Fix not to return short hostname unless set

* Amazon Linux doesn't have it available anywhere

CHANGELOG.md

@@ -1,8 +1,15 @@
 ## Changelog
 
+#### 2.102 (August 23, 2023)
+* Add support for Amazon Linux 2023
+* Fix a bug in Network Configuration module when parsing network size [sourceforge.net/discussion#55377]( https://sourceforge.net/p/webadmin/discussion/55377/thread/78e5aa05f3)
+* Fix Netplan related bugs in Network Configuration module
+* Fix Terminal focus bug
+* Fix to correctly compare Webmin semantic versions
+* Fix to suppress output from `monitor.pl` command [#1984](https://github.com/webmin/webmin/issues/1984)
+
 #### 2.101 (August 5, 2023)
 * Add support for reading gzipped email messages
-* Add support for Amazon Linux 2023
 * Add `error_stderr` API
 * Fix to show correct locale for sudo-capable users [webmin/authentic-theme#1663](https://github.com/webmin/authentic-theme/issues/1663)
 * Fix new signing key import on Debian and derivatives

apache/config-openSUSE-Linux-15.0-ALL

@@ -5,7 +5,7 @@ mime_types=/etc/apache2/mime.types
 httpd_path=/usr/sbin/httpd
 start_cmd=systemctl start apache2
 stop_cmd=systemctl stop apache2
-apply_cmd=systemctl restart apache2
+apply_cmd=systemctl reload apache2
 show_order=0
 max_servers=100
 test_config=1

bacula-backup/list.cgi

@@ -2,7 +2,7 @@
 # Returns a list of files and directories under some directory
 
 $trust_unknown_referers = 1;
-BEGIN { require './bacula-backup-lib.pl'; }
+require './bacula-backup-lib.pl';
 &ReadParse();
 
 # Input sanitization

bind8/bind8-lib.pl

@@ -3591,7 +3591,7 @@ for(my $i=$#recs; $i>=0; $i--) {
 	if ($recs[$i]->{'type'} eq 'NSEC' ||
 	    $recs[$i]->{'type'} eq 'NSEC3' ||
 	    $recs[$i]->{'type'} eq 'RRSIG' ||
-	    $recs[$i]->{'type'} eq 'NSEC3PARAM' && $tools ||
+	    $recs[$i]->{'type'} eq 'NSEC3PARAM' ||
 	    $recs[$i]->{'type'} eq 'DNSKEY') {
 		&delete_record($fn, $recs[$i]);
 		}

cluster-software/do_install.cgi

@@ -233,25 +233,32 @@ print "<p><b>$text{'do_done'}</b><p>\n";
 # Show details of installed packages, where we have them
 for($i=0; $i<@names; $i++) {
 	next if (!$pinfo[$i]);
-	print "<table border width=100%>\n";
+	print &ui_table_start($text{'do_details'}, "width=100%", 4);
-	print "<tr $tb> <td><b>$text{'do_details'}</b></td> </tr>\n";
-	print "<tr $cb> <td><table width=100%>\n";
 
 	if ($pinfo[$i]->[2]) {
-		print "<tr> <td valign=top width=20%><b>$text{'do_desc'}</b></td>\n";
+		print &ui_table_row($text{'do_desc'},
-		print "<td colspan=3><pre>$pinfo[$i]->[2]</pre></td> </tr>\n";
+			"<pre>".&html_escape($pinfo[$i]->[2])."</pre>", 3);
 		}
 
-	print "<tr> <td width=20%><b>$text{'do_pack'}</b></td> <td>$pinfo[$i]->[0]</td>\n";
+	print &ui_table_row($text{'do_pack'},
-	print "<td width=20%><b>$text{'do_class'}</b></td> <td>",
+		$pinfo[$i]->[0]);
-		$pinfo[$i]->[1] ? $pinfo[$i]->[1] : $text{'do_none'},"</td> </tr>\n";
 
-	print "<tr> <td width=20%><b>$text{'do_ver'}</b></td> <td>$pinfo[$i]->[4]</td>\n";
+	print &ui_table_row($text{'do_class'},
-	print "<td width=20%><b>$text{'do_vend'}</b></td> <td>$pinfo[$i]->[5]</td> </tr>\n";
+		$pinfo[$i]->[1] || $text{'do_none'});
 
-	print "<tr> <td width=20%><b>$text{'do_arch'}</b></td> <td>$pinfo[$i]->[3]</td>\n";
+	print &ui_table_row($text{'do_ver'},
-	print "<td width=20%><b>$text{'do_inst'}</b></td> <td>$pinfo[$i]->[6]</td> </tr>\n";
+		$pinfo[$i]->[4]);
-	print "</table></td></tr></table><p>\n";
+
+	print &ui_table_row($text{'do_vend'},
+		$pinfo[$i]->[5]);
+
+	print &ui_table_row($text{'do_arch'},
+		$pinfo[$i]->[3]);
+
+	print &ui_table_row($text{'do_inst'},
+		$pinfo[$i]->[6]);
+
+	print &ui_table_end();
 	}
 
 &remote_finished();

cluster-software/install_pack.cgi

@@ -22,10 +22,12 @@ else {
 
 if ($in{source} == 0) {
 	# installing from local file (or maybe directory)
-	if (!$in{'local'})
+	if (!$in{'local'}) {
-		{ &install_error($text{'install_elocal'}); }
+		&install_error($text{'install_elocal'});
-	if (!-r $in{'local'})
+		}
-		{ &install_error(&text('install_elocal2', $in{'local'})); }
+	if (!-r $in{'local'}) {
+		&install_error(&text('install_elocal2', &html_escape($in{'local'})));
+		}
 	$source = $in{'local'};
 	$pfile = $in{'local'};
 	$filename = $in{'local'};

cluster-software/search.cgi

@@ -29,7 +29,7 @@ if (@match == 1) {
 &ui_print_header(undef, $text{'search_title'}, "", "search");
 if (@match) {
 	@match = sort { lc($a->{'name'}) cmp lc($b->{'name'}) } @match;
-	print "<b>",&text('search_match', "<tt>$s</tt>"),"</b><br>\n";
+	print "<b>",&text('search_match', "<tt>".&html_escape($s)."</tt>"),"</b><br>\n";
 
 	print &ui_form_start("delete_packs.cgi", "post");
 	print &ui_hidden("search", $in{'search'}),"\n";
@@ -43,8 +43,8 @@ if (@match) {
 				  $text{'search_desc'} ], 100, 0, \@tds);
 	foreach $i (@match) {
 		local @cols;
-		push(@cols, "<a href=\"edit_pack.cgi?search=$s&package=".
+		push(@cols, "<a href=\"edit_pack.cgi?search=".&urlize($s).
-		      &urlize($i->{'name'})."\">$i->{'name'}</a>");
+		    "&package=".&urlize($i->{'name'})."\">$i->{'name'}</a>");
 		$c = $i->{'class'};
 		push(@cols, $i->{'class'} || $text{'search_none'});
 		push(@cols, $i->{'desc'});
@@ -62,7 +62,7 @@ if (@match) {
 	print &ui_form_end();
 	}
 else {
-	print "<b>",&text('search_nomatch', "<tt>$s</tt>"),"</b>\n";
+	print "<b>",&text('search_nomatch', "<tt>".&html_escape($s)."</tt>"),"</b>\n";
 	}
 
 &ui_print_footer("", $text{'index_return'});

cluster-usermin/install.cgi

@@ -16,10 +16,12 @@ else {
 
 if ($in{source} == 0) {
 	# installing from local file (or maybe directory)
-	if (!$in{'local'})
+	if (!$in{'local'}) {
-		{ &download_error($text{'install_elocal'}); }
+		&download_error($text{'install_elocal'});
-	if (!-r $in{'local'})
+		}
-		{ &download_error(&text('install_elocal2', $in{'local'})); }
+	if (!-r $in{'local'}) { 
+		&download_error(&text('install_elocal2', &html_escape($in{'local'})));
+		}
 	$source = $in{'local'};
 	$pfile = $in{'local'};
 	$need_unlink = 0;
@@ -55,7 +57,9 @@ elsif ($in{source} == 2) {
 		&ftp_download($host, $file, $pfile, \$error,
 			      \&progress_callback);
 		}
-	else { &download_error(&text('install_eurl', $in{'url'})); }
+	else {
+		&download_error(&text('install_eurl', &html_escape($in{'url'})));
+		}
 	&download_error($error) if ($error);
 	$source = $in{'url'};
 	$need_unlink = 1;

cluster-webmin/install.cgi

@@ -16,10 +16,12 @@ else {
 
 if ($in{source} == 0) {
 	# installing from local file (or maybe directory)
-	if (!$in{'local'})
+	if (!$in{'local'}) {
-		{ &download_error($text{'install_elocal'}); }
+		&download_error($text{'install_elocal'});
-	if (!-r $in{'local'})
+		}
-		{ &download_error(&text('install_elocal2', $in{'local'})); }
+	if (!-r $in{'local'}) {
+		&download_error(&text('install_elocal2', &html_escape($in{'local'})));
+		}
 	$source = $in{'local'};
 	$pfile = $in{'local'};
 	$need_unlink = 0;
@@ -55,7 +57,9 @@ elsif ($in{source} == 2) {
 		&ftp_download($host, $file, $pfile, \$error,
 			      \&progress_callback);
 		}
-	else { &download_error(&text('install_eurl', $in{'url'})); }
+	else {
+		&download_error(&text('install_eurl', &html_escape($in{'url'})));
+		}
 	&download_error($error) if ($error);
 	$source = $in{'url'};
 	$need_unlink = 1;

cron/cron-lib.pl

@@ -1603,6 +1603,7 @@ if ($config{'system_crontab'}) {
 	}
 if ($config{'cronfiles_dir'}) {
 	push(@files, glob(&translate_filename($config{'cronfiles_dir'})."/*"));
+	@files = grep { -f $_ } @files;
 	}
 return &unique(@files);
 }

filter/index.cgi

@@ -49,6 +49,10 @@ if (&no_user_procmailrc()) {
 	}
 
 @filters = &list_filters();
+foreach my $filter (@filters) {
+	$filter->{'action'} = &html_escape($filter->{'action'})
+		if ($filter->{'action'});
+	}
 @links = ( );
 if (@filters) {
 	push(@links, &select_all_link("d"), &select_invert_link("d"));
@@ -116,7 +120,7 @@ if (@filters || &get_global_spamassassin()) {
 		# Work out nice condition and action descriptions
 		local $cond;
 		($cond, $lastalways) = &describe_condition($f);
-		$cond = &ui_link("edit.cgi?idx=$f->{'index'}",$cond);
+		$cond = &ui_link("edit.cgi?idx=$f->{'index'}", &html_escape($cond));
 		local $action = &describe_action($f, \@folders);
 
 		# Create mover links

firewalld/firewalld-lib.pl

@@ -501,18 +501,7 @@ return $? ? $out : undef;
 sub get_config_files
 {
 my $conf_dir = $config{'config_dir'} || '/etc/firewalld';
-my @conf_files;
+return (glob("$conf_dir/*.xml"), glob("$conf_dir/*/*.xml"));
-my @dirpath = ($conf_dir);
-eval "use File::Find;";
-if (!$@) {
-	find(sub {
-		my $file = $File::Find::name;
-		push(@conf_files, $file)
-			if (-f $file && $file =~ /\.(conf|xml)$/);
-		}, @dirpath);
-	}
-push(@conf_files, "$conf_dir/direct.xml");
-return @conf_files;
 }
 
 1;

mailboxes/list_mail.cgi

@@ -151,7 +151,7 @@ if ($config{'log_read'}) {
 
 sub show_arrows
 {
-my $link = "list_mail.cgi?user=".&urlize($in{'user'})."&folder=".$in{'folder'};
+my $link = "list_mail.cgi?user=".&urlize($in{'user'})."&folder=".&urlize($in{'folder'});
 my $left = $in{'start'} ?
 	   $link."&start=".($in{'start'}-$perpage) : undef;
 my $right = $in{'start'}+$perpage < @mail ?

makedebian.pl

@@ -458,7 +458,6 @@ foreach my $deb ("deb", "newkey/deb") {
 	# Run the actual build command
 	system("fakeroot dpkg --build $tmp_dir $deb/${product}_${ver}${rel}_all.deb") &&
 		die "dpkg failed";
-	#system("rm -rf $tmp_dir");
 	print "Wrote $deb/${product}_${ver}${rel}_all.deb\n";
 	$md5 = `md5sum $tarfile`;
 	$md5 =~ s/\s+.*\n//g;
@@ -521,6 +520,8 @@ EOF
 	unlink("sigs/${product}_${ver}${rel}_all.deb-sig.asc");
 	system("gpg --armor --output sigs/${product}_${ver}${rel}_all.deb-sig.asc --default-key $key --detach-sig $deb/${product}_${ver}${rel}_all.deb");
 	print "Wrote sigs/${product}_${ver}${rel}_all.deb-sig.asc\n";
+
+	system("rm -rf $diff_orig_dir $diff_new_dir");
 	}
 
 # read_file(file, &assoc, [&order], [lowercase])

miniserv.pl

@@ -1450,7 +1450,10 @@ alarm(0);
 # If a remote IP is given in a header (such as via a proxy), only use it
 # for logging unless trust_real_ip is set
 local $headerhost = $header{'x-forwarded-for'} ||
-		    $header{'x-real-ip'};
+		    $header{'x-real-ip'} ||
+		    $header{'true-client-ip'} ||
+		    $header{'cf-connecting-ip'} ||
+		    $header{'cf-connecting-ip6'};
 if ($headerhost) {
 	# Only real IPs are allowed
 	$headerhost = undef if (!&check_ipaddress($headerhost) &&
@@ -1687,12 +1690,15 @@ if ($header{'user-agent'} =~ /webmin/i ||
 	}
 
 # Check for SSL authentication
-if ($use_ssl && $verified_client) {
+if ($use_ssl && $verified_client ||
-	$peername = Net::SSLeay::X509_NAME_oneline(
+    $config{'trust_real_ip'} && $header{'x-ssl-client-dn'}) {
-			Net::SSLeay::X509_get_subject_name(
+	if ($use_ssl && $verified_client) {
-				Net::SSLeay::get_peer_certificate(
+		$peername = Net::SSLeay::X509_NAME_oneline(
-					$ssl_con)));
+				Net::SSLeay::X509_get_subject_name(
-	$u = &find_user_by_cert($peername);
+					Net::SSLeay::get_peer_certificate(
+						$ssl_con)));
+		$u = &find_user_by_cert($peername);
+		}
 	if ($config{'trust_real_ip'} && !$u && $header{'x-ssl-client-dn'}) {
 		# Use proxied client cert
 		$u = &find_user_by_cert($header{'x-ssl-client-dn'});
@@ -1701,7 +1707,7 @@ if ($use_ssl && $verified_client) {
 		$authuser = $u;
 		$validated = 2;
 		}
-	if ($use_syslog && !$validated) {
+	if ($use_syslog && !$validated && $use_ssl && $verified_client) {
 		syslog("crit", "%s",
 		       "Unknown SSL certificate $peername");
 		}

mysql/postinstall.pl

@@ -4,7 +4,7 @@ require 'mysql-lib.pl';
 sub module_install
 {
 my $mysql_version = &get_mysql_version();
-if ($mysql_version > 0) {
+if ($mysql_version && $mysql_version >= 0) {
 	&save_mysql_version($mysql_version);
 	&create_module_info_overrides();
 	}

net/linux-lib.pl

@@ -57,7 +57,7 @@ if (&has_command("ip")) {
 			$ifc{'address'} = $1;
 			$ifc{'netmask'} = &prefix_to_mask("$3");
 			}
-		elsif ($l =~ /\sinet\s+([0-9\.]+)\/\d+\s+(?:metric\s+\d+\s+|)brd\s+(\S+)\s+scope\s+global(?:\s+secondary|)\s(dynamic)\s+.*?(\Q$iface_name\E)/) {
+		elsif ($l =~ /\sinet\s+([0-9\.]+)\/(\d+)\s+(?:metric\s+\d+\s+|)brd\s+(\S+)\s+scope\s+global(?:\s+secondary|)\s(dynamic)\s+.*?(\Q$iface_name\E)/) {
 			# Line like :
 			# inet 193.9.101.120/24 brd 193.9.101.255 scope global secondary dynamic br0
 			# inet 10.211.55.81/24 metric 100 brd 10.211.55.255 scope global secondary dynamic enp0s5
@@ -525,7 +525,7 @@ return &has_command("ifup") &&
 	$gconfig{'os_version'} >= 5 ||
 	$gconfig{'os_type'} eq 'redhat-linux' &&
 	$gconfig{'os_version'} >= 13) &&
-       ($iface->{'name'} !~ /^(eth|em|eno|ens|enp|enx|lo|br)/ ||
+       ($iface->{'name'} !~ /^(eth|em|eno|ens|enp|enx|enX|lo|br)/ ||
  	$iface->{'name'} =~ /^(\S+)\.(\d+)/) &&
        $iface->{'virtual'} eq '';
 }
@@ -541,7 +541,7 @@ if ($name =~ /^(.*)\.(\d+)$/) {
 return "PPP" if ($name =~ /^ppp/);
 return "SLIP" if ($name =~ /^sl/);
 return "PLIP" if ($name =~ /^plip/);
-return "Ethernet" if ($name =~ /^eth|em|eno|ens|enp|enx|p\d+p\d+|vtnet/);
+return "Ethernet" if ($name =~ /^eth|em|eno|ens|enp|enx|enX|p\d+p\d+|vtnet/);
 return "Wireless Ethernet" if ($name =~ /^(wlan|ath)/);
 return "Arcnet" if ($name =~ /^arc/);
 return "Token Ring" if ($name =~ /^tr/);
@@ -803,7 +803,7 @@ return $? ? $out : undef;
 # Does some interface have an editable hardware address
 sub iface_hardware
 {
-return $_[0] =~ /^(eth|em|eno|ens|enp|enx)/;
+return $_[0] =~ /^(eth|em|eno|ens|enp|enx|enX)/;
 }
 
 # allow_interface_clash()

net/netplan-lib.pl

@@ -200,7 +200,7 @@ else {
 	if ($iface->{'dhcp'}) {
 		push(@lines, $id."    "."dhcp4: true");
 		}
-	else {
+	elsif ($iface->{'address'}) {
 		push(@addrs, $iface->{'address'}."/".
 			     &mask_to_prefix($iface->{'netmask'}));
 		}

os_list.txt

@@ -88,7 +88,7 @@ Amazon Linux			$1	redhat-linux	20.0	`cat /etc/system-release 2>/dev/null` =~ /Am
 Amazon Linux			$1	redhat-linux	15.0	`cat /etc/system-release 2>/dev/null` =~ /Amazon\s+Linux\s+(2)\n/ || `cat /etc/system-release 2>/dev/null` =~ /Amazon\s+Linux\s+release\s+(2)\s/
 
 # Amazon Linux (3, approximately based on Fedora)
-Amazon Linux			$1	redhat-linux	34.0	`cat /etc/system-release 2>/dev/null` =~ /Amazon\s+Linux\s+([\d+]{4})/
+Amazon Linux			$1	redhat-linux	34.0	`cat /etc/system-release 2>/dev/null` =~ /Amazon\s+Linux\s+release\s+([\d+]{4})/i
 
 # Free Redhat Linux and Fedora
 Redhat Linux			$1	redhat-linux	$1	`cat /etc/redhat-release 2>/dev/null` =~ /red.*hat.*release\s+(\S+)/i && `cat /etc/redhat-release 2>/dev/null` !~ /[eE]nterprise|AS|ES|WS|[aA]dvanced/

postfix/manual.cgi

@@ -13,7 +13,8 @@ $in{'file'} ||= $files[0];
 print &ui_form_start("manual.cgi");
 print "<b>$text{'cmanual_file'}</b>\n";
 print &ui_select("file", $in{'file'},
-		 [ map { [ $_ ] } @files ]),"\n";
+		 [ grep { [ $_ ] if (!-d $_) } 
+		 	@files ]),"\n";
 print &ui_submit($text{'cmanual_ok'});
 print &ui_form_end();
 

setup-repos-nightly.sh

@@ -93,7 +93,8 @@ fi
 
 # Ask first
 if [ "$1" != "-f" ] && [ "$1" != "--force" ]; then
-printf "\e[47;1;31;82mNightly builds are experimental and unstable versions used for testing\nand development purposes, may have critical bugs and breaking changes!\e[0m\n"
+printf "\e[47;1;31;82mNightly builds are experimental and unstable versions used for testing\e[0m\n"
+printf "\e[47;1;31;82mand development purposes, may have critical bugs and breaking changes!\e[0m\n"
 
   printf "Setup development repository? (y/N) "
   read -r sslyn

software/apt-lib.pl

@@ -20,6 +20,7 @@ local $force = !$_[2];
 local (@rv, @newpacks);
 
 # Build the command to run
+$ENV{'UCF_FORCE_CONFFOLD'} = 'YES';
 $ENV{'DEBIAN_FRONTEND'} = 'noninteractive';
 local $uicmd = "$apt_get_command -y ".($force ? " -f" : "")." install $update";
 $update = join(" ", map { quotemeta($_) } split(/\s+/, $update));
@@ -75,6 +76,7 @@ return @rv;
 sub update_system_operations
 {
 my ($packages) = @_;
+$ENV{'UCF_FORCE_CONFFOLD'} = 'YES';
 $ENV{'DEBIAN_FRONTEND'} = 'noninteractive';
 my $cmd = "apt-get -s install ".
 	  join(" ", map { quotemeta($_) } split(/\s+/, $packages)).

software/debian-lib.pl

@@ -202,6 +202,7 @@ local $args = ($in->{'depends'} ? " --force-depends" : "").
 	      ($in->{'overwrite'} ? " --force-overwrite" : "").
 	      ($in->{'downgrade'} ? " --force-downgrade" : "");
 local $qm = quotemeta($_[0]);
+$ENV{'UCF_FORCE_CONFFOLD'} = 'YES';
 $ENV{'DEBIAN_FRONTEND'} = 'noninteractive';
 local $out = &backquote_logged("dpkg --install $args $qm 2>&1 </dev/null");
 if ($?) {

spam/config-debian-linux-10.0-11.9

@@ -0,0 +1,13 @@
+local_cf=/etc/spamassassin/local.cf
+spamassassin=spamassassin
+sa_learn=sa-learn
+procmailrc=/etc/procmailrc
+amavisdconf=/etc/amavis/conf.d/20-debian_defaults
+warn_procmail=1
+call_spam=1
+processes=spamd amavisd
+restart_cmd=systemctl restart spamassassin
+procmail_cmd=*
+mode=0
+addto=0
+max_awl=200

spam/config-debian-linux-12-ALL

@@ -0,0 +1,13 @@
+local_cf=/etc/spamassassin/local.cf
+spamassassin=spamassassin
+sa_learn=sa-learn
+procmailrc=/etc/procmailrc
+amavisdconf=/etc/amavis/conf.d/20-debian_defaults
+warn_procmail=1
+call_spam=1
+processes=spamd amavisd
+restart_cmd=systemctl restart spamd
+procmail_cmd=*
+mode=0
+addto=0
+max_awl=200

status/status-lib.pl

@@ -9,6 +9,7 @@ use Socket;
 
 # Wrapper command for cron job
 $cron_cmd = "$module_config_directory/monitor.pl";
+$full_cron_cmd = $cron_cmd." >/dev/null 2>&1";
 
 # Config directory for monitors
 $services_dir = "$module_config_directory/services";
@@ -297,7 +298,9 @@ sub setup_cron_job
 &foreign_require("cron");
 my $job;
 foreach my $j (&cron::list_cron_jobs()) {
-	$job = $j if ($j->{'user'} eq 'root' && $j->{'command'} eq $cron_cmd);
+	$job = $j if ($j->{'user'} eq 'root' &&
+		      ($j->{'command'} eq $cron_cmd ||
+		       $j->{'command'} eq $full_cron_cmd));
 	}
 if ($job) {
 	&lock_file(&cron::cron_file($job));
@@ -314,7 +317,7 @@ if ($config{'sched_mode'}) {
 	$njob = { 'user' => 'root', 'active' => 1,
 		  'hours' => '*', 'days' => '*',
 		  'months' => '*', 'weekdays' => '*',
-		  'command' => $cron_cmd };
+		  'command' => $full_cron_cmd };
 	if ($config{'sched_period'} == 0) {
 		$njob->{'mins'} = &make_interval(60);
 		}

version

@@ -1 +1 @@
-2.101
+2.102

web-lib-funcs.pl

@@ -1698,7 +1698,9 @@ $err_caller = "$stack[1]->[1] (line $stack[1]->[2])"
 	if ($stack[1]->[1] && $stack[1]->[2]);
 if ($err_caller) {
 	$err_caller =~ s/$root_directory\///;
-	my $err_caller_ = &ui_help($err_caller);
+	my $err_caller_ =
+		$main::webmin_script_type =~ /^(cmd|cron)$/ ?
+			$err_caller : &ui_help($err_caller);
 	$msg = $msg ? "$msg $err_caller_" : $err_caller_;
 	push(@msg, $err_caller_);
 	}
@@ -4327,8 +4329,8 @@ if (!$main::get_system_hostname[$m]) {
 		if ($fromfile && ($m || $fromfile =~ /\./)) {
 			if ($m) {
 				$fromfile =~ s/\..*$//;
+				$main::get_system_hostname[$m] = $fromfile;
 				}
-			$main::get_system_hostname[$m] = $fromfile;
 			return $fromfile;
 			}
 
@@ -7226,7 +7228,9 @@ if (!$@) {
 	# Print on screen
 	else {
 		my $dumped_data = Dumper($objref);
-		if ($filename ne '0') {
+		# If print to UI, escape HTML and
+		# replace new lines and spaces
+		if ($main::webmin_script_type eq 'web') {
 			$dumped_data = &html_escape($dumped_data);
 			$dumped_data =~ s/\n/<br>/g;
 			$dumped_data =~ s/\s/&nbsp;/g;
@@ -8842,15 +8846,24 @@ if ($ssl) {
 			{
 			my $cert = Net::SSLeay::X509_STORE_CTX_get_current_cert($_[1]);
 			if ($cert) {
-				my $subject = Net::SSLeay::X509_NAME_oneline(
-				    Net::SSLeay::X509_get_subject_name($cert));
-				my $issuer = Net::SSLeay::X509_NAME_oneline(
-				    Net::SSLeay::X509_get_issuer_name($cert));
 				my $errnum = Net::SSLeay::X509_STORE_CTX_get_error($_[1]);
 				if ($errnum) {
-					$main::last_set_verify_err =
+					my $error_string = "";
-					  "Certificate is signed by an ".
+					eval {
-					  "unknown CA : $issuer (code $errnum)";
+						$error_string = Net::SSLeay::X509_verify_cert_error_string($errnum);
+						$error_string = " $error_string"
+							if ($error_string);
+						};
+					if ($error_string) {
+						$main::last_set_verify_err = $error_string;
+						}
+					else {
+						my $issuer = Net::SSLeay::X509_NAME_oneline(
+							Net::SSLeay::X509_get_issuer_name($cert));
+						$main::last_set_verify_err =
+						"Certificate is signed by an ".
+						"unknown CA : $issuer (code $errnum)";
+						}
 					}
 				else {
 					$main::last_set_verify_err = undef;

webmin/fix_repo.cgi

@@ -44,11 +44,7 @@ foreach my $repo ($webmin_apt_repo_file, $global_apt_repo_file) {
 			}
 	};
 	foreach my $l (@$lref) {
-		if ($l =~ /^\s*deb\s+((http|https):\/\/download.webmin.com\/download\/repository)\s+sarge\s+contrib/) {
+		if ($l =~ /^\s*deb\s+.*?((http|https):\/\/download.webmin.com\/download\/repository)\s+sarge\s+contrib/) {
-			$l = &$lreffix("deb $webmin_apt_repo_url stable contrib");
-			$fixed++;
-			}
-		elsif ($l =~ /^\s*deb\s+\[signed-by=(\S+)\]\s+((http|https):\/\/download.webmin.com\/download\/repository)\s+sarge\s+contrib/) {
 			$l = &$lreffix("deb [signed-by=$webmin_apt_repo_key] $webmin_apt_repo_url stable contrib");
 			$fixed++;
 			}

webmin/system_info.pl

@@ -116,8 +116,8 @@ foreach my $a (@ann) {
 	next if ($a->{'skip_cloudmin_pro'} && $cmpro);
 	next if ($a->{'skip_cloudmin_gpl'} && %cminfo && !$cmpro);
 	next if ($a->{'skip_pro'} && ($vmpro || $cmpro));
-	next if ($a->{'atleast_version'} && $ver < $a->{'atleast_version'});
+	next if ($a->{'atleast_version'} && &compare_version_numbers($ver, '<', $a->{'atleast_version'}));
-	next if ($a->{'atmost_version'} && $ver > $a->{'atmost_version'});
+	next if ($a->{'atmost_version'} && &compare_version_numbers($ver, '>', $a->{'atmost_version'}));
 	next if ($a->{'user_types'} && $a->{'user_types'} !~ /\Q$utype\E/);
 	next if ($a->{'beta'} && !$gconfig{'beta_announce'});
 	next if ($a->{'depends'} && !&foreign_check($a->{'depends'}));

webmin/webmin-lib.pl

@@ -1340,7 +1340,7 @@ foreach my $repo ($webmin_apt_repo_file, $global_apt_repo_file) {
 	next if (!-r $repo);
 	my $lref = &read_file_lines($repo, 1);
 	foreach my $l (@$lref) {
-		if ($l =~ /^\s*deb\s+.*((http|https):\/\/download.webmin.com\/download\/repository)\s+sarge\s+contrib/) {
+		if ($l =~ /^\s*deb\s+.*?((http|https):\/\/download.webmin.com\/download\/repository)\s+sarge\s+contrib/) {
 			$repoerr = &text('notify_aptrepo',
 					 $webmin_apt_repo_url);
 			last;

xterm/index.cgi

@@ -243,7 +243,7 @@ my $term_script = <<EOF;
 	      term.loadAddon(fitAddon);
 	      term.loadAddon(rendererAddon);
 	      term.open(termcont);
-	      term.focus();
+		  setTimeout(function() {term.focus()}, 6e2);
 
 	      // Handle case of dropping WebGL context
 	      if (typeof WebglAddon === 'object') {