install/sql/incremental/upd_0078.sql
New file @@ -0,0 +1,2 @@ ALTER TABLE `dns_rr` CHANGE `data` `data` TEXT NOT NULL DEFAULT '' ALTER TABLE `ftp_user` ADD `expires` datetime NOT NULL DEFAULT '0000-00-00 00:00:00' AFTER `dl_bandwidth` ; install/sql/ispconfig3.sql
@@ -450,7 +450,7 @@ `zone` int(11) unsigned NOT NULL DEFAULT '0', `name` varchar(255) NOT NULL DEFAULT '', `type` enum('A','AAAA','ALIAS','CNAME','HINFO','MX','NAPTR','NS','PTR','RP','SRV','TXT') default NULL, `data` varchar(255) NOT NULL DEFAULT '', `data` TEXT NOT NULL DEFAULT '', `aux` int(11) unsigned NOT NULL default '0', `ttl` int(11) unsigned NOT NULL default '86400', `active` enum('N','Y') NOT NULL default 'Y', install/tpl/server.ini.master
@@ -33,6 +33,7 @@ maildir_path=/var/vmail/[domain]/[localpart] homedir_path=/var/vmail dkim_path=/var/lib/amavis/dkim dkim_strength=1024 pop3_imap_daemon=courier mail_filter_syntax=maildrop mailuser_uid=5000 @@ -48,6 +49,19 @@ mailbox_quota_stats=y realtime_blackhole_list= overquota_notify_admin=y q q q q q q q q q q q q q overquota_notify_client=y overquota_notify_freq=7 overquota_notify_onok=n interface/lib/classes/validate_dkim.inc.php
@@ -72,13 +72,17 @@ * * @return boolean - true if $POST contains a real key-file */ function validate_post($key, $value) { function validate_post($key, $value, $dkim_strength) { $value=str_replace("\n", "", $value); switch ($key) { case 'public': if (preg_match("/(^-----BEGIN PUBLIC KEY-----)[a-zA-Z0-9\r\n\/\+=]{1,221}(-----END PUBLIC KEY-----(\n|\r)?$)/", $value) === 1) { return true; } else { return false; } break; case 'private': if (preg_match("/(^-----BEGIN RSA PRIVATE KEY-----)[a-zA-Z0-9\r\n\/\+=]{1,850}(-----END RSA PRIVATE KEY-----(\n|\r)?$)/", $value) === 1) { return true; } else { return false; } if ( $dkim_strength == 1024 ) $range = "{812,816}"; if ( $dkim_strength == 2048 ) $range = "{1588,1592}"; if ( $dkim_strength == 4096 ) $range = "{3132,3136}"; if (preg_match("/^-----BEGIN RSA PRIVATE KEY-----[a-zA-Z0-9\/\+=]".$range."-----END RSA PRIVATE KEY-----$/", $value) === 1) return true; else return false; break; } } interface/web/admin/form/server_config.tform.php
@@ -313,6 +313,12 @@ 'width' => '40', 'maxlength' => '255' ), 'dkim_strength' => array( 'datatype' => 'INTEGER', 'formtype' => 'SELECT', 'default' => '1024', 'value' => array('1024' => 'normal (1024)', '2048' => 'strong (2048)', '4096' => 'very strong (4096)') ), 'relayhost_password' => array( 'datatype' => 'VARCHAR', 'formtype' => 'TEXT', interface/web/admin/lib/lang/de_server_config.lng
@@ -198,4 +198,5 @@ $wb["vhost_rewrite_v6_txt"] = 'Rewrite IPv6 on Mirror'; $wb["v6_prefix_length"] = 'Prefix zu lang fuer angegebene IPv6-Adresse '; $wb['monitor_system_updates_txt'] = 'Suche nach Linux updates'; $wb['dkim_strength_txt'] = 'DKIM Stärke'; ?> interface/web/admin/lib/lang/en_server_config.lng
@@ -202,4 +202,5 @@ $wb['monitor_system_updates_txt'] = 'Check for Linux updates'; $wb['php_handler_txt'] = "PHP Handler"; $wb['disabled_txt'] = 'Disabled'; $wb['dkim_strength_txt'] = 'DKIM strength'; ?> interface/web/admin/lib/lang/es_server_config.lng
@@ -159,7 +159,7 @@ $wb['backup_mode_userzip'] = 'Copiar archivos del usuario web en un zip'; $wb['backup_mode_rootgz'] = 'Copiar todos los archivos como usuario root'; $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List'; $wb['realtime_blackhole_list_note_txt'] = '(Separar RBL's con comas)'; $wb['realtime_blackhole_list_note_txt'] = "(Separar RBL's con comas)"; $wb['ssl_settings_txt'] = 'Configuración SSL'; $wb['permissions_txt'] = 'Permisos'; $wb['php_settings_txt'] = 'Configuración de PHP'; interface/web/admin/lib/lang/es_system_config.lng
@@ -45,7 +45,7 @@ $wb['use_combobox_txt'] = 'Usar Combobox de jQuery UI'; $wb['use_loadindicator_txt'] = 'Usar indicador de carga'; $wb['f5_to_reload_js_txt'] = 'Si cambias esto, podrías tener que pulsar F5 para que tu navegador recargue las librerías JavaScript o vacíar la caché del navegador.'; $wb['client_username_web_check_disabled_txt'] = 'Desactivar comprobación de la palabra 'web' en el nombre de cliente.'; $wb['client_username_web_check_disabled_txt'] = "Desactivar comprobación de la palabra 'web' en el nombre de cliente."; $wb['mailbox_show_autoresponder_tab_txt'] = 'Mostrar pestaña autoresponder en los detalles de la cuenta de correo'; $wb['mailbox_show_mail_filter_tab_txt'] = 'Mostrar pestaña filtro de correo en los detalles de la cuenta de correo'; $wb['mailbox_show_custom_rules_tab_txt'] = 'Mostrar pestaña filtros personalizados en los detalles de la cuenta de correo'; interface/web/admin/lib/lang/fr_server_config.lng
@@ -30,7 +30,7 @@ $wb['ip_address_txt'] = 'Adresse IP'; $wb['netmask_txt'] = 'Masque de réau'; $wb['gateway_txt'] = 'Passerelle'; $wb['hostname_txt'] = 'Hô; $wb['hostname_txt'] = 'Hô'; $wb['nameservers_txt'] = 'Serveurs de nom'; $wb['auto_network_configuration_txt'] = 'Configuration du réau'; $wb['website_basedir_txt'] = 'Rértoire de base web'; @@ -44,7 +44,7 @@ $wb['init_script_txt'] = 'Nom du script Cron de lancement'; $wb['crontab_dir_txt'] = 'Chemin des difféntes tables Cron'; $wb['wget_txt'] = 'Chemin du programme wget'; $wb['security_level_txt'] = 'Niveau de sérité $wb['security_level_txt'] = 'Niveau de sérité'; $wb['web_user_txt'] = 'Utilisateur Apache'; $wb['web_group_txt'] = 'Groupe Apache'; $wb['loglevel_txt'] = 'Loglevel'; @@ -76,20 +76,20 @@ $wb['php_ini_path_apache_txt'] = 'Chemin php.ini Apache'; $wb['check_apache_config_txt'] = 'Tester la configuration Apache au redérrage'; $wb['ufw_enable_txt'] = 'Enable'; $wb['ufw_manage_builtins_txt'] = 'Gér les Rées Intéé; $wb['ufw_manage_builtins_txt'] = 'Gér les Rées Intéé'; $wb['ufw_ipv6_txt'] = 'Activer l\'IPv6'; $wb['ufw_default_input_policy_txt'] = 'Politique Entrant (Input) par déult'; $wb['ufw_default_output_policy_txt'] = 'Politique Sortant (Output) par déult'; $wb['ufw_default_forward_policy_txt'] = 'Politique de Forward par déult'; $wb['ufw_default_application_policy_txt'] = 'Politique Application par déult'; $wb['ufw_log_level_txt'] = 'Niveau de Log'; $wb['network_config_warning_txt'] = 'L\'option de configuration du réau n'est disponible QUE pour les serveurs Debian et Ubuntu. NE PAS activer cette option si votre carte réau n'est pas en eth0.'; $wb['network_config_warning_txt'] = "L\'option de configuration du réau n'est disponible QUE pour les serveurs Debian et Ubuntu. NE PAS activer cette option si votre carte réau n'est pas en eth0."; $wb['CA_path_txt'] = 'Chemin CA'; $wb['CA_pass_txt'] = 'Mot de passe CA'; $wb['fastcgi_config_syntax_txt'] = 'FastCGI config syntax'; $wb['server_type_txt'] = 'Type de Serveur'; $wb['nginx_vhost_conf_dir_txt'] = 'Repertoire Nginx Vhost config'; $wb['nginx_vhost_conf_enabled_dir_txt'] = 'Repertoire Nginx Vhost config activé $wb['nginx_vhost_conf_enabled_dir_txt'] = 'Repertoire Nginx Vhost config activé'; $wb['nginx_user_txt'] = 'Utilisateur Nginx'; $wb['nginx_group_txt'] = 'Gorupe Nginx'; $wb['nginx_cgi_socket_txt'] = 'Nginx CGI Socket'; @@ -145,7 +145,7 @@ $wb['try_rescue_txt'] = 'Activer le service de monitoring et redérrer sur éec'; $wb['do_not_try_rescue_mysql_txt'] = 'Déctiver le monitoring MySQL'; $wb['do_not_try_rescue_mail_txt'] = 'Déctiver le monitoring Email'; $wb['rescue_description_txt'] = '<b>Information:</b> Si vous voulez arreter mysql vous devez selectionner la case Déctiver le monitoring MySQL puis attendre 2 à minutes.<br>Si vous n'attendez pas 2 à minutes, rescue va tenter de redérrer mysql!'; $wb['rescue_description_txt'] = "<b>Information:</b> Si vous voulez arreter mysql vous devez selectionner la case Déctiver le monitoring MySQL puis attendre 2 à minutes.<br>Si vous n'attendez pas 2 à minutes, rescue va tenter de redérrer mysql!"; $wb['enable_sni_txt'] = 'Activer SNI'; $wb['do_not_try_rescue_httpd_txt'] = 'Déctiver le monitoring HTTPD '; $wb['set_folder_permissions_on_update_txt'] = 'Regler les permissions des dossiers lors de mise a jour'; @@ -155,7 +155,7 @@ $wb['website_autoalias_txt'] = 'Auto alias Site web'; $wb['website_autoalias_note_txt'] = 'Placeholders:'; $wb['backup_mode_txt'] = 'Mode Sauvegarde'; $wb['backup_mode_userzip'] = 'Sauvegarder les fichiers web dont l'utilisateur est propriéire en tant que zip'; $wb['backup_mode_userzip'] = "Sauvegarder les fichiers web dont l'utilisateur est propriéire en tant que zip"; $wb['backup_mode_rootgz'] = 'Sauvegarder tous les fichiers dans le repertoire web en tant qu\'utilisateur root'; $wb['realtime_blackhole_list_txt'] = 'Blackhole (trou noir) List en temps ré'; $wb['realtime_blackhole_list_note_txt'] = '(Separer les RBL avec des virgules)'; @@ -170,7 +170,7 @@ $wb['web_folder_protection_txt'] = 'Rendre les dossiers web immuables (attributs éndus)'; $wb['overtraffic_notify_admin_txt'] = 'Envoyer notification d\'overtraffic à\'admin'; $wb['overtraffic_notify_client_txt'] = 'Envoyer notification d\'overtraffic au client'; $wb['rbl_error_regex'] = 'Merci de renseigner des noms d'hô RBL valides.'; $wb['rbl_error_regex'] = "Merci de renseigner des noms d'hô RBL valides."; $wb['overquota_notify_admin_txt'] = 'Envoyer alertes quota à\'admin'; $wb['overquota_notify_client_txt'] = 'Envoyer alertes quota au client'; $wb['overquota_notify_onok_txt'] = 'Envoyer message quota ok au client'; @@ -189,13 +189,13 @@ $wb['munin_url_error_regex'] = 'URL Munin non valide '; $wb['munin_url_note_txt'] = 'Placeholder:'; $wb['backup_dir_is_mount_txt'] = 'Repertoir de Backup/sauvegarde est un mount?'; $wb['backup_dir_mount_cmd_txt'] = 'Commande Mount, si le repertoire de sauvegarde/backup n'est pas monté $wb['backup_dir_mount_cmd_txt'] = "Commande Mount, si le repertoire de sauvegarde/backup n'est pas monté"; $wb['monitor_system_updates_txt'] = 'Verifier pour des mises àour Linux'; $wb['dkim_path_txt'] = 'Chemin DKIM'; $wb["v6_prefix_txt"] = 'Prefix IPv6'; $wb["vhost_rewrite_v6_txt"] = 'Récrire IPv6 sur miroir'; $wb["v6_prefix_length"] = 'D\'aprèl'IPv6 déni, le préx est trop long '; $wb["overquota_db_notify_admin_txt"] = 'Envoyer avertissement DB quota à\'admin'; $wb["vhost_rewrite_v6_txt"] = "Récrire IPv6 sur miroir"; $wb["v6_prefix_length"] = "D\'aprèl'IPv6 déni, le préx est trop long"; $wb["overquota_db_notify_admin_txt"] = "Envoyer avertissement DB quota à\'admin'"; $wb["overquota_db_notify_client_txt"] = 'Envoyer avertissement DB quota au client'; ?> interface/web/admin/templates/server_config_mail_edit.htm
@@ -24,6 +24,14 @@ <input name="dkim_path" id="dkim_path" value="{tmpl_var name='dkim_path'}" size="40" maxlength="255" type="text" class="textInput" /> </div> <div class="ctrlHolder"> <p class="label">{tmpl_var name='dkim_strength_txt'}</p> <div class="multiField"> <select name="dkim_strength" id="dkim_strength" class="selectInput"> {tmpl_var name='dkim_strength'} </select> </div> </div> <div class="ctrlHolder"> <p class="label">{tmpl_var name='pop3_imap_daemon_txt'}</p> <div class="multiField"> <select name="pop3_imap_daemon" id="pop3_imap_daemon" class="selectInput"> interface/web/client/domain_edit.php
@@ -207,7 +207,7 @@ if($_SESSION["s"]["user"]["typ"] != 'admin' && isset($this->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]); $client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id"); $group = $app->db->queryOneRecord("SELECT sys_group.groupid FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id']." AND sys_group.groupid = ".$this->dataRecord["client_group_id"]." ORDER BY client.company_name, client.contact_name, sys_group.name"; $group = $app->db->queryOneRecord("SELECT sys_group.groupid FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id']." AND sys_group.groupid = ".$this->dataRecord["client_group_id"]." ORDER BY client.company_name, client.contact_name, sys_group.name"); $this->dataRecord["client_group_id"] = $group["groupid"]; } interface/web/mail/mail_domain_dkim_create.php
@@ -84,9 +84,9 @@ return $public_key; } function get_public_key($private_key) { function get_public_key($private_key, $dkim_strength) { $validate_dkim=new validate_dkim (); if($validate_dkim->validate_post('private',$private_key)) { /* validate the $_POST-value */ if($validate_dkim->validate_post('private', $private_key, $dkim_strength)) { /* validate the $_POST-value */ exec('echo '.escapeshellarg($private_key).'|openssl rsa -pubout -outform PEM 2> /dev/null',$pubkey,$result); $public_key=pub_key($pubkey); } else { @@ -123,12 +123,18 @@ return $selector; } //* get dkim-strength for server_id $mail_server_id = $app->functions->intval( $app->db->queryOneRecord("SELECT server_id from mail_domain WHERE domain = ?", $_POST['domain']) ); $dkim_strength = $app->functions->intval( $app->getconf->get_server_config($mail_server_id, 'mail')['dkim_strength'] ); if ( empty($dkim_strength) ) $dkim_strength = 1024; switch ($_POST['action']) { case 'create': /* create DKIM Private-key */ $rnd_val = $dkim_strength * 10; exec('openssl rand -out ../../temp/random-data.bin '.$rnd_val.' 2> /dev/null', $output, $result); exec('openssl genrsa -rand ../../temp/random-data.bin '.$dkim_strength.' 2> /dev/null', $privkey, $result); unlink('../../temp/random-data.bin'); $_POST=getRealPOST(); exec('openssl rand -out /usr/local/ispconfig/server/temp/random-data.bin 4096 2> /dev/null', $output, $result); exec('openssl genrsa -rand /usr/local/ispconfig/server/temp/random-data.bin 1024 2> /dev/null', $privkey, $result); unlink("/usr/local/ispconfig/server/temp/random-data.bin"); foreach($privkey as $values) $private_key=$private_key.$values."\n"; //* check the selector for updated dkim-settings only if ( isset($_POST['dkim_public']) && !empty($_POST['dkim_public']) ) $selector = new_selector($_POST['dkim_selector'], $_POST['domain']); @@ -139,7 +145,7 @@ break; } $public_key=get_public_key($private_key); $public_key=get_public_key($private_key, $dkim_strength); $dns_record=str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"),'',$public_key); if ( !isset($selector) ) {