maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

update composer-dependencies; add connection-test to Mysqls.update() when changing passwords; validate ssl-certificates to avoid private/public key mismatch and a failed webserver start, fixes #778

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2019-12-31 09:23:28 +01:00
parent 1c17df69d2
commit 1eb14d7564
3 changed files with 242 additions and 174 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/Froxlor/Cron/Http/DomainSSL.php
View File

@@ -68,6 +68,11 @@ class DomainSSL
'ssl_key_file' => \Froxlor\FileDir::makeCorrectFile($sslcertpath . '/' . $domain['domain'] . '.key')
);
if (! $this->validateCertificate($dom_certs)) {
\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_ERR, 'Given SSL private key for ' . $domain['domain'] . ' does not seem to match the certificate. Cannot create ssl-directives');
return;
}
if (Settings::Get('system.webserver') == 'lighttpd') {
// put my.crt and my.key together for lighty.
$dom_certs['ssl_cert_file'] = trim($dom_certs['ssl_cert_file']) . "\n" . trim($dom_certs['ssl_key_file']) . "\n";
@@ -112,4 +117,9 @@ class DomainSSL
return;
}
private function validateCertificate($dom_certs = array())
{
return openssl_x509_check_private_key($dom_certs['ssl_cert_file'], $dom_certs['ssl_key_file']);
}
}