maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

add setting to disable LE self-check; set version to 0.9.38.8 for maintenance/bugfix release

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2017-12-31 11:18:59 +01:00
parent 57277eb1e3
commit 66a4309fe5
8 changed files with 52 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
actions/admin/settings/131.ssl.php
View File

@@ -165,6 +165,14 @@ return array(
'type' => 'bool', 'type' => 'bool',
'default' => false, 'default' => false,
'save_method' => 'storeSettingField' 'save_method' => 'storeSettingField'
),
'system_disable_le_selfcheck' => array(
'label' => $lng['serversettings']['disable_le_selfcheck'],
'settinggroup' => 'system',
'varname' => 'disable_le_selfcheck',
'type' => 'bool',
'default' => false,
'save_method' => 'storeSettingField'
) )
) )
) )

5
install/froxlor.sql
View File

@@ -554,6 +554,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
('system', 'hsts_preload', '0'), ('system', 'hsts_preload', '0'),
('system', 'leregistered', '0'), ('system', 'leregistered', '0'),
('system', 'nssextrausers', '0'), ('system', 'nssextrausers', '0'),
('system', 'disable_le_selfcheck', '0'),
('panel', 'decimal_places', '4'), ('panel', 'decimal_places', '4'),
('panel', 'adminmail', 'admin@SERVERNAME'), ('panel', 'adminmail', 'admin@SERVERNAME'),
('panel', 'phpmyadmin_url', ''), ('panel', 'phpmyadmin_url', ''),
@@ -585,8 +586,8 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
('panel', 'password_special_char_required', '0'), ('panel', 'password_special_char_required', '0'),
('panel', 'password_special_char', '!?<>§$%+#=@'), ('panel', 'password_special_char', '!?<>§$%+#=@'),
('panel', 'customer_hide_options', ''), ('panel', 'customer_hide_options', ''),
('panel', 'version', '0.9.38.7'), ('panel', 'version', '0.9.38.8'),
('panel', 'db_version', '201708240'); ('panel', 'db_version', '201712310');
DROP TABLE IF EXISTS `panel_tasks`; DROP TABLE IF EXISTS `panel_tasks`;

13
install/updates/froxlor/0.9/update_0.9.inc.php
View File

@@ -3633,3 +3633,16 @@ if (isDatabaseVersion('201705050')) {
updateToDbVersion('201708240'); updateToDbVersion('201708240');
} }
if (isDatabaseVersion('201708240')) {
showUpdateStep("Adding new 'disable LE self-check' setting");
$system_disable_le_selfcheck = isset($_POST['system_disable_le_selfcheck']) ? (int) $_POST['system_disable_le_selfcheck'] : 0;
Settings::AddNew('system.disable_le_selfcheck', $system_disable_le_selfcheck);
lastStepStatus(0);
updateToDbVersion('201712310');
showUpdateStep("Updating from 0.9.38.7 to 0.9.38.8", false);
updateToVersion('0.9.38.8');
}

10
install/updates/preconfig/0.9/preconfig_0.9.inc.php
View File

@@ -717,4 +717,14 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
$question .= makeyesno('system_nssextrausers', '1', '0', '0') . '<br />'; $question .= makeyesno('system_nssextrausers', '1', '0', '0') . '<br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";"); eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
} }
if (versionInUpdate($current_db_version, '201712310')) {
if (Settings::Get('system.leenabled') == 1) {
$has_preconfig = true;
$description = 'Chose whether you want to disable the Let\'s Encrypt selfcheck as it causes false positives for some onfigurations.<br /><br />';
$question = '<strong>Disable Let\'s Encrypt self-check?</strong><br />';
$question .= makeyesno('system_disable_le_selfcheck', '1', '0', '0') . '<br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
} }

3
lib/classes/ssl/class.lescript.php
View File

@@ -227,6 +227,8 @@ class lescript
$this->log("Token for $domain saved at $tokenPath and should be available at $uri"); $this->log("Token for $domain saved at $tokenPath and should be available at $uri");
// simple self check // simple self check
if (Settings::Get('system.disable_le_selfcheck') == '0')
{
$selfcheckContextOptions = array('http' => array('header' => "User-Agent: Froxlor/".$this->version)); $selfcheckContextOptions = array('http' => array('header' => "User-Agent: Froxlor/".$this->version));
$selfcheckContext = stream_context_create($selfcheckContextOptions); $selfcheckContext = stream_context_create($selfcheckContextOptions);
if ($payload !== trim(@file_get_contents($uri, false, $selfcheckContext))) { if ($payload !== trim(@file_get_contents($uri, false, $selfcheckContext))) {
@@ -238,6 +240,7 @@ class lescript
} }
$this->logger->logAction(CRON_ACTION, LOG_WARNING, "[Lets Encrypt self-check] Please check $uri - token seems to be not available. This is just a simple self-check, it might be wrong but consider using this information when Let's Encrypt fails to issue a certificate" . $errmsg); $this->logger->logAction(CRON_ACTION, LOG_WARNING, "[Lets Encrypt self-check] Please check $uri - token seems to be not available. This is just a simple self-check, it might be wrong but consider using this information when Let's Encrypt fails to issue a certificate" . $errmsg);
} }
}
$this->log("Sending request to challenge"); $this->log("Sending request to challenge");

4
lib/version.inc.php
View File

@@ -16,10 +16,10 @@
*/ */
// Main version variable // Main version variable
$version = '0.9.38.7'; $version = '0.9.38.8';
// Database version (YYYYMMDDC where C is a daily counter) // Database version (YYYYMMDDC where C is a daily counter)
$dbversion = '201708240'; $dbversion = '201712310';
// Distribution branding-tag (used for Debian etc.) // Distribution branding-tag (used for Debian etc.)
$branding = ''; $branding = '';

2
lng/english.lng.php
View File

@@ -2080,3 +2080,5 @@ $lng['admin']['domain_http2']['title'] = 'HTTP2 support';
$lng['admin']['domain_http2']['description'] = 'See <a target="_blank" href="https://en.wikipedia.org/wiki/HTTP/2">Wikipedia</a> for a detailed explanation of HTTP2'; $lng['admin']['domain_http2']['description'] = 'See <a target="_blank" href="https://en.wikipedia.org/wiki/HTTP/2">Wikipedia</a> for a detailed explanation of HTTP2';
$lng['admin']['testmail'] = 'SMTP test'; $lng['admin']['testmail'] = 'SMTP test';
$lng['success']['testmailsent'] = 'Test mail sent successfully'; $lng['success']['testmailsent'] = 'Test mail sent successfully';
$lng['serversettings']['disable_le_selfcheck']['title'] = "Disable Let's Encrypt local self-check";
$lng['serversettings']['disable_le_selfcheck']['description'] = "If activated, froxlor will <strong>not</strong> perform its self-check for token accessability. Needed for NATed IP's or similar.";

2
lng/german.lng.php
View File

@@ -1731,3 +1731,5 @@ $lng['admin']['domain_http2']['title'] = 'HTTP2 Unterstützung';
$lng['admin']['domain_http2']['description'] = 'Siehe <a target="_blank" href="https://de.wikipedia.org/wiki/Hypertext_Transfer_Protocol#HTTP.2F2">Wikipedia</a> für eine ausführliche Beschreibung von HTTP2'; $lng['admin']['domain_http2']['description'] = 'Siehe <a target="_blank" href="https://de.wikipedia.org/wiki/Hypertext_Transfer_Protocol#HTTP.2F2">Wikipedia</a> für eine ausführliche Beschreibung von HTTP2';
$lng['admin']['testmail'] = 'SMTP Test'; $lng['admin']['testmail'] = 'SMTP Test';
$lng['success']['testmailsent'] = 'Test E-Mail erfolgreich gesendet'; $lng['success']['testmailsent'] = 'Test E-Mail erfolgreich gesendet';
$lng['serversettings']['disable_le_selfcheck']['title'] = "Deaktiviere Let's Encrypt lokale Selbstprüfung";
$lng['serversettings']['disable_le_selfcheck']['description'] = "Wenn aktiviert wird Froxlor <strong>keine</strong> Erreichbarkeitsprüfung des Tokens vornehmen. Nötig bei ge-NAT-eten IP's oder Ähnlichem";