diff --git a/install/dist/lib/fedora.lib.php b/install/dist/lib/fedora.lib.php index f1d57f9c83fdb12327395262570c061feaca865b..8cf13ff19fed482c01dcab1e7a15a9776a04c53f 100644 --- a/install/dist/lib/fedora.lib.php +++ b/install/dist/lib/fedora.lib.php @@ -53,6 +53,14 @@ class installer_dist extends installer_base { $cf = $conf['postfix']; $config_dir = $cf['config_dir']; + exec('postconf mail_version', $ret); + $postfix_version=str_replace('mail_version = ', '', $ret[0]); + unset($ret); + exec('openssl version', $ret); + $openssl_version=$ret[0]; + unset($ret); + $use_pfs=@(version_compare($openssl_version, 'OpenSSL 0.9', '>=') && version_compare($postfix_version, '2.6', '>='))?true:false; + if(!is_dir($config_dir)){ $this->error("The postfix configuration directory '$config_dir' does not exist."); } @@ -163,6 +171,19 @@ class installer_dist extends installer_base { '{greylisting}' => $greylisting, '{reject_slm}' => $reject_sender_login_mismatch, ); + + //* If PFS is possible, configure it + if($use_pfs && !file_exists($config_dir.'/dh_512.pem')) exec('openssl gendh -out '.$config_dir.'/dh_512.pem -2 512'); + if($use_pfs && !file_exists($config_dir.'/dh_2048.pem')) exec('openssl gendh -out '.$config_dir.'/dh_2048.pem -2 2048'); + if($use_pfs && file_exists($config_dir.'/dh_512.pem') && file_exists($config_dir.'/dh_2048.pem')) { + $postconf_placeholders = array_merge($postconf_placeholders, array( + '{smtpd_tls_dh512_param_file}' => $config_dir.'/dh_512.pem', + '{smtpd_tls_dh1024_param_file}' => $config_dir.'/dh_2048.pem' )); + } else { + $postconf_placeholders = array_merge($postconf_placeholders, array( + '{smtpd_tls_dh512_param_file}' => '', + '{smtpd_tls_dh1024_param_file}' => '')); + } $postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_postfix.conf.master', 'tpl/fedora_postfix.conf.master'); $postconf_tpl = strtr($postconf_tpl, $postconf_placeholders); diff --git a/install/dist/lib/gentoo.lib.php b/install/dist/lib/gentoo.lib.php index af692b16896abdc8d4c6c1107cce3429d59e6003..17c1797ebea20333dd61e5854d32e64f4007a1cb 100644 --- a/install/dist/lib/gentoo.lib.php +++ b/install/dist/lib/gentoo.lib.php @@ -54,6 +54,14 @@ class installer extends installer_base $cf = $conf['postfix']; $config_dir = $cf['config_dir']; + exec('postconf mail_version', $ret); + $postfix_version=str_replace('mail_version = ', '', $ret[0]); + unset($ret); + exec('openssl version', $ret); + $openssl_version=$ret[0]; + unset($ret); + $use_pfs=@(version_compare($openssl_version, 'OpenSSL 0.9', '>=') && version_compare($postfix_version, '2.6', '>='))?true:false; + if(!is_dir($config_dir)){ $this->error("The postfix configuration directory '$config_dir' does not exist."); } @@ -116,6 +124,19 @@ class installer extends installer_base '{reject_slm}' => $reject_sender_login_mismatch, ); + //* If PFS is possible, configure it + if($use_pfs && !file_exists($config_dir.'/dh_512.pem')) exec('openssl gendh -out '.$config_dir.'/dh_512.pem -2 512'); + if($use_pfs && !file_exists($config_dir.'/dh_2048.pem')) exec('openssl gendh -out '.$config_dir.'/dh_2048.pem -2 2048'); + if($use_pfs && file_exists($config_dir.'/dh_512.pem') && file_exists($config_dir.'/dh_2048.pem')) { + $postconf_placeholders = array_merge($postconf_placeholders, array( + '{smtpd_tls_dh512_param_file}' => $config_dir.'/dh_512.pem', + '{smtpd_tls_dh1024_param_file}' => $config_dir.'/dh_2048.pem' )); + } else { + $postconf_placeholders = array_merge($postconf_placeholders, array( + '{smtpd_tls_dh512_param_file}' => '', + '{smtpd_tls_dh1024_param_file}' => '')); + } + $postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/gentoo_postfix.conf.master', 'tpl/gentoo_postfix.conf.master'); $postconf_tpl = strtr($postconf_tpl, $postconf_placeholders); $postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines diff --git a/install/dist/lib/opensuse.lib.php b/install/dist/lib/opensuse.lib.php index b83b24dcfaf0615aa6c034d95f80e1ce63fcada1..99da9742e68e6f57e5744cd6daeafc6fbbd331a4 100644 --- a/install/dist/lib/opensuse.lib.php +++ b/install/dist/lib/opensuse.lib.php @@ -53,6 +53,14 @@ class installer_dist extends installer_base { $cf = $conf['postfix']; $config_dir = $cf['config_dir']; + exec('postconf mail_version', $ret); + $postfix_version=str_replace('mail_version = ', '', $ret[0]); + unset($ret); + exec('openssl version', $ret); + $openssl_version=$ret[0]; + unset($ret); + $use_pfs=@(version_compare($openssl_version, 'OpenSSL 0.9', '>=') && version_compare($postfix_version, '2.6', '>='))?true:false; + if(!is_dir($config_dir)){ $this->error("The postfix configuration directory '$config_dir' does not exist."); } @@ -174,6 +182,19 @@ class installer_dist extends installer_base { '{greylisting}' => $greylisting, '{reject_slm}' => $reject_sender_login_mismatch, ); + + //* If PFS is possible, configure it + if($use_pfs && !file_exists($config_dir.'/dh_512.pem')) exec('openssl gendh -out '.$config_dir.'/dh_512.pem -2 512'); + if($use_pfs && !file_exists($config_dir.'/dh_2048.pem')) exec('openssl gendh -out '.$config_dir.'/dh_2048.pem -2 2048'); + if($use_pfs && file_exists($config_dir.'/dh_512.pem') && file_exists($config_dir.'/dh_2048.pem')) { + $postconf_placeholders = array_merge($postconf_placeholders, array( + '{smtpd_tls_dh512_param_file}' => $config_dir.'/dh_512.pem', + '{smtpd_tls_dh1024_param_file}' => $config_dir.'/dh_2048.pem' )); + } else { + $postconf_placeholders = array_merge($postconf_placeholders, array( + '{smtpd_tls_dh512_param_file}' => '', + '{smtpd_tls_dh1024_param_file}' => '')); + } $postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_postfix.conf.master', 'tpl/opensuse_postfix.conf.master'); $postconf_tpl = strtr($postconf_tpl, $postconf_placeholders); diff --git a/install/tpl/debian_postfix.conf.master b/install/tpl/debian_postfix.conf.master index b7dbea6300a8cc251c64e2b2a2b4e25748f737b1..82cd9a1548d74153218c739c07bc043866e9ce94 100644 --- a/install/tpl/debian_postfix.conf.master +++ b/install/tpl/debian_postfix.conf.master @@ -44,3 +44,9 @@ smtpd_tls_protocols = !SSLv2,!SSLv3 smtp_tls_protocols = !SSLv2,!SSLv3 smtpd_tls_exclude_ciphers = RC4, aNULL smtp_tls_exclude_ciphers = RC4, aNULL +smtpd_tls_dh512_param_file = {smtpd_tls_dh512_param_file} +smtpd_tls_dh1024_param_file = {smtpd_tls_dh1024_param_file} +smtpd_tls_eecdh_grade = strong +tls_preempt_cipherlist = yes +smtp_tls_loglevel = 1 +smtpd_tls_loglevel = 1 diff --git a/install/tpl/fedora_postfix.conf.master b/install/tpl/fedora_postfix.conf.master index f06af8228807cf896136004256ae21eea75fc9b9..28a38994ad6426f917c2da1a2a2f9e957b4abb11 100644 --- a/install/tpl/fedora_postfix.conf.master +++ b/install/tpl/fedora_postfix.conf.master @@ -40,3 +40,9 @@ smtpd_tls_protocols = !SSLv2,!SSLv3 smtp_tls_protocols = !SSLv2,!SSLv3 smtpd_tls_exclude_ciphers = RC4, aNULL smtp_tls_exclude_ciphers = RC4, aNULL +smtpd_tls_dh512_param_file = {smtpd_tls_dh512_param_file} +smtpd_tls_dh1024_param_file = {smtpd_tls_dh1024_param_file} +smtpd_tls_eecdh_grade = strong +tls_preempt_cipherlist = yes +smtp_tls_loglevel = 1 +smtpd_tls_loglevel = 1 diff --git a/install/tpl/gentoo_postfix.conf.master b/install/tpl/gentoo_postfix.conf.master index dc20e02c13c44b00b89b030f9a6b99aa4ce9a142..3c7015e507219345c35030e3be569d0830e3908d 100644 --- a/install/tpl/gentoo_postfix.conf.master +++ b/install/tpl/gentoo_postfix.conf.master @@ -39,3 +39,9 @@ smtpd_tls_protocols = !SSLv2,!SSLv3 smtp_tls_protocols = !SSLv2,!SSLv3 smtpd_tls_exclude_ciphers = RC4, aNULL smtp_tls_exclude_ciphers = RC4, aNULL +smtpd_tls_dh512_param_file = {smtpd_tls_dh512_param_file} +smtpd_tls_dh1024_param_file = {smtpd_tls_dh1024_param_file} +smtpd_tls_eecdh_grade = strong +tls_preempt_cipherlist = yes +smtp_tls_loglevel = 1 +smtpd_tls_loglevel = 1 diff --git a/install/tpl/opensuse_postfix.conf.master b/install/tpl/opensuse_postfix.conf.master index 4192f988b5213775cc7b47a99b70f3add21946cc..fb2e911b5bf5db474543151475d9c8448b0e912d 100644 --- a/install/tpl/opensuse_postfix.conf.master +++ b/install/tpl/opensuse_postfix.conf.master @@ -42,3 +42,9 @@ smtpd_tls_protocols = !SSLv2,!SSLv3 smtp_tls_protocols = !SSLv2,!SSLv3 smtpd_tls_exclude_ciphers = RC4, aNULL smtp_tls_exclude_ciphers = RC4, aNULL +smtpd_tls_dh512_param_file = {smtpd_tls_dh512_param_file} +smtpd_tls_dh1024_param_file = {smtpd_tls_dh1024_param_file} +smtpd_tls_eecdh_grade = strong +tls_preempt_cipherlist = yes +smtp_tls_loglevel = 1 +smtpd_tls_loglevel = 1 diff --git a/install/tpl/server.ini.master b/install/tpl/server.ini.master index 079d6344885c06bd75a389ce38fe4580f8f0c46a..f5dff79405ae42b8eaaa8a08ae28f9d194ccccad 100644 --- a/install/tpl/server.ini.master +++ b/install/tpl/server.ini.master @@ -102,7 +102,7 @@ php_fpm_ini_path=/etc/php5/fpm/php.ini php_fpm_pool_dir=/etc/php5/fpm/pool.d php_fpm_start_port=9010 php_fpm_socket_dir=/var/lib/php5-fpm -php_default_name=Default +php_default_name=default set_folder_permissions_on_update=n add_web_users_to_sshusers_group=y connect_userid_to_webid=n diff --git a/interface/web/admin/lib/lang/de_server_php_list.lng b/interface/web/admin/lib/lang/de_server_php_list.lng index d775fc6c00b535376441399a9c4d6f3b016b3e43..fe9a72ea150a4fc513dfea3f1ddf6c1ad1933f9b 100644 --- a/interface/web/admin/lib/lang/de_server_php_list.lng +++ b/interface/web/admin/lib/lang/de_server_php_list.lng @@ -4,4 +4,5 @@ $wb['server_id_txt'] = 'Server'; $wb['add_new_record_txt'] = 'Neue PHP Version hinzufügen'; $wb['client_id_txt'] = 'Kunde'; $wb['name_txt'] = 'PHP Name'; +$wb['active_txt'] = 'Aktiv'; ?> diff --git a/interface/web/admin/lib/lang/en_server_php_list.lng b/interface/web/admin/lib/lang/en_server_php_list.lng index b402fd1ed19978b32027a9ed16e7b44f241db93e..62cbe6168714b18ba4fca490280c30c945e09e7c 100644 --- a/interface/web/admin/lib/lang/en_server_php_list.lng +++ b/interface/web/admin/lib/lang/en_server_php_list.lng @@ -4,4 +4,5 @@ $wb['server_id_txt'] = 'Server'; $wb['add_new_record_txt'] = 'Add new PHP version'; $wb['client_id_txt'] = 'Client'; $wb['name_txt'] = 'PHP Name'; +$wb['active_txt'] = 'Active'; ?> diff --git a/interface/web/admin/list/server_php.list.php b/interface/web/admin/list/server_php.list.php index ee4ad1ab918c17271d847b9dfad76fbe3963252a..a4a38901ab4565bf9f704265e240b280f2c5bacb 100644 --- a/interface/web/admin/list/server_php.list.php +++ b/interface/web/admin/list/server_php.list.php @@ -44,6 +44,15 @@ $liste['auth'] = 'no'; * Suchfelder *****************************************************/ +$liste['item'][] = array( 'field' => 'active', + 'datatype' => 'VARCHAR', + 'formtype' => 'SELECT', + 'op' => '=', + 'prefix' => '', + 'suffix' => '', + 'width' => '', + 'value' => array('y' => $app->lng('yes_txt'), 'n' => $app->lng('no_txt'))); + $liste['item'][] = array( 'field' => 'server_id', 'datatype' => 'INTEGER', 'formtype' => 'SELECT', diff --git a/interface/web/admin/templates/server_php_list.htm b/interface/web/admin/templates/server_php_list.htm index 0fb98965bdd58931a6463933919b5fc8a3e76c6d..5a6392eea33a18664e1d9459ba05142d38c3768b 100644 --- a/interface/web/admin/templates/server_php_list.htm +++ b/interface/web/admin/templates/server_php_list.htm @@ -15,12 +15,14 @@ + + @@ -32,6 +34,7 @@ + @@ -54,4 +57,4 @@
{tmpl_var name='search_limit'}
{tmpl_var name="active"} {tmpl_var name="server_id"} {tmpl_var name="client_id"} {tmpl_var name="name"}
- \ No newline at end of file +