Merge branch 'stable-3.1' of git.ispconfig.org:ispconfig/ispconfig3 into stable-3.1

install/lib/installer_base.lib.php

@@ -585,7 +585,7 @@ class installer_base {
 					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
 				}
 
-				$query = "GRANT SELECT, UPDATE (`ssl_request`, `ssl_cert`, `ssl_action`, `ssl_key`) ON ?? TO ?@?";
+				$query = "GRANT SELECT, UPDATE (`ssl`, `ssl_letsencrypt`, `ssl_request`, `ssl_cert`, `ssl_action`, `ssl_key`) ON ?? TO ?@?";
 				if ($verbose){
 					echo $query ."\n";
 				}

install/lib/update.lib.php

@@ -394,6 +394,9 @@ function updateDbAndIni() {
 	unset($old_ini_array);
 	unset($tpl_ini_array);
 	unset($new_ini);
+
+	// Truncate sys_session
+	$inst->db->query('TRUNCATE ??', $conf['mysql']['database'].'sys_session');
 }
 
 

install/sql/incremental/upd_0084.sql

+UPDATE `sys_user` SET `app_theme` = 'default' WHERE 1;
+ALTER TABLE `ftp_user` ADD `user_type` SET('user','system') NOT NULL DEFAULT 'user' AFTER `expires`, ADD `user_config` TEXT NULL AFTER `user_type`;
\ No newline at end of file

install/sql/incremental/upd_dev_collection.sql

+ALTER TABLE `web_domain` CHANGE `folder_directive_snippets` `folder_directive_snippets` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NULL;
\ No newline at end of file

install/sql/ispconfig3.sql

@@ -644,6 +644,8 @@ CREATE TABLE `ftp_user` (
   `ul_bandwidth` int(11) NOT NULL default '-1',
   `dl_bandwidth` int(11) NOT NULL default '-1',
   `expires` datetime NULL DEFAULT NULL,
+  `user_type` set('user','system') NOT NULL DEFAULT 'user',
+  `user_config` text,
   PRIMARY KEY  (`ftp_user_id`),
   KEY `active` (`active`),
   KEY `server_id` (`server_id`),
@@ -1983,7 +1985,7 @@ CREATE TABLE `web_domain` (
   `enable_pagespeed` ENUM('y','n') NOT NULL DEFAULT 'n',
   `http_port` int(11) unsigned NOT NULL DEFAULT '80',
   `https_port` int(11) unsigned NOT NULL DEFAULT '443',
-  `folder_directive_snippets` text NOT NULL,
+  `folder_directive_snippets` text,
   PRIMARY KEY  (`domain_id`),
   UNIQUE KEY `serverdomain` (  `server_id` , `ip_address`,  `domain` )
 ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;

install/tpl/nginx_ispconfig.vhost.master

@@ -5,6 +5,8 @@ server {
 		{ssl_comment}ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
         {ssl_comment}ssl_certificate /usr/local/ispconfig/interface/ssl/ispserver.crt;
         {ssl_comment}ssl_certificate_key /usr/local/ispconfig/interface/ssl/ispserver.key;
+        {ssl_comment}ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
+        {ssl_comment}ssl_prefer_server_ciphers on;
 		
 		# redirect to https if accessed with http
 		{ssl_comment}error_page 497 https://$host:{vhost_port}$request_uri;

interface/lib/lang/cz.lng

@@ -154,5 +154,3 @@ $wb['select_directive_snippet_txt'] = 'Directive Snippets';
 $wb['select_master_directive_snippet_txt'] = 'Master Directive Snippets';
 ?>
 
-
-

interface/lib/lang/dk.lng

@@ -146,7 +146,7 @@ $wb['strength_2'] = 'Nogenlunde';
 $wb['strength_3'] = 'God';
 $wb['strength_4'] = 'Stærk';
 $wb['strength_5'] = 'Meget Stærk';
-$wb['weak_password_txt'] = 'Den valgte adgangskode matcher ikke retningslinjerne for sikkerhedsindstillingerne. Det skal være mindst {chars} tegn i længden og have en styrke på \"{strength}\".';
+$wb['weak_password_txt'] = 'Den valgte adgangskode matcher ikke retningslinjerne for sikkerhedsindstillingerne. Det skal være mindst {chars} tegn i længden og have en styrke på \\"{strength}\\".';
 $wb['weak_password_length_txt'] = 'Den valgte adgangskode matcher ikke retningslinjerne for sikkerhedsindstillingerne. Det skal være mindst {chars} tegn i længden.';
 $wb['security_check1_txt'] = 'Check for sikkerheds tilladelse:';
 $wb['security_check2_txt'] = 'mislykkedes.';

interface/lib/lang/tr.lng

@@ -146,7 +146,7 @@ $wb['strength_2'] = 'Yeterli';
 $wb['strength_3'] = 'İyi';
 $wb['strength_4'] = 'Güçlü';
 $wb['strength_5'] = 'Çok Güçlü';
-$wb['weak_password_txt'] = 'Yazdığınız parola güvenlik ilkesine uygun değil. Parola en az {chars} karakter uzunluğunda ve \"{strength}\" güçlüğünde olmalı.';
+$wb['weak_password_txt'] = 'Yazdığınız parola güvenlik ilkesine uygun değil. Parola en az {chars} karakter uzunluğunda ve \\"{strength}\\" güçlüğünde olmalı.';
 $wb['weak_password_length_txt'] = 'Yazdığınız parola güvenlik ilkesine uygun değil. Parola en az {chars} karakter uzunluğunda olmalı.';
 $wb['security_check1_txt'] = 'Güvenlik iznini denetle:';
 $wb['security_check2_txt'] = 'başarısız.';

interface/web/admin/lib/lang/ca_firewall.lng

@@ -6,6 +6,6 @@ $wb['tcp_port_help_txt'] = 'Separated by comma';
 $wb['udp_port_help_txt'] = 'Separated by comma';
 $wb['active_txt'] = 'Active';
 $wb['firewall_error_unique'] = 'There is already a firewall record for this server.';
-$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \":\" and \",\".';
-$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \":\" and \",\".';
+$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
+$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
 ?>

interface/web/admin/lib/lang/ca_server_config.lng

@@ -161,7 +161,7 @@ $wb['do_not_try_rescue_httpd_txt'] = 'Disable HTTPD monitoring';
 $wb['do_not_try_rescue_mongodb_txt'] = 'Disable MongoDB monitoring';
 $wb['do_not_try_rescue_mysql_txt'] = 'Disable MySQL monitoring';
 $wb['do_not_try_rescue_mail_txt'] = 'Disable Email monitoring';
-$wb['rescue_description_txt'] = '<b>Information:</b> If you want to shut down mysql you have to select the \"Disable MySQL monitor\" checkbox and then wait 2-3 minutes.<br>If you do not wait 2-3 minutes, rescue will try to restart mysql!';
+$wb['rescue_description_txt'] = '<b>Information:</b> If you want to shut down mysql you have to select the \\"Disable MySQL monitor\\" checkbox and then wait 2-3 minutes.<br>If you do not wait 2-3 minutes, rescue will try to restart mysql!';
 $wb['enable_sni_txt'] = 'Enable SNI';
 $wb['set_folder_permissions_on_update_txt'] = 'Set folder permissions on update';
 $wb['add_web_users_to_sshusers_group_txt'] = 'Add web users to -sshusers- group';

interface/web/admin/lib/lang/ca_system_config.lng

@@ -67,7 +67,7 @@ $wb['customer_no_template_error_regex_txt'] = 'The customer No. template contain
 $wb['customer_no_start_txt'] = 'Customer No. start value';
 $wb['customer_no_counter_txt'] = 'Customer No. counter';
 $wb['session_timeout_txt'] = 'Session timeout (minutes)';
-$wb['session_allow_endless_txt'] = 'Enable \"stay logged in\"';
+$wb['session_allow_endless_txt'] = 'Enable \\"stay logged in\\"';
 $wb['No'] = 'No';
 $wb['min_password_length_txt'] = 'Minimum password length';
 $wb['min_password_strength_txt'] = 'Minimum password strength';

interface/web/admin/lib/lang/ca_users.lng

@@ -29,7 +29,7 @@ $wb['generate_password_txt'] = 'Generate Password';
 $wb['repeat_password_txt'] = 'Repeat Password';
 $wb['password_mismatch_txt'] = 'The passwords do not match.';
 $wb['password_match_txt'] = 'The passwords do match.';
-$wb['username_error_collision'] = 'The username may not be web or web plus a number.\"';
+$wb['username_error_collision'] = 'The username may not be web or web plus a number.\\"';
 $wb['client_not_admin_err'] = 'A user that belongs to a client can not be set to type: admin';
 $wb['lost_password_function_txt'] = 'Forgot password function is available';
 ?>

interface/web/admin/lib/lang/cz.lng

@@ -51,5 +51,3 @@ $wb['Sites'] = 'Stránky';
 $wb['DNS'] = 'DNS';
 ?>
 
-
-

interface/web/admin/lib/lang/cz_directive_snippets.lng

@@ -11,5 +11,3 @@ $wb['customer_viewable_txt'] = 'Customer viewable';
 $wb['required_php_snippets_txt'] = 'Requiered PHP Snippet';
 ?>
 
-
-

interface/web/admin/lib/lang/cz_directive_snippets_list.lng

@@ -7,5 +7,3 @@ $wb['add_new_record_txt'] = 'Add Directive Snippet';
 $wb['customer_viewable_txt'] = 'Customer viewable';
 ?>
 
-
-

interface/web/admin/lib/lang/cz_firewall.lng

@@ -10,5 +10,3 @@ $wb['tcp_ports_error_regex'] = 'Znak není povole v definici TCP portu. Povolen
 $wb['udp_ports_error_regex'] = 'Znak není povole v definici UDP portu. Povolené symboly jsou čísla, : a ,.';
 ?>
 
-
-

interface/web/admin/lib/lang/cz_firewall_list.lng

@@ -7,5 +7,3 @@ $wb['udp_port_txt'] = 'Otevřené UDP porty';
 $wb['add_new_record_txt'] = 'Vytvořit záznam';
 ?>
 
-
-

interface/web/admin/lib/lang/cz_groups.lng

@@ -4,5 +4,3 @@ $wb['name_txt'] = 'Skupina';
 $wb['name_err'] = 'Skupina musí mít min. 1, max. 30 znaků.';
 ?>
 
-
-

interface/web/admin/lib/lang/cz_groups_list.lng

@@ -6,5 +6,3 @@ $wb['add_new_record_txt'] = 'Vytvořit skupinu';
 $wb['warning_txt'] = '<b>VAROVÁNÍ:</b> Zde neupravujte uživatelská nastavení. Užijte klientská a distributorská nastavení v klientském modulu. Úprava uživatelý nebo skupin zde může způsobit ztrátu dat!';
 ?>
 
-
-