diff --git a/install/froxlor.sql b/install/froxlor.sql index 0f5b1dcd..8fb1e8e8 100644 --- a/install/froxlor.sql +++ b/install/froxlor.sql @@ -690,7 +690,7 @@ opcache.interned_strings_buffer'), ('panel', 'password_special_char', '!?<>ยง$%+#=@'), ('panel', 'customer_hide_options', ''), ('panel', 'version', '0.10.0'), - ('panel', 'db_version', '201802210'); + ('panel', 'db_version', '201802250'); DROP TABLE IF EXISTS `panel_tasks`; @@ -1006,6 +1006,7 @@ CREATE TABLE IF NOT EXISTS `domain_ssl_settings` ( `ssl_ca_file` mediumtext, `ssl_cert_chainfile` mediumtext, `ssl_csr_file` mediumtext, + `ssl_fullchain_file` mediumtext, `expirationdate` datetime DEFAULT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci; diff --git a/install/updates/froxlor/0.10/update_0.10.inc.php b/install/updates/froxlor/0.10/update_0.10.inc.php index bb9cf1c9..1748ecc3 100644 --- a/install/updates/froxlor/0.10/update_0.10.inc.php +++ b/install/updates/froxlor/0.10/update_0.10.inc.php @@ -22,16 +22,33 @@ if (! defined('_CRON_UPDATE')) { } if (isFroxlorVersion('0.9.39.5')) { - showUpdateStep("Updating from 0.9.39.5 to 0.10.0", false); updateToVersion('0.10.0'); } -if (isDatabaseVersion('201802150')) { +if (isFroxlorVersion('0.10.0')) { + showUpdateStep("Adding new api keys table"); + Database::query("DROP TABLE IF EXISTS `api_keys`;"); + $sql = "CREATE TABLE `api_keys` ( + `id` int(11) NOT NULL auto_increment, + `adminid` int(11) NOT NULL default '0', + `customerid` int(11) NOT NULL default '0', + `apikey` varchar(500) NOT NULL default '', + `secret` varchar(500) NOT NULL default '', + `allowed_from` text NOT NULL, + `valid_until` int(15) NOT NULL default '0', + PRIMARY KEY (id), + KEY adminid (adminid), + KEY customerid (customerid) + ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;"; + Database::query($sql); + lastStepStatus(0); + + showUpdateStep("Adding new api settings"); + Settings::AddNew('api.enabled', 0); + lastStepStatus(0); showUpdateStep("Adding new default-ssl-ip setting"); Settings::AddNew('system.defaultsslip', ''); lastStepStatus(0); - - updateToDbVersion('201802210'); } diff --git a/install/updates/froxlor/0.9/update_0.9.inc.php b/install/updates/froxlor/0.9/update_0.9.inc.php index 2656d31d..0e9c09e6 100644 --- a/install/updates/froxlor/0.9/update_0.9.inc.php +++ b/install/updates/froxlor/0.9/update_0.9.inc.php @@ -3942,26 +3942,9 @@ if (isFroxlorVersion('0.9.39.4')) { if (isDatabaseVersion('201802130')) { - showUpdateStep("Adding new api keys table"); - Database::query("DROP TABLE IF EXISTS `api_keys`;"); - $sql = "CREATE TABLE `api_keys` ( - `id` int(11) NOT NULL auto_increment, - `adminid` int(11) NOT NULL default '0', - `customerid` int(11) NOT NULL default '0', - `apikey` varchar(500) NOT NULL default '', - `secret` varchar(500) NOT NULL default '', - `allowed_from` text NOT NULL, - `valid_until` int(15) NOT NULL default '0', - PRIMARY KEY (id), - KEY adminid (adminid), - KEY customerid (customerid) - ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;"; - Database::query($sql); + showUpdateStep("Adding fullchain field to ssl certificates"); + Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` ADD `ssl_fullchain_file` mediumtext AFTER `ssl_csr_file`;"); lastStepStatus(0); - showUpdateStep("Adding new api settings"); - Settings::AddNew('api.enabled', 0); - lastStepStatus(0); - - updateToDbVersion('201802150'); + updateToDbVersion('201802250'); } diff --git a/lib/classes/webserver/class.DomainSSL.php b/lib/classes/webserver/class.DomainSSL.php index 82ae9fcd..73399bfa 100644 --- a/lib/classes/webserver/class.DomainSSL.php +++ b/lib/classes/webserver/class.DomainSSL.php @@ -89,6 +89,10 @@ class DomainSSL { $ssl_files['ssl_cert_chainfile'] = makeCorrectFile($sslcertpath.'/'.$domain['domain'].'_chain.pem'); } } + // will only be generated to be used externally, froxlor does not need this + if ($dom_certs['ssl_fullchain_file'] != '') { + $ssl_files['ssl_fullchain_file'] = makeCorrectFile($sslcertpath.'/'.$domain['domain'].'_fullchain.pem'); + } // create them on the filesystem foreach ($ssl_files as $type => $filename) { if ($filename != '') { diff --git a/lib/version.inc.php b/lib/version.inc.php index 29fa7c32..7a7034eb 100644 --- a/lib/version.inc.php +++ b/lib/version.inc.php @@ -19,7 +19,7 @@ $version = '0.10.0'; // Database version (YYYYMMDDC where C is a daily counter) -$dbversion = '201802210'; +$dbversion = '201802250'; // Distribution branding-tag (used for Debian etc.) $branding = ''; diff --git a/scripts/jobs/cron_letsencrypt.php b/scripts/jobs/cron_letsencrypt.php index b25b9a8d..98ee24ce 100644 --- a/scripts/jobs/cron_letsencrypt.php +++ b/scripts/jobs/cron_letsencrypt.php @@ -60,6 +60,7 @@ $certificates_stmt = Database::query(" dom.`id` = domssl.`domainid` WHERE dom.`customerid` = cust.`customerid` + AND cust.deactivated = 0 AND dom.`letsencrypt` = 1 AND dom.`aliasdomain` IS NULL AND dom.`iswildcarddomain` = 0 @@ -92,6 +93,7 @@ $updcert_stmt = Database::prepare(" `ssl_ca_file` = :ca, `ssl_cert_chainfile` = :chain, `ssl_csr_file` = :csr, + `ssl_fullchain_file` = :fullchain, `expirationdate` = :expirationdate "); @@ -182,6 +184,7 @@ if (Settings::Get('system.le_froxlor_enabled') == '1') { 'ca' => $return['chain'], 'chain' => $return['chain'], 'csr' => $return['csr'], + 'fullchain' => $return['fullchain'], 'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t']) )); diff --git a/scripts/jobs/cron_letsencrypt_v2.php b/scripts/jobs/cron_letsencrypt_v2.php index 6b1148d3..6e27361b 100644 --- a/scripts/jobs/cron_letsencrypt_v2.php +++ b/scripts/jobs/cron_letsencrypt_v2.php @@ -55,6 +55,7 @@ $certificates_stmt = Database::query(" dom.`id` = domssl.`domainid` WHERE dom.`customerid` = cust.`customerid` + AND cust.deactivated = 0 AND dom.`letsencrypt` = 1 AND dom.`aliasdomain` IS NULL AND dom.`iswildcarddomain` = 0 @@ -88,6 +89,7 @@ $updcert_stmt = Database::prepare(" `ssl_ca_file` = :ca, `ssl_cert_chainfile` = :chain, `ssl_csr_file` = :csr, + `ssl_fullchain_file` = :fullchain, `expirationdate` = :expirationdate "); @@ -178,6 +180,7 @@ if (Settings::Get('system.le_froxlor_enabled') == '1') { 'ca' => $return['chain'], 'chain' => $return['chain'], 'csr' => $return['csr'], + 'fullchain' => $return['fullchain'], 'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t']) ));