* Wed May 28 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-12.sme

- prevent service handling in bootstrap and post-upgrade [SME: 13002]

.gitignore

@@ -2,3 +2,4 @@
 *.log
 *spec-20*
 *.tar.xz
+*.bak

README.md

@@ -6,7 +6,14 @@ SMEServer Koozali developed git repo for smeserver-lib smeserver
 <br />https://wiki.koozali.org/
 
 ## Bugzilla
-Show list of outstanding bugs: [here](https://bugs.koozali.org/buglist.cgi?component=smeserver-lib&product=SME%20Server%2010.X&query_format=advanced&limit=0&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=CONFIRMED)\
+Show list of outstanding bugs:
+[All](https://bugs.koozali.org/buglist.cgi?action=wrap&bug_status=UNCONFIRMED&bug_status=CONFIRMED&bug_status=NEEDINFO&bug_status=IN_PROGRESS&bug_status=RESOLVED&bug_status=VERIFIED&cf_package=smeserver-lib&classification=SME+Server&list_id=105756&order=changeddate+DESC%2Ccomponent%2Cpriority%2Cbug_severity&query_format=advanced)  
+[Confirmed](https://bugs.koozali.org/buglist.cgi?action=wrap&bug_status=CONFIRMED&cf_package=smeserver-lib&classification=SME+Server&order=changeddate+DESC%2Ccomponent%2Cpriority%2Cbug_severity&query_format=advanced)  
+[Unconfirmed](https://bugs.koozali.org/buglist.cgi?action=wrap&bug_status=UNCONFIRMED&cf_package=smeserver-lib&classification=SME+Server&order=changeddate+DESC%2Ccomponent%2Cpriority%2Cbug_severity&query_format=advanced)  
+[Need info](https://bugs.koozali.org/buglist.cgi?action=wrap&bug_status=NEEDINFO&cf_package=smeserver-lib&classification=SME+Server&order=changeddate+DESC%2Ccomponent%2Cpriority%2Cbug_severity&query_format=advanced)  
+[In progress](https://bugs.koozali.org/buglist.cgi?action=wrap&bug_status=IN_PROGRESS&cf_package=smeserver-lib&classification=SME+Server&order=changeddate+DESC%2Ccomponent%2Cpriority%2Cbug_severity&query_format=advanced)  
+[Resolved](https://bugs.koozali.org/buglist.cgi?action=wrap&bug_status=RESOLVED&cf_package=smeserver-lib&classification=SME+Server&order=changeddate+DESC%2Ccomponent%2Cpriority%2Cbug_severity&query_format=advanced)  
+[Verified](https://bugs.koozali.org/buglist.cgi?action=wrap&bug_status=VERIFIED&cf_package=smeserver-lib&classification=SME+Server&order=changeddate+DESC%2Ccomponent%2Cpriority%2Cbug_severity&query_format=advanced)
 And a list of outstanding Legacy bugs: (e-smith-lib) [here](https://bugs.koozali.org/buglist.cgi?component=e-smith-lib&product=SME%20Server%2010.X&query_format=advanced&limit=0&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=CONFIRMED)
 
 ## Description

contriborbase

@@ -1 +0,0 @@
-sme10

root/etc/e-smith/events/actions/adjust-services

@@ -24,6 +24,7 @@ use Errno;
 use DirHandle;
 
 my $event = shift || die "must give event name parameter";
+exit(0) if ( grep( /^$event$/, qw(post-upgrade  bootstrap-console-save) ));
 chdir "/etc/e-smith/events/$event" or die "Couldn't chdir to event directory /etc/e-smith/events/$event: $!";
 my $dh = DirHandle->new("services2adjust");
 

root/etc/e-smith/templates-default/template-begin-ini

@@ -0,0 +1,11 @@
+;------------------------------------------------------------
+;              !!DO NOT MODIFY THIS FILE!!
+; 
+; Manual changes will be lost when this file is regenerated.
+;
+; Please read the developer's guide, which is available
+; at http://www.contribs.org/development/
+;
+; Copyright (C) 1999-2006 Mitel Networks Corporation
+;------------------------------------------------------------
+

root/etc/e-smith/tests/10e-smith-lib/configuration.conf

@@ -87,7 +87,6 @@ ntpd=service|InitscriptOrder|55|status|disabled
 php=service|status|enabled
 popd=service|access|private|status|enabled
 pppoe=service|DemandIdleTime|no|InitscriptOrder|57|SynchronousPPP|no|status|disabled
-pptpd=service|sessions|10|status|disabled
 qmail=service|InitscriptOrder|80|status|enabled
 random=service|InitscriptOrder|20|status|enabled
 rsyslog=service|InitscriptOrder|05|status|enabled
@@ -99,5 +98,6 @@ squid=service|InitscriptOrder|90|status|enabled
 sshd=service|InitscriptOrder|85|PasswordAuthentication|yes|PermitRootLogin|yes|access|private|status|enabled
 sync=service|Host|service.e-smith.com|LastId|0|SuccessId|0|SyncFrequency|1|SyncMinute|57|status|disabled
 telnet=service|access|private|status|disabled
+vpn=configuration|sessions|10|status|disabled
 wibble=42
 xinetd=service|InitscriptOrder|50|status|enabled

root/sbin/e-smith/getmyip

@@ -0,0 +1,54 @@
+#!/bin/bash
+
+# List of services to query for the public IP
+services=(
+    "ifconfig.me"
+    "ipinfo.io/ip"
+    "icanhazip.com"
+    "api.ipify.org"
+    "ident.me"
+    "ip.tyk.nu"
+    "checkip.amazonaws.com"
+    "ipecho.net/plain"
+    "myip.dnsomatic.com"
+    "ip.seeip.org"
+    "ipapi.co/ip"
+    "wtfismyip.com/text"
+    "openident.net/ip"
+    "ifconfig.co/ip"
+)
+
+# Function to shuffle the array of services
+shuffle_services() {
+    local i
+    for ((i=${#services[@]} - 1; i > 0; i--)); do
+        local j=$((RANDOM % (i + 1)))
+        local temp="${services[i]}"
+        services[i]="${services[j]}"
+        services[j]="$temp"
+    done
+}
+
+# Function to fetch the public IP address
+get_public_ip() {
+    shuffle_services
+    for service in "${services[@]}"; do
+        public_ip=$(curl -s --max-time 5 "$service")
+        
+        # Check if the curl request was successful and there's a valid IP address
+        if [[ $? -eq 0 && $public_ip =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+            logger -t public_ip_script "Service used: $service, IP found: $public_ip"
+            echo "$public_ip"
+            return
+        fi
+    done
+
+    # If none of the services returned a valid IP, output an error message
+    echo "Failed to retrieve public IP using all services." >&2
+    logger -t public_ip_script "Error: Failed to retrieve public IP using all services."
+    exit 1
+}
+
+# Execute the function
+get_public_ip
+

root/usr/share/perl5/vendor_perl/esmith/util.pm

@@ -556,6 +556,12 @@ for example /etc/passwd, /etc/samba/smbpasswd, etc.
 =head2 validatePassword($password, $strength)
 
 Validate Unix password.
+length is the minimal password length, default is 12.
+strength could be none,normal,intermediate or strong.
+- none: only check for length
+- normal: upper and lower case letters
+- intermediate: upper and lower case letters not positive to cracklib
+- strong : numbers, letter and special characters not positive to cracklib
 
 =cut
 
@@ -566,14 +572,24 @@ sub validatePassword($$)
 
     $strength ||= 'normal';
 
+    my $length = 12;
+    my $db = esmith::ConfigDB->open() || undef;
+    my $sysconfig = $db->get("passwordstrength")||  undef  if $db ;
+    $length = $sysconfig->prop("length") || "12" if $sysconfig;
+
     my $reason = 'ok';
-    $reason = 'it is too short' unless (length($password) > 6);
+    $reason = 'it is too short' unless (length($password) >= $length);
     return $reason if ($reason ne 'ok' || $strength eq 'none');
 
-    $reason = 'it does not contain numbers' if (not $password =~ /\d/);
     $reason = 'it does not contain uppercase characters' if (not $password =~ /[A-Z]/);
     $reason = 'it does not contain lowercase characters' if (not $password =~ /[a-z]/);
-    $reason = 'it does not contain special characters' if (not $password =~ /\W|_/);
+    return $reason if ($reason ne 'ok' || $strength eq 'normal');
+
+    # we are left here with intermediate and strong
+    if ($strength eq 'strong') {
+        $reason = 'it does not contain numbers' if (not $password =~ /\d/);
+        $reason = 'it does not contain special characters' if (not $password =~ /\W|_/);
+    }
     return $reason if ($reason ne 'ok' && $strength eq 'strong');
 
     if ( -f '/usr/lib64/cracklib_dict.pwd' ) {

root/usr/share/perl5/vendor_perl/esmith/util/ldap.pm

@@ -160,11 +160,11 @@ sub ldapaddgroup {
    );
   if ($type eq "group") {
     $attrs{'description'} = $self->stringToASCII($acct->prop('Description') || $acctName );
-    $attrs{'mail'} = $acct->prop("$acctName\@$domain");
+    $attrs{'mail'} = "$acctName\@$domain";
   } 
   if ($type eq "ibay") {
     $attrs{'description'} = $self->stringToASCII($acct->prop('Name') || $acctName );
-    #$attrs{'mail'} = $acct->prop("$acctName\@$domain");# we might want to set email for ibay there?
+    #$attrs{'mail'} = "$acctName\@$domain";# we might want to set email for ibay there?
     $attrs{'objectClass'} = ['posixGroup'];
   }
   if ($type eq "machine") {
@@ -205,11 +205,11 @@ sub ldapmodgroup {
    );
   if ($type eq "group") {
     $attrs{'description'} = [ $self->stringToASCII($acct->prop('Description') || $acctName )  ];
-    $attrs{'mail'} = [ $acct->prop("$acctName\@$domain") ];
+    $attrs{'mail'} = [ "$acctName\@$domain" ];
   }
   if ($type eq "ibay") {
     $attrs{'description'} = [ $self->stringToASCII($acct->prop('Name') || $acctName ) ] ;
-    #$attrs{'mail'} = [ $acct->prop("$acctName\@$domain") ];
+    #$attrs{'mail'} = [ "$acctName\@$domain" ];
   }
   # if type user we add nothing
   #get current content

smeserver-lib.spec

@@ -6,7 +6,7 @@ Summary: smeserver server and gateway - library module
 %define name smeserver-lib
 Name: %{name}
 %define version 11.0.0
-%define release 7
+%define release 12
 Version: %{version}
 Release: %{release}%{?dist}
 License: Artistic
@@ -33,6 +33,21 @@ Provides: e-smith-lib
 smeserver server and gateway software - library module.
 
 %changelog
+* Wed May 28 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-12.sme
+- prevent service handling in bootstrap and post-upgrade [SME: 13002]
+
+* Thu Feb 20 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-11.sme
+- remove pptpd reference [SME: 11417]
+- move template-begin-ini [SME: 12211]
+- passwordstrength{length} default to 12 [SME: 12383]
+- more password granularity (none,normal,intermediate,strong) [SME: 12384]
+
+* Thu Dec 12 2024 Brian Read <brianr@koozali.org> 11.0.0-9.sme
+- add in getmyip [SME: 12810 ]
+
+* Tue Nov 12 2024 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-8.sme
+- fix Use of uninitialized value [SME: 12760]
+
 * Tue Aug 13 2024 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-7.sme
 - esmith::util:ldap initial commit [SME: 12719]