set version to 0.9.38.4 for upcoming bugfix release

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
move froxlor hsts settings to 'froxlor vhost settings' to make clear it's only for froxlor anbd not a system-wide default for all domains; fix superfluous english text from german language file
2016-11-27 12:12:22 +01:00 · 2016-11-27 11:40:33 +01:00 · 2016-11-27 10:46:50 +01:00 · 2016-11-24 10:40:28 +01:00 · 2016-11-22 15:08:42 +01:00 · 2016-11-22 08:16:35 +01:00
15 changed files with 99 additions and 72 deletions
--- a/actions/admin/settings/122.froxlorvhost.php
+++ b/actions/admin/settings/122.froxlorvhost.php
@@ -49,7 +49,36 @@ return array(
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
-					'visible' => Settings::Get('system.leenabled')
+					'visible' => Settings::Get('system.use_ssl')
 				),
 				'system_hsts_maxage' => array(
 					'label' => $lng['admin']['domain_hsts_maxage'],
 					'settinggroup' => 'system',
 					'varname' => 'hsts_maxage',
 					'type' => 'int',
 					'int_min' => 0,
 					'int_max' => 94608000, // 3-years
 					'default' => 0,
 					'save_method' => 'storeSettingField',
 					'visible' => Settings::Get('system.use_ssl')
 				),
 				'system_hsts_incsub' => array(
 					'label' => $lng['admin']['domain_hsts_incsub'],
 					'settinggroup' => 'system',
 					'varname' => 'hsts_incsub',
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					'visible' => Settings::Get('system.use_ssl')
 				),
 				'system_hsts_preload' => array(
 					'label' => $lng['admin']['domain_hsts_preload'],
 					'settinggroup' => 'system',
 					'varname' => 'hsts_preload',
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					'visible' => Settings::Get('system.use_ssl')
 				),
 				/**
 				 * FCGID
--- a/actions/admin/settings/131.ssl.php
+++ b/actions/admin/settings/131.ssl.php
@@ -153,33 +153,7 @@ return array(
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField'
-				),
+				)
 				'system_hsts_maxage' => array(
 					'label' => $lng['admin']['domain_hsts_maxage'],
 					'settinggroup' => 'system',
 					'varname' => 'hsts_maxage',
 					'type' => 'int',
 					'int_min' => 0,
 					'int_max' => 94608000, // 3-years
 					'default' => 0,
 					'save_method' => 'storeSettingField'
 				),
 				'system_hsts_incsub' => array(
 					'label' => $lng['admin']['domain_hsts_incsub'],
 					'settinggroup' => 'system',
 					'varname' => 'hsts_incsub',
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField'
 				),
 				'system_hsts_preload' => array(
 					'label' => $lng['admin']['domain_hsts_preload'],
 					'settinggroup' => 'system',
 					'varname' => 'hsts_preload',
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField'
 				),
 			)
 		)
 	)
--- a/admin_domains.php
+++ b/admin_domains.php
@@ -210,6 +210,8 @@ if ($page == 'domains' || $page == 'overview') {
 					'id' => $id
 				));
 				$deleted_domains = $del_stmt->rowCount();
 				$upd_stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
 					`subdomains_used` = `subdomains_used` - :domaincount
--- a/install/froxlor.sql
+++ b/install/froxlor.sql
@@ -577,7 +577,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('panel', 'password_special_char_required', '0'),
 	('panel', 'password_special_char', '!?<>§$%+#=@'),
 	('panel', 'customer_hide_options', ''),
-	('panel', 'version', '0.9.38.2'),
+	('panel', 'version', '0.9.38.4'),
 	('panel', 'db_version', '201611180');
--- a/install/updates/froxlor/0.9/update_0.9.inc.php
+++ b/install/updates/froxlor/0.9/update_0.9.inc.php
@@ -3535,8 +3535,20 @@ if (isFroxlorVersion('0.9.38')) {
 	updateToVersion('0.9.38.1');
 }
-if (isFroxlorVersion('0.9.38')) {
+if (isFroxlorVersion('0.9.38.1')) {
 	showUpdateStep("Updating from 0.9.38.1 to 0.9.38.2", false);
 	updateToVersion('0.9.38.2');
 }
 if (isFroxlorVersion('0.9.38.2')) {
 	showUpdateStep("Updating from 0.9.38.2 to 0.9.38.3", false);
 	updateToVersion('0.9.38.3');
 }
 if (isFroxlorVersion('0.9.38.3')) {
 	showUpdateStep("Updating from 0.9.38.3 to 0.9.38.4", false);
 	updateToVersion('0.9.38.4');
 }
--- a/lib/functions/filedir/function.makeCorrectDir.php
+++ b/lib/functions/filedir/function.makeCorrectDir.php
@@ -26,7 +26,11 @@
 */
 function makeCorrectDir($dir) {
-	assert('is_string($dir) && strlen($dir) > 0', 'Value "' . $dir .'" does not look like an actual folder name');
+	if (version_compare("5.4.6", PHP_VERSION, ">")) {
 		assert('is_string($dir) && strlen($dir) > 0 /* $dir does not look like an actual folder name */');
 	} else {
 		assert('is_string($dir) && strlen($dir) > 0', 'Value "' . $dir .'" does not look like an actual folder name');
 	}
 	$dir = trim($dir);
--- a/lib/functions/output/function.RedirectCode.php
+++ b/lib/functions/output/function.RedirectCode.php
@@ -58,12 +58,13 @@ function getRedirectCodes() {
 * domain-id
 *
 * @param integer $domainid id of the domain
 * @param string $default
 *
 * @return string redirect-code
 */
-function getDomainRedirectCode($domainid = 0) {
+function getDomainRedirectCode($domainid = 0, $default = '') {
-	$code = '';
+	$code = $default;
 	if ($domainid > 0) {
 		$result_stmt = Database::prepare("
--- a/lib/functions/validate/function.validateUrl.php
+++ b/lib/functions/validate/function.validateUrl.php
@@ -37,7 +37,11 @@ function validateUrl($url) {
 	}
 	// needs converting
-	$url = $idna_convert->encode($url);
+	try {
 		$url = $idna_convert->encode($url);
 	} catch (Exception $e) {
 		return false;
 	}
 	$pattern = "/^https?:\/\/[a-zA-Z0-9\-\.]+\.[a-zA-Z]{2,4}(\:[0-9]+)?\/?(.+)?$/i";
 	if (preg_match($pattern, $url)) {
--- a/lib/version.inc.php
+++ b/lib/version.inc.php
@@ -16,7 +16,7 @@
 */
 // Main version variable
-$version = '0.9.38.2';
+$version = '0.9.38.4';
 // Database version (YYYYMMDDC where C is a daily counter)
 $dbversion = '201611180';
--- a/lng/german.lng.php
+++ b/lng/german.lng.php
@@ -1710,6 +1710,6 @@ $lng['admin']['webserversettings_ssl'] = 'Webserver SSL-Einstellungen';
 $lng['admin']['domain_hsts_maxage']['title'] = 'HTTP Strict Transport Security (HSTS)';
 $lng['admin']['domain_hsts_maxage']['description'] = '"max-age" Wert für den Strict-Transport-Security Header<br>Der Wert <i>0</i> deaktiviert HSTS für diese Domain. Meist wird der Wert <i>31536000</i> gerne genutzt (ein Jahr).';
 $lng['admin']['domain_hsts_incsub']['title'] = 'Inkludiere HSTS für jede Subdomain';
-$lng['admin']['domain_hsts_incsub']['description'] = 'Die optionale "includeSubDomains" Direktive, wenn vorhanden, signalisiert dem UA, dass die HSTS that the HSTS Regel für diese Domain und auch jede Subdomain dieser gilt.';
+$lng['admin']['domain_hsts_incsub']['description'] = 'Die optionale "includeSubDomains" Direktive, wenn vorhanden, signalisiert dem UA, dass die HSTS Regel für diese Domain und auch jede Subdomain dieser gilt.';
 $lng['admin']['domain_hsts_preload']['title'] = 'Füge Domain in die <a href="https://hstspreload.appspot.com/" target="_blank">HSTS preload Liste</a> hinzu';
 $lng['admin']['domain_hsts_preload']['description'] = 'Wenn die Domain in die HSTS preload Liste, verwaltet von Chrome (und genutzt von Firefox und Safari), hinzugefügt werden soll, dann aktiviere diese Einstellung.<br>Die preload-Direktive zu senden kann PERMANTENTE KONSEQUENZEN haben und dazu führen, dass Benutzer auf diese Domain und auch Subdomains nicht zugreifen können.<br>Beachte Details unter <a href="hstspreload.appspot.com/#removal" target="_blank">hstspreload.appspot.com/#removal</a> bevor ein Header mit "preload" gesendet wird.';
--- a/scripts/jobs/cron_tasks.inc.http.10.apache.php
+++ b/scripts/jobs/cron_tasks.inc.http.10.apache.php
@@ -875,10 +875,8 @@ class apache extends HttpConfigBase
 		if (preg_match('/^https?\:\/\//', $domain['documentroot'])) {
 			$corrected_docroot = $domain['documentroot'];
 			// prevent empty return-cde
 			$code = "301";
 			// Get domain's redirect code
-			$code = getDomainRedirectCode($domain['id']);
+			$code = getDomainRedirectCode($domain['id'], '301');
 			$modrew_red = '';
 			if ($code != '') {
 				$modrew_red = ' [R=' . $code . ';L,NE]';
--- a/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php
+++ b/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php
@@ -432,10 +432,9 @@ class lighttpd extends HttpConfigBase
 		if (preg_match('/^https?\:\/\//', $domain['documentroot'])) {
 			$uri = $domain['documentroot'];
-			// prevent empty return-cde
+
 			$code = "301";
 			// Get domain's redirect code
-			$code = getDomainRedirectCode($domain['id']);
+			$code = getDomainRedirectCode($domain['id'], '301');
 			$vhost_content .= '  url.redirect-code = ' . $code. "\n";
 			$vhost_content .= '  url.redirect = (' . "\n";
@@ -532,14 +531,14 @@ class lighttpd extends HttpConfigBase
 				if ($domain['hsts'] >= 0) {
-					$vhost_content .= '$HTTP["scheme"] == "https" { setenv.add-response-header  = ( "Strict-Transport-Security" => "max-age=' . $domain['hsts'];
+					$ssl_settings .= '$HTTP["scheme"] == "https" { setenv.add-response-header  = ( "Strict-Transport-Security" => "max-age=' . $domain['hsts'];
 					if ($domain['hsts_sub'] == 1) {
-						$vhost_content .= '; includeSubDomains';
+						$ssl_settings .= '; includeSubDomains';
 					}
 					if ($domain['hsts_preload'] == 1) {
-						$vhost_content .= '; preload';
+						$ssl_settings .= '; preload';
 					}
-					$vhost_content .= '") }' . "\n";
+					$ssl_settings .= '") }' . "\n";
 				}
 			}
 		}
--- a/scripts/jobs/cron_tasks.inc.http.30.nginx.php
+++ b/scripts/jobs/cron_tasks.inc.http.30.nginx.php
@@ -196,17 +196,22 @@ class nginx extends HttpConfigBase
 					}
 				}
-                $http2 = $ssl_vhost == true && Settings::Get('system.nginx_http2_support') == '1';
+				$http2 = $ssl_vhost == true && Settings::Get('system.nginx_http2_support') == '1';
 				/**
 				 * this HAS to be set for the default host in nginx or else no vhost will work
 				 */
-                $this->nginx_data[$vhost_filename] .= "\t" . 'listen    ' . $ip . ':' . $port . ' default_server' . ($ssl_vhost == true ? ' ssl' : '') . ($http2 == true ? ' http2' : '') . ';' . "\n";
+				$this->nginx_data[$vhost_filename] .= "\t" . 'listen    ' . $ip . ':' . $port . ' default_server' . ($ssl_vhost == true ? ' ssl' : '') . ($http2 == true ? ' http2' : '') . ';' . "\n";
 				$this->nginx_data[$vhost_filename] .= "\t" . '# Froxlor default vhost' . "\n";
 				$this->nginx_data[$vhost_filename] .= "\t" . 'server_name    ' . Settings::Get('system.hostname') . ';' . "\n";
 				$this->nginx_data[$vhost_filename] .= "\t" . 'access_log      /var/log/nginx/access.log;' . "\n";
 				if (Settings::Get('system.use_ssl') == '1' && Settings::Get('system.leenabled') == '1' && Settings::Get('system.le_froxlor_enabled') == '1') {
 					$acmeConfFilename = Settings::Get('system.letsencryptacmeconf');
 					$this->nginx_data[$vhost_filename] .= "\t" . 'include ' . $acmeConfFilename . ';' . "\n";
 				}
 				$is_redirect = false;
 				// check for SSL redirect
 				if ($row_ipsandports['ssl'] == '0' && Settings::Get('system.le_froxlor_redirect') == '1') {
@@ -219,7 +224,7 @@ class nginx extends HttpConfigBase
 					} else {
 						$_sslport = $this->checkAlternativeSslPort();
 						$mypath = 'https://' . Settings::Get('system.hostname') . $_sslport . '/';
-						$this->nginx_data[$vhost_filename] .= "\t" . 'if ($request_uri !~ "^/\.well-known/acme-challenge/\w+$") {' . "\n";
+						$this->nginx_data[$vhost_filename] .= "\t" . 'if ($request_uri !~ ^/.well-known/acme-challenge/\w+$) {' . "\n";
 						$this->nginx_data[$vhost_filename] .= "\t\t" . 'return 301 ' . $mypath . '$request_uri;' . "\n";
 						$this->nginx_data[$vhost_filename] .= "\t" . '}' . "\n";
 					}
@@ -464,12 +469,11 @@ class nginx extends HttpConfigBase
 			if (substr($uri, - 1) == '/') {
 				$uri = substr($uri, 0, - 1);
 			}
 			// prevent empty return-cde
 			$code = "301";
 			// Get domain's redirect code
 			$code = getDomainRedirectCode($domain['id']);
-			$vhost_content .= "\t" . 'if ($request_uri !~ "^/\.well-known/acme-challenge/\w+$") {' . "\n";
+			// Get domain's redirect code
 			$code = getDomainRedirectCode($domain['id'], '301');
 			$vhost_content .= "\t" . 'if ($request_uri !~ ^/.well-known/acme-challenge/\w+$) {' . "\n";
 			$vhost_content .= "\t\t" . 'return ' . $code .' ' . $uri . '$request_uri;' . "\n";
 			$vhost_content .= "\t" . '}' . "\n";
 		} else {
--- a/templates/Sparkle/admin/ipsandports/ipsandports.tpl
+++ b/templates/Sparkle/admin/ipsandports/ipsandports.tpl
@@ -27,7 +27,7 @@ $header
 							<th>{$lng['admin']['ipsandports']['ip']}&nbsp;{$arrowcode['ip']}</th>
 							<th>{$lng['admin']['ipsandports']['port']}&nbsp;{$arrowcode['port']}</th>
 							<if !$is_nginx><th>Listen</th></if>
-							<if $is_apache><th>NameVirtualHost</th></if>
+							<if $is_apache && !$is_apache24><th>NameVirtualHost</th></if>
 							<th>vHost-Container</th>
 							<th>Specialsettings</th>
 							<if $is_apache><th>ServerName</th></if>
--- a/templates/Sparkle/admin/ipsandports/ipsandports_ipandport.tpl
+++ b/templates/Sparkle/admin/ipsandports/ipsandports_ipandport.tpl
@@ -2,7 +2,7 @@
 	<td>{$row['ip']}</td>
 	<td>{$row['port']}</td>
 	<if !$is_nginx><td><if $row['listen_statement']=='1'>{$lng['panel']['yes']}<else>{$lng['panel']['no']}</if></td></if>
-	<if $is_apache><td><if $row['namevirtualhost_statement']=='1'>{$lng['panel']['yes']}<else>{$lng['panel']['no']}</if></td></if>
+	<if $is_apache && !$is_apache24><td><if $row['namevirtualhost_statement']=='1'>{$lng['panel']['yes']}<else>{$lng['panel']['no']}</if></td></if>
 	<td><if $row['vhostcontainer']=='1'>{$lng['panel']['yes']}<else>{$lng['panel']['no']}</if></td>
 	<td><if $row['specialsettings']!=''>{$lng['panel']['yes']}<else>{$lng['panel']['no']}</if></td>
 	<if $is_apache><td><if $row['vhostcontainer_servername_statement']=='1'>{$lng['panel']['yes']}<else>{$lng['panel']['no']}</if></td></if>
Author	SHA1	Message	Date
Michael Kaufmann (d00p)	56276a19d1	set version to 0.9.38.4 for upcoming bugfix release Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>	2016-11-27 12:12:22 +01:00
Michael Kaufmann (d00p)	c00abc3b92	move froxlor hsts settings to 'froxlor vhost settings' to make clear it's only for froxlor anbd not a system-wide default for all domains; fix superfluous english text from german language file Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>	2016-11-27 11:40:33 +01:00
Michael Kaufmann (d00p)	301dadaa02	fix global hsts-includeSubdomain setting, thx to iam Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>	2016-11-27 10:46:50 +01:00
Michael Kaufmann (d00p)	54200427ab	fix undefined variable when deleting a customer-domain as admin Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>	2016-11-24 10:40:28 +01:00
Michael Kaufmann (d00p)	f8996ad767	catch exception thrown by new IdnaConverter when encoding a non-valid domain, fixes #1678 Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>	2016-11-22 15:08:42 +01:00
Michael Kaufmann (d00p)	9838ff4da5	fix hsts settings for lighttpd, fixes #1677 Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>	2016-11-22 08:16:35 +01:00
Michael Kaufmann (d00p)	192e00c717	do not show NameVirtualHost in IP/Port overview when using apache-2.4 (as NameVirtualHost does not exist there anymore) Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>	2016-11-22 08:04:11 +01:00
Michael Kaufmann (d00p)	43ca4a28e4	add acme.conf alias also to froxlor vhost in case the acme-challenge path is not within the froxlor-docroot; fix empty redirect-code, fixes #1674 Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>	2016-11-21 08:19:33 +01:00
Michael Kaufmann (d00p)	16e9fd6bd9	stay php-5.3 compatible Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>	2016-11-18 21:19:18 +01:00
Michael Kaufmann (d00p)	16f547bce0	last time....0.9.38.3....what a day Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>	2016-11-18 10:27:11 +01:00