maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

add new 'ssl-enabled' flag for domains and subdomains so ssl can be deactivated (by a customer too) even if there are ssl-ip/ports assigned; introduce new honorcipherorder and sessiontickets flags for more control over ssl-related settings on a per domain base (admin only); fixes #767 and fixes #769

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2019-12-10 10:21:35 +01:00
parent 3a738b7070
commit 466c09137b
15 changed files with 240 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
install/froxlor.sql
View File

@@ -271,6 +271,9 @@ CREATE TABLE `panel_domains` (
`ssl_protocols` text,
`ssl_cipher_list` text,
`tlsv13_cipher_list` text,
`ssl_enabled` tinyint(1) DEFAULT '1',
`ssl_honorcipherorder` tinyint(1) DEFAULT '0',
`ssl_sessiontickets` tinyint(1) DEFAULT '1',
PRIMARY KEY (`id`),
KEY `customerid` (`customerid`),
KEY `parentdomain` (`parentdomainid`),
@@ -652,6 +655,8 @@ opcache.interned_strings_buffer'),
('system', 'disable_le_selfcheck', '0'),
('system', 'ssl_protocols', 'TLSv1,TLSv1.2'),
('system', 'tlsv13_cipher_list', ''),
('system', 'honorcipherorder', '0'),
('system', 'sessiontickets', '1'),
('system', 'logfiles_format', ''),
('system', 'logfiles_type', '1'),
('system', 'logfiles_piped', '0'),
@@ -697,7 +702,7 @@ opcache.interned_strings_buffer'),
('panel', 'customer_hide_options', ''),
('panel', 'is_configured', '0'),
('panel', 'version', '0.10.9'),
('panel', 'db_version', '201911220');
('panel', 'db_version', '201912100');
DROP TABLE IF EXISTS `panel_tasks`;

13
install/updates/froxlor/0.10/update_0.10.inc.php
View File

@@ -505,3 +505,16 @@ if (\Froxlor\Froxlor::isFroxlorVersion('0.10.8')) {
showUpdateStep("Updating from 0.10.8 to 0.10.9", false);
\Froxlor\Froxlor::updateToVersion('0.10.9');
}
if (\Froxlor\Froxlor::isDatabaseVersion('201911220')) {
showUpdateStep("Adding enhanced SSL control over domains");
// customer domains
Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `ssl_enabled` tinyint(1) DEFAULT '1';");
Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `ssl_honorcipherorder` tinyint(1) DEFAULT '0' AFTER `ssl_enabled`;");
Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `ssl_sessiontickets` tinyint(1) DEFAULT '1' AFTER `ssl_honorcipherorder`;");
// as setting for froxlor vhost
Settings::AddNew("system.honorcipherorder", '0');
Settings::AddNew("system.sessiontickets", '1');
lastStepStatus(0);
\Froxlor\Froxlor::updateToDbVersion('201912100');
}