From 868dd8b146e76ea3c83c26855ae2f60b22d989d2 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 15 Aug 2019 21:42:57 +0300 Subject: [PATCH 1/4] Release 0.9.8-25 --- src/deb/ioncube/control | 2 +- src/deb/nginx/control | 2 +- src/deb/php/control | 2 +- src/deb/softaculous/control | 2 +- src/deb/vesta/control | 2 +- src/rpm/specs/vesta-ioncube.spec | 2 +- src/rpm/specs/vesta-nginx.spec | 2 +- src/rpm/specs/vesta-php.spec | 2 +- src/rpm/specs/vesta-softaculous.spec | 2 +- src/rpm/specs/vesta.spec | 7 +++++-- upd/add_notifications.sh | 2 +- 11 files changed, 15 insertions(+), 12 deletions(-) diff --git a/src/deb/ioncube/control b/src/deb/ioncube/control index 8b264b80..eb6cbe88 100644 --- a/src/deb/ioncube/control +++ b/src/deb/ioncube/control @@ -1,7 +1,7 @@ Source: vesta-ioncube Package: vesta-ioncube Priority: optional -Version: 0.9.8-24 +Version: 0.9.8-25 Section: admin Maintainer: Serghey Rodin Homepage: https://www.ioncube.com diff --git a/src/deb/nginx/control b/src/deb/nginx/control index 970f8dbe..8ee25b92 100644 --- a/src/deb/nginx/control +++ b/src/deb/nginx/control @@ -1,7 +1,7 @@ Source: vesta-nginx Package: vesta-nginx Priority: optional -Version: 0.9.8-24 +Version: 0.9.8-25 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/deb/php/control b/src/deb/php/control index 3b8055de..55f27612 100644 --- a/src/deb/php/control +++ b/src/deb/php/control @@ -1,7 +1,7 @@ Source: vesta-php Package: vesta-php Priority: optional -Version: 0.9.8-24 +Version: 0.9.8-25 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/deb/softaculous/control b/src/deb/softaculous/control index f47048a6..9c5ad99c 100644 --- a/src/deb/softaculous/control +++ b/src/deb/softaculous/control @@ -1,7 +1,7 @@ Source: vesta-softaculous Package: vesta-softaculous Priority: optional -Version: 0.9.8-24 +Version: 0.9.8-25 Section: admin Maintainer: Serghey Rodin Homepage: https://www.softaculous.com diff --git a/src/deb/vesta/control b/src/deb/vesta/control index 3e7bdd64..2a6ddaf2 100644 --- a/src/deb/vesta/control +++ b/src/deb/vesta/control @@ -1,7 +1,7 @@ Source: vesta Package: vesta Priority: optional -Version: 0.9.8-24 +Version: 0.9.8-25 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/rpm/specs/vesta-ioncube.spec b/src/rpm/specs/vesta-ioncube.spec index 4dbf3203..868d84bd 100644 --- a/src/rpm/specs/vesta-ioncube.spec +++ b/src/rpm/specs/vesta-ioncube.spec @@ -1,6 +1,6 @@ Name: vesta-ioncube Version: 0.9.8 -Release: 24 +Release: 25 Summary: ionCube Loader Group: System Environment/Base License: "Freely redistributable without restriction" diff --git a/src/rpm/specs/vesta-nginx.spec b/src/rpm/specs/vesta-nginx.spec index 8fb887c9..3d3ab4bd 100644 --- a/src/rpm/specs/vesta-nginx.spec +++ b/src/rpm/specs/vesta-nginx.spec @@ -1,6 +1,6 @@ Name: vesta-nginx Version: 0.9.8 -Release: 24 +Release: 25 Summary: Vesta Control Panel Group: System Environment/Base License: BSD-like diff --git a/src/rpm/specs/vesta-php.spec b/src/rpm/specs/vesta-php.spec index 336e1e77..ee07bbd0 100644 --- a/src/rpm/specs/vesta-php.spec +++ b/src/rpm/specs/vesta-php.spec @@ -1,6 +1,6 @@ Name: vesta-php Version: 0.9.8 -Release: 24 +Release: 25 Summary: Vesta Control Panel Group: System Environment/Base License: GPL diff --git a/src/rpm/specs/vesta-softaculous.spec b/src/rpm/specs/vesta-softaculous.spec index 86baeb29..23b8cf16 100644 --- a/src/rpm/specs/vesta-softaculous.spec +++ b/src/rpm/specs/vesta-softaculous.spec @@ -1,6 +1,6 @@ Name: vesta-softaculous Version: 0.9.8 -Release: 24 +Release: 25 Summary: Vesta Control Panel Group: System Environment/Base License: Softaculous License diff --git a/src/rpm/specs/vesta.spec b/src/rpm/specs/vesta.spec index d632cc55..d0b59e6a 100644 --- a/src/rpm/specs/vesta.spec +++ b/src/rpm/specs/vesta.spec @@ -1,6 +1,6 @@ Name: vesta Version: 0.9.8 -Release: 24 +Release: 25 Summary: Vesta Control Panel Group: System Environment/Base License: GPL @@ -68,6 +68,10 @@ fi %config(noreplace) %{_vestadir}/web/css/uploadify.css %changelog +* Thu Aug 15 2019 Serghey Rodin - 0.9.8-25 +- Security bugfixes +- LEv2 idn fix + * Mon Apr 18 2019 Serghey Rodin - 0.9.8-24 - Bugfixes - Security patches @@ -75,7 +79,6 @@ fi - Server LE - i18n updates - * Thu Oct 18 2018 Serghey Rodin - 0.9.8-23 - Security fixes diff --git a/upd/add_notifications.sh b/upd/add_notifications.sh index 4aecf68c..06882d29 100755 --- a/upd/add_notifications.sh +++ b/upd/add_notifications.sh @@ -5,4 +5,4 @@ rm -f /usr/local/vesta/data/users/admin/notifications.conf /usr/local/vesta/bin/v-add-user-notification admin "File Manager" "Browse, copy, edit, view, and retrieve all your web domain files using a fully featured File Manager. Plugin is available for purchase." 'filemanager' /usr/local/vesta/bin/v-add-user-notification admin "Chroot SFTP" "If you want to have SFTP accounts that will be used only to transfer files (and not to SSH), you can purchase and enable SFTP Chroot" /usr/local/vesta/bin/v-add-user-notification admin "Softaculous" "Softaculous is one of the best Auto Installers and it is finally available" -/usr/local/vesta/bin/v-add-user-notification admin "Release 0.9.8-24" "This release is about stability and refinement. We added Let's Encrypt v2 support and added server certificate management tools. For more information please read release notes" +/usr/local/vesta/bin/v-add-user-notification admin "Release 0.9.8-25" "This release is about stability and refinement. We added Let's Encrypt v2 support and added server certificate management tools. For more information please read release notes" From e82ad200b7168c42e8b0bb1b7cc228cc19cfc847 Mon Sep 17 00:00:00 2001 From: dpeca Date: Sun, 18 Aug 2019 16:37:00 +0200 Subject: [PATCH 2/4] Translated added string in sr.php --- web/inc/i18n/sr.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/inc/i18n/sr.php b/web/inc/i18n/sr.php index 759ab6c9..2b91b293 100644 --- a/web/inc/i18n/sr.php +++ b/web/inc/i18n/sr.php @@ -1,7 +1,7 @@ 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', - 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', + 'Use Web Domain SSL Certificate' => 'Koristi Web Domain SSL sertifikat', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL podrška', 'phpMyAdmin URL' => 'phpMyAdmin URL', From 84ef0a118fd73351126fb0e0da3392fe282eb789 Mon Sep 17 00:00:00 2001 From: dpeca Date: Sat, 24 Aug 2019 16:13:03 +0200 Subject: [PATCH 3/4] Changing /usr/local/vesta to $VESTA --- bin/v-add-firewall-chain | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-add-firewall-chain b/bin/v-add-firewall-chain index 5026d264..0bac12da 100755 --- a/bin/v-add-firewall-chain +++ b/bin/v-add-firewall-chain @@ -22,7 +22,7 @@ protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]') iptables="/sbin/iptables" # Get vesta port by reading nginx.conf -vestaport=$(grep 'listen' /usr/local/vesta/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||") +vestaport=$(grep 'listen' $VESTA/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||") if [ -z "$vestaport" ]; then vestaport=8083 fi From ae328a0935168aa83e2768714bebfb6c2295aa7f Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Tue, 24 Sep 2019 01:08:17 +0300 Subject: [PATCH 4/4] added support for HTTP/2 Let's Encrypt servers --- bin/v-add-letsencrypt-domain | 20 ++++++++++---------- bin/v-add-letsencrypt-user | 6 +++--- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain index 6a12af87..59d51c61 100755 --- a/bin/v-add-letsencrypt-domain +++ b/bin/v-add-letsencrypt-domain @@ -109,8 +109,8 @@ fi # Requesting nonce / STEP 1 answer=$(curl -s -I "$API/directory") -nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') -status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ') +nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n') +status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ') if [[ "$status" -ne 200 ]]; then check_result $E_CONNECT "Let's Encrypt nonce request status $status" fi @@ -125,10 +125,10 @@ done payload=$(echo "$payload"|sed "s/,$//") payload=$payload']}' answer=$(query_le_v2 "$url" "$payload" "$nonce") -nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') +nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n') authz=$(echo "$answer" |grep "acme/authz" |cut -f2 -d '"') finalize=$(echo "$answer" |grep 'finalize":' |cut -f4 -d '"') -status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ') +status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ') if [[ "$status" -ne 201 ]]; then check_result $E_CONNECT "Let's Encrypt new auth status $status" fi @@ -139,8 +139,8 @@ for auth in $authz; do answer=$(query_le_v2 "$auth" "$payload" "$nonce") url=$(echo "$answer" |grep -A3 $proto |grep url |cut -f 4 -d \") token=$(echo "$answer" |grep -A3 $proto |grep token |cut -f 4 -d \") - nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') - status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ') + nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n') + status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ') if [[ "$status" -ne 200 ]]; then check_result $E_CONNECT "Let's Encrypt acme/authz bad status $status" fi @@ -198,8 +198,8 @@ for auth in $authz; do payload='{}' answer=$(query_le_v2 "$url" "$payload" "$nonce") validation=$(echo "$answer"|grep -A1 $proto |tail -n1|cut -f4 -d \") - nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') - status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ') + nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n') + status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ') if [[ "$status" -ne 200 ]]; then check_result $E_CONNECT "Let's Encrypt validation status $status" fi @@ -224,8 +224,8 @@ ssl_dir=$($BIN/v-generate-ssl-cert "$domain" "info@$domain" "US" "California"\ csr=$(openssl req -in $ssl_dir/$domain.csr -outform DER |encode_base64) payload='{"csr":"'$csr'"}' answer=$(query_le_v2 "$finalize" "$payload" "$nonce") -nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') -status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ') +nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n') +status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ') certificate=$(echo "$answer"|grep 'certificate":' |cut -f4 -d '"') if [[ "$status" -ne 200 ]]; then check_result $E_CONNECT "Let's Encrypt finalize bad status $status" diff --git a/bin/v-add-letsencrypt-user b/bin/v-add-letsencrypt-user index f3a19163..11aec113 100755 --- a/bin/v-add-letsencrypt-user +++ b/bin/v-add-letsencrypt-user @@ -103,16 +103,16 @@ fi # Requesting ACME nonce -nonce=$(curl -s -I "$API/directory" |grep Nonce |cut -f 2 -d \ |tr -d '\r\n') +nonce=$(curl -s -I "$API/directory" |grep -i nonce |cut -f2 -d\ |tr -d '\r\n') # Creating ACME account url="$API/acme/new-acct" payload='{"termsOfServiceAgreed": true}' answer=$(query_le_v2 "$url" "$payload" "$nonce") -kid=$(echo "$answer" |grep Location: |cut -f2 -d ' '|tr -d '\r') +kid=$(echo "$answer" |grep -i location: |cut -f2 -d ' '|tr -d '\r') # Checking answer status -status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ') +status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ') if [[ "${status:0:2}" -ne "20" ]]; then check_result $E_CONNECT "Let's Encrypt acc registration failed $status" fi