maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

add dhparams for webserver/ssl, refs #519

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2018-11-18 20:34:53 +01:00
parent 776bb56b24
commit b032f5b2ba
10 changed files with 71 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
scripts/jobs/cron_tasks.inc.http.10.apache.php
View File

@@ -474,6 +474,13 @@ class apache extends HttpConfigBase
if (Settings::Get('system.http2_support') == '1') {
$this->virtualhosts_data[$vhosts_filename] .= ' Protocols h2 http/1.1' . "\n";
}
if (!empty(Settings::Get('system.dhparams_file'))) {
$dhparams = makeCorrectFile(Settings::Get('system.dhparams_file'));
if (!file_exists($dhparams)) {
safe_exec('openssl dhparam -out '.escapeshellarg($dhparams).' 4096');
}
$this->virtualhosts_data[$vhosts_filename] .= ' SSLOpenSSLConfCmd DHParameters "' . $dhparams . '"' . "\n";
}
$this->virtualhosts_data[$vhosts_filename] .= ' SSLCompression Off' . "\n";
}
// this makes it more secure, thx to Marcel (08/2013)
@@ -937,6 +944,13 @@ class apache extends HttpConfigBase
if (isset($domain['http2']) && $domain['http2'] == '1' && Settings::Get('system.http2_support') == '1') {
$vhost_content .= ' Protocols h2 http/1.1' . "\n";
}
if (!empty(Settings::Get('system.dhparams_file'))) {
$dhparams = makeCorrectFile(Settings::Get('system.dhparams_file'));
if (!file_exists($dhparams)) {
safe_exec('openssl dhparam -out '.escapeshellarg($dhparams).' 4096');
}
$vhost_content .= ' SSLOpenSSLConfCmd DHParameters "' . $dhparams . '"' . "\n";
}
$vhost_content .= ' SSLCompression Off' . "\n";
}
// this makes it more secure, thx to Marcel (08/2013)