Release 1.1.1

CHANGELOG.md

@@ -1,9 +1,19 @@
 # Changelog
 All notable changes to this project will be documented in this file.
 
-## [CURRENT] - Development
+## [1.1.1] - 2020-03-24 - Hotfix
 ### Features
+- No new features introduced with v1.1.1, this is strictly a security/bug fix release.
+
 ### Bugfixes
+- Fixed phpMyAdmin blowfish and tmp directory issues.
+- Added additional verification of host domain in password reset. Thanks to @FalzoMAD and @mmetince!
+- Fixed issue with rc.local not executing properly.
+- Rework of Let's Encrypt routine to use progressive delay between validation retries.
+- Fixed syntax issue in v-list-sys-db-status which prevented main functions from loading.
+- Removed /home size reporting when running v-list-sys-info due to performance issues.
+- Updated installer to use Ubuntu key server for Hestia APT repository.
+- Fixed duplicate demo mode check in v-change-user-password.
 
 ## [1.1.0] - 2020-03-11 - Major Release (Feature / Quality Update)
 ### Features

README.md

@@ -1,7 +1,9 @@
 [Hestia Control Panel](https://www.hestiacp.com/)
 ==================================================
-**Current stable release:** Version 1.1.0, released on March 11th, 2020.<br><br>
-Due to a change of the repository infrastructure, please install the new key before you upgrade your existing installations:
+**Current stable release:** Version 1.1.1, released on March 26th, 2020.<br>
+**Current development release:** Version 1.1.2.
+<br><br>
+**Due to a change of the repository infrastructure, please install the new key before you upgrade your existing installations:**
 ```bash
 wget -qO - https://gpg.hestiacp.com/deb_signing.key | sudo apt-key add -
 ```
@@ -32,7 +34,7 @@ What does Hestia Control Panel support?
 ----------------------------
 * Standard Web Server (Apache/NGINX) with PHP
 * PHP Web Application Server (NGINX + PHP-FPM)
-* Multiple PHP versions (5.6 - 7.3)
+* Multiple PHP versions (5.6 - 7.4, with 7.3 currently as default for optimal compatibility)
 * DNS Server (Bind) with clustering capabilities
 * Mail Server (Exim/Dovecot) with Anti-Virus and Anti-Spam (ClamAV and SpamAssassin)
 * Database functionality (MariaDB/PostgreSQL)

SECURITY.md

@@ -0,0 +1,7 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you have discovered a vulnerability in Hestia Control Panel,
+let our development team know via e-mail at info@hestiacp.com and
+we will respond as soon as possible.

bin/v-add-letsencrypt-domain

@@ -134,7 +134,7 @@ fi
 # Check if dns records exist for requested domain/aliases
 if [ "$proto" = "http-01" ]; then
     for identifier in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do
-        if ! nslookup "${identifier}" >/dev/null 2>&1 ; then
+        if ! nslookup "${identifier}" > /dev/null 2>&1 ; then
             check_result $E_NOTEXIST "DNS record for $identifier doesn't exist"
         fi
     done
@@ -327,7 +327,7 @@ for auth in $authz; do
             fi
             check_result $E_CONNECT "Let's Encrypt domain validation timeout"
         fi
-        sleep 2
+        sleep $((i*2))
     done
     if [ "$validation" = 'invalid' ]; then
         # Delete DNS CAA record
@@ -340,7 +340,7 @@ for auth in $authz; do
                     $BIN/v-delete-dns-record $user $domain $caa_record
                 fi
             fi
-        fi    
+        fi
         check_result $E_CONNECT "Let's Encrypt domain verification failed"
     fi
 done
@@ -400,7 +400,7 @@ if [ -z "$mail" ]; then
     [[ "$ssl_force" = "yes" ]] && $BIN/v-add-web-domain-ssl-force $user $domain > /dev/null 2>&1
 else
     ssl_enabled="$(get_object_value 'mail' 'DOMAIN' "$root_domain" '$SSL')"
-    [[ "$ssl_enabled" = "yes" ]] && $BIN/v-delete-mail-domain-ssl $user $root_domain >/dev/null 2>&1
+    [[ "$ssl_enabled" = "yes" ]] && $BIN/v-delete-mail-domain-ssl $user $root_domain > /dev/null 2>&1
     $BIN/v-add-mail-domain-ssl $user $root_domain $ssl_dir
 fi
 

bin/v-change-user-password

@@ -42,9 +42,6 @@ if [ "$user" = 'admin' ] && [ -e "$HESTIA/web/reset.admin" ]; then
     rm -f $HESTIA/web/reset.admin
 fi
 
-# Perform verification if read-only mode is enabled
-check_hestia_demo_mode
-
 
 #----------------------------------------------------------#
 #                       Hestia                             #

bin/v-copy-user-package

@@ -16,6 +16,10 @@ new_package=$2
 source $HESTIA/func/main.sh
 source $HESTIA/conf/hestia.conf
 
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-list-sys-db-status

@@ -13,7 +13,7 @@
 #format=${1-shell}
 
 # Includes
-#source $HESTIA/func/main.sh
+source $HESTIA/func/main.sh
 source $HESTIA/conf/hestia.conf
 
 #----------------------------------------------------------#

bin/v-list-sys-info

@@ -30,28 +30,27 @@ json_list() {
         "HESTIA": "'$HESTIA_VERSION'",
         "RELEASE": "'$HESTIA_RELEASE'",
         "UPTIME": "'$UPTIME'",
-        "LOADAVERAGE": "'$LOADAVERAGE'",
-        "HOME_USAGE": "'$HOME_USAGE'"
+        "LOADAVERAGE": "'$LOADAVERAGE'"
         }'
     echo '}'
 }
 
 # SHELL list function
 shell_list() {
-    echo "HOSTNAME   OS   VER   ARCH  HESTIA  RELEASE  UPTIME   LA   HOME"
-    echo "--------   --   ---   ----  ------  -------  ------   --   ----"
-    echo "$HOSTNAME $OS $VERSION $ARCH $HESTIA_VERSION $HESTIA_RELEASE $UPTIME $LOADAVERAGE $HOME_USAGE"
+    echo "HOSTNAME   OS   VER   ARCH  HESTIA  RELEASE  UPTIME   LA"
+    echo "--------   --   ---   ----  ------  -------  ------   --"
+    echo "$HOSTNAME $OS $VERSION $ARCH $HESTIA_VERSION $HESTIA_RELEASE $UPTIME $LOADAVERAGE"
 }
 
 # PLAIN list function
 plain_list() {
-    echo -e "$HOSTNAME\t$OS\t$VERSION\t$ARCH\t$HESTIA_VERSION\t$HESTIA_RELEASE\t$UPTIME\t$LOADAVERAGE\t$HOME_USAGE"
+    echo -e "$HOSTNAME\t$OS\t$VERSION\t$ARCH\t$HESTIA_VERSION\t$HESTIA_RELEASE\t$UPTIME\t$LOADAVERAGE"
 }
 
 # CSV list function
 csv_list() {
-    echo "HOSTNAME,OS,VERSION,ARCH,HESTIA,RELEASE,UPTIME,LOADAVERAGE,HOMEUSAGE"
-    echo "$HOSTNAME,$OS,$VERSION,$ARCH,$HESTIA_VERSION,$HESTIA_RELEASE,$UPTIME,$LOADAVERAGE,$HOME_USAGE"
+    echo "HOSTNAME,OS,VERSION,ARCH,HESTIA,RELEASE,UPTIME,LOADAVERAGE"
+    echo "$HOSTNAME,$OS,$VERSION,$ARCH,$HESTIA_VERSION,$HESTIA_RELEASE,$UPTIME,$LOADAVERAGE"
 }
 
 

func/upgrade.sh

@@ -147,6 +147,13 @@ upgrade_start_routine() {
 
     # Upgrade to Version 1.1.0
     if [ $VERSION = "1.0.6" ]; then
+        source $HESTIA/install/upgrade/versions/latest.sh
+        VERSION="1.1.0"
+        upgrade_refresh_config
+    fi
+
+    # Upgrade to Version 1.1.1
+    if [ $VERSION = "1.1.0" ]; then
         source $HESTIA/install/upgrade/versions/latest.sh
         VERSION="$new_version"
         upgrade_refresh_config
@@ -173,7 +180,7 @@ upgrade_phpmyadmin() {
 
             # Download latest phpMyAdmin release
             wget --quiet https://files.phpmyadmin.net/phpMyAdmin/$pma_v/phpMyAdmin-$pma_v-all-languages.tar.gz
-        
+
             # Unpack files
             tar xzf phpMyAdmin-$pma_v-all-languages.tar.gz
 
@@ -184,8 +191,8 @@ upgrade_phpmyadmin() {
             cp -rf phpMyAdmin-$pma_v-all-languages/* /usr/share/phpmyadmin
 
             # Set config and log directory
-            sed -i "s|define('CONFIG_DIR', '');|define('CONFIG_DIR', '/etc/phpmyadmin/');|" /usr/share/phpmyadmin/libraries/vendor_config.php
-            sed -i "s|define('TEMP_DIR', './tmp/');|define('TEMP_DIR', '/var/lib/phpmyadmin/tmp/');|" /usr/share/phpmyadmin/libraries/vendor_config.php
+            sed -i "s|define('CONFIG_DIR', ROOT_PATH);|define('CONFIG_DIR', '/etc/phpmyadmin/');|" /usr/share/phpmyadmin/libraries/vendor_config.php
+            sed -i "s|define('TEMP_DIR', ROOT_PATH . 'tmp/');|define('TEMP_DIR', '/var/lib/phpmyadmin/tmp/');|" /usr/share/phpmyadmin/libraries/vendor_config.php
 
             # Create temporary folder and change permissions
             if [ ! -d /usr/share/phpmyadmin/tmp ]; then

install/deb/exim/exim4.conf.template

@@ -64,7 +64,7 @@ tls_on_connect_ports = 465
 never_users = root
 host_lookup = *
 rfc1413_hosts = *
-rfc1413_query_timeout = 5s
+rfc1413_query_timeout = 0s
 ignore_bounce_errors_after = 2d
 timeout_frozen_after = 7d
 

install/deb/nginx/phpmyadmin.inc

@@ -2,6 +2,7 @@ location /phpmyadmin {
     alias /usr/share/phpmyadmin/;
 
     location ~ /(libraries|setup) {
+        deny all;
         return 404;
     }