +02:00
Daniel Schmitz
3405c7e313 Let's Encrypt: Always regenerate a new account-key, if staging 2016-03-24 01:26:57 +08:00
Michael Kaufmann (d00p)
30bd81064c make newly added settings available immediately 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-03-23 00:11:00 +01:00
Michael Kaufmann (d00p)
228d07ca66 output error in case of a server-error from LE, fixes #1609 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-03-15 17:45:43 +01:00
Michael Kaufmann (d00p)
104383d31e add a few opcache relevant php-ini directives to be used with php-fpm; add opcache.restrict_api to the default php-config for each domain with the customer's docroot as default value 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-03-15 17:05:09 +01:00
Daniel Reichelt
d545734072 ConfigDaemon: add notisfile/notisdir visibility conditions 2016-03-13 19:00:50 +01:00
Daniel Reichelt
291fae1744 cron/LE: more verbose error message on token error 
be more specific about what exactly went wrong when trying to assert the
challenge/response payload (like e.g. http response code, error in DNS
resolution etc.)
 2016-03-08 08:21:10 +01:00
Michael Kaufmann (d00p)
3d5e6152cd update PHPMailer to 5.2.14 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-03-02 15:41:12 +01:00
Michael Kaufmann (d00p)
6a10020e9b respect 'start_servers value must not be greater than max_spare_servers' correctly, thx to Ragnos for the info 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-02-27 18:52:14 +01:00
Evi Vanoost
83fd1ab0ca class.lescript.php: OpenSSL requires integer for key size. DB returns string. Cast string to integer 
trusty.xml: All files in conf.d get automatically included causing the location to be out of place and nginx fails to start
cron_tasks.inc.http.30.nginx.php: Location directives should be included in a host, nginx doesn't have the concept of global location directives in the way apache does
 2016-02-21 18:55:02 -05:00
Johannes Feichtner
32c32a7e7a Enable multiple standard IPs 2016-02-21 14:00:26 +01:00
Michael Kaufmann
6e0f18b200 Merge pull request #301 from Churro/froxlorMerge 
Fix for case insensitivity bug in Apache 2.4.12 + PHP-FPM
 2016-02-20 17:17:41 +01:00
Stefan Weil
50e7311390 Fix some typos in code comments 
Most of them were found by codespell.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
 2016-02-20 17:10:24 +01:00
Johannes Feichtner
1c4b88d014 Fix for case insensitivity bug in Apache 2.4.12 + PHP-FPM 
With Apache 2.4.12, the FPM socket path is always considered as a
lowercase file path regardless of the used capitalization.
If Froxlor creates a socket file containing uppercase characters, Apache fails to find to the socket.
See https://bz.apache.org/bugzilla/show_bug.cgi?id=57968
 2016-02-20 16:58:59 +01:00
Florian Aders
dabd4a4a4e Merge pull request #298 from nachtgeist/logging 
Logging
 2016-02-19 20:46:22 +01:00
Daniel Reichelt
3d2b672feb cron logging: really print messages of level >= LOG_WARNING 
also fix mixed indentation
 2016-02-19 20:32:02 +01:00
Florian Aders
e621e02f92 Allow selecting new keysize, fixes #1594 
Prepare database and cron for HSTS, refs #1593
Added option to re-use key and CSR for Let's Encrypt

Signed-off-by: Florian Aders <eleras@froxlor.org>
 2016-02-19 17:35:44 +01:00
Daniel Reichelt
b071b8c2d9 LE: remove challenge file on failure, take #2 ;) 2016-02-19 14:44:23 +01:00
Daniel Reichelt
185178a91e LE: whitespace fixes 
- fix mixed indentations
- remove trailing whitespace
 2016-02-19 14:44:22 +01:00
Florian Aders
9ca31c10ae Only store accountkeys in production 
Signed-off-by: Florian Aders <eleras@froxlor.org>
 2016-02-19 12:27:17 +01:00
Florian Aders
9f54e60056 Answer all Let's Encrypt challenges via alias to a directory in Froxlor itself, enables us to answer challenges before the vhost is set, thx PrfDrDrStullenBr for the idea \(vhost - configs for most distributions untested\) 
Signed-off-by: Florian Aders <eleras@froxlor.org>
 2016-02-18 21:43:44 +01:00
Florian Aders
5151f50d49 Renamed "debugHandler" to "logger" to be more specific 
Signed-off-by: Florian Aders <eleras@froxlor.org>
 2016-02-18 20:47:47 +01:00
Florian Aders
9b08d67ea7 Remove challengefile if challenge fails, thx nachtgeist 
Signed-off-by: Florian Aders <eleras@froxlor.org>
 2016-02-18 20:40:41 +01:00
Daniel Reichelt
ac52802caa logging: replace hard-coded number by PHP loglevel constant 2016-02-18 09:18:42 +01:00
Michael Kaufmann (d00p)
8356860945 add syslog page for customer; pagination needs to be fixed 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-02-17 08:43:00 +01:00
Michael Kaufmann (d00p)
7b29d43c66 Merge branch 'logging' of https://github.com/nachtgeist/Froxlor into nachtgeist-logging 2016-02-17 08:41:17 +01:00
Daniel Reichelt
a68effe4e7 logging: add loglevel to syslog output 2016-02-16 20:19:31 +01:00
Daniel Reichelt
71248f0adf cron logging: always print messages of level >= LOG_WARNING 2016-02-16 18:13:30 +01:00
Daniel Reichelt
ca80b6372b cron/logging: add choice to always log cronjobs 2016-02-16 17:33:42 +01:00
Florian Aders
ddaadf81d6 Temporarily deactivate ssl_redirect if a new Let's Encrypt certificate needs to be generated 
Signed-off-by: Florian Aders <eleras@froxlor.org>
 2016-02-16 14:31:07 +01:00
Michael Kaufmann (d00p)
f65af0067d add --debug parameter for froxlor_master_cronjob, thx to nachtgeist for the idea 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-02-16 10:07:02 +01:00
Florian Aders
ea2fa3be15 Changed CSR - request generation to 4096 bit 
Signed-off-by: Florian Aders <eleras@froxlor.org>
 2016-02-14 17:31:28 +01:00
Daniel Reichelt
dd0689c13f language: add message/spelling 
- add missing message for let's encrypt integrity check
- small spellfixes
 2016-02-09 00:33:01 +01:00
Florian Aders
2472a52fed Make some Let's encrypt settings configurable 
Signed-off-by: Florian Aders <eleras@froxlor.org>
 2016-02-03 17:21:48 +01:00