From Jules at Zend.To Thu Sep 13 15:08:03 2018 From: Jules at Zend.To (Jules Field) Date: Thu, 13 Sep 2018 15:08:03 +0100 Subject: [ZendTo] ZendTo 5.12 beta needs testing! Message-ID: <877d54dc-9d15-3b1a-190f-4c1c1f2659fc@Zend.To> Folks, I have released a beta version of ZendTo 5.12. The most obvious *new features* and changes in this version are: * End users can *switch language on-the-fly* while using ZendTo. * All *".php" extensions can be hidden* from user interface and emails. * You can completely *skip the "Information about the Sender"* form when creating a new drop-off. I would very much like someone to test an update to the Active Directory integration, which will enable it to use *TLS instead of SSL for authenticating against AD* servers. Please contact me if you can try this out for me, and I will send you the necessary file and instructions. Other improvements are: * Moved default zendto.log file to /var/log/zendto. * Enabled automatic log rotation of zendto.log (old and new locations). * Improved logging of new drop-offs. * Installer: Moved ZendTo's Apache logs to separate files, not mixed up with other virtual hosts. * Installer: Greatly increased session and upload timeouts to allow for larger uploads over slow links. * Installer: Sets 'cookieSecret' for you. * Fixed all known bugs. I think that provides every new feature I have been asked for recently. If you think I have missed your feature request, do let me know. Please give this version a go for me, and let me know if you have any problems / issues / questions. Thanks! Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'Learn from yesterday, live for today, look to tomorrow, rest this afternoon.' - Charles M Schulz www.Zend.To Twitter: @JulesFM PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654 -------------- next part -------------- An HTML attachment was scrubbed... URL: From djones at ena.com Fri Sep 14 22:06:25 2018 From: djones at ena.com (David Jones) Date: Fri, 14 Sep 2018 21:06:25 +0000 Subject: [ZendTo] Help with new installation of ZendTo References: Message-ID: CentOS 7 with SELinux disabled and yum updated. ZendTo installed with the official installer script from?https://zend.to/downloads.php SQLbackend is the default -- define('SqlBackend', 'SQLite3'); Authentication is with Office 365 via IMAP: 'authIMAPServer' => 'outlook.office365.com:993/ssl', 'authIMAPDomain' => '', 'authIMAPOrganization' => '', Apache has write access to /var/zendto: [root at server-01 zendto]# ll total 48 drwxrwxr-x. 3 apache apache? ? 62 Aug 27 00:05 cache drwxrwxr-x. 3 apache apache? ? 30 Sep 14 16:09 dropoffs drwxrwxr-x. 2 apache apache? ? ?6 Sep 14 16:09 incoming drwxrwxr-x. 2 apache apache? ? ?6 Aug 26 20:19 library drwxrwxr-x. 2 apache apache? ? 50 Aug 26 20:19 myzendto.templates_c drwxrwxr-x. 2 apache apache? 4096 Aug 26 20:20 rrd drwxrwxr-x. 2 apache apache? 4096 Sep 14 16:45 templates_c -rw-rw-r--. 1 apache apache 11501 Sep 14 16:45 zendto.log -rw-rw-r--? 1 apache apache 25600 Sep 14 16:34 zendto.sqlite I have two issues: 1. When I get logged in and see the "Inbox" tab, as soon as I click anything, the server thinks I am not authenticated and tells me "Access Denied, This feature is only available to users who have logged in." 2. I am not able to put the email domain in the authIMAPDomain value and get authenticated to Office 365. I tried with and without the @ sign. The domain is rather long so I wold like to not have to require users to have to enter it if possible. Is there a debug option on the authIMAP like there is for SMTP or a log that would help me troubleshoot this? Thanks, Dave From djones at ena.com Fri Sep 14 23:39:52 2018 From: djones at ena.com (David Jones) Date: Fri, 14 Sep 2018 17:39:52 -0500 Subject: [ZendTo] ZendTo 5.12 beta needs testing! References: Message-ID: > I have released a beta version of ZendTo 5.12. I will be happy to try it out with AD. -- David Jones From djones at ena.com Sat Sep 15 14:08:01 2018 From: djones at ena.com (David Jones) Date: Sat, 15 Sep 2018 08:08:01 -0500 Subject: [ZendTo] Help with new installation of ZendTo In-Reply-To: References: Message-ID: On 09/14/2018 04:06 PM, David Jones wrote: > CentOS 7 with SELinux disabled and yum updated. > ZendTo installed with the official installer script from?https://zend.to/downloads.php > SQLbackend is the default -- define('SqlBackend', 'SQLite3'); > Authentication is with Office 365 via IMAP: > 'authIMAPServer' => 'outlook.office365.com:993/ssl', > 'authIMAPDomain' => '', > 'authIMAPOrganization' => '', > Apache has write access to /var/zendto: > [root at server-01 zendto]# ll > total 48 > drwxrwxr-x. 3 apache apache? ? 62 Aug 27 00:05 cache > drwxrwxr-x. 3 apache apache? ? 30 Sep 14 16:09 dropoffs > drwxrwxr-x. 2 apache apache? ? ?6 Sep 14 16:09 incoming > drwxrwxr-x. 2 apache apache? ? ?6 Aug 26 20:19 library > drwxrwxr-x. 2 apache apache? ? 50 Aug 26 20:19 myzendto.templates_c > drwxrwxr-x. 2 apache apache? 4096 Aug 26 20:20 rrd > drwxrwxr-x. 2 apache apache? 4096 Sep 14 16:45 templates_c > -rw-rw-r--. 1 apache apache 11501 Sep 14 16:45 zendto.log > -rw-rw-r--? 1 apache apache 25600 Sep 14 16:34 zendto.sqlite > > I have two issues: > 1. When I get logged in and see the "Inbox" tab, as soon as I click anything, the server thinks I am not authenticated and tells me "Access Denied, This feature is only available to users who have logged in." > 2. I am not able to put the email domain in the authIMAPDomain value and get authenticated to Office 365. I tried with and without the @ sign. The domain is rather long so I wold like to not have to require users to have to enter it if possible. Is there a debug option on the authIMAP like there is for SMTP or a log that would help me troubleshoot this? > > Thanks, > Dave > I figured out problem #1. Had to comment this out of the zendto-ssl.conf Apache config to get the login cookie to work: # # Header edit Set-Cookie ^(.*)$ ;SameSite=Strict # -- David Jones From Jules at Zend.To Mon Sep 17 09:30:57 2018 From: Jules at Zend.To (Jules Field) Date: Mon, 17 Sep 2018 09:30:57 +0100 Subject: [ZendTo] Help with new installation of ZendTo In-Reply-To: References: Message-ID: David, Sadly you hit a very short-lived bug in the Installer. After a couple of people reported it, I fixed it but you must have downloaded the broken one. Sorry about that! The fix is to replace the lines ? ??? Header edit Set-Cookie ^(.*)$ ;SameSite=Strict ? with ? ??? Header edit Set-Cookie ^(.*)$ *$1*;SameSite=Strict ? The extra bit is the "$1" I've put in bold above. Cheers, Jules. On 15/09/2018 14:08, David Jones via ZendTo wrote: > On 09/14/2018 04:06 PM, David Jones wrote: >> CentOS 7 with SELinux disabled and yum updated. >> ZendTo installed with the official installer script >> from?https://zend.to/downloads.php >> SQLbackend is the default? -- define('SqlBackend', 'SQLite3'); >> Authentication is with Office 365 via IMAP: >> ???? 'authIMAPServer' => 'outlook.office365.com:993/ssl', >> ???? 'authIMAPDomain' => '', >> ???? 'authIMAPOrganization' => '', >> Apache has write access to /var/zendto: >> [root at server-01 zendto]# ll >> total 48 >> drwxrwxr-x. 3 apache apache? ? 62 Aug 27 00:05 cache >> drwxrwxr-x. 3 apache apache? ? 30 Sep 14 16:09 dropoffs >> drwxrwxr-x. 2 apache apache? ? ?6 Sep 14 16:09 incoming >> drwxrwxr-x. 2 apache apache? ? ?6 Aug 26 20:19 library >> drwxrwxr-x. 2 apache apache? ? 50 Aug 26 20:19 myzendto.templates_c >> drwxrwxr-x. 2 apache apache? 4096 Aug 26 20:20 rrd >> drwxrwxr-x. 2 apache apache? 4096 Sep 14 16:45 templates_c >> -rw-rw-r--. 1 apache apache 11501 Sep 14 16:45 zendto.log >> -rw-rw-r--? 1 apache apache 25600 Sep 14 16:34 zendto.sqlite >> >> I have two issues: >> 1. When I get logged in and see the "Inbox" tab, as soon as I click >> anything, the server thinks I am not authenticated and tells me >> "Access Denied, This feature is only available to users who have >> logged in." >> 2. I am not able to put the email domain in the authIMAPDomain value >> and get authenticated to Office 365.? I tried with and without the @ >> sign.? The domain is rather long so I wold like to not have to >> require users to have to enter it if possible.? Is there a debug >> option on the authIMAP like there is for SMTP or a log that would >> help me troubleshoot this? >> >> Thanks, >> Dave >> > > I figured out problem #1.? Had to comment this out of the > zendto-ssl.conf Apache config to get the login cookie to work: > > ? # > ? #? Header edit Set-Cookie ^(.*)$ ;SameSite=Strict > ? # > Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'Give a man a fish, and you feed him for a day. Teach a man to fish, and he'll sit in a boat and drink beer all day.' - Anon www.Zend.To Twitter: @JulesFM PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654 -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jules at Zend.To Tue Sep 18 15:26:36 2018 From: Jules at Zend.To (Jules Field) Date: Tue, 18 Sep 2018 15:26:36 +0100 Subject: [ZendTo] Calling all ZendTo translators !! Message-ID: <77bfe86c-21d6-d9a2-399d-dc38b7b71912@Zend.To> Folks, In order to release the new version, I need to ask for your help again. Including the phrases to handle the encryption & decryption, plus the new ones since then, there are about another 40 phrases in total that need translating. I have attached to this email: 1. A text file giving all the new strings, 1 per line. 2. A zip file of the current state of the translation files, as I have them. Please can you also carefully check any existing translations in the ".po" files that are marked as "fuzzy" as I know that a few of these are wrong and will need correcting. If you can send me the new translation files, I can release the new version which is a lot quicker and simpler to use for most users than previous versions, in all sorts of ways. Many thanks! Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM The current UK shipping forecast: Sole, Lundy, Fastnet, Irish Sea: Southwest 6 to gale 8, occasionally severe gale 9 later, perhaps storm 10 later in Irish Sea. Rough or very rough, occasionally high later in west Sole. Rain or showers. Good, occasionally poor. www.Zend.To Twitter: @JulesFM PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654 -------------- next part -------------- Decrypting and downloading the file failed. You probably entered the passphrase incorrectly. Please try again. The drop-off was too large to encrypt, so it has been stored unencrypted. If this is not what you want, please immediately delete the drop-off from your Outbox. Drop-off not encrypted %1$d days and %2$d hours %1$d hours and %2$d minutes %d minutes %1$d minutes and %2$d seconds %d second %d seconds Drag-and-drop multiple files at once onto the drop-off page Click on the \"Add Files\" button on the drop-off page, and select 1 or more files at once using combinations of click, Shift+click and Ctrl+click (Cmd+click on a Mac) You may have already deleted it. This service is powered by a copy of %1 Privacy Consent This website uses a cookie & has to use your name & email address to function. I agree I do not agree The request created will be valid for %1. Too short! Entries do not match It will take too long to encrypt your drop-off. It will now take too long to encrypt your drop-off, so encryption has been disabled. If you want to encrypt your drop-off, reduce your drop-off below __MAXSIZE__ and select \"Encrypt\" again. Adds to your address book Encryption Passphrase Passphrase And again Hide characters OK Cancel Encrypt every file Scanning Checksumming Encrypting The link is only valid for %1 from the time of this email. It is valid for %1. If you are sending personal or confidential data, tick \"Encrypt every file\" when creating a new drop-off. Then the passphrase you enter must be used when downloading the drop-off. The passphrase is not stored on %1, and cannot be recovered if lost. No one can access the files without it Decryption Passphrase Your files have been sent successfully. This drop-off is encrypted with a passphrase known only to the sender. %1 file Copy link to clipboard To send the files to someone else, send them this link %1, or else the Claim ID & Passcode: -------------- next part -------------- A non-text attachment was scrubbed... Name: PO files for 5.12.zip Type: application/zip Size: 143179 bytes Desc: not available URL: From Jules at Zend.To Tue Sep 18 15:57:03 2018 From: Jules at Zend.To (Jules Field) Date: Tue, 18 Sep 2018 15:57:03 +0100 Subject: [ZendTo] 5.12-7 beta released Message-ID: Folks, I have just released the latest beta version 5.12-7. This contains everything I have planned for the new stable production release, except complete translations (which some very kind volunteers among you are updating for me :-) Please do try this beta and let me know what you think. ??? https://zend.to/beta.php The only feature that *may* make it into the next stable release that is not presently in 5.12-7 is authentication via Active Directory using TLS (as an improvement to SSL). But if that is going to require serious configuration at all, then I may leave it out of this one and document it carefully for the following version. Many thanks! Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'It's in Apple's DNA that technology alone is not enough. It's technology married with liberal arts, married with the humanities, that yields us the result that makes our hearts sing.' - Steve Jobs www.Zend.To Twitter: @JulesFM PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654 From Jules at Zend.To Fri Sep 21 16:41:37 2018 From: Jules at Zend.To (Jules Field) Date: Fri, 21 Sep 2018 16:41:37 +0100 Subject: [ZendTo] ANNOUNCE: 5.13-1 released (production release) Message-ID: <2c654ebc-f9af-5787-1340-d9e43a912eed@Zend.To> Folks, I have just done a production release of 5.13-1. It is available in the new GPG-signed yum and apt repos (see zend.to/yum.php and zend.to/apt.php). You should do new installations with the ZendTo Installer. All available now from ??? https://zend.to/downloads.php There is a full list of all the gory detail in the ChangeLog for the 5.12 beta releases, but here's a summary: - Users can change language themselves on-the-fly while using ZendTo. - Process for internal users creating a new drop-off has been streamlined, making it a lot faster to use in simple cases. - After creating a new drop-off, the sender can easily copy the direct pick-up link to their clipboard, in case they would rather send their own email to the recipients than have ZendTo send an automated one. - Improved page layout of new-dropoff and results pages to reduce scrolling. - Can now hide all traces of ".php" extensions in the web interface and all emails+links generated by ZendTo, so your users don't see that it is written in PHP. Note this requires modification to your Apache config, see the preferences.php setting 'hidePHP' for details. All existing published links will continue to work as before. - Active Directory authentication now supports TLS as well as SSL. - Improved logging of new drop-offs so you can measure feature usage. - zendto.log file now auto-rolled by logrotate, and default location moved to /var/log/zendto instead of /var/zendto. - Default Apache log file location moved slightly to separate out ZendTo web logs from other virtualhosts. - 'X-Frame-Options' header added (configurable), and 'SameSite' cookie attribute added to improve security of ZendTo against CSRF attacks. - Increased default timeouts for 'cookieTTL' and PHP settings on new installations to 8-12 hours instead of 2 hours. - Installer fixed for Ubuntu 18.04.1 due to significant Apache and PHP changes by Ubuntu, compared to 18.04. - Improved upgrade_preferences_php so it correctly handles arrays split over several lines. - Fixed all known bugs. Please let me know how you get on! Enjoy your weekend. Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM The current UK shipping forecast: Trafalgar: Northerly 5 or 6 in southeast, otherwise variable 3 or 4. Moderate or rough. Showers. Good. www.Zend.To Twitter: @JulesFM