Skip to content
GitLab
Explore
Sign in
Register
Webslice
ISPConfig 3
Compare revisions
48f2ae57bf069439356642c31c48de70d4c0db04 to 1dc4398ecf884823996b45bb036a2cacd8a07741
Hide whitespace changes
Inline
Side-by-side
Some changes are not shown.
For a faster browsing experience, only
20 of 1000+
files are shown. Download one of the files below to see all changes.
install/tpl/fedora_dovecot2.conf.master
View file @
1dc4398e
...
@@ -7,6 +7,8 @@ mail_privileged_group = vmail
...
@@ -7,6 +7,8 @@ mail_privileged_group = vmail
ssl_cert = </etc/postfix/smtpd.cert
ssl_cert = </etc/postfix/smtpd.cert
ssl_key = </etc/postfix/smtpd.key
ssl_key = </etc/postfix/smtpd.key
ssl_protocols = !SSLv2 !SSLv3
ssl_protocols = !SSLv2 !SSLv3
auth_verbose = yes
mail_plugins = quota
passdb {
passdb {
args = /etc/dovecot-sql.conf
args = /etc/dovecot-sql.conf
driver = sql
driver = sql
...
@@ -20,7 +22,14 @@ userdb {
...
@@ -20,7 +22,14 @@ userdb {
}
}
plugin {
plugin {
quota = dict:user::file:/var/vmail/%d/%n/.quotausage
quota = dict:user::file:/var/vmail/%d/%n/.quotausage
# no longer needed, as 'sieve' is in userdb extra fields:
sieve=/var/vmail/%d/%n/.sieve
sieve=/var/vmail/%d/%n/.sieve
sieve_after=/var/vmail/%d/%n/.ispconfig.sieve
sieve_max_script_size = 2M
sieve_max_actions = 100
sieve_max_redirects = 25
}
}
service auth {
service auth {
unix_listener /var/spool/postfix/private/auth {
unix_listener /var/spool/postfix/private/auth {
...
@@ -42,6 +51,7 @@ service lmtp {
...
@@ -42,6 +51,7 @@ service lmtp {
user = postfix
user = postfix
}
}
}
}
lmtp_rcpt_check_quota = yes
service imap-login {
service imap-login {
client_limit = 1000
client_limit = 1000
process_limit = 500
process_limit = 500
...
@@ -70,10 +80,46 @@ mail_plugins = $mail_plugins quota
...
@@ -70,10 +80,46 @@ mail_plugins = $mail_plugins quota
#2.3+ group = vmail
#2.3+ group = vmail
#2.3+ mode = 0660
#2.3+ mode = 0660
#2.3+ }
#2.3+ }
#2.3+
#2.3+
#2.3+ unix_listener stats-writer {
#2.3+ unix_listener stats-writer {
#2.3+ user = vmail
#2.3+ user = vmail
#2.3+ group = vmail
#2.3+ group = vmail
#2.3+ mode = 0660
#2.3+ mode = 0660
#2.3+ }
#2.3+ }
#2.3+ }
#2.3+ }
service quota-status {
executable = quota-status -p postfix
unix_listener /var/spool/postfix/private/quota-status {
group = postfix
mode = 0660
user = postfix
}
client_limit = 1
}
plugin {
quota_status_success = DUNNO
quota_status_nouser = DUNNO
quota_status_overquota = "552 5.2.2 Mailbox is full"
}
imap_capability=+SEPCIAL-USE XLIST
namespace inbox {
inbox = yes
separator = .
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
}
install/tpl/fedora_postfix.conf.master
View file @
1dc4398e
...
@@ -11,7 +11,7 @@ broken_sasl_auth_clients = yes
...
@@ -11,7 +11,7 @@ broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_authenticated_header = yes
smtpd_restriction_classes = greylisting
smtpd_restriction_classes = greylisting
greylisting = check_policy_service inet:127.0.0.1:10023
greylisting = check_policy_service inet:127.0.0.1:10023
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
{rbl_list}
, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{
rbl_list}{
greylisting}
, check_policy_service unix:private/quota-status
smtpd_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_security_level = may
smtpd_tls_cert_file = {config_dir}/smtpd.cert
smtpd_tls_cert_file = {config_dir}/smtpd.cert
...
@@ -22,7 +22,7 @@ relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
...
@@ -22,7 +22,7 @@ relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
smtpd_helo_required = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access,
reject_invalid_hostname,
reject_non_fqdn_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, reject_non_fqdn_
helo_
hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo
smtpd_sender_restrictions = check_sender_access regexp:{config_dir}/tag_as_originating.re {reject_slm}, permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf, check_sender_access regexp:{config_dir}/tag_as_foreign.re
smtpd_sender_restrictions = check_sender_access regexp:{config_dir}/tag_as_originating.re {reject_slm}, permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf, check_sender_access regexp:{config_dir}/tag_as_foreign.re
smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
smtpd_client_message_rate_limit = 100
smtpd_client_message_rate_limit = 100
...
...
install/tpl/fedora_pureftpd_conf.master
View file @
1dc4398e
...
@@ -241,13 +241,6 @@ MinUID 500
...
@@ -241,13 +241,6 @@ MinUID 500
# Do not use the /etc/ftpusers file to disable accounts. We're already
# using MinUID to block users with uid < 500
UseFtpUsers no
# Allow FXP transfers for authenticated users.
# Allow FXP transfers for authenticated users.
AllowUserFXP no
AllowUserFXP no
...
...
install/tpl/gentoo_postfix.conf.master
View file @
1dc4398e
...
@@ -10,7 +10,7 @@ broken_sasl_auth_clients = yes
...
@@ -10,7 +10,7 @@ broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_authenticated_header = yes
smtpd_restriction_classes = greylisting
smtpd_restriction_classes = greylisting
greylisting = check_policy_service inet:127.0.0.1:10023
greylisting = check_policy_service inet:127.0.0.1:10023
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
{rbl_list}
, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{
rbl_list}{
greylisting}
, check_policy_service unix:private/quota-status
smtpd_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_security_level = may
smtpd_tls_cert_file = {config_dir}/smtpd.cert
smtpd_tls_cert_file = {config_dir}/smtpd.cert
...
@@ -21,7 +21,7 @@ relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
...
@@ -21,7 +21,7 @@ relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
smtpd_helo_required = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, reject_
invalid
_hostname, reject_
non_fqdn
_hostname, check_helo_access regexp:{config_dir}/blacklist_helo
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, reject_
non_fqdn_helo
_hostname, reject_
invalid_helo
_hostname, check_helo_access regexp:{config_dir}/blacklist_helo
smtpd_sender_restrictions = check_sender_access regexp:{config_dir}/tag_as_originating.re {reject_slm}, permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf, check_sender_access regexp:{config_dir}/tag_as_foreign.re
smtpd_sender_restrictions = check_sender_access regexp:{config_dir}/tag_as_originating.re {reject_slm}, permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf, check_sender_access regexp:{config_dir}/tag_as_foreign.re
smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
smtpd_client_message_rate_limit = 100
smtpd_client_message_rate_limit = 100
...
...
install/tpl/jk_chrootsh.ini.master
View file @
1dc4398e
...
@@ -10,4 +10,4 @@
...
@@ -10,4 +10,4 @@
#relax_home_group=1
#relax_home_group=1
skip_injail_passwd_check=1
skip_injail_passwd_check=1
injail_shell=/bin/bash
injail_shell=/bin/bash
env = TERM, PATH
env = TERM, PATH
, LANG
install/tpl/jk_init.ini.master
View file @
1dc4398e
# jk_init.ini: jailkit initialization config
# Includes paths to handle Debian 10/9,
# if other paths are needed please create an issue with the details:
# https://git.ispconfig.org/ispconfig/ispconfig3/-/issues
[uidbasics]
[uidbasics]
# this section probably needs adjustment on 64bit systems
# or non-Linux systems
comment = common files for all jails that need user/group information
comment = common files for all jails that need user/group information
libraries = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, /lib64/libnss*.so.2, /lib/x86_64-linux-gnu/libnss*.so.2
paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, /lib/x86_64-linux-gnu/libnss*.so.2, /lib/arm-linux-gnueabihf/libnss*.so.2, /lib/arm-linux-gnueabihf/libnsl*.so.1, /etc/nsswitch.conf, /etc/ld.so.conf
regularfiles = /etc/nsswitch.conf, /etc/ld.so.conf
[netbasics]
[netbasics]
comment = common files for all jails that need any internet connectivity
comment = common files for all jails that need any internet connectivity
libraries = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, /lib/x86_64-linux-gnu/libnss_dns.so.2
paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, /lib/libnss_mdns*.so.2, /lib/i386-linux-gnu/libnss_dns.so.2, /lib/x86_64-linux-gnu/libnss_dns.so.2, /etc/resolv.conf, /etc/host.conf, /etc/hosts, /etc/protocols, /etc/services, /etc/ssl/certs/, /usr/lib/ssl/certs
regularfiles = /etc/resolv.conf, /etc/host.conf, /etc/hosts, /etc/protocols
[logbasics]
[logbasics]
comment = timezone information
comment = timezone information
and log sockets
regularfile
s = /etc/localtime
path
s = /etc/localtime
need_logsocket = 1
need_logsocket = 1
[jk_lsh]
[jk_lsh]
comment = Jailkit limited shell
comment = Jailkit limited shell
executables = /usr/sbin/jk_lsh
paths = /usr/sbin/jk_lsh, /etc/jailkit/jk_lsh.ini
regularfiles = /etc/jailkit/jk_lsh.ini
users = root
users = root
groups = root
groups = root
need_logsocket = 1
includesections = uidbasics, logbasics
includesections = uidbasics
[limitedshell]
[limitedshell]
comment = alias for jk_lsh
comment = alias for jk_lsh
...
@@ -30,76 +30,77 @@ includesections = jk_lsh
...
@@ -30,76 +30,77 @@ includesections = jk_lsh
[cvs]
[cvs]
comment = Concurrent Versions System
comment = Concurrent Versions System
executables = /usr/bin/
cvs
paths =
cvs
devices = /dev/null
devices = /dev/null
[git]
[git]
comment = Fast Version Control System
comment = Fast Version Control System
executables = /usr/bin/git*
paths = /usr/bin/git*, /usr/lib/git-core, /usr/share/git-core, /usr/bin/pager
directories = /usr/share/git-core
includesections = editors, perl, netbasics, basicshell, coreutils
includesections = editors
[scp]
[scp]
comment = ssh secure copy
comment = ssh secure copy
executables = /usr/bin/
scp
paths =
scp
includesections = netbasics, uidbasics
includesections = netbasics, uidbasics
devices = /dev/urandom
devices = /dev/urandom
[sftp]
[sftp]
comment = ssh secure ftp
comment = ssh secure ftp
executable
s = /usr/lib/sftp-server, /usr/libexec/openssh/sftp-server, /usr/lib/misc/sftp-server, /usr/libexec/sftp-server
path
s = /usr/lib/sftp-server, /usr/libexec/openssh/sftp-server, /usr/lib/misc/sftp-server, /usr/libexec/sftp-server
, /usr/lib/openssh/sftp-server
includesections = netbasics, uidbasics
includesections = netbasics, uidbasics
devices = /dev/urandom, /dev/null
devices = /dev/urandom, /dev/null
# on solaris
#paths = /usr/lib/ssh/sftp-server
[ssh]
[ssh]
comment = ssh secure shell
comment = ssh secure shell
executables = /usr/bin/
ssh
paths =
ssh
includesections = netbasics, uidbasics
includesections = netbasics, uidbasics
devices = /dev/urandom, /dev/tty
devices = /dev/urandom, /dev/tty
, /dev/null
[rsync]
[rsync]
executables = /usr/bin/
rsync
paths =
rsync
includesections = netbasics, uidbasics
includesections = netbasics, uidbasics
[procmail]
[procmail]
comment = procmail mail delivery
comment = procmail mail delivery
executables = /usr/bin/
procmail, /bin/sh
paths =
procmail, /bin/sh
devices = /dev/null
devices = /dev/null
[basicshell]
[basicshell]
comment = bash based shell with several basic utilities
comment = bash based shell with several basic utilities
executables = /bin/sh, /bin/bash, /bin/ls, /bin/cat, /bin/chmod, /bin/mkdir, /bin/cp, /bin/cpio, /bin/date, /bin/dd, /bin/echo, /bin/egrep, /bin/false, /bin/fgrep, /bin/grep, /bin/gunzip, /bin/gzip, /bin/ln, /bin/ls, /bin/mkdir, /bin/mktemp, /bin/more, /bin/mv, /bin/pwd, /bin/rm, /bin/rmdir, /bin/sed, /bin/sh, /bin/sleep, /bin/sync, /bin/tar, /bin/touch, /bin/true, /bin/uncompress, /bin/zcat
paths = /bin/sh, bash, ls, cat, chmod, mkdir, cp, cpio, date, dd, echo, egrep, false, fgrep, grep, gunzip, gzip, ln, ls, mkdir, mktemp, more, mv, pwd, rm, rmdir, sed, sh, sleep, sync, tar, touch, true, uncompress, zcat, /etc/motd, /etc/issue, /etc/bash.bashrc, /etc/bashrc, /etc/profile, /usr/lib/locale/en_US.utf8, uname, expr, xargs
regularfiles = /etc/motd, /etc/issue, /etc/bash.bashrc, /etc/bashrc, /etc/profile
directories = /usr/lib/locale/en_US.utf8
users = root
users = root
groups = root
groups = root
includesections = uidbasics
includesections = uidbasics
[midnightcommander]
[midnightcommander]
comment = Midnight Commander
comment = Midnight Commander
executables = /usr/bin/mc, /usr/bin/mcedit, /usr/bin/mcview
paths = mc, mcedit, mcview, /usr/share/mc
directories = /etc/terminfo, /usr/share/terminfo, /usr/share/mc
includesections = basicshell, terminfo
includesections = basicshell
[extendedshell]
[extendedshell]
comment = bash shell including things like awk, bzip, tail, less
comment = bash shell including things like awk, bzip, tail, less
executables = /usr/bin/awk, /usr/bin/bzip2, /usr/bin/bunzip2, /usr/bin/ldd, /usr/bin/less, /usr/bin/clear, /usr/bin/cut, /usr/bin/du, /usr/bin/find, /usr/bin/head, /usr/bin/less, /usr/bin/md5sum, /usr/bin/nice, /usr/bin/sort, /usr/bin/tac, /usr/bin/tail, /usr/bin/tr, /usr/bin/sort, /usr/bin/wc, /usr/bin/watch, /usr/bin/
whoami
paths = awk, bzip2, bunzip2, ldd, less, clear, cut, du, find, head, less, md5sum, nice, sort, tac, tail, tr, sort, wc, watch,
whoami
includesections = basicshell, midnightcommander, editors
includesections = basicshell, midnightcommander, editors
[terminfo]
comment = terminfo databases, required for example for ncurses or vim
paths = /etc/terminfo, /usr/share/terminfo, /lib/terminfo
[editors]
[editors]
comment = vim, joe and nano
comment = vim, joe and nano
executables = /usr/bin/joe, /usr/bin/nano, /usr/bin/vi, /usr/bin/vim, /usr/bin/pico
includesections = terminfo
regularfiles = /etc/vimrc
paths = joe, nano, vi, vim, /etc/vimrc, /etc/joe, /usr/share/vim
directories = /etc/joe, /etc/terminfo, /usr/share/vim, /usr/share/terminfo, /lib/terminfo
[netutils]
[netutils]
comment = several internet utilities like wget, ftp, rsync, scp, ssh
comment = several internet utilities like wget, ftp, rsync, scp, ssh
executables = /usr/bin/wget, /usr/bin/lynx, /usr/bin/ftp, /usr/bin/host, /usr/bin/rsync, /usr/bin/
smbclient
paths = wget, lynx, ftp, host, rsync,
smbclient
includesections = netbasics, ssh, sftp, scp
includesections = netbasics, ssh, sftp, scp
[apacheutils]
[apacheutils]
comment = htpasswd utility
comment = htpasswd utility
executables = /usr/bin/
htpasswd
paths =
htpasswd
[extshellplusnet]
[extshellplusnet]
comment = alias for extendedshell + netutils + apacheutils
comment = alias for extendedshell + netutils + apacheutils
...
@@ -107,45 +108,120 @@ includesections = extendedshell, netutils, apacheutils
...
@@ -107,45 +108,120 @@ includesections = extendedshell, netutils, apacheutils
[openvpn]
[openvpn]
comment = jail for the openvpn daemon
comment = jail for the openvpn daemon
executable
s = /usr/sbin/openvpn
path
s = /usr/sbin/openvpn
users = root,nobody
users = root,nobody
groups = root,nogroup
groups = root,nogroup
includesections = netbasics
devices = /dev/urandom, /dev/random, /dev/net/tun
devices = /dev/urandom, /dev/random, /dev/net/tun
includesections = netbasics, uidbasics
includesections = netbasics, uidbasics
need_logsocket = 1
need_logsocket = 1
[apache]
[apache]
comment = the apache webserver, very basic setup, probably too limited for you
comment = the apache webserver, very basic setup, probably too limited for you
executable
s = /usr/sbin/apache
path
s = /usr/sbin/apache
users = root, www-data
users = root, www-data
groups = root, www-data
groups = root, www-data
includesections = netbasics, uidbasics
includesections = netbasics, uidbasics
[perl]
[perl]
comment = the perl interpreter and libraries
comment = the perl interpreter and libraries
executables = /usr/bin/perl
paths = perl, /usr/lib/perl, /usr/lib/perl5, /usr/share/perl, /usr/share/perl5
directories = /usr/lib/perl, /usr/lib/perl5, /usr/share/perl, /usr/share/perl5
[xauth]
[xauth]
comment = getting X authentication to work
comment = getting X authentication to work
executables = /usr/bin/X11/xauth
paths = /usr/bin/X11/xauth, /usr/X11R6/lib/X11/rgb.txt, /etc/ld.so.conf
regularfiles = /usr/X11R6/lib/X11/rgb.txt, /etc/ld.so.conf
[xclients]
[xclients]
comment = minimal files for X clients
comment = minimal files for X clients
regularfile
s = /usr/X11R6/lib/X11/rgb.txt
path
s = /usr/X11R6/lib/X11/rgb.txt
includesections = xauth
includesections = xauth
[vncserver]
[vncserver]
comment = the VNC server program
comment = the VNC server program
executables = /usr/bin/Xvnc, /usr/bin/Xrealvnc
paths = Xvnc, Xrealvnc, /usr/X11R6/lib/X11/fonts/
directories = /usr/X11R6/lib/X11/fonts/
includesections = xclients
includesections = xclients
[ping]
comment = Ping program
paths_w_setuid = /bin/ping
#[xterm]
#[xterm]
#comment = xterm
#comment = xterm
#executables = /usr/bin/X11/xterm
#paths = /usr/bin/X11/xterm, /usr/share/terminfo, /etc/terminfo
#directories = /usr/share/terminfo, /etc/terminfo
#devices = /dev/pts/0, /dev/pts/1, /dev/pts/2, /dev/pts/3, /dev/pts/4, /dev/ptyb4, /dev/ptya4, /dev/tty, /dev/tty0, /dev/tty4
#devices = /dev/pts/0, /dev/pts/1, /dev/pts/2, /dev/pts/3, /dev/pts/4, /dev/ptyb4, /dev/ptya4, /dev/tty, /dev/tty0, /dev/tty4
+# coreutils from:
+# (echo -ne '\n[coreutils]\ncomment = non-sbin progs from coreutils\npaths = '; dpkg --listfiles coreutils | grep -E '^/bin/|/usr/bin/' | xargs -n1 -i@ echo -n "@, " | sed -e 's/, *$/\n/g' -e 's|/usr/bin/||g' -e 's|/bin/||g') >> /etc/jailkit/jk_init.ini
[coreutils]
comment = non-sbin progs from coreutils
paths = cat, chgrp, chmod, chown, cp, date, dd, df, dir, echo, false, ln, ls, mkdir, mknod, mktemp, mv, pwd, readlink, rm, rmdir, sleep, stty, sync, touch, true, uname, vdir, [, arch, b2sum, base32, base64, basename, chcon, cksum, comm, csplit, cut, dircolors, dirname, du, env, expand, expr, factor, fmt, fold, groups, head, hostid, id, install, join, link, logname, md5sum, mkfifo, nice, nl, nohup, nproc, numfmt, od, paste, pathchk, pinky, pr, printenv, printf, ptx, realpath, runcon, seq, sha1sum, sha224sum, sha256sum, sha384sum, sha512sum, shred, shuf, sort, split, stat, stdbuf, sum, tac, tail, tee, test, timeout, tr, truncate, tsort, tty, unexpand, uniq, unlink, users, wc, who, whoami, yes, md5sum.textutils
[wp]
comment = WordPress Command Line
paths = wp, /usr/local/bin/php
includesections = php, mysql-client
[mysql-client]
comment = mysql client
paths = mysql, mysqldump, mysqlshow, /usr/lib/libmysqlclient.so, /usr/lib/i386-linux-gnu/libmariadb.so.3, /usr/lib/i386-linux-gnu/mariadb19, /usr/lib/x86_64-linux-gnu/libmariadb.so.3, /usr/lib/x86_64-linux-gnu/mariadb19
includesections = netbasics
[composer]
comment = composer
paths = composer, /usr/local/bin/composer, /usr/share/doc/composer
includesections = php, uidbasics, netbasics
[node]
comment = NodeJS
paths = npm, node, nodejs, /usr/lib/nodejs, /usr/share/node-mime, /usr/lib/node_modules, /usr/local/lib/nodejs, /usr/local/lib/node_modules, elmi-to-json, /usr/local/bin/elmi-to-json
[env]
comment = /usr/bin/env for environment variables
paths = env
# Debian 10 default php version is 7.3 (Debian 9 is 7.0)
# Todo: set default version in ISPConfig installer,
# but install the php cli version matching the website
[php]
comment = default php version and libraries
paths = /usr/bin/php
includesections = php_common, php7_3
[php_common]
comment = common php directories and libraries
# notice: potential information leak
# do not add all of /etc/php/ or any of the fpm directories
# or the php config (which includes custom php snippets) from *all*
# sites which use fpm will be copied to *every* jailkit
paths = /usr/bin/php, /usr/lib/php/, /usr/share/php/, /usr/share/zoneinfo/
includesections = env
[php5_6]
comment = php version 5.6
paths = /usr/bin/php5.6, /usr/lib/php/5.6/, /usr/lib/php/20131226/, /usr/share/php/5.6/, /etc/php/5.6/cli/, /etc/php/5.6/mods-available/
includesections = php_common
[php7_0]
comment = php version 7.0
paths = /usr/bin/php7.0, /usr/lib/php/7.0/, /usr/lib/php/20151012/, /usr/share/php/7.0/, /etc/php/7.0/cli/, /etc/php/7.0/mods-available/
includesections = php_common
[php7_1]
comment = php version 7.1
paths = /usr/bin/php7.1, /usr/lib/php/7.1/, /usr/lib/php/20160303/, /usr/share/php/7.1/, /etc/php/7.1/cli/, /etc/php/7.1/mods-available/
includesections = php_common
[php7_2]
comment = php version 7.2
paths = /usr/bin/php7.2, /usr/lib/php/7.2/, /usr/lib/php/20170718/, /usr/share/php/7.2/, /etc/php/7.2/cli/, /etc/php/7.2/mods-available/
includesections = php_common
[php7_3]
comment = php version 7.3
paths = /usr/bin/php7.3, /usr/lib/php/7.3/, /usr/lib/php/20180731/, /usr/share/php/7.3/, /etc/php/7.3/cli/, /etc/php/7.3/mods-available/
includesections = php_common
[php7_4]
comment = php version 7.4
paths = /usr/bin/php7.4, /usr/lib/php/7.4/, /usr/lib/php/20190902/, /usr/share/php/7.4/, /etc/php/7.4/cli/, /etc/php/7.4/mods-available/
includesections = php_common
install/tpl/master_cf_amavis10025.master
View file @
1dc4398e
...
@@ -8,6 +8,7 @@
...
@@ -8,6 +8,7 @@
-o smtpd_helo_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o strict_rfc821_envelopes=yes
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
...
...
install/tpl/master_cf_amavis10027.master
View file @
1dc4398e
...
@@ -8,6 +8,7 @@
...
@@ -8,6 +8,7 @@
-o smtpd_helo_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o strict_rfc821_envelopes=yes
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
...
...
install/tpl/opensuse_dovecot.conf.master
View file @
1dc4398e
...
@@ -1274,11 +1274,16 @@ plugin {
...
@@ -1274,11 +1274,16 @@ plugin {
#
#
# Location of the active script. When ManageSieve is used this is actually
# Location of the active script. When ManageSieve is used this is actually
# a symlink pointing to the active script in the sieve storage directory.
# a symlink pointing to the active script in the sieve storage directory.
sieve=~/.
dovecot.
sieve
sieve=~/.sieve
#
# The path to the directory where the personal Sieve scripts are stored. For
# The path to the directory where the personal Sieve scripts are stored. For
# ManageSieve this is where the uploaded scripts are stored.
# ManageSieve this is where the uploaded scripts are stored.
sieve_dir=~/sieve
sieve_dir=~/sieve
sieve_after=/var/vmail/%d/%n/.ispconfig.sieve
sieve_max_script_size = 2M
sieve_max_actions = 100
sieve_max_redirects = 25
}
}
# Config files can also be included. deliver doesn't support them currently.
# Config files can also be included. deliver doesn't support them currently.
...
...
install/tpl/opensuse_dovecot2.conf.master
View file @
1dc4398e
...
@@ -7,6 +7,7 @@ mail_privileged_group = vmail
...
@@ -7,6 +7,7 @@ mail_privileged_group = vmail
ssl_cert = </etc/postfix/smtpd.cert
ssl_cert = </etc/postfix/smtpd.cert
ssl_key = </etc/postfix/smtpd.key
ssl_key = </etc/postfix/smtpd.key
ssl_protocols = !SSLv2 !SSLv3
ssl_protocols = !SSLv2 !SSLv3
mail_plugins = quota
passdb {
passdb {
args = /etc/dovecot/dovecot-sql.conf
args = /etc/dovecot/dovecot-sql.conf
driver = sql
driver = sql
...
@@ -20,7 +21,14 @@ userdb {
...
@@ -20,7 +21,14 @@ userdb {
}
}
plugin {
plugin {
quota = dict:user::file:/var/vmail/%d/%n/.quotausage
quota = dict:user::file:/var/vmail/%d/%n/.quotausage
# no longer needed, as 'sieve' is in userdb extra fields:
sieve=/var/vmail/%d/%n/.sieve
sieve=/var/vmail/%d/%n/.sieve
sieve_after=/var/vmail/%d/%n/.ispconfig.sieve
sieve_max_script_size = 2M
sieve_max_actions = 100
sieve_max_redirects = 25
}
}
service auth {
service auth {
unix_listener /var/spool/postfix/private/auth {
unix_listener /var/spool/postfix/private/auth {
...
@@ -42,6 +50,7 @@ service lmtp {
...
@@ -42,6 +50,7 @@ service lmtp {
user = postfix
user = postfix
}
}
}
}
lmtp_rcpt_check_quota = yes
service imap-login {
service imap-login {
client_limit = 1000
client_limit = 1000
process_limit = 500
process_limit = 500
...
@@ -76,3 +85,40 @@ mail_plugins = $mail_plugins quota
...
@@ -76,3 +85,40 @@ mail_plugins = $mail_plugins quota
#2.3+ mode = 0660
#2.3+ mode = 0660
#2.3+ }
#2.3+ }
#2.3+ }
#2.3+ }
service quota-status {
executable = quota-status -p postfix
unix_listener /var/spool/postfix/private/quota-status {
group = postfix
mode = 0660
user = postfix
}
client_limit = 1
}
plugin {
quota_status_success = DUNNO
quota_status_nouser = DUNNO
quota_status_overquota = "552 5.2.2 Mailbox is full"
}
imap_capability=+SEPCIAL-USE XLIST
namespace inbox {
inbox = yes
separator = .
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
}
install/tpl/opensuse_postfix.conf.master
View file @
1dc4398e
...
@@ -13,7 +13,7 @@ broken_sasl_auth_clients = yes
...
@@ -13,7 +13,7 @@ broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_authenticated_header = yes
smtpd_restriction_classes = greylisting
smtpd_restriction_classes = greylisting
greylisting = check_policy_service inet:127.0.0.1:10023
greylisting = check_policy_service inet:127.0.0.1:10023
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
{rbl_list}
, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{
rbl_list}{
greylisting}
, check_policy_service unix:private/quota-status
smtpd_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_security_level = may
smtpd_tls_cert_file = {config_dir}/smtpd.cert
smtpd_tls_cert_file = {config_dir}/smtpd.cert
...
@@ -24,7 +24,7 @@ relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
...
@@ -24,7 +24,7 @@ relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
smtpd_helo_required = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access,
reject_invalid_hostname,
reject_non_fqdn_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, reject_non_fqdn_
helo_
hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo
smtpd_sender_restrictions = check_sender_access regexp:{config_dir}/tag_as_originating.re {reject_slm}, permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf, check_sender_access regexp:{config_dir}/tag_as_foreign.re
smtpd_sender_restrictions = check_sender_access regexp:{config_dir}/tag_as_originating.re {reject_slm}, permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf, check_sender_access regexp:{config_dir}/tag_as_foreign.re
smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
smtpd_client_message_rate_limit = 100
smtpd_client_message_rate_limit = 100
...
...
security
/security_settings.ini
→
install/tpl
/security_settings.ini
.master
View file @
1dc4398e
File moved
install/tpl/server.ini.master
View file @
1dc4398e
...
@@ -121,6 +121,7 @@ overquota_db_notify_client=y
...
@@ -121,6 +121,7 @@ overquota_db_notify_client=y
overquota_notify_onok=n
overquota_notify_onok=n
logging=yes
logging=yes
php_fpm_reload_mode=reload
php_fpm_reload_mode=reload
php_fpm_default_chroot=n
[dns]
[dns]
bind_user=root
bind_user=root
...
...
install/tpl/system.ini.master
View file @
1dc4398e
...
@@ -69,3 +69,4 @@ session_timeout=0
...
@@ -69,3 +69,4 @@ session_timeout=0
session_allow_endless=0
session_allow_endless=0
min_password_length=8
min_password_length=8
min_password_strength=3
min_password_strength=3
ssh_authentication=
interface/lib/classes/aps_guicontroller.inc.php
View file @
1dc4398e
...
@@ -340,6 +340,8 @@ class ApsGUIController extends ApsBase
...
@@ -340,6 +340,8 @@ class ApsGUIController extends ApsBase
"remote_access"
=>
$mysql_db_remote_access
,
"remote_access"
=>
$mysql_db_remote_access
,
"remote_ips"
=>
$mysql_db_remote_ips
,
"remote_ips"
=>
$mysql_db_remote_ips
,
"backup_copies"
=>
$websrv
[
'backup_copies'
],
"backup_copies"
=>
$websrv
[
'backup_copies'
],
"backup_format_web"
=>
$websrv
[
'backup_format_web'
],
"backup_format_db"
=>
$websrv
[
'backup_format_db'
],
"active"
=>
'y'
,
"active"
=>
'y'
,
"backup_interval"
=>
$websrv
[
'backup_interval'
]
"backup_interval"
=>
$websrv
[
'backup_interval'
]
);
);
...
...
interface/lib/classes/custom_datasource.inc.php
View file @
1dc4398e
...
@@ -161,9 +161,10 @@ class custom_datasource {
...
@@ -161,9 +161,10 @@ class custom_datasource {
$sql
=
"SELECT
$server_type
as server_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?"
;
$sql
=
"SELECT
$server_type
as server_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?"
;
$client
=
$app
->
db
->
queryOneRecord
(
$sql
,
$client_group_id
);
$client
=
$app
->
db
->
queryOneRecord
(
$sql
,
$client_group_id
);
if
(
$client
[
'server_id'
]
>
0
)
{
if
(
$client
[
'server_id'
]
>
0
)
{
//* Select the default server for the client
///* Select the available servers for the client
$sql
=
"SELECT server_id,server_name FROM server WHERE server_id = ?"
;
$clientservers
=
explode
(
','
,
$client
[
'server_id'
]);
$records
=
$app
->
db
->
queryAllRecords
(
$sql
,
$client
[
'server_id'
]);
$sql
=
"SELECT server_id,server_name FROM server WHERE server_id IN ? ORDER BY server_name"
;
$records
=
$app
->
db
->
queryAllRecords
(
$sql
,
$clientservers
);
}
else
{
}
else
{
//* Not able to find the clients defaults, use this as fallback and add a warning message to the log
//* Not able to find the clients defaults, use this as fallback and add a warning message to the log
$app
->
log
(
'Unable to find default server for client in custom_datasource.inc.php'
,
1
);
$app
->
log
(
'Unable to find default server for client in custom_datasource.inc.php'
,
1
);
...
...
interface/lib/classes/db_mysql.inc.php
View file @
1dc4398e
...
@@ -258,6 +258,8 @@ class db
...
@@ -258,6 +258,8 @@ class db
private
function
_query
(
$sQuery
=
''
)
{
private
function
_query
(
$sQuery
=
''
)
{
global
$app
;
global
$app
;
$aArgs
=
func_get_args
();
if
(
$sQuery
==
''
)
{
if
(
$sQuery
==
''
)
{
$this
->
_sqlerror
(
'Keine Anfrage angegeben / No query given'
);
$this
->
_sqlerror
(
'Keine Anfrage angegeben / No query given'
);
...
@@ -297,7 +299,6 @@ class db
...
@@ -297,7 +299,6 @@ class db
}
}
}
while
(
$ok
==
false
);
}
while
(
$ok
==
false
);
$aArgs
=
func_get_args
();
$sQuery
=
call_user_func_array
(
array
(
&
$this
,
'_build_query_string'
),
$aArgs
);
$sQuery
=
call_user_func_array
(
array
(
&
$this
,
'_build_query_string'
),
$aArgs
);
$this
->
securityScan
(
$sQuery
);
$this
->
securityScan
(
$sQuery
);
$this
->
_iQueryId
=
mysqli_query
(
$this
->
_iConnId
,
$sQuery
);
$this
->
_iQueryId
=
mysqli_query
(
$this
->
_iConnId
,
$sQuery
);
...
@@ -353,9 +354,11 @@ class db
...
@@ -353,9 +354,11 @@ class db
* @return array result row or NULL if none found
* @return array result row or NULL if none found
*/
*/
public
function
queryOneRecord
(
$sQuery
=
''
)
{
public
function
queryOneRecord
(
$sQuery
=
''
)
{
$aArgs
=
func_get_args
();
if
(
!
preg_match
(
'/limit \d+\s*(,\s*\d+)?$/i'
,
$sQuery
))
$sQuery
.
=
' LIMIT 0,1'
;
if
(
!
preg_match
(
'/limit \d+\s*(,\s*\d+)?$/i'
,
$sQuery
))
$sQuery
.
=
' LIMIT 0,1'
;
$aArgs
=
func_get_args
();
$oResult
=
call_user_func_array
(
array
(
&
$this
,
'query'
),
$aArgs
);
$oResult
=
call_user_func_array
(
array
(
&
$this
,
'query'
),
$aArgs
);
if
(
!
$oResult
)
return
null
;
if
(
!
$oResult
)
return
null
;
...
@@ -1300,7 +1303,7 @@ class fakedb_result {
...
@@ -1300,7 +1303,7 @@ class fakedb_result {
if
(
!
is_array
(
$this
->
aLimitedData
))
return
$aItem
;
if
(
!
is_array
(
$this
->
aLimitedData
))
return
$aItem
;
if
(
list
(
$vKey
,
$aItem
)
=
each
(
$this
->
aLimitedData
)
)
{
for
each
(
$this
->
aLimitedData
as
$vKey
=>
$aItem
)
{
if
(
!
$aItem
)
$aItem
=
null
;
if
(
!
$aItem
)
$aItem
=
null
;
}
}
return
$aItem
;
return
$aItem
;
...
...
interface/lib/classes/ids.inc.php
View file @
1dc4398e
...
@@ -68,7 +68,7 @@ class ids {
...
@@ -68,7 +68,7 @@ class ids {
// Get whitelist
// Get whitelist
$whitelist_path
=
'/usr/local/ispconfig/security/ids.whitelist'
;
$whitelist_path
=
'/usr/local/ispconfig/security/ids.whitelist'
;
if
(
is_
fi
le
(
'/usr/local/ispconfig/security/ids.whitelist.custom'
))
$whitelist_path
=
'/usr/local/ispconfig/security/ids.whitelist.custom'
;
if
(
is_
readab
le
(
'/usr/local/ispconfig/security/ids.whitelist.custom'
))
$whitelist_path
=
'/usr/local/ispconfig/security/ids.whitelist.custom'
;
if
(
!
is_file
(
$whitelist_path
))
$whitelist_path
=
realpath
(
ISPC_ROOT_PATH
.
'/../security/ids.whitelist'
);
if
(
!
is_file
(
$whitelist_path
))
$whitelist_path
=
realpath
(
ISPC_ROOT_PATH
.
'/../security/ids.whitelist'
);
$whitelist_lines
=
file
(
$whitelist_path
);
$whitelist_lines
=
file
(
$whitelist_path
);
...
@@ -91,7 +91,7 @@ class ids {
...
@@ -91,7 +91,7 @@ class ids {
// Get HTML fields
// Get HTML fields
$htmlfield_path
=
'/usr/local/ispconfig/security/ids.htmlfield'
;
$htmlfield_path
=
'/usr/local/ispconfig/security/ids.htmlfield'
;
if
(
is_
fi
le
(
'/usr/local/ispconfig/security/ids.htmlfield.custom'
))
$htmlfield_path
=
'/usr/local/ispconfig/security/ids.htmlfield.custom'
;
if
(
is_
readab
le
(
'/usr/local/ispconfig/security/ids.htmlfield.custom'
))
$htmlfield_path
=
'/usr/local/ispconfig/security/ids.htmlfield.custom'
;
if
(
!
is_file
(
$htmlfield_path
))
$htmlfield_path
=
realpath
(
ISPC_ROOT_PATH
.
'/../security/ids.htmlfield'
);
if
(
!
is_file
(
$htmlfield_path
))
$htmlfield_path
=
realpath
(
ISPC_ROOT_PATH
.
'/../security/ids.htmlfield'
);
$htmlfield_lines
=
file
(
$htmlfield_path
);
$htmlfield_lines
=
file
(
$htmlfield_path
);
...
...
interface/lib/classes/ispcmail.inc.php
View file @
1dc4398e
...
@@ -169,7 +169,7 @@ class ispcmail {
...
@@ -169,7 +169,7 @@ class ispcmail {
$this
->
smtp_host
=
$value
;
$this
->
smtp_host
=
$value
;
break
;
break
;
case
'smtp_port'
:
case
'smtp_port'
:
$this
->
smtp_port
=
$value
;
if
(
intval
(
$value
)
>
0
)
$this
->
smtp_port
=
$value
;
break
;
break
;
case
'smtp_user'
:
case
'smtp_user'
:
$this
->
smtp_user
=
$value
;
$this
->
smtp_user
=
$value
;
...
@@ -586,8 +586,8 @@ class ispcmail {
...
@@ -586,8 +586,8 @@ class ispcmail {
*/
*/
private
function
_smtp_login
()
{
private
function
_smtp_login
()
{
$this
->
_smtp_conn
=
fsockopen
((
$this
->
smtp_crypt
==
'ssl'
?
'tls://'
:
''
)
.
$this
->
smtp_host
,
$this
->
smtp_port
,
$errno
,
$errstr
,
30
);
$this
->
_smtp_conn
=
fsockopen
((
$this
->
smtp_crypt
==
'ssl'
?
'tls://'
:
''
)
.
$this
->
smtp_host
,
$this
->
smtp_port
,
$errno
,
$errstr
,
30
);
$response
=
fgets
(
$this
->
_smtp_conn
,
515
);
if
(
empty
(
$this
->
_smtp_conn
))
return
false
;
if
(
empty
(
$this
->
_smtp_conn
))
return
false
;
$response
=
fgets
(
$this
->
_smtp_conn
,
515
);
//Say Hello to SMTP
//Say Hello to SMTP
if
(
$this
->
smtp_helo
==
''
)
$this
->
detectHelo
();
if
(
$this
->
smtp_helo
==
''
)
$this
->
detectHelo
();
...
@@ -607,8 +607,11 @@ class ispcmail {
...
@@ -607,8 +607,11 @@ class ispcmail {
}
}
stream_context_set_option
(
$this
->
_smtp_conn
,
'ssl'
,
'verify_host'
,
false
);
stream_context_set_option
(
$this
->
_smtp_conn
,
'ssl'
,
'verify_host'
,
false
);
stream_context_set_option
(
$this
->
_smtp_conn
,
'ssl'
,
'verify_peer'
,
false
);
stream_context_set_option
(
$this
->
_smtp_conn
,
'ssl'
,
'verify_peer'
,
false
);
stream_context_set_option
(
$this
->
_smtp_conn
,
'ssl'
,
'verify_peer_name'
,
false
);
stream_context_set_option
(
$this
->
_smtp_conn
,
'ssl'
,
'allow_self_signed'
,
true
);
stream_context_set_option
(
$this
->
_smtp_conn
,
'ssl'
,
'allow_self_signed'
,
true
);
stream_socket_enable_crypto
(
$this
->
_smtp_conn
,
true
,
$crypto_method
);
if
(
stream_socket_enable_crypto
(
$this
->
_smtp_conn
,
true
,
$crypto_method
)
!=
true
)
{
return
false
;
}
}
}
//AUTH LOGIN
//AUTH LOGIN
...
...
interface/lib/classes/listform_actions.inc.php
View file @
1dc4398e
...
@@ -189,10 +189,11 @@ class listform_actions {
...
@@ -189,10 +189,11 @@ class listform_actions {
//* substitute value for select fields
//* substitute value for select fields
if
(
is_array
(
$app
->
listform
->
listDef
[
'item'
])
&&
count
(
$app
->
listform
->
listDef
[
'item'
])
>
0
)
{
if
(
is_array
(
$app
->
listform
->
listDef
[
'item'
])
&&
count
(
$app
->
listform
->
listDef
[
'item'
])
>
0
)
{
foreach
(
$app
->
listform
->
listDef
[
'item'
]
as
$field
)
{
foreach
(
$app
->
listform
->
listDef
[
'item'
]
as
$field
)
{
if
(
$rec
[
'active'
]
==
'n'
)
$rec
[
'warn_inactive'
]
=
'y'
;
$key
=
$field
[
'field'
];
$key
=
$field
[
'field'
];
if
(
isset
(
$field
[
'formtype'
])
&&
$field
[
'formtype'
]
==
'SELECT'
)
{
if
(
isset
(
$field
[
'formtype'
])
&&
$field
[
'formtype'
]
==
'SELECT'
)
{
if
(
strtolower
(
$rec
[
$key
])
==
'y'
or
strtolower
(
$rec
[
$key
])
==
'n'
)
{
if
(
strtolower
(
$rec
[
$key
])
==
'y'
or
strtolower
(
$rec
[
$key
])
==
'n'
)
{
// Set a additional image variable for bolean fields
// Set a additional image variable for bo
o
lean fields
$rec
[
'_'
.
$key
.
'_'
]
=
(
strtolower
(
$rec
[
$key
])
==
'y'
)
?
'x16/tick_circle.png'
:
'x16/cross_circle.png'
;
$rec
[
'_'
.
$key
.
'_'
]
=
(
strtolower
(
$rec
[
$key
])
==
'y'
)
?
'x16/tick_circle.png'
:
'x16/cross_circle.png'
;
}
}
//* substitute value for select field
//* substitute value for select field
...
...
Prev
1
2
3
4
5
6
…
50
Next