maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity
5,717 Commits 6 Branches 188 Tags
2.1.9
Commit Graph

5717 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Kaufmann
1347b877a5 set version to 2.1.9 for security bugfix release 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
2.1.9 		2024-05-03 07:58:15 +02:00
Michael Kaufmann
a862307bce Merge pull request from GHSA-x525-54hf-xr53 
* do not log unvalidated user-input to mysql-log (if enabled)

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

* clean log-text to only allow a subset of special characters

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

* clean log-text when selecting from database to avoid possible previously added malicious entries

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

---------

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-05-03 07:56:40 +02:00
Michael Kaufmann
2f03eee9aa add compatibility for mariadb-dump executable instead of mysqldump 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-04-27 10:24:52 +02:00
Michael Kaufmann
f4183b020b set version to 2.1.8 for bugfix release 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
2.1.8 		2024-03-29 11:27:32 +01:00
Michael Kaufmann
9a3d88e8c9 fix domains speciallogfile ajax-check/note; improve ajax ip check in admin_ipsandports 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-03-27 11:08:45 +01:00
Michael Kaufmann
c9460fd58f also add logfiles to virtual-host if it's a redirect 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-03-27 10:17:48 +01:00
Michael Kaufmann
6ef532b470 fix missing csrf tokens for some ajax requests 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-03-27 10:17:37 +01:00
Wiebe Cazemier
5909401cdd Fix "expires" option cannot have a year greater than 9999 (#1246) 
This fixes the exception: '"expires" option cannot have a year greater
than 9999', which happens on upgrade from Debian 11 to 12. The session
timeout in the DB is 9999999999999, so we constrain the value.
 2024-03-25 08:22:00 +01:00
Michael Kaufmann
809e8ef45b set version to 2.1.7 for maintenance release 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
2.1.7 		2024-03-17 08:30:38 +01:00
Michael Kaufmann
0a091a99e8 wrap SetHandler to php-fpm in file-exists check, as we do for customer-domains already 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-03-17 08:24:56 +01:00
dependabot[bot]
e299fbe665 Bump follow-redirects from 1.15.4 to 1.15.6 (#1244) 
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.4 to 1.15.6.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.15.4...v1.15.6)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-17 08:15:09 +01:00
Michael Kaufmann
67e8b622d8 correctly save pass_authorizationheader flag for php-configs if FCGID is used; correctly add 'FcgidPassHeader' for froxlor-vhost itself if set 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-03-17 08:13:24 +01:00
Michael Kaufmann
ce509273d4 correctly validate if a symlink is within the customers home-directory if it's not an absolute path; fixes #1242 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-03-08 09:23:58 +01:00
Michael Kaufmann
bcf588a2e4 correctly disabled ssl-related settings when domain update sets ssl-enbled flag to false; fixes #1241 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-03-04 16:49:20 +01:00
Michael Kaufmann
f08d540e66 dont escape panel_password_special_char field 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-03-03 10:37:42 +01:00
Michael Kaufmann
e06db3d8c5 re-trigger vhost regeneration on tmp. ssl-redirect 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-03-03 10:36:41 +01:00
Michael Kaufmann
c5c04ebe9c fix adding/editing domains as customer when php is not enabled for the domain; don't add custom-vhost-content to deactivated domain-vhosts 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-02-05 22:10:33 +01:00
Michael Kaufmann
c9faa38f6c fix regression bug in 'incorrect top-5 customers' sorting in traffic-overview which leads to incorrect customer-links due to wrong indexing in the array; fixes #1236 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-02-04 20:34:48 +01:00
Michael Kaufmann
c188f047dc backport UI/Callback fixes from 2.2-dev (main); fixes #1235 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-02-04 18:53:12 +01:00
Michael Kaufmann
775d50306c set version to 2.1.6 for bugfix/regression release 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
2.1.6 		2024-02-03 14:22:33 +01:00
Michael Kaufmann
3821144c3b also fix unittests accordingly 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-02-03 14:08:23 +01:00
Michael Kaufmann
a1da70c221 fix password crypt hash being always evaluated to argon2i as the case always returns true if PASSWORD_ARGON2I is defined but the froxlor setting might be set to another hash leading to a useless password 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-02-03 13:49:43 +01:00
Michael Kaufmann
bb2db0fed0 set version to 2.1.5 for bugfix release 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
2.1.5 		2024-02-02 11:18:48 +01:00
Michael Kaufmann
9680f24640 fix check for allowed_phpconfigs if using mod_php when adding/editing a customer 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-01-30 19:32:10 +01:00
Michael Kaufmann
c732fbd81b set correct channel for update-check if switching from apt-installed stable/testing to nightly 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-01-26 13:57:51 +01:00
Michael Kaufmann
7980b8d14d create empty dns-server config if no (dns-enabled) domain is determined; fixes #1230 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-01-24 08:39:16 +01:00
Michael Kaufmann
13e88f5b47 fix incorrect top-5 customers in traffic overview for admins; show manual update command if webupdate is disabled 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-01-19 09:22:12 +01:00
sro0
031596301b Check for argon2 support before using constant PASSWORD_ARGON2X (#1228) 2024-01-16 21:40:03 +01:00
Michael Kaufmann
b34ab45746 disable pam auth in dovecot for debian bookworm (like the other distros do it) 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-01-07 09:06:15 +01:00
Michael Kaufmann
dbf83c6f24 build nightly only from main branch #2 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-01-06 15:01:52 +01:00
Michael Kaufmann
4cb974839c build nightly only from main branch 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-01-06 14:54:23 +01:00
Michael Kaufmann
1fa714ef2c add v2.1 branch to security md as currently supported as well as update main-branch version; add field.disabled attribute to formfield-input-template 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-01-06 14:48:41 +01:00
Michael Kaufmann
63bbcd4e00 add missing language string 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
2.1.4 		2024-01-05 14:48:28 +01:00
Michael Kaufmann
49d67d7c27 set version to 2.1.4 for bugfix release 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-01-05 14:33:45 +01:00
Michael Kaufmann
7cc4c9fedb possibility to specify sender address for froxlor as the admin-email address, custom or empty for system-default; fixes #1217 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-01-04 08:29:19 +01:00
Michael Kaufmann
afd110a6ed use correct regex for dnscheck-resolver; fixes #1220 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-01-03 07:35:28 +01:00
Michael Kaufmann
7cdf6c8d64 don't output ipv6 in brackets for system.ipaddress setting as the brackets will be added to the value resulting in an invalid mysql-access-host; fixes #1215 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-01-01 17:04:02 +01:00
Michael Kaufmann
60621da243 dont use deprecated 'mysql_native_password' for mysql8; fixes #1214 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2024-01-01 12:24:45 +01:00
Michael Kaufmann
96ccdda304 use different language string for password-placeholder when adding a new customer; fixes #1216 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-12-31 18:01:39 +01:00
Michael Kaufmann
4073984fd7 traffic-cron: check for standardsubdomain to be in the domainlist array to avoid undefined index if e.g. an alias was set to the standardsubdomain 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-12-31 16:16:01 +01:00
Michael Kaufmann
ea31c8a64d fix font-color in apcu info; clear updatecheck-cache for nightly users 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-12-30 23:30:52 +01:00
Michael Kaufmann
832ee07e0e Don't show stats-icon for domains with redirect; hide goaccess output in traffic cron and keepalive database connection for long-running log-analysis; use same certificate-file if child-domain inherits the parentdomains certificate data (avoid possible http 421 Misdirected Request) 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-12-29 10:15:45 +01:00
Michael Kaufmann
b542b140c6 set version to 2.1.3 for bugfix release 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
2.1.3 		2023-12-22 14:33:11 +01:00
Michael Kaufmann
ac89fc7120 adjust order of css files 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-12-22 14:30:23 +01:00
Michael Kaufmann
150858485d include custom.css from config.json if preset correctly 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-12-21 10:59:15 +01:00
Michael Kaufmann
e7810e2066 correctly merge fielddetails with prefetched-formfielddata in form-processing 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-12-20 09:39:01 +01:00
Michael Kaufmann
4879446567 domains in php-configs are not sortable 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-12-19 17:17:51 +01:00
Michael Kaufmann
43eff78088 use panel.password_min_length setting for Froxlor.generatePassword() default length parameter; allow '::1' as valid mysql localhost value; wrapper to clean output for cli installation 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-12-16 20:20:58 +01:00
Gamerboy59
55a2ae3801 Add manual_config install var to cli (#1208) 
Make the manual_config var, which is available to the web installer, usuable for the cli installer too. If manual_config is set to true skip else (not set or false) proceed with auto config.
 2023-12-16 20:13:58 +01:00
Michael Kaufmann
a3b0332d13 set version to 2.1.2 for bugfix release 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
2.1.2 		2023-12-15 09:41:16 +01:00