diff --git a/lib/Froxlor/Dns/Dns.php b/lib/Froxlor/Dns/Dns.php index 36692bf0..8e0b8b0c 100644 --- a/lib/Froxlor/Dns/Dns.php +++ b/lib/Froxlor/Dns/Dns.php @@ -131,9 +131,26 @@ class Dns } // additional required records for CAA if activated - if (Settings::Get('system.dns_createcaaentry') && Settings::Get('system.use_ssl') == "1" && !empty($domain['p_ssl_ipandports'])) { - // check for CAA content later - self::addRequiredEntry('@CAA@', 'CAA', $required_entries); + if (Settings::Get('system.dns_createcaaentry') && Settings::Get('system.use_ssl') == "1") { + $result_stmt = Database::prepare(" + SELECT i.`ip`, i.`port`, i.`ssl` + FROM " . TABLE_PANEL_IPSANDPORTS . " i + LEFT JOIN " . TABLE_DOMAINTOIP . " dip ON dip.id_ipandports = i.id + WHERE i.ssl = 1 AND dip.id_domain = :domainid + "); + Database::pexecute($result_stmt, array( + 'domainid' => $domain['id'] + )); + + $ssl_ipandports = array(); + while ($ssl_ipandport = $result_stmt->fetch(\PDO::FETCH_ASSOC)) { + $ssl_ipandports[] = $ssl_ipandport; + } + + if (! empty($ssl_ipandports)) { + // check for CAA content later + self::addRequiredEntry('@CAA@', 'CAA', $required_entries); + } } // additional required records for SPF and DKIM if activated @@ -160,7 +177,7 @@ class Dns // unset special CAA required-entry unset($required_entries[$entry['type']][md5("@CAA@")]); } - if (Settings::Get('spf.use_spf') == '1' && $entry['type'] == 'TXT' && $entry['record'] == '@' && (strtolower(substr($entry['content'], 0, 7)) == '"v=spf1' || strtolower(substr($entry['content'], 0, 6)) == 'v=spf1') ) { + if (Settings::Get('spf.use_spf') == '1' && $entry['type'] == 'TXT' && $entry['record'] == '@' && (strtolower(substr($entry['content'], 0, 7)) == '"v=spf1' || strtolower(substr($entry['content'], 0, 6)) == 'v=spf1')) { // unset special spf required-entry unset($required_entries[$entry['type']][md5("@SPF@")]); } @@ -169,7 +186,11 @@ class Dns $primary_ns = $entry['content']; } // check for CNAME on @, www- or wildcard-Alias and remove A/AAAA record accordingly - foreach (['@', 'www', '*'] as $crceord) { + foreach ([ + '@', + 'www', + '*' + ] as $crceord) { if ($entry['type'] == 'CNAME' && $entry['record'] == '@' && (array_key_exists(md5($crceord), $required_entries['A']) || array_key_exists(md5($crceord), $required_entries['AAAA']))) { unset($required_entries['A'][md5($crceord)]); unset($required_entries['AAAA'][md5($crceord)]); @@ -186,16 +207,16 @@ class Dns if ($froxlorhostname) { // use all available IP's for the froxlor-hostname $result_ip_stmt = Database::prepare(" - SELECT `ip` FROM `" . TABLE_PANEL_IPSANDPORTS . "` GROUP BY `ip` - "); + SELECT `ip` FROM `" . TABLE_PANEL_IPSANDPORTS . "` GROUP BY `ip` + "); Database::pexecute($result_ip_stmt); } else { $result_ip_stmt = Database::prepare(" - SELECT `p`.`ip` AS `ip` - FROM `" . TABLE_PANEL_IPSANDPORTS . "` `p`, `" . TABLE_DOMAINTOIP . "` `di` - WHERE `di`.`id_domain` = :domainid AND `p`.`id` = `di`.`id_ipandports` - GROUP BY `p`.`ip`; - "); + SELECT `p`.`ip` AS `ip` + FROM `" . TABLE_PANEL_IPSANDPORTS . "` `p`, `" . TABLE_DOMAINTOIP . "` `di` + WHERE `di`.`id_domain` = :domainid AND `p`.`id` = `di`.`id_ipandports` + GROUP BY `p`.`ip`; + "); Database::pexecute($result_ip_stmt, array( 'domainid' => $domain_id )); @@ -309,6 +330,7 @@ class Dns } foreach ($caa_entries as $entry) { + if (empty($entry)) continue; $zonerecords[] = new DnsEntry('@', 'CAA', $entry); // additional required records by subdomain setting if ($domain['wwwserveralias'] == '1') {