Merge branch 'master' into vhost_config_variables, and replace IS_SSL with SCHEME

Conflicts (resolved): lng/english.lng.php lng/german.lng.php
2015-07-30 11:35:26 +02:00
parent 89c4b969d1 0455cb96ca
commit 19d94471d9
23 changed files with 4059 additions and 2387 deletions
--- a/scripts/jobs/cron_tasks.inc.http.30.nginx.php
+++ b/scripts/jobs/cron_tasks.inc.http.30.nginx.php
@@ -153,7 +153,7 @@ class nginx extends HttpConfigBase {
 					if ($row_ipsandports['ssl_ca_file'] == '') {
 						$row_ipsandports['ssl_ca_file'] = Settings::Get('system.ssl_ca_file');
 					}
-					if ($row_ipsandports['ssl_cert_file'] != '') {
+					if ($row_ipsandports['ssl_cert_file'] != '' && file_exists($row_ipsandports['ssl_cert_file'])) {
 						$ssl_vhost = true;
 					}
 				}
@@ -203,6 +203,7 @@ class nginx extends HttpConfigBase {
 				 * SSL config options
 				 */
 				if ($row_ipsandports['ssl'] == '1') {
+				    $row_ipsandports['domain'] = Settings::Get('system.hostname');
 					$this->nginx_data[$vhost_filename].=$this->composeSslSettings($row_ipsandports);
 				}

@@ -298,14 +299,15 @@ class nginx extends HttpConfigBase {
 			&& ((int)$domain['ismainbutsubto'] == 0
 				|| domainMainToSubExists($domain['ismainbutsubto']) == false)
 		) {
-			$vhost_no = '22';
+			$vhost_no = '35';
 		} elseif ((int)$domain['parentdomainid'] == 0
 			&& isCustomerStdSubdomain((int)$domain['id']) == false
 			&& (int)$domain['ismainbutsubto'] > 0
 		) {
-			$vhost_no = '21';
+			$vhost_no = '30';
 		} else {
-			$vhost_no = '20';
+			// number of dots in a domain specifies it's position (and depth of subdomain) starting at 29 going downwards on higher depth
+			$vhost_no = (string)(30 - substr_count($domain['domain'], ".") + 1);
 		}

 		if ($ssl_vhost === true) {
@@ -556,20 +558,39 @@ class nginx extends HttpConfigBase {
 		}

 		if ($domain['ssl_cert_file'] != '') {
-			// obsolete: ssl on now belongs to the listen block as 'ssl' at the end
-			//$sslsettings .= "\t" . 'ssl on;' . "\n";
-			$sslsettings .= "\t" . 'ssl_protocols TLSv1 TLSv1.1 TLSv1.2;' . "\n";
-			$sslsettings .= "\t" . 'ssl_ciphers ' . Settings::Get('system.ssl_cipher_list') . ';' . "\n";
-			$sslsettings .= "\t" . 'ssl_prefer_server_ciphers on;' . "\n";
-			$sslsettings .= "\t" . 'ssl_certificate ' . makeCorrectFile($domain['ssl_cert_file']) . ';' . "\n";
-
-			if ($domain['ssl_key_file'] != '') {
-				$sslsettings .= "\t" . 'ssl_certificate_key ' .makeCorrectFile($domain['ssl_key_file']) . ';' .  "\n";
-			}
-
-			if ($domain['ssl_ca_file'] != '') {
-				$sslsettings.= "\t" . 'ssl_client_certificate ' . makeCorrectFile($domain['ssl_ca_file']) . ';' . "\n";
-			}
+		    
+		    // check for existence, #1485
+		    if (!file_exists($domain['ssl_cert_file'])) {
+		        $this->logger->logAction(CRON_ACTION, LOG_ERROR, $domain['domain'] . ' :: certificate file "'.$domain['ssl_cert_file'].'" does not exist! Cannot create ssl-directives');
+		        echo $domain['domain'] . ' :: certificate file "'.$domain['ssl_cert_file'].'" does not exist! Cannot create SSL-directives'."\n";
+		    } else {
+    			// obsolete: ssl on now belongs to the listen block as 'ssl' at the end
+    			//$sslsettings .= "\t" . 'ssl on;' . "\n";
+    			$sslsettings .= "\t" . 'ssl_protocols TLSv1 TLSv1.1 TLSv1.2;' . "\n";
+    			$sslsettings .= "\t" . 'ssl_ciphers ' . Settings::Get('system.ssl_cipher_list') . ';' . "\n";
+    			$sslsettings .= "\t" . 'ssl_prefer_server_ciphers on;' . "\n";
+    			$sslsettings .= "\t" . 'ssl_certificate ' . makeCorrectFile($domain['ssl_cert_file']) . ';' . "\n";
+    
+    			if ($domain['ssl_key_file'] != '') {
+    			    // check for existence, #1485
+    			    if (!file_exists($row_ipsandports['ssl_key_file'])) {
+    			        $this->logger->logAction(CRON_ACTION, LOG_ERROR, $ipport . ' :: certificate key file "'.$domain['ssl_key_file'].'" does not exist! Cannot create ssl-directives');
+    			        echo $ipport . ' :: certificate key file "'.$domain['ssl_key_file'].'" does not exist! SSL-directives might not be working'."\n";
+    			    } else {
+    				    $sslsettings .= "\t" . 'ssl_certificate_key ' .makeCorrectFile($domain['ssl_key_file']) . ';' .  "\n";
+    			    }
+    			}
+    
+    			if ($domain['ssl_ca_file'] != '') {
+    			    // check for existence, #1485
+    			    if (!file_exists($row_ipsandports['ssl_ca_file'])) {
+    			        $this->logger->logAction(CRON_ACTION, LOG_ERROR, $domain['domain'] . ' :: certificate CA file "'.$domain['ssl_ca_file'].'" does not exist! Cannot create ssl-directives');
+    			        echo $domain['domain'] . ' :: certificate CA file "'.$domain['ssl_ca_file'].'" does not exist! SSL-directives might not be working'."\n";
+    			    } else {
+    				    $sslsettings.= "\t" . 'ssl_client_certificate ' . makeCorrectFile($domain['ssl_ca_file']) . ';' . "\n";
+    			    }
+    			}
+		    }
 		}

 		return $sslsettings;