maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

do not generate ssl vhost with fallback ssl-certificate if file does not exist, fixes #614

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2018-12-16 20:21:53 +01:00
parent aa90747089
commit 8b0966d332
3 changed files with 30 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
scripts/jobs/cron_tasks.inc.http.10.apache.php
View File

@@ -429,6 +429,11 @@ class apache extends HttpConfigBase
if ($row_ipsandports['ssl'] == '1' && Settings::Get('system.use_ssl') == '1') { if ($row_ipsandports['ssl'] == '1' && Settings::Get('system.use_ssl') == '1') {
if ($row_ipsandports['ssl_cert_file'] == '') { if ($row_ipsandports['ssl_cert_file'] == '') {
$row_ipsandports['ssl_cert_file'] = Settings::Get('system.ssl_cert_file'); $row_ipsandports['ssl_cert_file'] = Settings::Get('system.ssl_cert_file');
if (!file_exists($row_ipsandports['ssl_cert_file'])) {
// explicitly disable ssl for this vhost
$row_ipsandports['ssl_cert_file'] = "";
$this->logger->logAction(CRON_ACTION, LOG_DEBUG, 'System certificate file "'.Settings::Get('system.ssl_cert_file').'" does not seem to exist. Disabling SSL-vhost for "'.Settings::Get('system.hostname').'"');
}
} }
if ($row_ipsandports['ssl_key_file'] == '') { if ($row_ipsandports['ssl_key_file'] == '') {
@@ -928,6 +933,11 @@ class apache extends HttpConfigBase
if ($ssl_vhost === true && $domain['ssl'] == '1' && Settings::Get('system.use_ssl') == '1') { if ($ssl_vhost === true && $domain['ssl'] == '1' && Settings::Get('system.use_ssl') == '1') {
if ($domain['ssl_cert_file'] == '') { if ($domain['ssl_cert_file'] == '') {
$domain['ssl_cert_file'] = Settings::Get('system.ssl_cert_file'); $domain['ssl_cert_file'] = Settings::Get('system.ssl_cert_file');
if (!file_exists($domain['ssl_cert_file'])) {
// explicitly disable ssl for this vhost
$domain['ssl_cert_file'] = "";
$this->logger->logAction(CRON_ACTION, LOG_DEBUG, 'System certificate file "'.Settings::Get('system.ssl_cert_file').'" does not seem to exist. Disabling SSL-vhost for "'.$domain['domain'].'"');
}
} }
if ($domain['ssl_key_file'] == '') { if ($domain['ssl_key_file'] == '') {

10
scripts/jobs/cron_tasks.inc.http.20.lighttpd.php
View File

@@ -220,6 +220,11 @@ class lighttpd extends HttpConfigBase
if ($row_ipsandports['ssl'] == '1') { if ($row_ipsandports['ssl'] == '1') {
if ($row_ipsandports['ssl_cert_file'] == '') { if ($row_ipsandports['ssl_cert_file'] == '') {
$row_ipsandports['ssl_cert_file'] = Settings::Get('system.ssl_cert_file'); $row_ipsandports['ssl_cert_file'] = Settings::Get('system.ssl_cert_file');
if (!file_exists($row_ipsandports['ssl_cert_file'])) {
// explicitly disable ssl for this vhost
$row_ipsandports['ssl_cert_file'] = "";
$this->logger->logAction(CRON_ACTION, LOG_DEBUG, 'System certificate file "'.Settings::Get('system.ssl_cert_file').'" does not seem to exist. Disabling SSL-vhost for "'.Settings::Get('system.hostname').'"');
}
} }
if ($row_ipsandports['ssl_ca_file'] == '') { if ($row_ipsandports['ssl_ca_file'] == '') {
@@ -563,6 +568,11 @@ class lighttpd extends HttpConfigBase
if ($ssl_vhost === true && $domain['ssl'] == '1' && (int) Settings::Get('system.use_ssl') == 1) { if ($ssl_vhost === true && $domain['ssl'] == '1' && (int) Settings::Get('system.use_ssl') == 1) {
if ($domain['ssl_cert_file'] == '') { if ($domain['ssl_cert_file'] == '') {
$domain['ssl_cert_file'] = Settings::Get('system.ssl_cert_file'); $domain['ssl_cert_file'] = Settings::Get('system.ssl_cert_file');
if (!file_exists($domain['ssl_cert_file'])) {
// explicitly disable ssl for this vhost
$domain['ssl_cert_file'] = "";
$this->logger->logAction(CRON_ACTION, LOG_DEBUG, 'System certificate file "'.Settings::Get('system.ssl_cert_file').'" does not seem to exist. Disabling SSL-vhost for "'.$domain['domain'].'"');
}
} }
if ($domain['ssl_ca_file'] == '') { if ($domain['ssl_ca_file'] == '') {

10
scripts/jobs/cron_tasks.inc.http.30.nginx.php
View File

@@ -170,6 +170,11 @@ class nginx extends HttpConfigBase
if ($row_ipsandports['ssl'] == '1') { if ($row_ipsandports['ssl'] == '1') {
if ($row_ipsandports['ssl_cert_file'] == '') { if ($row_ipsandports['ssl_cert_file'] == '') {
$row_ipsandports['ssl_cert_file'] = Settings::Get('system.ssl_cert_file'); $row_ipsandports['ssl_cert_file'] = Settings::Get('system.ssl_cert_file');
if (!file_exists($row_ipsandports['ssl_cert_file'])) {
// explicitly disable ssl for this vhost
$row_ipsandports['ssl_cert_file'] = "";
$this->logger->logAction(CRON_ACTION, LOG_DEBUG, 'System certificate file "'.Settings::Get('system.ssl_cert_file').'" does not seem to exist. Disabling SSL-vhost for "'.Settings::Get('system.hostname').'"');
}
} }
if ($row_ipsandports['ssl_key_file'] == '') { if ($row_ipsandports['ssl_key_file'] == '') {
$row_ipsandports['ssl_key_file'] = Settings::Get('system.ssl_key_file'); $row_ipsandports['ssl_key_file'] = Settings::Get('system.ssl_key_file');
@@ -615,6 +620,11 @@ class nginx extends HttpConfigBase
if ($domain_or_ip['ssl_cert_file'] == '') { if ($domain_or_ip['ssl_cert_file'] == '') {
$domain_or_ip['ssl_cert_file'] = Settings::Get('system.ssl_cert_file'); $domain_or_ip['ssl_cert_file'] = Settings::Get('system.ssl_cert_file');
if (!file_exists($domain_or_ip['ssl_cert_file'])) {
// explicitly disable ssl for this vhost
$domain_or_ip['ssl_cert_file'] = "";
$this->logger->logAction(CRON_ACTION, LOG_DEBUG, 'System certificate file "'.Settings::Get('system.ssl_cert_file').'" does not seem to exist. Disabling SSL-vhost for "'.$domain_or_ip['domain'].'"');
}
} }
if ($domain_or_ip['ssl_key_file'] == '') { if ($domain_or_ip['ssl_key_file'] == '') {