maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity
3,231 Commits 6 Branches 188 Tags
9799e05ce4642e8ea62e6893eff4b08b3526560f
Commit Graph

417 Commits

Author SHA1 Message Date
Michael Kaufmann (d00p)
9799e05ce4 idna convert the whole URI for uri's in docroot as redirect, fixes #1654 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-09-22 07:46:50 +02:00
Michael Kaufmann (d00p)
6a85c37b48 do not replace multiple quotes with just one, as it leads to possible syntax-errors in php.ini, thx to hp7007 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-09-19 12:17:56 +02:00
Michael Kaufmann (d00p)
b8c2047379 try to implement ssl-redirect for froxlor-vhost; combine various settings that are froxlor-vhost related into its own category, fixes #1480 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-09-11 17:48:08 +02:00
Jens A. Koch
c51840e760 bugfix for error, when trying to call function logAction() on undefined var $cronlog 2016-09-11 12:00:26 +02:00
Michael Kaufmann (d00p)
e4887362ec added let's encrypt for froxlor vhost - untested for now, testers are welcome 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-09-05 17:01:10 +02:00
Oliver Rahner
9260319ac1 Letsencrypt: only update registration when necessary 
if no Terms of Service are presented by the ACME server when registering, don't update registration
 2016-09-04 21:27:23 +02:00
Oliver Rahner
34767a14d5 Remove dependency on hard coded agreement URL for Let's Encrypt 
Change the process to first create a new registration, which delivers the current TOS url in the response's header, then modify the newly created registration to accept the agreement.
 2016-08-31 16:35:59 +02:00
Oliver Rahner
7f56e98009 do not die after token self check 
We have to finish the challenge request so that the auth does not linger in state "pending", but goes to "invalid". See https://forum.froxlor.org/index.php/topic/13463-lets-encrypt-zertifikate-werden-nicht-erneuert/#entry32895
 2016-08-29 10:46:21 +02:00
Michael Kaufmann (d00p)
a840905166 set version specific user-agent in lescript like we do in ajax stuff 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-08-28 14:07:13 +02:00
w6g23
d31589ba99 Set a User Agent in the HTTP request fetching the LE challenge URI for self check 
A rule (e.g. Wordpress plugin iThemes) might block requests with empty
User Agents.
 2016-08-28 12:59:09 +02:00
Michael Wyraz
dd4cfebe75 append wildcards to search if user did not enter any 2016-08-22 15:55:13 +02:00
Michael Kaufmann (d00p)
468d20ee57 really reuse old csr if given + code formatting 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-08-06 09:32:03 +02:00
Michael Kaufmann (d00p)
cd806b19f7 update let's encrypt subscriber agreement to v1.1.1 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-08-06 07:40:14 +02:00
Michael Kaufmann (d00p)
b2f815617c Update Let's Encrypt subscriber agreement, fixes #1644 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-08-04 07:40:08 +02:00
Michael Kaufmann (d00p)
ceaa0fcf5c Update phpMailer to version 5.2.16 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-08-02 08:50:22 +02:00
Michael Kaufmann (d00p)
aa76ae4ddc check for uid/gid or username/groupname correctly in config-xml files, fixes #1642 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-08-01 08:47:45 +02:00
Michael Wyraz
54e2f83b17 function Settings::IsInList that tests if an option of a multi-select setting is set 2016-07-22 10:30:13 +02:00
Daniel Reichelt
7d2c64ce63 generic html form handling: don't remove leading tabs 
(+remove commented out code in the vicinity, probably debugging remnants)
 2016-06-24 08:43:02 +02:00
Michael Kaufmann (d00p)
6f8aa1cbc0 update another idnaconvert related class 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-06-19 20:22:00 +02:00
Michael Kaufmann (d00p)
b22e70804b update new IdnaConvert class with needed fixes in them 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-06-19 20:15:33 +02:00
Michael Kaufmann (d00p)
5789e9a8a4 re-add old IDNA class so we do not have to force the php-5.6 requirement for froxlor 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-06-19 18:59:44 +02:00
Michael Kaufmann (d00p)
843845a825 Update Idna-Converter to version 1.0.2 (default IDNA standard is now 2008) 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-06-16 11:03:02 +02:00
Florian Klink
7a36f5edac lng: fix typo decending -> descending 2016-06-07 22:33:24 +02:00
Oliver Hader
2e7133d619 [SECURITY] Information disclosure on database failures 
In case the database is not responding, e.g. due to "too many connections"
cut-off database credentials might be shown and system path be revealed.
In terms of security this is considered as information disclosure.
 2016-06-04 20:41:03 +02:00
Michael Kaufmann (d00p)
151d8f8c5c Merge remote-tracking branch 'origin/master' into dns-editor 2016-05-23 15:55:24 +02:00
Michael Kaufmann (d00p)
08563e9298 add more opcache-php.ini directives for php-fpm, fixes #1624 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-05-23 13:01:05 +02:00
Michael Kaufmann (d00p)
94af32fb82 Merge remote-tracking branch 'origin/master' into dns-editor 2016-05-18 13:40:41 +02:00
Michael Kaufmann (d00p)
d97957e558 array short-syntax is only PHP >= 5.4 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-05-18 12:12:34 +02:00
Michael Kaufmann (d00p)
9d16790f5b Update phpMailer to 5.2.15 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-05-18 10:43:16 +02:00
Michael Kaufmann (d00p)
11e923453e Merge remote-tracking branch 'origin/master' into dns-editor 2016-05-16 19:59:27 +02:00
Daniel Reichelt
f3e05742b5 LE: change semantics of setting.letsencryptreuseold 
Previously setting.letsencryptreuseold determined wheter both a domain's
private key and a CSR should be re-generated.

Preparing support of alias domains in LE certificates, this is changed to
only determine the re-generation of the private key. CSRs now are always
re-generated.
 2016-05-16 17:35:51 +02:00
Daniel Reichelt
001f10f74e LE: catch error due to rate-limited account registration 
and fix bad english in log message
 2016-05-16 17:35:51 +02:00
Daniel Reichelt
0ae0178b4c LE: PSR-2 formatting 2016-05-16 17:35:51 +02:00
Michael Kaufmann (d00p)
68fa0e6576 let createDomainZone() return the DnsZone object for better use later 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-05-15 09:56:48 +02:00
Michael Kaufmann (d00p)
8d8da0986a fix typo in DnsEntry class 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-05-15 08:53:47 +02:00
Michael Kaufmann (d00p)
e0e748a0bc outsource record-generation and zone-generation to classes for better handling 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-05-15 08:46:23 +02:00
Michael Kaufmann (d00p)
84f1d94ad6 check for php-curl installed when cron_letsencrypt runs; format source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-04-11 08:02:18 +02:00
Daniel Schmitz
3405c7e313 Let's Encrypt: Always regenerate a new account-key, if staging 2016-03-24 01:26:57 +08:00
Michael Kaufmann (d00p)
30bd81064c make newly added settings available immediately 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-03-23 00:11:00 +01:00
Michael Kaufmann (d00p)
228d07ca66 output error in case of a server-error from LE, fixes #1609 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-03-15 17:45:43 +01:00
Michael Kaufmann (d00p)
104383d31e add a few opcache relevant php-ini directives to be used with php-fpm; add opcache.restrict_api to the default php-config for each domain with the customer's docroot as default value 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-03-15 17:05:09 +01:00
Daniel Reichelt
d545734072 ConfigDaemon: add notisfile/notisdir visibility conditions 2016-03-13 19:00:50 +01:00
Daniel Reichelt
291fae1744 cron/LE: more verbose error message on token error 
be more specific about what exactly went wrong when trying to assert the
challenge/response payload (like e.g. http response code, error in DNS
resolution etc.)
 2016-03-08 08:21:10 +01:00
Michael Kaufmann (d00p)
3d5e6152cd update PHPMailer to 5.2.14 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-03-02 15:41:12 +01:00
Michael Kaufmann (d00p)
6a10020e9b respect 'start_servers value must not be greater than max_spare_servers' correctly, thx to Ragnos for the info 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-02-27 18:52:14 +01:00
Evi Vanoost
83fd1ab0ca class.lescript.php: OpenSSL requires integer for key size. DB returns string. Cast string to integer 
trusty.xml: All files in conf.d get automatically included causing the location to be out of place and nginx fails to start
cron_tasks.inc.http.30.nginx.php: Location directives should be included in a host, nginx doesn't have the concept of global location directives in the way apache does
 2016-02-21 18:55:02 -05:00
Johannes Feichtner
32c32a7e7a Enable multiple standard IPs 2016-02-21 14:00:26 +01:00
Michael Kaufmann
6e0f18b200 Merge pull request #301 from Churro/froxlorMerge 
Fix for case insensitivity bug in Apache 2.4.12 + PHP-FPM
 2016-02-20 17:17:41 +01:00
Stefan Weil
50e7311390 Fix some typos in code comments 
Most of them were found by codespell.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
 2016-02-20 17:10:24 +01:00
Johannes Feichtner
1c4b88d014 Fix for case insensitivity bug in Apache 2.4.12 + PHP-FPM 
With Apache 2.4.12, the FPM socket path is always considered as a
lowercase file path regardless of the used capitalization.
If Froxlor creates a socket file containing uppercase characters, Apache fails to find to the socket.
See https://bz.apache.org/bugzilla/show_bug.cgi?id=57968
 2016-02-20 16:58:59 +01:00