Commit graph

42 commits

Author SHA1 Message Date
Miraty
40e67b0c0c declare(strict_types=1); 2023-07-17 21:15:18 +02:00
Miraty
3436d0243f Display some field values again after submission 2023-07-17 21:02:09 +02:00
Miraty
3ddbc7cf1a reg: sync DS/NS using CDS/CSYNC from child zone 2023-07-16 21:00:38 +02:00
Miraty
1d856e1e2e ns/sync: translations and bugfixes 2023-06-26 04:13:52 +02:00
Miraty
858d6e8d02 Add ns/sync and jobs/ns-syncs 2023-06-24 16:54:36 +02:00
Miraty
973a129079 Add type in functions signatures 2023-06-20 00:36:58 +02:00
Miraty
7f7bcadb58 Fix important vulnerability in reg/ds.php + exescape
In page reg/ds.php, POST parameter 'key' was directly sent to shell, allowing for remote arbitrary commands execution.

This commit fixes this vulnerability, and uses a new function to automatically escape every shell command arguments as an additional generic protection.
2023-06-19 02:15:43 +02:00
Miraty
067e1ccf42 Allow SSH keys authentication for SFTP(Go) 2023-06-15 03:35:42 +02:00
Miraty
e4ae765486 init.php + jobs + job to delete old testing accounts 2023-06-08 17:36:44 +02:00
Miraty
f05a55a7fa Display string rules, reg: allow "-" for subdomains 2023-06-05 00:18:10 +02:00
Miraty
337e7ab27e Add setting to disable registrations
A new services['auth'] setting is available.
2023-05-10 01:34:45 +02:00
Miraty
2e238f629d Don't allow double quotes in ns/caa.php actually 2023-05-06 20:31:13 +02:00
Miraty
2d4915a73a Allow double quotes in ns/caa.php 2023-05-06 20:21:40 +02:00
Miraty
54c64906f7 ht/dns-add: display recommended CAA record 2023-05-05 19:41:55 +02:00
Miraty
f3752163af Call Certbot before adding to DB 2023-05-04 02:20:29 +02:00
Miraty
c05c16a516 --blocking for knotc everywhere 2023-05-03 01:38:50 +02:00
Miraty
9f5f8958c5 Rate-limit most form processings 2023-05-02 18:02:08 +02:00
Miraty
5af557f630 Better return code checking, --force for zone-purge 2023-04-27 03:24:34 +02:00
Miraty
03e61fad26 Autoconfigure certbot using cli.ini 2023-04-26 14:08:47 +02:00
Miraty
5adb07c7c8 Update add-dns.php for newer db schema 2023-04-24 00:53:54 +02:00
Miraty
bf4eedbe71 Add 10ms delay after reloading Tor 2023-04-23 17:08:42 +02:00
Miraty
3749aa9b4a Fix exec()'s $output 2023-04-23 16:36:41 +02:00
Miraty
b5b2f95bf5 rm --recursive > rm -r for BusyBox compatibility 2023-04-23 03:19:10 +02:00
Miraty
813927e03e Ensure domains are not too long 2023-04-21 19:01:46 +02:00
Miraty
d51f9dfac3 Set umask to 0077 everywhere 2023-04-19 14:59:07 +02:00
Miraty
b93ff0c26f More exhaustive check.php 2023-04-15 16:39:41 +02:00
Miraty
bd06fc7fbf Use Apache
- Allows customization through .htaccess
- No need to configure or reload a server when adding a site
- Content negotiation
2023-04-10 00:50:42 +02:00
Miraty
b9af7fee09 reg: Delay at unregistration; Display domain history 2023-03-25 16:26:05 +01:00
Miraty
ed05d4aab9 reg/register: add "Check availability" feature 2023-03-19 22:22:34 +01:00
Miraty
d41ac85b55 Autoconfigure root_path using __DIR__ 2023-03-09 14:47:14 +01:00
Miraty
ca0759c8ab auth/username auth/unregister: password confirmation 2023-03-09 14:23:28 +01:00
Miraty
abb9aabf5b Advanced services status management 2023-03-09 01:35:30 +01:00
Miraty
ac6d311ada Use unix sockets for Onion=>nginx connections 2023-01-29 23:16:58 +01:00
Miraty
d4009f189e Fix pg-act/ht/add-onion syntax 2023-01-29 23:14:09 +01:00
Miraty
b2bfbb7bf8 Niver > ServNest 2023-01-29 21:09:00 +01:00
Miraty
7c7e996967 fix: pg-act/auth/approval.php syntax 2023-01-23 01:16:15 +01:00
Miraty
312292d06a feature: reg: allow multiple suffixes 2023-01-23 01:14:59 +01:00
Miraty
b872ec8281 Some fixes and CSS enhancements 2023-01-21 02:52:28 +01:00
Miraty
335b826559 Gettext internationalization and english translation 2023-01-21 01:27:52 +01:00
Miraty
4f84025baf Encrypt display username, with key in cookie 2023-01-07 23:11:44 +01:00
Miraty
a3da268ead ht: subdomain and subpath on shared domain 2022-12-22 01:44:57 +01:00
Miraty
73c137aaba Split pages/ between pg-act/ and pg-view/ 2022-12-20 21:17:03 +01:00