added tls-settings per domain for admins with change_serversettings-flag set; fixes #519

Signed-off-by: Michael Kaufmann <michael.kaufmann@aixit.com>
2019-10-22 16:30:19 +02:00
parent 32e2d48aed
commit 7b162c4bd0
14 changed files with 355 additions and 77 deletions
--- a/lib/formfields/admin/domains/formfield.domains_edit.php
+++ b/lib/formfields/admin/domains/formfield.domains_edit.php
@@ -212,6 +212,12 @@ return array(
 				'image' => 'icons/domain_edit.png',
 				'visible' => \Froxlor\Settings::Get('system.use_ssl') == '1' ? true : false,
 				'fields' => array(
+					'no_ssl_available_info' => array(
+						'visible' => ($ssl_ipsandports == '' ? true : false),
+						'label' => 'SSL',
+						'type' => 'label',
+						'value' => $lng['panel']['nosslipsavailable']
+					),
 					'ssl_ipandport' => array(
 						'label' => $lng['domains']['ipandport_ssl_multi']['title'],
 						'desc' => $lng['domains']['ipandport_ssl_multi']['description'],
@@ -220,29 +226,6 @@ return array(
 						'value' => $usedips,
 						'is_array' => 1
 					),
-					'ssl_specialsettings' => array(
-						'visible' => ($userinfo['change_serversettings'] == '1' ? true : false),
-						'style' => 'align-top',
-						'label' => $lng['admin']['ownsslvhostsettings'],
-						'desc' => $lng['serversettings']['default_vhostconf']['description'],
-						'type' => 'textarea',
-						'cols' => 60,
-						'rows' => 12,
-						'value' => $result['ssl_specialsettings']
-					),
-					'include_specialsettings' => array(
-						'label' => $lng['admin']['include_ownvhostsettings'],
-						'type' => 'checkbox',
-						'values' => array(
-							array(
-								'label' => $lng['panel']['yes'],
-								'value' => '1'
-							)
-						),
-						'value' => array(
-							$result['include_specialsettings']
-						)
-					),
 					'ssl_redirect' => array(
 						'visible' => ($ssl_ipsandports != '' ? true : false),
 						'label' => $lng['domains']['ssl_redirect']['title'],
@@ -288,11 +271,82 @@ return array(
 							$result['http2']
 						)
 					),
-					'no_ssl_available_info' => array(
-						'visible' => ($ssl_ipsandports == '' ? true : false),
-						'label' => 'SSL',
-						'type' => 'label',
-						'value' => $lng['panel']['nosslipsavailable']
+					'override_tls' => array(
+						'visible' => (($ssl_ipsandports != '' ? true : false) && $userinfo['change_serversettings'] == '1' ? true : false),
+						'label' => $lng['admin']['domain_override_tls'],
+						'type' => 'checkbox',
+						'values' => array(
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							$result['override_tls']
+						)
+					),
+					'ssl_protocols' => array(
+						'visible' => (($ssl_ipsandports != '' ? true : false) && $userinfo['change_serversettings'] == '1' && \Froxlor\Settings::Get('system.webserver') != 'lighttpd' ? true : false),
+						'label' => $lng['serversettings']['ssl']['ssl_protocols']['title'],
+						'desc' => $lng['serversettings']['ssl']['ssl_protocols']['description'],
+						'type' => 'checkbox',
+						'value' => !empty($result['ssl_protocols']) ? explode(",", $result['ssl_protocols']) : explode(",", \Froxlor\Settings::Get('system.ssl_protocols')),
+						'values' => array(
+							array(
+								'value' => 'TLSv1',
+								'label' => 'TLSv1<br />'
+							),
+							array(
+								'value' => 'TLSv1.1',
+								'label' => 'TLSv1.1<br />'
+							),
+							array(
+								'value' => 'TLSv1.2',
+								'label' => 'TLSv1.2<br />'
+							),
+							array(
+								'value' => 'TLSv1.3',
+								'label' => 'TLSv1.3<br />'
+							)
+						),
+						'is_array' => 1
+					),
+					'ssl_cipher_list' => array(
+						'visible' => (($ssl_ipsandports != '' ? true : false) && $userinfo['change_serversettings'] == '1' ? true : false),
+						'label' => $lng['serversettings']['ssl']['ssl_cipher_list']['title'],
+						'desc' => $lng['serversettings']['ssl']['ssl_cipher_list']['description'],
+						'type' => 'text',
+						'value' => !empty($result['ssl_cipher_list']) ? $result['ssl_cipher_list'] : \Froxlor\Settings::Get('system.ssl_cipher_list')
+					),
+					'tlsv13_cipher_list' => array(
+						'visible' => (($ssl_ipsandports != '' ? true : false) && $userinfo['change_serversettings'] == '1' && \Froxlor\Settings::Get('system.webserver') == "apache2" && \Froxlor\Settings::Get('system.apache24') == 1 ? true : false),
+						'label' => $lng['serversettings']['ssl']['tlsv13_cipher_list']['title'],
+						'desc' => $lng['serversettings']['ssl']['tlsv13_cipher_list']['description'],
+						'type' => 'text',
+						'value' => !empty($result['tlsv13_cipher_list']) ? $result['tlsv13_cipher_list'] : \Froxlor\Settings::Get('system.tlsv13_cipher_list')
+					),
+					'ssl_specialsettings' => array(
+						'visible' => ($userinfo['change_serversettings'] == '1' ? true : false),
+						'style' => 'align-top',
+						'label' => $lng['admin']['ownsslvhostsettings'],
+						'desc' => $lng['serversettings']['default_vhostconf']['description'],
+						'type' => 'textarea',
+						'cols' => 60,
+						'rows' => 12,
+						'value' => $result['ssl_specialsettings']
+					),
+					'include_specialsettings' => array(
+						'label' => $lng['admin']['include_ownvhostsettings'],
+						'type' => 'checkbox',
+						'values' => array(
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							$result['include_specialsettings']
+						)
 					),
 					'hsts_maxage' => array(
 						'visible' => ($ssl_ipsandports != '' ? true : false),