ISPConfig 3 issueshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues2023-12-03T19:00:17Zhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6606Wrong german translation in $wb['sender_cc_note_txt'] (de_mail_user.lng)2023-12-03T19:00:17ZHannesWrong german translation in $wb['sender_cc_note_txt'] (de_mail_user.lng)Englisch: $wb\['sender_cc_note_txt'\] = '(One email address only)';
Actual German: $wb\['sender_cc_note_txt'\] = '(Mehrere E-Mail-Adressen mit Kommas trennen)';
Correct German: $wb\['sender_cc_note_txt'\] = '(Nur eine E-Mail-Adresse)';Englisch: $wb\['sender_cc_note_txt'\] = '(One email address only)';
Actual German: $wb\['sender_cc_note_txt'\] = '(Mehrere E-Mail-Adressen mit Kommas trennen)';
Correct German: $wb\['sender_cc_note_txt'\] = '(Nur eine E-Mail-Adresse)';3.2.12HannesHanneshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6599Issue in ajax_get_json.php when $dkim_strength = 02023-12-03T19:04:30ZTill BrehmIssue in ajax_get_json.php when $dkim_strength = 0Reported by M Roji:
I found some bug, that make my script not working properly.
The bug is the code in file /usr/local/ispconfig/interface/web/mail/ajax_get_json.php
```
$dkim_strength = $app->functions->intval($mail_config['dkim_stre...Reported by M Roji:
I found some bug, that make my script not working properly.
The bug is the code in file /usr/local/ispconfig/interface/web/mail/ajax_get_json.php
```
$dkim_strength = $app->functions->intval($mail_config['dkim_strength']);
if ($dkim_strength=='') $dkim_strength = 2048;
```
The right way is
```
$dkim_strength = $app->functions->intval($mail_config['dkim_strength']);
if ($dkim_strength==0) $dkim_strength = 2048;3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6597Typo in tform_base.inc.php2023-10-28T15:35:49ZThomTypo in tform_base.inc.phpIn the file interface/lib/classes/tform_base.inc.php there is a bug at line 1190, the ip_address index of the $sql_v6 table is not surrounded by quotes, it therefore passes for a non-existent variable and causes a warning as well as an i...In the file interface/lib/classes/tform_base.inc.php there is a bug at line 1190, the ip_address index of the $sql_v6 table is not surrounded by quotes, it therefore passes for a non-existent variable and causes a warning as well as an incomplete display of the error.
https://forum.howtoforge.com/threads/bug-in-interface-lib-classes-tform_base-inc-php.91338/3.2.12ThomThomhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6596Improve input value checks in language editor2023-12-03T19:05:00ZTill BrehmImprove input value checks in language editorA PHP code injection vulnerability has been found in the ISPConfig language editor by Egidio Romano from Karma(In)Security. Thanks a lot for reporting this issue! The vulnerability requires that the attacker is correctly logged in as the...A PHP code injection vulnerability has been found in the ISPConfig language editor by Egidio Romano from Karma(In)Security. Thanks a lot for reporting this issue! The vulnerability requires that the attacker is correctly logged in as the 'admin' user (the account with superadmin privilege) in ISPConfig, so an attacker must know the administrator password. Not affected are logins from Clients, Resellers, or Email users and also not logins from additionally created admin users.
Also not affected are systems where the language editor is disabled. The language editor can be disabled by setting:
```
admin_allow_langedit=no
```
in the file /usr/local/ispconfig/security/security_settings.ini.3.2.11p1https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6595PHP Deprecated (with php 8.1) in letsencrypt.inc.php2023-12-03T20:49:53ZHannesPHP Deprecated (with php 8.1) in letsencrypt.inc.phpUbuntu 22.04/PHP 8.1.24 (cli)/ISPConfig 3.2.11
If certbot is used then server.php shows (php8.1)
```plaintext
PHP Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated in /usr/local/ispconfig/serv...Ubuntu 22.04/PHP 8.1.24 (cli)/ISPConfig 3.2.11
If certbot is used then server.php shows (php8.1)
```plaintext
PHP Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated in /usr/local/ispconfig/server/lib/classes/letsencrypt.inc.php on line 47
PHP Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated in /usr/local/ispconfig/server/lib/classes/letsencrypt.inc.php on line 471
```3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6593Database connection breaks when reconfiguring the master database details on ...2024-03-28T22:38:35ZTill BrehmDatabase connection breaks when reconfiguring the master database details on master or single nodeThis MR causes the issue:
https://git.ispconfig.org/ispconfig/ispconfig3/-/merge_requests/1680/diffs
It causes the updater to ask for master database login details when you choose to reconfigure permissions in master database on a sing...This MR causes the issue:
https://git.ispconfig.org/ispconfig/ispconfig3/-/merge_requests/1680/diffs
It causes the updater to ask for master database login details when you choose to reconfigure permissions in master database on a single server or the master itself, while it should ask for these details on a slave node only.3.2.11p2Till BrehmTill Brehmhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6589CAA record for subdomain 'none' is added when auto subdomain is set to none2023-10-14T10:19:58ZTill BrehmCAA record for subdomain 'none' is added when auto subdomain is set to noneCAA record for subdomain 'none' is added when auto subdomain option of the website is set to none.CAA record for subdomain 'none' is added when auto subdomain option of the website is set to none.3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6585PHP Warning: Undefined array key "ip" in /tmp/update_runner.sh.MQXkxglcyo/in...2023-10-03T12:07:45ZTill BrehmPHP Warning: Undefined array key "ip" in /tmp/update_runner.sh.MQXkxglcyo/install/lib/installer_base.lib.php on line 2995PHP Warning: Undefined array key "ip" in /tmp/update_runner.sh.MQXkxglcyo/install/lib/installer_base.lib.php on line 2995PHP Warning: Undefined array key "ip" in /tmp/update_runner.sh.MQXkxglcyo/install/lib/installer_base.lib.php on line 29953.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6584DNS - any not allowed in also_notify [bind restart fail]2023-12-03T19:00:50ZHannesDNS - any not allowed in also_notify [bind restart fail]## Summary
"any" not allowed in also_notify \[bind restart fail\]
## Steps to reproduce
1. type "any" into DNS-\>some Zone-\> Zone settings -\> Also Notify Field
2. try to restart bind (will fail) with
```plaintext
02-Oct-2023 09:...## Summary
"any" not allowed in also_notify \[bind restart fail\]
## Steps to reproduce
1. type "any" into DNS-\>some Zone-\> Zone settings -\> Also Notify Field
2. try to restart bind (will fail) with
```plaintext
02-Oct-2023 09:34:39.046 config: error: /etc/bind/named.conf.local:4: unable to find primaries list 'any'\
02-Oct-2023 09:34:39.046 general: error: reloading configuration failed: failure
```
## Correct behaviour
Disallow value "any" in field also-notify ("any" in xfer is ok)
## Environment
Ubuntu 22.04 - ISPConfig 2.3.11
```plaintext
Output of the command
```
## Proposed fix
optional, of course.\\
Maybe change the check or write other function for also_notify
```plaintext
Index: interface/lib/classes/validate_dns.inc.php
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
diff --git a/interface/lib/classes/validate_dns.inc.php b/interface/lib/classes/validate_dns.inc.php
--- a/interface/lib/classes/validate_dns.inc.php
+++ b/interface/lib/classes/validate_dns.inc.php (date 1696240257952)
@@ -292,7 +292,7 @@
if($validator['allowempty'] != 'y') $validator['allowempty'] = 'n';
if($validator['allowempty'] == 'y' && $field_value == '') {
//* Do nothing
- } elseif ($field_value == 'any' && $field_name != ) {
+ } elseif ($field_value == 'any' && $field_name != "also_notify") {
//* Do nothing
} else {
//* Check if its a IPv4 or IPv6 address/range
```3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6581PHP-FPM reload mode "restart" ignored when using Nginx webserver2023-09-28T19:18:18ZManoa RatefiarisonPHP-FPM reload mode "restart" ignored when using Nginx webserver## Summary
When using Nginx as webserver, the PHP-FPM reload mode is totally ignored. No matters you put reload or restart, ISPConfig always reload PHP-FPM.
## Steps to reproduce
1. Install ISPConfig with Nginx
2. Install additional PHP...## Summary
When using Nginx as webserver, the PHP-FPM reload mode is totally ignored. No matters you put reload or restart, ISPConfig always reload PHP-FPM.
## Steps to reproduce
1. Install ISPConfig with Nginx
2. Install additional PHP version
3. Enable debug mode and set PHP-FPM reload mode to "restart"
4. Create/edit site with PHP-FPM enabled and choose a version
5. Look at logs
## Correct behaviour
ISPConfig should restart PHP-FPM instead of reload if this is specified like this in the configuration.
## Environment
Server OS + version: Debian 11.1
ISPConfig version: 3.2.11
Software version of the related software:
```
root@server:~# nginx -v
nginx version: nginx/1.18.0
root@server:~# php8.1 -v
PHP 8.1.0 (cli) (built: Nov 25 2021 20:48:52) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.0, Copyright (c) Zend Technologies
with Zend OPcache v8.1.0, Copyright (c), by Zend Technologies
```
(This is the PHP 8.1 from deb.sury.org repository)
## Proposed fix
The problem is on `nginx_plugin.inc.php` line 3054, the reload mode is hardcoded to "reload":
```
$app->services->restartService('php-fpm', 'reload:'.$php_version['php_fpm_init_script']);
```
Instead of hardcoding like this, we can reuse the code on `apache2_plugin.inc.php` to get the reload mode and use it properly:
```
$web_config = $app->getconf->get_server_config($conf["server_id"], 'web');
$php_fpm_reload_mode = ($web_config['php_fpm_reload_mode'] == 'reload')?'reload':'restart';
$app->services->restartService('php-fpm', $php_fpm_reload_mode.':'.$web_config['php_fpm_init_script']);
```
## Related log entries
```
26.09.2023-08:26 - DEBUG [nginx plugin.inc:3032] - Writing the PHP-FPM config file: /etc/php/8.1/fpm/pool.d/web5.conf
26.09.2023-08:26 - DEBUG [services.inc:56] - Calling function 'restartPHP_FPM' from module 'web_module'.
26.09.2023-08:26 - DEBUG [system.inc:2083] - Trying to use Systemd to restart service
26.09.2023-08:26 - DEBUG [system.inc:2431] - safe_exec cmd: systemctl is-enabled 'php8.1-fpm' 2>&1 - return code: 0
26.09.2023-08:26 - DEBUG [system.inc:2098] - ######################################reload php8.1-fpm
26.09.2023-08:26 - DEBUG [web module.inc:316] - Restarting php-fpm: systemctl reload php8.1-fpm.service
```3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6575Validation bug in DNS DMARC2023-09-14T21:28:18ZPyte CValidation bug in DNS DMARC## Summary
<!-- What is happening and what is wrong with that? -->
When trying to create a DMARC record for a domain where the DKIM is configured via a CNAME record ISPConfig errors with `dmarc_no_dkim_txt`.
As this is a valid setup (see...## Summary
<!-- What is happening and what is wrong with that? -->
When trying to create a DMARC record for a domain where the DKIM is configured via a CNAME record ISPConfig errors with `dmarc_no_dkim_txt`.
As this is a valid setup (see O365 docs for example) the validation function needs to be corrected.
Reference thread in the forums: https://forum.howtoforge.com/threads/configuring-dkim-and-dmarc-with-office-365.91120/#post-449340
## Steps to reproduce
1. Create a CNAME that point to the DKIM Record
2. Trying adding a DMARC Record
3. Result: Error dmarc_no_dkim_txt
## Correct behaviour
The validation should not check, as it is possible that the record is not configured in the same zone.
## Proposed fix
The file in question is interface/web/dns/dns_dmarc_edit.php lines 229-236:
```
// DMARC requieres at least one active dkim-record...
$sql = "SELECT * FROM dns_rr
LEFT JOIN dns_soa ON (dns_rr.zone=dns_soa.id)
WHERE dns_soa.origin = ? AND dns_rr.name LIKE ? AND type='TXT' AND data like 'v=DKIM1;%' AND dns_rr.active='Y'";
$temp = $app->db->queryAllRecords($sql, $soa['origin'], '%._domainkey%');
if (empty($temp)) {
if (isset($app->tform->errorMessage )) $app->tform->errorMessage = '<br/>' . $app->tform->errorMessage;
$app->tform->errorMessage .= $app->tform->wordbook['dmarc_no_dkim_txt'].$email;
}
```3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6572[installer] Undefined variable $issued_successfully2023-09-09T05:38:56ZDr. Yves Kreis[installer] Undefined variable $issued_successfullyOutput from the installer:
```
Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]:
Checking / creating certificate for _hostname_
Using certificate path /etc/letsencrypt/live/_hostname_
Server's public ip(s...Output from the installer:
```
Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]:
Checking / creating certificate for _hostname_
Using certificate path /etc/letsencrypt/live/_hostname_
Server's public ip(s) (_IP_) not found in A/AAAA records for _hostname_: _IP_
Ignore DNS check and continue to request certificate? (y,n) [n]:
PHP Warning: Undefined variable $issued_successfully in /tmp/ispconfig3_install/install/lib/installer_base.lib.php on line 3319
Could not issue letsencrypt certificate, falling back to self-signed.
```3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6568[installer] jailkit php 8.2 references wrong directory2023-09-06T08:49:02ZDr. Yves Kreis[installer] jailkit php 8.2 references wrong directoryIn `install/tpl/jk_init.ini.master` the paths for php 8.2 contains `/usr/lib/php/20210902/` while this should be `/usr/lib/php/20220829/`.In `install/tpl/jk_init.ini.master` the paths for php 8.2 contains `/usr/lib/php/20210902/` while this should be `/usr/lib/php/20220829/`.3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6567[installer] jailkit wrong file backup'ed2023-09-06T08:49:35ZDr. Yves Kreis[installer] jailkit wrong file backup'edDuring the installation of jailkit, a backup of `$config_dir.'/'.$jk_chrootsh.'.master'` is created. However, `$config_dir.'/'.$jk_chrootsh` is overwritten later on, and thus the backup should also be done of that file!During the installation of jailkit, a backup of `$config_dir.'/'.$jk_chrootsh.'.master'` is created. However, `$config_dir.'/'.$jk_chrootsh` is overwritten later on, and thus the backup should also be done of that file!3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6566[installer] rspamd configuration files have execute bit set2023-09-06T08:50:14ZDr. Yves Kreis[installer] rspamd configuration files have execute bit setIn the installer the configuration files (lines 2000 to 2010 & 2020 to 2023 and 2033 to 2038) have the execute bit set and are copied; so they keep the execute bit set afterwards which is bad style. Besides `groups.conf` is listed twice ...In the installer the configuration files (lines 2000 to 2010 & 2020 to 2023 and 2033 to 2038) have the execute bit set and are copied; so they keep the execute bit set afterwards which is bad style. Besides `groups.conf` is listed twice in the first set.3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6565[installer] dovecot does wrong file check2023-09-06T08:50:47ZDr. Yves Kreis[installer] dovecot does wrong file checkIn `configure_dovecot()` the installer is creating `master.cf~2` however the check is for `master.cf`!In `configure_dovecot()` the installer is creating `master.cf~2` however the check is for `master.cf`!3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6564[installer] master.cf changed on Debian 12 aka Bookworm2023-09-06T08:51:16ZDr. Yves Kreis[installer] master.cf changed on Debian 12 aka Bookworm## Summary
master.cf has changed on Debian 12 aka Bookworm. Thus the change of maildrop service in postfix master.cf does not work anymore.
## Steps to reproduce
1. (Auto)Install ISPConfig on Debian 12 aka Bookworm
2. Check /etc/postfix...## Summary
master.cf has changed on Debian 12 aka Bookworm. Thus the change of maildrop service in postfix master.cf does not work anymore.
## Steps to reproduce
1. (Auto)Install ISPConfig on Debian 12 aka Bookworm
2. Check /etc/postfix/master.cf
```
maildrop unix - n n - - pipe
flags=DRXhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
```
## Correct behaviour
```
maildrop unix - n n - - pipe
flags=DRXhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender}
```
## Environment
Server OS + version: Debian 12 \
ISPConfig version: 3.2dev \
Software version of the related software:
```
postfix 3.7.6-0+deb12u2
```
## Proposed fix
Lines 1365-1367 in install/lib/installer_base.lib.php
```
$content = preg_replace('/flags=(DRX?hu) user=vmail argv=\/usr\/bin\/maildrop -d \${recipient}/',
'flags=$1 user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d '.$cf['vmail_username'].' \${extension} \${recipient} \${user} \${nexthop} \${sender}',
$content);
```3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6549Switching form tabs does not work when opening website form from dashboard2023-08-04T16:37:15ZTill BrehmSwitching form tabs does not work when opening website form from dashboardhttps://forum.howtoforge.com/threads/possible-interface-issue.90918/#post-448095https://forum.howtoforge.com/threads/possible-interface-issue.90918/#post-4480953.2.11https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6533Domain module prevents subdomains to be added for domains that exist as website2023-07-28T07:05:34ZTill BrehmDomain module prevents subdomains to be added for domains that exist as websitehttps://forum.howtoforge.com/threads/ispconfig-3-2-10p1-subdomain-for-website.90816/https://forum.howtoforge.com/threads/ispconfig-3-2-10p1-subdomain-for-website.90816/3.2.10p2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6528Account limit incorrectly informed in dashboard - ISPConfig 3.2.102023-08-23T11:23:42ZAlexandre Pereira BühlerAccount limit incorrectly informed in dashboard - ISPConfig 3.2.10In ISPConfig 3.2.10 account limits are being reported as unlimited for customers.
It is for the administrator is informed without values or with wrong values..
example for customers:
Assigned web quota 50200 MB of Unlimited MB
example fo...In ISPConfig 3.2.10 account limits are being reported as unlimited for customers.
It is for the administrator is informed without values or with wrong values..
example for customers:
Assigned web quota 50200 MB of Unlimited MB
example for admin:
Assigned database quota MB of Unlimited MB
Prints do bug no fórum do ispconfig:
https://forum.howtoforge.com/threads/account-limit-incorrectly-informed-in-dashboard-ispconfig-3-2-10.90743/3.2.10p2