From 868dd8b146e76ea3c83c26855ae2f60b22d989d2 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 15 Aug 2019 21:42:57 +0300 Subject: [PATCH 1/4] Release 0.9.8-25 --- src/deb/ioncube/control | 2 +- src/deb/nginx/control | 2 +- src/deb/php/control | 2 +- src/deb/softaculous/control | 2 +- src/deb/vesta/control | 2 +- src/rpm/specs/vesta-ioncube.spec | 2 +- src/rpm/specs/vesta-nginx.spec | 2 +- src/rpm/specs/vesta-php.spec | 2 +- src/rpm/specs/vesta-softaculous.spec | 2 +- src/rpm/specs/vesta.spec | 7 +++++-- upd/add_notifications.sh | 2 +- 11 files changed, 15 insertions(+), 12 deletions(-) diff --git a/src/deb/ioncube/control b/src/deb/ioncube/control index 8b264b80d..eb6cbe887 100644 --- a/src/deb/ioncube/control +++ b/src/deb/ioncube/control @@ -1,7 +1,7 @@ Source: vesta-ioncube Package: vesta-ioncube Priority: optional -Version: 0.9.8-24 +Version: 0.9.8-25 Section: admin Maintainer: Serghey Rodin Homepage: https://www.ioncube.com diff --git a/src/deb/nginx/control b/src/deb/nginx/control index 970f8dbea..8ee25b92e 100644 --- a/src/deb/nginx/control +++ b/src/deb/nginx/control @@ -1,7 +1,7 @@ Source: vesta-nginx Package: vesta-nginx Priority: optional -Version: 0.9.8-24 +Version: 0.9.8-25 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/deb/php/control b/src/deb/php/control index 3b8055de5..55f27612e 100644 --- a/src/deb/php/control +++ b/src/deb/php/control @@ -1,7 +1,7 @@ Source: vesta-php Package: vesta-php Priority: optional -Version: 0.9.8-24 +Version: 0.9.8-25 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/deb/softaculous/control b/src/deb/softaculous/control index f47048a6f..9c5ad99cc 100644 --- a/src/deb/softaculous/control +++ b/src/deb/softaculous/control @@ -1,7 +1,7 @@ Source: vesta-softaculous Package: vesta-softaculous Priority: optional -Version: 0.9.8-24 +Version: 0.9.8-25 Section: admin Maintainer: Serghey Rodin Homepage: https://www.softaculous.com diff --git a/src/deb/vesta/control b/src/deb/vesta/control index 3e7bdd642..2a6ddaf20 100644 --- a/src/deb/vesta/control +++ b/src/deb/vesta/control @@ -1,7 +1,7 @@ Source: vesta Package: vesta Priority: optional -Version: 0.9.8-24 +Version: 0.9.8-25 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/rpm/specs/vesta-ioncube.spec b/src/rpm/specs/vesta-ioncube.spec index 4dbf3203c..868d84bd3 100644 --- a/src/rpm/specs/vesta-ioncube.spec +++ b/src/rpm/specs/vesta-ioncube.spec @@ -1,6 +1,6 @@ Name: vesta-ioncube Version: 0.9.8 -Release: 24 +Release: 25 Summary: ionCube Loader Group: System Environment/Base License: "Freely redistributable without restriction" diff --git a/src/rpm/specs/vesta-nginx.spec b/src/rpm/specs/vesta-nginx.spec index 8fb887c9d..3d3ab4bd1 100644 --- a/src/rpm/specs/vesta-nginx.spec +++ b/src/rpm/specs/vesta-nginx.spec @@ -1,6 +1,6 @@ Name: vesta-nginx Version: 0.9.8 -Release: 24 +Release: 25 Summary: Vesta Control Panel Group: System Environment/Base License: BSD-like diff --git a/src/rpm/specs/vesta-php.spec b/src/rpm/specs/vesta-php.spec index 336e1e775..ee07bbd05 100644 --- a/src/rpm/specs/vesta-php.spec +++ b/src/rpm/specs/vesta-php.spec @@ -1,6 +1,6 @@ Name: vesta-php Version: 0.9.8 -Release: 24 +Release: 25 Summary: Vesta Control Panel Group: System Environment/Base License: GPL diff --git a/src/rpm/specs/vesta-softaculous.spec b/src/rpm/specs/vesta-softaculous.spec index 86baeb295..23b8cf16a 100644 --- a/src/rpm/specs/vesta-softaculous.spec +++ b/src/rpm/specs/vesta-softaculous.spec @@ -1,6 +1,6 @@ Name: vesta-softaculous Version: 0.9.8 -Release: 24 +Release: 25 Summary: Vesta Control Panel Group: System Environment/Base License: Softaculous License diff --git a/src/rpm/specs/vesta.spec b/src/rpm/specs/vesta.spec index d632cc55a..d0b59e6a2 100644 --- a/src/rpm/specs/vesta.spec +++ b/src/rpm/specs/vesta.spec @@ -1,6 +1,6 @@ Name: vesta Version: 0.9.8 -Release: 24 +Release: 25 Summary: Vesta Control Panel Group: System Environment/Base License: GPL @@ -68,6 +68,10 @@ fi %config(noreplace) %{_vestadir}/web/css/uploadify.css %changelog +* Thu Aug 15 2019 Serghey Rodin - 0.9.8-25 +- Security bugfixes +- LEv2 idn fix + * Mon Apr 18 2019 Serghey Rodin - 0.9.8-24 - Bugfixes - Security patches @@ -75,7 +79,6 @@ fi - Server LE - i18n updates - * Thu Oct 18 2018 Serghey Rodin - 0.9.8-23 - Security fixes diff --git a/upd/add_notifications.sh b/upd/add_notifications.sh index 4aecf68c7..06882d298 100755 --- a/upd/add_notifications.sh +++ b/upd/add_notifications.sh @@ -5,4 +5,4 @@ rm -f /usr/local/vesta/data/users/admin/notifications.conf /usr/local/vesta/bin/v-add-user-notification admin "File Manager" "Browse, copy, edit, view, and retrieve all your web domain files using a fully featured File Manager. Plugin is available for purchase." 'filemanager' /usr/local/vesta/bin/v-add-user-notification admin "Chroot SFTP" "If you want to have SFTP accounts that will be used only to transfer files (and not to SSH), you can purchase and enable SFTP Chroot" /usr/local/vesta/bin/v-add-user-notification admin "Softaculous" "Softaculous is one of the best Auto Installers and it is finally available" -/usr/local/vesta/bin/v-add-user-notification admin "Release 0.9.8-24" "This release is about stability and refinement. We added Let's Encrypt v2 support and added server certificate management tools. For more information please read release notes" +/usr/local/vesta/bin/v-add-user-notification admin "Release 0.9.8-25" "This release is about stability and refinement. We added Let's Encrypt v2 support and added server certificate management tools. For more information please read release notes" From e82ad200b7168c42e8b0bb1b7cc228cc19cfc847 Mon Sep 17 00:00:00 2001 From: dpeca Date: Sun, 18 Aug 2019 16:37:00 +0200 Subject: [PATCH 2/4] Translated added string in sr.php --- web/inc/i18n/sr.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/inc/i18n/sr.php b/web/inc/i18n/sr.php index 759ab6c90..2b91b293e 100644 --- a/web/inc/i18n/sr.php +++ b/web/inc/i18n/sr.php @@ -1,7 +1,7 @@ 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', - 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', + 'Use Web Domain SSL Certificate' => 'Koristi Web Domain SSL sertifikat', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL podrška', 'phpMyAdmin URL' => 'phpMyAdmin URL', From 84ef0a118fd73351126fb0e0da3392fe282eb789 Mon Sep 17 00:00:00 2001 From: dpeca Date: Sat, 24 Aug 2019 16:13:03 +0200 Subject: [PATCH 3/4] Changing /usr/local/vesta to $VESTA --- bin/v-add-firewall-chain | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-add-firewall-chain b/bin/v-add-firewall-chain index 5026d264c..0bac12da7 100755 --- a/bin/v-add-firewall-chain +++ b/bin/v-add-firewall-chain @@ -22,7 +22,7 @@ protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]') iptables="/sbin/iptables" # Get vesta port by reading nginx.conf -vestaport=$(grep 'listen' /usr/local/vesta/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||") +vestaport=$(grep 'listen' $VESTA/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||") if [ -z "$vestaport" ]; then vestaport=8083 fi From ae328a0935168aa83e2768714bebfb6c2295aa7f Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Tue, 24 Sep 2019 01:08:17 +0300 Subject: [PATCH 4/4] added support for HTTP/2 Let's Encrypt servers --- bin/v-add-letsencrypt-domain | 20 ++++++++++---------- bin/v-add-letsencrypt-user | 6 +++--- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain index 6a12af87f..59d51c615 100755 --- a/bin/v-add-letsencrypt-domain +++ b/bin/v-add-letsencrypt-domain @@ -109,8 +109,8 @@ fi # Requesting nonce / STEP 1 answer=$(curl -s -I "$API/directory") -nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') -status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ') +nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n') +status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ') if [[ "$status" -ne 200 ]]; then check_result $E_CONNECT "Let's Encrypt nonce request status $status" fi @@ -125,10 +125,10 @@ done payload=$(echo "$payload"|sed "s/,$//") payload=$payload']}' answer=$(query_le_v2 "$url" "$payload" "$nonce") -nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') +nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n') authz=$(echo "$answer" |grep "acme/authz" |cut -f2 -d '"') finalize=$(echo "$answer" |grep 'finalize":' |cut -f4 -d '"') -status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ') +status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ') if [[ "$status" -ne 201 ]]; then check_result $E_CONNECT "Let's Encrypt new auth status $status" fi @@ -139,8 +139,8 @@ for auth in $authz; do answer=$(query_le_v2 "$auth" "$payload" "$nonce") url=$(echo "$answer" |grep -A3 $proto |grep url |cut -f 4 -d \") token=$(echo "$answer" |grep -A3 $proto |grep token |cut -f 4 -d \") - nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') - status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ') + nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n') + status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ') if [[ "$status" -ne 200 ]]; then check_result $E_CONNECT "Let's Encrypt acme/authz bad status $status" fi @@ -198,8 +198,8 @@ for auth in $authz; do payload='{}' answer=$(query_le_v2 "$url" "$payload" "$nonce") validation=$(echo "$answer"|grep -A1 $proto |tail -n1|cut -f4 -d \") - nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') - status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ') + nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n') + status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ') if [[ "$status" -ne 200 ]]; then check_result $E_CONNECT "Let's Encrypt validation status $status" fi @@ -224,8 +224,8 @@ ssl_dir=$($BIN/v-generate-ssl-cert "$domain" "info@$domain" "US" "California"\ csr=$(openssl req -in $ssl_dir/$domain.csr -outform DER |encode_base64) payload='{"csr":"'$csr'"}' answer=$(query_le_v2 "$finalize" "$payload" "$nonce") -nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') -status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ') +nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n') +status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ') certificate=$(echo "$answer"|grep 'certificate":' |cut -f4 -d '"') if [[ "$status" -ne 200 ]]; then check_result $E_CONNECT "Let's Encrypt finalize bad status $status" diff --git a/bin/v-add-letsencrypt-user b/bin/v-add-letsencrypt-user index f3a19163d..11aec113b 100755 --- a/bin/v-add-letsencrypt-user +++ b/bin/v-add-letsencrypt-user @@ -103,16 +103,16 @@ fi # Requesting ACME nonce -nonce=$(curl -s -I "$API/directory" |grep Nonce |cut -f 2 -d \ |tr -d '\r\n') +nonce=$(curl -s -I "$API/directory" |grep -i nonce |cut -f2 -d\ |tr -d '\r\n') # Creating ACME account url="$API/acme/new-acct" payload='{"termsOfServiceAgreed": true}' answer=$(query_le_v2 "$url" "$payload" "$nonce") -kid=$(echo "$answer" |grep Location: |cut -f2 -d ' '|tr -d '\r') +kid=$(echo "$answer" |grep -i location: |cut -f2 -d ' '|tr -d '\r') # Checking answer status -status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ') +status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ') if [[ "${status:0:2}" -ne "20" ]]; then check_result $E_CONNECT "Let's Encrypt acc registration failed $status" fi