From 4f0acd176a0f5e5ee61cd81b113e77e2bd22bb0f Mon Sep 17 00:00:00 2001
From: Markus Petermann <mail@markuspetermann.net>
Date: Tue, 18 Sep 2018 02:20:17 +0200
Subject: [PATCH] Fixed class.lescript_v2.php to work with ACMEv2

Account(kid) needs to be saved for future requests.
Install/Update part is untested.
---
 install/froxlor.sql                            |  4 +++-
 install/updates/froxlor/0.9/update_0.9.inc.php | 13 +++++++++++++
 lib/classes/ssl/class.lescript_v2.php          |  6 +++++-
 scripts/jobs/cron_letsencrypt_v2.php           |  2 ++
 4 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/install/froxlor.sql b/install/froxlor.sql
index c00a730f..80091911 100644
--- a/install/froxlor.sql
+++ b/install/froxlor.sql
@@ -198,6 +198,7 @@ CREATE TABLE `panel_customers` (
   `lepublickey` mediumtext default NULL,
   `leprivatekey` mediumtext default NULL,
   `leregistered` tinyint(1) NOT NULL default '0',
+  `leaccount` varchar(255) default '',
   `allowed_phpconfigs` varchar(500) NOT NULL default '',
    PRIMARY KEY  (`customerid`),
    UNIQUE KEY `loginname` (`loginname`)
@@ -653,6 +654,7 @@ opcache.interned_strings_buffer'),
 	('system', 'hsts_incsub', '0'),
 	('system', 'hsts_preload', '0'),
 	('system', 'leregistered', '0'),
+  ('system', 'leaccount', ''),
 	('system', 'nssextrausers', '0'),
 	('system', 'disable_le_selfcheck', '0'),
 	('system', 'ssl_protocols', 'TLSv1,TLSv1.2'),
@@ -692,7 +694,7 @@ opcache.interned_strings_buffer'),
 	('panel', 'password_special_char', '!?<>§$%+#=@'),
 	('panel', 'customer_hide_options', ''),
 	('panel', 'version', '0.9.39.5'),
-	('panel', 'db_version', '201805290');
+	('panel', 'db_version', '201809180');
 
 
 DROP TABLE IF EXISTS `panel_tasks`;
diff --git a/install/updates/froxlor/0.9/update_0.9.inc.php b/install/updates/froxlor/0.9/update_0.9.inc.php
index 17432b94..5c3d8463 100644
--- a/install/updates/froxlor/0.9/update_0.9.inc.php
+++ b/install/updates/froxlor/0.9/update_0.9.inc.php
@@ -3998,3 +3998,16 @@ if (isDatabaseVersion('201805241')) {
 		updateToDbVersion('201805290');
 	}
 }
+
+if (isDatabaseVersion('201805290')) {
+
+	showUpdateStep("Adding leaccount field to panel customers");
+	Database::query("ALTER TABLE `froxlor`.`panel_customers` ADD COLUMN `leaccount` varchar(255) default '' AFTER `leregistered`;");
+	lastStepStatus(0);
+
+	showUpdateStep("Adding system setting for let's-encrypt account");
+	Settings::AddNew('system.leaccount', "");
+	lastStepStatus(0);
+
+	updateToDbVersion('201809180');
+}
diff --git a/lib/classes/ssl/class.lescript_v2.php b/lib/classes/ssl/class.lescript_v2.php
index 2874ef34..7c51f049 100644
--- a/lib/classes/ssl/class.lescript_v2.php
+++ b/lib/classes/ssl/class.lescript_v2.php
@@ -76,6 +76,7 @@ class lescript_v2
 		$this->customerId = (! $isFroxlorVhost ? $certrow['customerid'] : null);
 		$this->isFroxlorVhost = $isFroxlorVhost;
 		$this->isLeProduction = (Settings::Get('system.letsencryptca') == 'production');
+		$this->_acc_location = $certrow['leaccount'];
 		
 		$leregistered = $certrow['leregistered'];
 		
@@ -166,6 +167,7 @@ class lescript_v2
 		
 		if ($this->client->getLastCode() == 403) {
 			$this->log("Got status 403 - setting LE status to unregistered.");
+			$this->_acc_location = '';
 			$this->setLeRegisteredState(0);
 			throw new RuntimeException("Got 'unauthorized' response - we need to re-register at next run.  Whole response: " . json_encode($response));
 		}
@@ -347,10 +349,12 @@ class lescript_v2
 		if ($this->isLeProduction) {
 			if ($this->isFroxlorVhost) {
 				Settings::Set('system.leregistered', $state);
+				Settings::Set('system.leaccount', $this->_acc_location);
 			} else {
-				$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered " . "WHERE `customerid` = :customerid;");
+				$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered, `leaccount` = :kid " . "WHERE `customerid` = :customerid;");
 				Database::pexecute($upd_stmt, array(
 					'registered' => $state,
+					'kid' => $this->_acc_location,
 					'customerid' => $this->customerId
 				));
 			}
diff --git a/scripts/jobs/cron_letsencrypt_v2.php b/scripts/jobs/cron_letsencrypt_v2.php
index c56a3e4e..c476c11b 100644
--- a/scripts/jobs/cron_letsencrypt_v2.php
+++ b/scripts/jobs/cron_letsencrypt_v2.php
@@ -45,6 +45,7 @@ $certificates_stmt = Database::query("
 			cust.`leprivatekey`,
 			cust.`lepublickey`,
 			cust.`leregistered`,
+			cust.`leaccount`,
 			cust.`customerid`,
 			cust.`loginname`
 		FROM
@@ -109,6 +110,7 @@ if (Settings::Get('system.le_froxlor_enabled') == '1') {
 		'leprivatekey' => Settings::Get('system.leprivatekey'),
 		'lepublickey' => Settings::Get('system.lepublickey'),
 		'leregistered' => Settings::Get('system.leregistered'),
+		'leaccount' => Settings::Get('system.leaccount'),
 		'ssl_redirect' => Settings::Get('system.le_froxlor_redirect'),
 		'expirationdate' => null,
 		'ssl_cert_file' => null,