Hello community, here is the log from the commit of package froxlor for openSUSE:Factory checked in at 2017-02-02 15:45:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/froxlor (Old) and /work/SRC/openSUSE:Factory/.froxlor.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "froxlor" Changes: -------- --- /work/SRC/openSUSE:Factory/froxlor/froxlor.changes 2017-01-25 23:34:16.371857158 +0100 +++ /work/SRC/openSUSE:Factory/.froxlor.new/froxlor.changes 2017-02-03 17:37:03.630141485 +0100 @@ -1,0 +2,10 @@ +Wed Jan 25 10:50:50 CET 2017 - asemen@suse.de + +- Change Requires in spec file to enable use with php7 + +------------------------------------------------------------------- +Wed Jan 25 08:45:29 CET 2017 - asemen@suse.de + +- upstream upgrade to version 0.9.38.7 (bnc#846355) + +------------------------------------------------------------------- Old: ---- froxlor-0.9.38.6.tar.bz2 New: ---- froxlor-0.9.38.7.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ froxlor.spec ++++++ --- /var/tmp/diff_new_pack.HG9NkV/_old 2017-02-03 17:37:04.274050347 +0100 +++ /var/tmp/diff_new_pack.HG9NkV/_new 2017-02-03 17:37:04.274050347 +0100 @@ -20,7 +20,7 @@ %define apache_serverroot /srv/www/htdocs Name: froxlor -Version: 0.9.38.6 +Version: 0.9.38.7 Release: 0 Source0: froxlor-%{version}.tar.bz2 Source1: froxlor-httpd.conf @@ -36,7 +36,7 @@ BuildRequires: apache2 # Hard requirements Requires: apache2 -Requires: apache2-mod_php5 +#Requires: apache2-mod_php5 #Requires: courier-authlib #Requires: courier-authlib-mysql #Requires: courier-authlib-userdb @@ -44,12 +44,12 @@ #Requires: cyrus-sasl-saslauthd #Requires: cyrus-sasl-sqlauxprop Requires: mysql -Requires: php5 -Requires: php5-bcmath -Requires: php5-curl -Requires: php5-mbstring -Requires: php5-mysql -Requires: php5-posix +Requires: php +Requires: php-bcmath +Requires: php-curl +Requires: php-mbstring +Requires: php-mysql +Requires: php-posix Requires: postfix Requires: postfix-mysql Requires: pure-ftpd ++++++ froxlor-0.9.38.6.tar.bz2 -> froxlor-0.9.38.7.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/froxlor/admin_customers.php new/froxlor/admin_customers.php --- old/froxlor/admin_customers.php 2017-01-15 07:44:58.000000000 +0100 +++ new/froxlor/admin_customers.php 2017-01-24 09:43:20.000000000 +0100 @@ -910,7 +910,8 @@ 'customerid' => $customerid, 'adminid' => $userinfo['adminid'], 'docroot' => $documentroot, - 'adddate' => date('Y-m-d') + 'adddate' => date('Y-m-d'), + 'phpenabled' => $phpenabled ); $ins_stmt = Database::prepare(" INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET @@ -928,6 +929,7 @@ `dkim_id` = '0', `dkim_privkey` = '', `dkim_pubkey` = '', + `phpenabled` = :phpenabled, `add_date` = :adddate" ); Database::pexecute($ins_stmt, $ins_data); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/froxlor/admin_domains.php new/froxlor/admin_domains.php --- old/froxlor/admin_domains.php 2017-01-15 07:44:58.000000000 +0100 +++ new/froxlor/admin_domains.php 2017-01-24 09:43:20.000000000 +0100 @@ -455,7 +455,7 @@ if ($userinfo['caneditphpsettings'] == '1' || $userinfo['change_serversettings'] == '1') { - $phpenabled = isset($POST_['phpenabled']) ? intval($_POST['phpenabled']) : 0; + $phpenabled = isset($_POST['phpenabled']) ? intval($_POST['phpenabled']) : 0; $openbasedir = isset($_POST['openbasedir']) ? intval($_POST['openbasedir']) : 0; if ((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) { @@ -496,7 +496,7 @@ } } else { - $phpenabled = '1'; + $phpenabled = '1'; $openbasedir = '1'; if ((int) Settings::Get('phpfpm.enabled') == 1) { @@ -693,8 +693,8 @@ if (count($ipandports) == 0) { standard_error('noipportgiven'); } - - if($phpenabled != '1') { + + if ($phpenabled != '1') { $phpenabled = '0'; } @@ -1485,7 +1485,7 @@ if (! preg_match('/^https?\:\/\//', $documentroot)) { $documentroot = makeCorrectDir($documentroot); } - + if ($phpenabled != '1') { $phpenabled = '0'; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/froxlor/install/froxlor.sql new/froxlor/install/froxlor.sql --- old/froxlor/install/froxlor.sql 2017-01-15 07:44:58.000000000 +0100 +++ new/froxlor/install/froxlor.sql 2017-01-24 09:43:20.000000000 +0100 @@ -581,7 +581,7 @@ ('panel', 'password_special_char_required', '0'), ('panel', 'password_special_char', '!?<>§$%+#=@'), ('panel', 'customer_hide_options', ''), - ('panel', 'version', '0.9.38.6'), + ('panel', 'version', '0.9.38.7'), ('panel', 'db_version', '201612110'); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/froxlor/install/updates/froxlor/0.9/update_0.9.inc.php new/froxlor/install/updates/froxlor/0.9/update_0.9.inc.php --- old/froxlor/install/updates/froxlor/0.9/update_0.9.inc.php 2017-01-15 07:44:58.000000000 +0100 +++ new/froxlor/install/updates/froxlor/0.9/update_0.9.inc.php 2017-01-24 09:43:20.000000000 +0100 @@ -3585,3 +3585,9 @@ showUpdateStep("Updating from 0.9.38.5 to 0.9.38.6", false); updateToVersion('0.9.38.6'); } + +if (isFroxlorVersion('0.9.38.6')) { + + showUpdateStep("Updating from 0.9.38.6 to 0.9.38.7", false); + updateToVersion('0.9.38.7'); +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/froxlor/lib/configfiles/jessie.xml new/froxlor/lib/configfiles/jessie.xml --- old/froxlor/lib/configfiles/jessie.xml 2017-01-15 07:44:58.000000000 +0100 +++ new/froxlor/lib/configfiles/jessie.xml 2017-01-24 09:43:20.000000000 +0100 @@ -4469,9 +4469,9 @@ <!-- libnss-mysql --> <daemon name="libnss" title="libnss-mysql (required for FCGID/php-fpm/mpm-itk)"> <install><![CDATA[apt-get install nscd -wget http://ftp.us.debian.org/debian/pool/main/libn/libnss-mysql-bg/libnss-mysql-bg_1.5-5_`dpkg --print-architecture`.deb -dpkg -i libnss-mysql-bg_1.5-5_`dpkg --print-architecture`.deb -rm libnss-mysql-bg_1.5-5_`dpkg --print-architecture`.deb +wget http://debian.froxlor.org/pool/main/libn/libnss-mysql-bg/libnss-mysql-bg_1.5... +dpkg -i libnss-mysql-bg_1.5-3%2Bfrx1_amd64.deb +rm libnss-mysql-bg_1.5-3%2Bfrx1_amd64.deb ]]></install> <file name="/etc/libnss-mysql.cfg" chown="root:root" chmod="0600" backup="true"> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/froxlor/lib/version.inc.php new/froxlor/lib/version.inc.php --- old/froxlor/lib/version.inc.php 2017-01-15 07:44:58.000000000 +0100 +++ new/froxlor/lib/version.inc.php 2017-01-24 09:43:20.000000000 +0100 @@ -16,7 +16,7 @@ */ // Main version variable -$version = '0.9.38.6'; +$version = '0.9.38.7'; // Database version (YYYYMMDDC where C is a daily counter) $dbversion = '201612110'; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/froxlor/lng/english.lng.php new/froxlor/lng/english.lng.php --- old/froxlor/lng/english.lng.php 2017-01-15 07:44:58.000000000 +0100 +++ new/froxlor/lng/english.lng.php 2017-01-24 09:43:20.000000000 +0100 @@ -2065,3 +2065,5 @@ $lng['serversettings']['nginx_http2_support']['title'] = 'Nginx HTTP2 Support'; $lng['serversettings']['nginx_http2_support']['description'] = 'enable http2 support for ssl. ENABLE ONLY IF YOUR Nginx SUPPORT THIS FEATURE. (version 1.9.5+)'; + +$lng['error']['noipportgiven'] = 'No IP/port given'; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/froxlor/lng/german.lng.php new/froxlor/lng/german.lng.php --- old/froxlor/lng/german.lng.php 2017-01-15 07:44:58.000000000 +0100 +++ new/froxlor/lng/german.lng.php 2017-01-24 09:43:20.000000000 +0100 @@ -1713,3 +1713,8 @@ $lng['admin']['domain_hsts_incsub']['description'] = 'Die optionale "includeSubDomains" Direktive, wenn vorhanden, signalisiert dem UA, dass die HSTS Regel für diese Domain und auch jede Subdomain dieser gilt.'; $lng['admin']['domain_hsts_preload']['title'] = 'Füge Domain in die <a href="https://hstspreload.appspot.com/" target="_blank">HSTS preload Liste</a> hinzu'; $lng['admin']['domain_hsts_preload']['description'] = 'Wenn die Domain in die HSTS preload Liste, verwaltet von Chrome (und genutzt von Firefox und Safari), hinzugefügt werden soll, dann aktiviere diese Einstellung.<br>Die preload-Direktive zu senden kann PERMANTENTE KONSEQUENZEN haben und dazu führen, dass Benutzer auf diese Domain und auch Subdomains nicht zugreifen können.<br>Beachte Details unter <a href="https://hstspreload.appspot.com/#removal" target="_blank">hstspreload.appspot.com/#removal</a> bevor ein Header mit "preload" gesendet wird.'; + +$lng['serversettings']['nginx_http2_support']['title'] = 'Nginx HTTP2 Unterstützung'; +$lng['serversettings']['nginx_http2_support']['description'] = 'Aktiviere http2 Unterstützung für SSL. NUR AKTIVIEREN, WENN nginx DIESE FUNKTION UNTERSTÜTZT (version 1.9.5+)'; + +$lng['error']['noipportgiven'] = 'Keine IP/Port angegeben'; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/froxlor/scripts/jobs/cron_tasks.inc.http.10.apache.php new/froxlor/scripts/jobs/cron_tasks.inc.http.10.apache.php --- old/froxlor/scripts/jobs/cron_tasks.inc.http.10.apache.php 2017-01-15 07:44:58.000000000 +0100 +++ new/froxlor/scripts/jobs/cron_tasks.inc.http.10.apache.php 2017-01-24 09:43:20.000000000 +0100 @@ -422,6 +422,9 @@ $this->virtualhosts_data[$vhosts_filename] .= ' SSLEngine On' . "\n"; $this->virtualhosts_data[$vhosts_filename] .= ' SSLProtocol -ALL +TLSv1 +TLSv1.2' . "\n"; + if (Settings::Get('system.apache24') == '1') { + $this->virtualhosts_data[$vhosts_filename] .= ' SSLCompression Off' . "\n"; + } // this makes it more secure, thx to Marcel (08/2013) $this->virtualhosts_data[$vhosts_filename] .= ' SSLHonorCipherOrder On' . "\n"; $this->virtualhosts_data[$vhosts_filename] .= ' SSLCipherSuite ' . Settings::Get('system.ssl_cipher_list') . "\n"; @@ -499,7 +502,9 @@ if ($domain['phpenabled_customer'] == 1 && $domain['phpenabled_vhost'] == '1') { // This vHost has PHP enabled and we are using the regular mod_php - + $cmail = getCustomerDetail($domain['customerid'], 'email'); + $php_options_text .= ' php_admin_value sendmail_path "/usr/sbin/sendmail -t -f '.$cmail.'"' . PHP_EOL; + if ($domain['openbasedir'] == '1') { if ($domain['openbasedir_path'] == '1' || strstr($domain['documentroot'], ":") !== false) { $_phpappendopenbasedir = appendOpenBasedirPath($domain['customerroot'], true); @@ -592,6 +597,16 @@ if ($domain['deactivated'] == '1' && Settings::Get('system.deactivateddocroot') != '') { $webroot_text .= ' # Using docroot for deactivated users...' . "\n"; $webroot_text .= ' DocumentRoot "' . makeCorrectDir(Settings::Get('system.deactivateddocroot')) . "\"\n"; + $webroot_text .= ' <Directory "' . makeCorrectDir(Settings::Get('system.deactivateddocroot')) . '">' . "\n"; + // >=apache-2.4 enabled? + if (Settings::Get('system.apache24') == '1') { + $webroot_text .= ' Require all granted' . "\n"; + $webroot_text .= ' AllowOverride All' . "\n"; + } else { + $webroot_text .= ' Order allow,deny' . "\n"; + $webroot_text .= ' allow from all' . "\n"; + } + $webroot_text .= ' </Directory>' . "\n"; $this->_deactivated = true; } else { $webroot_text .= ' DocumentRoot "' . $domain['documentroot'] . "\"\n"; @@ -795,6 +810,7 @@ $vhost_content .= '<VirtualHost ' . trim($ipportlist) . '>' . "\n"; $vhost_content .= $this->getServerNames($domain); + $domain['documentroot_norewrite'] = $domain['documentroot']; if (($ssl_vhost == false && $domain['ssl'] == '1' && $domain['ssl_redirect'] == '1')) { // We must not check if our port differs from port 443, // but if there is a destination-port != 443 @@ -818,6 +834,7 @@ } $domain['documentroot'] = 'https://%{HTTP_HOST}' . $_sslport . '/'; + $domain['documentroot_norewrite'] = 'https://' . $domain['domain'] . $_sslport . '/'; } if ($ssl_vhost === true && $domain['ssl'] == '1' && Settings::Get('system.use_ssl') == '1') { @@ -840,6 +857,9 @@ if ($domain['ssl_cert_file'] != '') { $vhost_content .= ' SSLEngine On' . "\n"; $vhost_content .= ' SSLProtocol -ALL +TLSv1 +TLSv1.2' . "\n"; + if (Settings::Get('system.apache24') == '1') { + $vhost_content .= ' SSLCompression Off' . "\n"; + } // this makes it more secure, thx to Marcel (08/2013) $vhost_content .= ' SSLHonorCipherOrder On' . "\n"; $vhost_content .= ' SSLCipherSuite ' . Settings::Get('system.ssl_cipher_list') . "\n"; @@ -903,7 +923,7 @@ $vhost_content .= ' RewriteRule ^/(.*) ' . $corrected_docroot . '$1' . $modrew_red . "\n"; $vhost_content .= ' </IfModule>' . "\n"; $vhost_content .= ' <IfModule !mod_rewrite.c>' . "\n"; - $vhost_content .= ' Redirect ' . $code . ' / ' . $corrected_docroot . "\n"; + $vhost_content .= ' Redirect ' . $code . ' / ' . $domain['documentroot_norewrite'] . "\n"; $vhost_content .= ' </IfModule>' . "\n"; } else { ++++++ froxlor.sql.patch ++++++ --- /var/tmp/diff_new_pack.HG9NkV/_old 2017-02-03 17:37:05.025943925 +0100 +++ /var/tmp/diff_new_pack.HG9NkV/_new 2017-02-03 17:37:05.025943925 +0100 @@ -1,6 +1,6 @@ ---- install/froxlor.sql.orig 2017-01-17 14:35:57.036194735 +0100 -+++ install/froxlor.sql 2017-01-17 14:37:54.967711558 +0100 -@@ -1,3 +1,15 @@ +--- install/froxlor.sql.orig 2017-01-25 08:49:59.539319542 +0100 ++++ install/froxlor.sql 2017-01-25 08:51:07.595295664 +0100 +@@ -1,3 +1,14 @@ +# change path from /var to /srv +# webspaces: /srv/customers/webs +# logs: /srv/customers/logs/ @@ -10,13 +10,12 @@ +# fcgi: /srv/www/php-fcgi-scripts +# backup: /srv/customers/backups/ +# doc documentroot_prefix /srv/customers/webs/ -+# asemen 20170117 + + DROP TABLE IF EXISTS `ftp_groups`; CREATE TABLE `ftp_groups` ( `id` int(20) NOT NULL auto_increment, -@@ -396,7 +408,7 @@ +@@ -396,7 +407,7 @@ ('customredirect', 'enabled', '1'), ('customredirect', 'default', '1'), ('perl', 'suexecworkaround', '0'), @@ -25,7 +24,7 @@ ('login', 'domain_login', '0'), ('login', 'maxloginattempts', '3'), ('login', 'deactivatetime', '900'), -@@ -409,13 +421,13 @@ +@@ -409,13 +420,13 @@ ('phpfpm', 'min_spare_servers', '5'), ('phpfpm', 'max_spare_servers', '35'), ('phpfpm', 'max_requests', '0'), @@ -41,7 +40,7 @@ ('phpfpm', 'defaultini', '1'), ('phpfpm', 'vhost_defaultini', '2'), ('phpfpm', 'fastcgi_ipcdir', '/var/lib/apache2/fastcgi/'), -@@ -423,14 +435,14 @@ +@@ -423,14 +434,14 @@ ('nginx', 'fastcgiparams', '/etc/nginx/fastcgi_params'), ('system', 'lastaccountnumber', '0'), ('system', 'lastguid', '9999'), @@ -59,7 +58,7 @@ ('system', 'vmail_maildirname', 'Maildir'), ('system', 'bind_enable', '1'), ('system', 'bindconf_directory', '/etc/bind/'), -@@ -451,9 +463,9 @@ +@@ -451,9 +462,9 @@ ('system', 'apacheconf_htpasswddir', '/etc/apache2/htpasswd/'), ('system', 'webalizer_quiet', '2'), ('system', 'last_archive_run', '000000'), @@ -72,7 +71,7 @@ ('system', 'use_ssl', '0'), ('system', 'default_vhostconf', ''), ('system', 'mail_quota_enabled', '0'), -@@ -468,7 +480,7 @@ +@@ -468,7 +479,7 @@ ('system', 'mod_fcgid_peardir', '/usr/share/php/:/usr/share/php5/'), ('system', 'index_file_extension', 'html'), ('system', 'mod_fcgid_maxrequests', '250'), @@ -81,7 +80,7 @@ ('system', 'ssl_ca_file', ''), ('system', 'debug_cron', '0'), ('system', 'store_index_file_subs', '1'), -@@ -509,8 +521,8 @@ +@@ -509,8 +520,8 @@ ('system', 'customer_ssl_path', '/etc/ssl/froxlor-custom/'), ('system', 'allow_error_report_admin', '1'), ('system', 'allow_error_report_customer', '0'), @@ -92,7 +91,7 @@ ('system', 'mdaserver', 'dovecot'), ('system', 'mtaserver', 'postfix'), ('system', 'mailtraffic_enabled', '1'), -@@ -526,7 +538,7 @@ +@@ -526,7 +537,7 @@ ('system', 'letsencryptca', 'production'), ('system', 'letsencryptcountrycode', 'DE'), ('system', 'letsencryptstate', 'Hessen'),