* Sat Sep 27 2025 Brian Read <brianr@koozali.org> 11.0.0-121.sme

- Sort out ftp public setting [SME: 13194]

root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27SManagerProxyPass

@@ -3,16 +3,14 @@
 
     $haveSSL = (exists ${modSSL}{status} and ${modSSL}{status} eq "enabled") ?  'yes' : 'no';
     $plainTextAccess = ${'httpd-admin'}{PermitPlainTextAccess} || 'no';
-    $plainPort = ${'httpd-e-smith'}{TCPPort} || '80';
     $adminPort2 = ${'smanager'}{TCPPort} || '982';
     $adminAccess = ${'smanager'}{access} || 'private';
-    $sslPort = ${modSSL}{TCPPort} || '443';
 
     $OUT = '';
 
     foreach $place ('smanager')
     {
-        if (($port eq $plainPort) && ($haveSSL eq 'yes') && ($plainTextAccess ne 'yes'))
+        if (($port eq $httpPort) && ($haveSSL eq 'yes') && ($plainTextAccess ne 'yes'))
         {
             $OUT .= '    RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1$' . "\n";
             $OUT .= "    RewriteRule ^/$place(/.*|\$)    https://%{HTTP_HOST}/$place\$1 [L,R]\n";
@@ -24,14 +22,18 @@
         $OUT .= "    ProxyPreserveHost On\n";
         $OUT .= "    ProxyPass /$place http://127.0.0.1:$adminPort2 keepalive=On\n";
         $OUT .= "    ProxyPassReverse /$place http://127.0.0.1:$adminPort2\n";
-        $OUT .= "    RequestHeader set X-Forwarded-Proto 'http'\n";
+        if ($port eq $httpsPort)
+        {
+            # mod_auth_tkt needs to know the protocol to write  307 redirection
+            $OUT .= "    RequestHeader set X-Forwarded-Proto \"https\"\n";
+        }
 
         $OUT .= "    <Location '/$place'>\n";
-        if ($port eq $plainPort)
+        if ($port eq $httpPort)
         {
             $OUT .= '        Require ip 127.0.0.1' . "\n";
         }
-        elsif (($haveSSL eq 'yes') && ($port eq $sslPort) && ($adminAccess eq 'public'))
+        elsif (($haveSSL eq 'yes') && ($port eq $httpsPort) && ($adminAccess eq 'public'))
         {
             $OUT .= "#       public access requested in conf db\n";
             $OUT .= "        Require all granted\n";
@@ -40,15 +42,25 @@
             $OUT .= "        Require ip $localAccess $externalSSLAccess\n";
         }
         # any smanager script or style added in line should be hashed and added here to run in a modern browser
-        $OUT .= "                   Header set Content-Security-Policy  \"script-src 'self' 'unsafe-eval' 'unsafe-hashes' "
-        ." 'sha256-X8Qwlk0M9iDTQZqFVpbVcThRjBqQXpwTOZCLX8I+Frk=' 'sha256-inQ04nmqTZI75Z5g/tAzjahedNugPFfrhxHyoFezFkM=' 'sha256-5IsIX+Vbow7wwy2RjR3+5X06R/0CQZPkw3OHj/228cM=' 'sha256-tfVskwioRaNsV75h89itf7FujMgIrodfs1Ea4UAJNpE=' 'sha256-P51OyslUh5bGkoWk9qY+o4Su4HuwNFoQcFCeNxF7Ms8=' ; "
+        $OUT .= "        Header set Content-Security-Policy  \"script-src 'self' 'unsafe-eval' 'unsafe-hashes' "
+        # list of hashes for script-src we accept and reference to find them
+        ." 'sha256-T5nv1LP9Xxdv7I1tsdTYprjvwoZyVEvfe8Y4TLx59pk='" # $(document).ready(function() \{    $('#tognav').click(function() 
+        ." 'sha256-TxVHbw3t1mXreukND/yBI+H+CscZDpyxPoNoBrRhmSE=' " # (function($) \{    $.fn.swapClass = function(class1, class2) 
+        ." 'sha256-30Xxu25YbRvjbQ2ngJ8EyneSz0No788PqjM9XbQh+qM=' " # ...const togglePassword...
+        ." 'sha256-5PrS/6zSCY/wROLKhAm4ymOuYsfvvScrC9Vp8FtOpxU=' " # nutups:316 window.onload = function() \{		SelectInput(); 
+        ." 'sha256-pxCVW6zyLaFSTIpOP2p4ULot8y+QsEmSEjKE54zDTWQ=' " # nutups:317 window.onload = function() \{   SelectInput();
+        #." 'sha256-X8Qwlk0M9iDTQZqFVpbVcThRjBqQXpwTOZCLX8I+Frk=' 'sha256-inQ04nmqTZI75Z5g/tAzjahedNugPFfrhxHyoFezFkM=' 'sha256-5IsIX+Vbow7wwy2RjR3+5X06R/0CQZPkw3OHj/228cM=' 'sha256-tfVskwioRaNsV75h89itf7FujMgIrodfs1Ea4UAJNpE=' 'sha256-P51OyslUh5bGkoWk9qY+o4Su4HuwNFoQcFCeNxF7Ms8=' " #need valiation if still needed
+        ." ; "
         ." style-src 'self'  'unsafe-hashes' "
-        #'sha256-EhT63KK1JBrsUM27H+5RMNifDFpVB+GXcTtavKXwCK8=' #h2l1
-        #'sha256-msdEhWmYTu7vqzGaQHDfvy6lzlDsbKkouwvN2R6Co9E=' #busy-indicator
-        #'sha256-iYwYhiMcsGmXCUzLEpEzZNz5dINrlkqf1sLbLhEcqGM=' _footer.html.ep style="position:relative;"
-        #'sha256-bOTFT8zacR4Rfja/WIKXgAQQXVaPyG3oBlvAhU4ga8g=' _usr_list style="min-width:35em"
-        #'sha256-CP93jJ1Y8nMwUoDzFbo1srdgsbADPasAc0Wjig1ahpY=' groups style="min-width:15em"
-        ." 'sha256-msdEhWmYTu7vqzGaQHDfvy6lzlDsbKkouwvN2R6Co9E=' 'sha256-iYwYhiMcsGmXCUzLEpEzZNz5dINrlkqf1sLbLhEcqGM='  'sha256-bOTFT8zacR4Rfja/WIKXgAQQXVaPyG3oBlvAhU4ga8g=' 'sha256-CP93jJ1Y8nMwUoDzFbo1srdgsbADPasAc0Wjig1ahpY=' 'sha256-EhT63KK1JBrsUM27H+5RMNifDFpVB+GXcTtavKXwCK8=' ;"
+        # list of hashes for  style-src we accept and reference to find them  
+        ." 'sha256-EhT63KK1JBrsUM27H+5RMNifDFpVB+GXcTtavKXwCK8=' " #h2l1
+        ." 'sha256-msdEhWmYTu7vqzGaQHDfvy6lzlDsbKkouwvN2R6Co9E=' " # busy-indicator
+        ." 'sha256-iYwYhiMcsGmXCUzLEpEzZNz5dINrlkqf1sLbLhEcqGM=' " # _footer.html.ep style="position:relative;"
+        ." 'sha256-bOTFT8zacR4Rfja/WIKXgAQQXVaPyG3oBlvAhU4ga8g=' " # _usr_list style="min-width:35em"
+        ." 'sha256-CP93jJ1Y8nMwUoDzFbo1srdgsbADPasAc0Wjig1ahpY=' " # groups style="min-width:15em"
+        ." 'sha256-0Mf27W7YqYYDBxV28E9yUhPk/SHgCYEyL73kR5dJkDM=' " # useraccounts:410 useraccounts:506 and useraccounts:602 style = background:pink;
+        ." 'sha256-65hozXHuXYaN7oOyWz8cFCjqLsPmy6O7++aP2PECi5M=' " # legacypanel:306 style="width:99%;height:1784px;
+        ." ;"
 	." \"\n"; 
 	$OUT .= "    </Location>\n";
         # prevent caching of manager files in browser

root/usr/share/smanager/lib/SrvMngr/Controller/Remoteaccess.pm

@@ -163,7 +163,7 @@ sub get_ftp_access {
     my $status = get_prop('', 'ftp', 'status') || 'disabled';
     return 'off' unless $status eq 'enabled';
     my $access = get_prop('', 'ftp', 'access') || 'private';
-    return ($access eq 'public') ? 'normal' : 'private';
+    return ($access eq 'public') ? 'public' : 'private';
 } ## end sub get_ftp_access
 
 #sub get_pptp_sessions {
@@ -320,7 +320,7 @@ sub change_settings {
             $rec->set_prop('status',      'disabled');
             $rec->set_prop('access',      'private');
             $rec->set_prop('LoginAccess', 'private');
-        } elsif ($rma_datas{ftpAccess} eq "normal") {
+        } elsif ($rma_datas{ftpAccess} eq "public") {
             $rec->set_prop('status',      'enabled');
             $rec->set_prop('access',      'public');
             $rec->set_prop('LoginAccess', $rma_datas{ftpPasswordAccess});
@@ -438,4 +438,4 @@ sub remove_valid_from {
     $db->get('httpd-admin')->set_prop('ValidFrom', $prop);
     return 1;
 } ## end sub remove_valid_from
-1;
+1;

root/usr/share/smanager/themes/default/public/css/legacypanel.css

@@ -0,0 +1,4 @@
+.legacy-embedded {
+  width: 99%;
+  height: 600px; /* fallback default, matches your $height default */
+}

root/usr/share/smanager/themes/default/public/css/new-sme-main.css

@@ -502,4 +502,20 @@ div.success, span.success {
 div.roundcube #roundcube{
 	width:100%;
 	height:600px;
+}
+
+.center {
+  display: flex;
+  align-items: center;
+  width: 100%; /* adjust as needed */
+}
+
+.left-btn {
+  /* Left aligned */
+}
+
+.center-btn {
+  /* Center aligned */
+  margin-left: auto!important;
+  margin-right: auto;
 }

root/usr/share/smanager/themes/default/public/js/legacypanel.js

@@ -0,0 +1,6 @@
+document.addEventListener('DOMContentLoaded', function() {
+  var obj = document.getElementById('legacy-embedded');
+  if (obj && obj.dataset.legacyHeight) {
+    obj.style.height = obj.dataset.legacyHeight;
+  }
+});

root/usr/share/smanager/themes/default/public/js/sme-password.js

@@ -30,14 +30,27 @@ $(document).ready(function() {
     });
 });
 
-// and busy cursor 
 $(document).ready(function() {
-	// Handle form submission for any form
-	$('form').on('submit', function(event) {
-	  // Disable all submit buttons and update their labels
-	  $(this).find('button[type="submit"]').prop('disabled', true).text('Please wait...');
-	  $(this).find('input[type="submit"]').prop('disabled', true).val('Please wait...');
-	  // Add busy cursor
-	  $('body').addClass('busy');
-	});
+  $('form').on('submit', function(event) {
+    // Change submit buttons to look disabled and update their labels without disabling
+    $(this).find('button[type="submit"]').each(function() {
+      $(this).text('Please wait...').addClass('visually-disabled').css({
+        'pointer-events': 'none',
+        'opacity': '0.6',
+        'cursor': 'not-allowed'
+      });
+    });
+    $(this).find('input[type="submit"]').each(function() {
+      $(this).val('Please wait...').addClass('visually-disabled').css({
+        'pointer-events': 'none',
+        'opacity': '0.6',
+        'cursor': 'not-allowed'
+      });
+    });
+
+    // Add busy cursor to body
+    $('body').addClass('busy');
+
+    // Allow form to submit normally without disabling the buttons
+  });
 });

root/usr/share/smanager/themes/default/templates/embedded.html.ep

@@ -14,10 +14,18 @@
     </div>
   % }
   <h1> Embedded - <%= $title %></h1><br>
-  <p>If the legacy panel does not appear, then you may not be logged into the original Server manager.<br />You can log in by clicking <a href="/server-manager" target='_blank'>here</a>. Or by clicking on the "Legacy SM" button at the top of the window.</p>
-  % my $height = $c->stash('height') | '600px';
+  <p>If the legacy panel does not appear, then you may not be logged into the original Server manager.<br />You can log in by clicking <a href="/server-manager" target='_blank'>here</a>.</p>
+  % my $height = $c->stash('height') || '600px';
   % if ( $height !~ /px$/ ) { $height = $height . 'px'; }
-  <object id="legacy-embedded" class="legacy-embedded" data="<%= $c->stash('modul') %>" style="width:99%;height:<%= $height %>;" title="<%= $c->stash('title') %>"  type="text/html" ><%= $c->stash('title') %> not found</object>
+  % # Add the height as a data attribute
+  <object id="legacy-embedded" 
+          class="legacy-embedded" 
+          data="<%= $c->stash('modul') %>" 
+          data-legacy-height="<%= $height %>"
+          title="<%= $c->stash('title') %>"  
+          type="text/html">
+    <%= $c->stash('title') %> not found
+  </object>
 </div>
 
-% end
+% end

smeserver-manager.spec

@@ -2,7 +2,7 @@ Summary: Sme Server Configuration : Manager 2
 %define name smeserver-manager
 Name: %{name}
 %define version 11.0.0
-%define release 116
+%define release 121
 Version: %{version}
 Release: %{release}%{?dist}
 License: GPL
@@ -147,6 +147,22 @@ true
 %defattr(-,root,root)
 
 %changelog
+* Sat Sep 27 2025 Brian Read <brianr@koozali.org> 11.0.0-121.sme
+- Sort out ftp public setting [SME: 13194]
+
+* Thu Sep 25 2025 Brian Read <brianr@koozali.org> 11.0.0-120.sme
+- Add CSS for multiple result buttons on panel  - used by wireguard[SME: 13185]
+
+* Thu Sep 25 2025 Brian Read <brianr@koozali.org> 11.0.0-119.sme
+- Change submit button disable/message as method as current method does not send name back as parameter [SME: 13184]
+
+* Thu Sep 25 2025 Brian Read <brianr@koozali.org> 11.0.0-118.sme
+- Remove inline style for legacy panel [SME: 13177]
+
+* Wed Sep 24 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-117.sme
+- set correctly X-Forwarded-Proto for TKT auth [SME: 13175]
+  updated CSP for smanager
+
 * Mon Sep 15 2025 Brian Read <brianr@koozali.org> 11.0.0-116.sme
 - Fix other buttons in lists for elinks [SME: 13113]