maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

- put enable/disable ssl in the settings overview

Browse Source 
- added SSLCertificateChainFile to IPs and ports and webserver-cron, fixes #418
- added domain-specific ssl-settings for lighttpd
This commit is contained in:
Michael Kaufmann (d00p)
2010-10-15 08:32:35 +00:00
parent 0b6bb64600
commit ceedab3a6e
12 changed files with 179 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
actions/admin/settings/130.webserver.php
View File

@@ -198,6 +198,7 @@ return array(
'type' => 'bool', 'type' => 'bool',
'default' => false, 'default' => false,
'save_method' => 'storeSettingField', 'save_method' => 'storeSettingField',
'overview_option' => true
), ),
'system_ssl_cert_file' => array( 'system_ssl_cert_file' => array(
'label' => $lng['serversettings']['ssl']['ssl_cert_file'], 'label' => $lng['serversettings']['ssl']['ssl_cert_file'],

49
admin_ipsandports.php
View File

@@ -145,6 +145,7 @@ if($page == 'ipsandports'
$ssl_cert_file = validate($_POST['ssl_cert_file'], 'ssl_cert_file'); $ssl_cert_file = validate($_POST['ssl_cert_file'], 'ssl_cert_file');
$ssl_key_file = validate($_POST['ssl_key_file'], 'ssl_key_file'); $ssl_key_file = validate($_POST['ssl_key_file'], 'ssl_key_file');
$ssl_ca_file = validate($_POST['ssl_ca_file'], 'ssl_ca_file'); $ssl_ca_file = validate($_POST['ssl_ca_file'], 'ssl_ca_file');
$ssl_cert_chainfile = validate($_POST['ssl_cert_chainfile'], 'ssl_cert_chainfile');
$default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/'); $default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/');
if($listen_statement != '1') if($listen_statement != '1')
@@ -187,6 +188,11 @@ if($page == 'ipsandports'
$ssl_ca_file = makeCorrectFile($ssl_ca_file); $ssl_ca_file = makeCorrectFile($ssl_ca_file);
} }
if($ssl_cert_chainfile != '')
{
$ssl_cert_chainfile = makeCorrectFile($ssl_cert_chainfile);
}
$result_checkfordouble = $db->query_first("SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ip`='" . $db->escape($ip) . "' AND `port`='" . (int)$port . "'"); $result_checkfordouble = $db->query_first("SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ip`='" . $db->escape($ip) . "' AND `port`='" . (int)$port . "'");
if($result_checkfordouble['id'] != '') if($result_checkfordouble['id'] != '')
@@ -195,7 +201,22 @@ if($page == 'ipsandports'
} }
else else
{ {
$db->query("INSERT INTO `" . TABLE_PANEL_IPSANDPORTS . "` (`ip`, `port`, `listen_statement`, `namevirtualhost_statement`, `vhostcontainer`, `vhostcontainer_servername_statement`, `specialsettings`, `ssl`, `ssl_cert_file`, `ssl_key_file`, `ssl_ca_file`, `default_vhostconf_domain`) VALUES ('" . $db->escape($ip) . "', '" . (int)$port . "', '" . (int)$listen_statement . "', '" . (int)$namevirtualhost_statement . "', '" . (int)$vhostcontainer . "', '" . (int)$vhostcontainer_servername_statement . "', '" . $db->escape($specialsettings) . "', '" . (int)$ssl . "', '" . $db->escape($ssl_cert_file) . "', '" . $db->escape($ssl_key_file) . "', '" . $db->escape($ssl_ca_file) . "', '" . $db->escape($default_vhostconf_domain) . "')"); $db->query("INSERT INTO `" . TABLE_PANEL_IPSANDPORTS . "`
SET
`ip` = '" . $db->escape($ip) . "',
`port` = '" . (int)$port . "',
`listen_statement` = '" . (int)$listen_statement . "',
`namevirtualhost_statement` = '" . (int)$namevirtualhost_statement . "',
`vhostcontainer` = '" . (int)$vhostcontainer . "',
`vhostcontainer_servername_statement` = '" . (int)$vhostcontainer_servername_statement . "',
`specialsettings` = '" . $db->escape($specialsettings) . "',
`ssl` = '" . (int)$ssl . "',
`ssl_cert_file` = '" . $db->escape($ssl_cert_file) . "',
`ssl_key_file` = '" . $db->escape($ssl_key_file) . "',
`ssl_ca_file` = '" . $db->escape($ssl_ca_file) . "',
`ssl_cert_chainfile` = '" . $db->escape($ssl_cert_chainfile) . "',
`default_vhostconf_domain` = '" . $db->escape($default_vhostconf_domain) . "';
");
if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
{ {
@@ -241,6 +262,7 @@ if($page == 'ipsandports'
$ssl_cert_file = validate($_POST['ssl_cert_file'], 'ssl_cert_file'); $ssl_cert_file = validate($_POST['ssl_cert_file'], 'ssl_cert_file');
$ssl_key_file = validate($_POST['ssl_key_file'], 'ssl_key_file'); $ssl_key_file = validate($_POST['ssl_key_file'], 'ssl_key_file');
$ssl_ca_file = validate($_POST['ssl_ca_file'], 'ssl_ca_file'); $ssl_ca_file = validate($_POST['ssl_ca_file'], 'ssl_ca_file');
$ssl_cert_chainfile = validate($_POST['ssl_cert_chainfile'], 'ssl_cert_chainfile');
$default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/'); $default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/');
if($listen_statement != '1') if($listen_statement != '1')
@@ -283,6 +305,11 @@ if($page == 'ipsandports'
$ssl_ca_file = makeCorrectFile($ssl_ca_file); $ssl_ca_file = makeCorrectFile($ssl_ca_file);
} }
if($ssl_cert_chainfile != '')
{
$ssl_cert_chainfile = makeCorrectFile($ssl_cert_chainfile);
}
if($result['ip'] != $ip if($result['ip'] != $ip
&& $result['ip'] == $settings['system']['ipaddress'] && $result['ip'] == $settings['system']['ipaddress']
&& $result_sameipotherport['id'] == '') && $result_sameipotherport['id'] == '')
@@ -296,7 +323,25 @@ if($page == 'ipsandports'
} }
else else
{ {
$db->query("UPDATE `" . TABLE_PANEL_IPSANDPORTS . "` SET `ip`='" . $db->escape($ip) . "', `port`='" . (int)$port . "', `listen_statement`='" . (int)$listen_statement . "', `namevirtualhost_statement`='" . (int)$namevirtualhost_statement . "', `vhostcontainer`='" . (int)$vhostcontainer . "', `vhostcontainer_servername_statement`='" . (int)$vhostcontainer_servername_statement . "', `specialsettings`='" . $db->escape($specialsettings) . "', `ssl`='" . (int)$ssl . "', `ssl_cert_file`='" . $db->escape($ssl_cert_file) . "', `ssl_key_file`='" . $db->escape($ssl_key_file) . "', `ssl_ca_file`='" . $db->escape($ssl_ca_file) . "', `default_vhostconf_domain`='" . $db->escape($default_vhostconf_domain) . "' WHERE `id`='" . (int)$id . "'");
$db->query("UPDATE `" . TABLE_PANEL_IPSANDPORTS . "`
SET
`ip` = '" . $db->escape($ip) . "',
`port` = '" . (int)$port . "',
`listen_statement` = '" . (int)$listen_statement . "',
`namevirtualhost_statement` = '" . (int)$namevirtualhost_statement . "',
`vhostcontainer` = '" . (int)$vhostcontainer . "',
`vhostcontainer_servername_statement` = '" . (int)$vhostcontainer_servername_statement . "',
`specialsettings` = '" . $db->escape($specialsettings) . "',
`ssl` = '" . (int)$ssl . "',
`ssl_cert_file` = '" . $db->escape($ssl_cert_file) . "',
`ssl_key_file` = '" . $db->escape($ssl_key_file) . "',
`ssl_ca_file` = '" . $db->escape($ssl_ca_file) . "',
`ssl_cert_chainfile` = '" . $db->escape($ssl_cert_chainfile) . "',
`default_vhostconf_domain` = '" . $db->escape($default_vhostconf_domain) . "'
WHERE `id`='" . (int)$id . "'
");
$log->logAction(ADM_ACTION, LOG_WARNING, "changed IP/port from '" . $result['ip'] . ":" . $result['port'] . "' to '" . $ip . ":" . $port . "'"); $log->logAction(ADM_ACTION, LOG_WARNING, "changed IP/port from '" . $result['ip'] . ":" . $result['port'] . "' to '" . $ip . ":" . $port . "'");
inserttask('1'); inserttask('1');
inserttask('4'); inserttask('4');

12
install/froxlor.sql
View File

@@ -337,6 +337,7 @@ CREATE TABLE `panel_ipsandports` (
`ssl_key_file` varchar(255) NOT NULL, `ssl_key_file` varchar(255) NOT NULL,
`ssl_ca_file` varchar(255) NOT NULL, `ssl_ca_file` varchar(255) NOT NULL,
`default_vhostconf_domain` text NOT NULL, `default_vhostconf_domain` text NOT NULL,
`ssl_cert_chainfile` varchar(255) NOT NULL,
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; ) TYPE=MyISAM ;
@@ -460,7 +461,7 @@ INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) V
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (18, 'system', 'vmail_homedir', '/var/customers/mail/'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (18, 'system', 'vmail_homedir', '/var/customers/mail/');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (19, 'system', 'bindconf_directory', '/etc/bind/'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (19, 'system', 'bindconf_directory', '/etc/bind/');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (20, 'system', 'bindreload_command', '/etc/init.d/bind9 reload'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (20, 'system', 'bindreload_command', '/etc/init.d/bind9 reload');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (22, 'panel', 'version', '0.9.14-svn3'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (22, 'panel', 'version', '0.9.14-svn4');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (23, 'system', 'hostname', 'SERVERNAME'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (23, 'system', 'hostname', 'SERVERNAME');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (24, 'login', 'maxloginattempts', '3'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (24, 'login', 'maxloginattempts', '3');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (25, 'login', 'deactivatetime', '900'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (25, 'login', 'deactivatetime', '900');
@@ -507,9 +508,9 @@ INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) V
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (67, 'logger', 'logfile', ''); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (67, 'logger', 'logfile', '');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (68, 'logger', 'logtypes', 'syslog,mysql'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (68, 'logger', 'logtypes', 'syslog,mysql');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (69, 'logger', 'severity', '1'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (69, 'logger', 'severity', '1');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (70, 'system','ssl_cert_file','/etc/apache2/apache2.pem'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (70, 'system', 'ssl_cert_file', '/etc/apache2/apache2.pem');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (71, 'system','use_ssl','1'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (71, 'system', 'use_ssl', '0');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (72, 'system','openssl_cnf','[ req ]\r\ndefault_bits = 1024\r\ndistinguished_name = req_distinguished_name\r\nattributes = req_attributes\r\nprompt = no\r\noutput_password =\r\ninput_password =\r\n[ req_distinguished_name ]\r\nC = DE\r\nST = froxlor\r\nL = froxlor \r\nO = Testcertificate\r\nOU = froxlor \r\nCN = @@domain_name@@\r\nemailAddress = @@email@@ \r\n[ req_attributes ]\r\nchallengePassword =\r\n'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (72, 'system', 'openssl_cnf', '[ req ]\r\ndefault_bits = 1024\r\ndistinguished_name = req_distinguished_name\r\nattributes = req_attributes\r\nprompt = no\r\noutput_password =\r\ninput_password =\r\n[ req_distinguished_name ]\r\nC = DE\r\nST = froxlor\r\nL = froxlor \r\nO = Testcertificate\r\nOU = froxlor \r\nCN = @@domain_name@@\r\nemailAddress = @@email@@ \r\n[ req_attributes ]\r\nchallengePassword =\r\n');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (73, 'system', 'default_vhostconf', ''); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (73, 'system', 'default_vhostconf', '');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (74, 'system', 'mail_quota_enabled', '0'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (74, 'system', 'mail_quota_enabled', '0');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (75, 'system', 'mail_quota', '100'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (75, 'system', 'mail_quota', '100');
@@ -550,7 +551,7 @@ INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) V
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (110, 'panel', 'allow_domain_change_customer', '0'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (110, 'panel', 'allow_domain_change_customer', '0');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (111, 'system', 'mod_fcgid_maxrequests', '250'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (111, 'system', 'mod_fcgid_maxrequests', '250');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (112, 'system','ssl_key_file','/etc/apache2/apache2.key'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (112, 'system','ssl_key_file','/etc/apache2/apache2.key');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (113, 'system','ssl_ca_file',''); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (113, 'system','ssl_ca_file', '');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (114, 'panel', 'frontend', 'froxlor'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (114, 'panel', 'frontend', 'froxlor');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (115, 'spf', 'use_spf', '0'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (115, 'spf', 'use_spf', '0');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (116, 'spf', 'spf_entry', '@ IN TXT "v=spf1 a mx -all"'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (116, 'spf', 'spf_entry', '@ IN TXT "v=spf1 a mx -all"');
@@ -591,6 +592,7 @@ INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) V
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (151, 'system', 'awstats_awstatspath', '/usr/bin/'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (151, 'system', 'awstats_awstatspath', '/usr/bin/');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (152, 'system', 'mod_fcgid_defaultini_ownvhost', '1'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (152, 'system', 'mod_fcgid_defaultini_ownvhost', '1');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (153, 'system', 'awstats_icons', '/usr/share/awstats/icon/'); INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (153, 'system', 'awstats_icons', '/usr/share/awstats/icon/');
INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (154, 'system', 'ssl_cert_chainfile', '');
# -------------------------------------------------------- # --------------------------------------------------------

17
install/updates/froxlor/0.9/update_0.9.inc.php
View File

@@ -1122,3 +1122,20 @@ if(isFroxlorVersion('0.9.14-svn2'))
updateToVersion('0.9.14-svn3'); updateToVersion('0.9.14-svn3');
} }
if(isFroxlorVersion('0.9.14-svn3'))
{
showUpdateStep("Updating from 0.9.14-svn3 to 0.9.14-svn4", false);
$update_ssl_cert_chainfile = isset($_POST['update_ssl_cert_chainfile']) ? makeCorrectFile($_POST['update_ssl_cert_chainfile']) : '';
showUpdateStep("Adding SSLCertificateChainFile to the settings");
$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'ssl_cert_chainfile', '".$db->escape($update_ssl_cert_chainfile)."');");
lastStepStatus(0);
showUpdateStep("Adding new field to IPs and ports for SSLCertificateChainFile");
$db->query("ALTER TABLE `".TABLE_PANEL_IPSANDPORTS."` ADD `ssl_cert_chainfile` varchar(255) NOT NULL AFTER `default_vhostconf_domain`;");
lastStepStatus(0);
updateToVersion('0.9.14-svn4');
}

12
install/updates/preconfig/0.9/preconfig_0.9.inc.php
View File

@@ -322,4 +322,16 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";"); eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
} }
} }
if(versionInUpdate($current_version, '0.9.14-svn4'))
{
if((int)$settings['system']['use_ssl'] == 1)
{
$has_preconfig = true;
$description = 'Froxlor now has the possibility to set \'SSLCertificateChainFile\' for the apache webserver.';
$question = '<strong>Enter filename (leave empty for none):</strong>&nbsp;';
$question.= '<input type="text" class="text" name="update_ssl_cert_chainfile" value="'.$settings['system']['ssl_cert_chainfile'].'" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
} }

2
lib/tables.inc.php
View File

@@ -72,7 +72,7 @@ define('PACKAGE_ENABLED', 2);
// VERSION INFO // VERSION INFO
$version = '0.9.14-svn3'; $version = '0.9.14-svn4';
$dbversion = '2'; $dbversion = '2';
$branding = ''; $branding = '';

3
lng/english.lng.php
View File

@@ -1503,4 +1503,7 @@ $lng['serversettings']['mod_fcgid']['defaultini_ownvhost'] = 'Default PHP config
$lng['serversettings']['awstats_icons']['title'] = 'Path to awstats icons folder'; $lng['serversettings']['awstats_icons']['title'] = 'Path to awstats icons folder';
$lng['serversettings']['awstats_icons']['description'] = 'e.g. /usr/share/awstats/htdocs/icon/'; $lng['serversettings']['awstats_icons']['description'] = 'e.g. /usr/share/awstats/htdocs/icon/';
// ADDED IN FROXLOR 0.9.14-svn4
$lng['admin']['ipsandports']['ssl_cert_chainfile'] = 'Path to the SSL CertificateChainFile';
?> ?>

3
lng/german.lng.php
View File

@@ -1486,4 +1486,7 @@ $lng['serversettings']['mod_fcgid']['defaultini_ownvhost'] = 'Voreingestellte PH
$lng['serversettings']['awstats_icons']['title'] = 'Pfad zum Awstats icons Ordner'; $lng['serversettings']['awstats_icons']['title'] = 'Pfad zum Awstats icons Ordner';
$lng['serversettings']['awstats_icons']['description'] = 'z.B. /usr/share/awstats/htdocs/icon/'; $lng['serversettings']['awstats_icons']['description'] = 'z.B. /usr/share/awstats/htdocs/icon/';
// ADDED IN FROXLOR 0.9.14-svn4
$lng['admin']['ipsandports']['ssl_cert_chainfile'] = 'Pfad zu dem SSL CertificateChainFile';
?> ?>

26
scripts/jobs/cron_tasks.inc.http.10.apache.php
View File

@@ -268,6 +268,12 @@ class apache
$row_ipsandports['ssl_ca_file'] = $this->settings['system']['ssl_ca_file']; $row_ipsandports['ssl_ca_file'] = $this->settings['system']['ssl_ca_file'];
} }
// #418
if($row_ipsandports['ssl_cert_chainfile'] == '')
{
$row_ipsandports['ssl_cert_chainfile'] = $this->settings['system']['ssl_cert_chainfile'];
}
if($row_ipsandports['ssl_cert_file'] != '') if($row_ipsandports['ssl_cert_file'] != '')
{ {
$this->virtualhosts_data[$vhosts_filename].= ' SSLEngine On' . "\n"; $this->virtualhosts_data[$vhosts_filename].= ' SSLEngine On' . "\n";
@@ -282,6 +288,12 @@ class apache
{ {
$this->virtualhosts_data[$vhosts_filename].= ' SSLCACertificateFile ' . makeCorrectFile($row_ipsandports['ssl_ca_file']) . "\n"; $this->virtualhosts_data[$vhosts_filename].= ' SSLCACertificateFile ' . makeCorrectFile($row_ipsandports['ssl_ca_file']) . "\n";
} }
// #418
if($row_ipsandports['ssl_cert_chainfile'] != '')
{
$this->virtualhosts_data[$vhosts_filename].= ' SSLCertificateChainFile ' . makeCorrectFile($row_ipsandports['ssl_cert_chainfile']) . "\n";
}
} }
} }
@@ -659,6 +671,8 @@ class apache
$domain['ssl_cert_file'] = $ipandport['ssl_cert_file']; $domain['ssl_cert_file'] = $ipandport['ssl_cert_file'];
$domain['ssl_key_file'] = $ipandport['ssl_key_file']; $domain['ssl_key_file'] = $ipandport['ssl_key_file'];
$domain['ssl_ca_file'] = $ipandport['ssl_ca_file']; $domain['ssl_ca_file'] = $ipandport['ssl_ca_file'];
// #418
$domain['ssl_cert_chainfile'] = $ipandport['ssl_cert_chainfile'];
if(filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) if(filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
{ {
@@ -705,6 +719,12 @@ class apache
$domain['ssl_ca_file'] = $this->settings['system']['ssl_ca_file']; $domain['ssl_ca_file'] = $this->settings['system']['ssl_ca_file'];
} }
// #418
if($domain['ssl_cert_chainfile'] == '')
{
$domain['ssl_cert_chainfile'] = $this->settings['system']['ssl_cert_chainfile'];
}
if($domain['ssl_cert_file'] != '') if($domain['ssl_cert_file'] != '')
{ {
$vhost_content.= ' SSLEngine On' . "\n"; $vhost_content.= ' SSLEngine On' . "\n";
@@ -719,6 +739,12 @@ class apache
{ {
$vhost_content.= ' SSLCACertificateFile ' . makeCorrectFile($domain['ssl_ca_file']) . "\n"; $vhost_content.= ' SSLCACertificateFile ' . makeCorrectFile($domain['ssl_ca_file']) . "\n";
} }
// #418
if($domain['ssl_cert_chainfile'] != '')
{
$vhost_content.= ' SSLCertificateChainFile ' . makeCorrectFile($domain['ssl_cert_chainfile']) . "\n";
}
} }
} }

62
scripts/jobs/cron_tasks.inc.http.20.lighttpd.php
View File

@@ -136,8 +136,26 @@ class lighttpd
if($row_ipsandports['ssl'] == '1') if($row_ipsandports['ssl'] == '1')
{ {
$this->lighttpd_data[$vhost_filename].= 'ssl.engine = "enable"' . "\n"; if($row_ipsandports['ssl_cert_file'] == '')
$this->lighttpd_data[$vhost_filename].= 'ssl.pemfile = "' . $row_ipsandports['ssl_cert_file'] . '"' . "\n"; {
$row_ipsandports['ssl_cert_file'] = $this->settings['system']['ssl_cert_file'];
}
if($row_ipsandports['ssl_ca_file'] == '')
{
$row_ipsandports['ssl_ca_file'] = $this->settings['system']['ssl_ca_file'];
}
if($row_ipsandports['ssl_cert_file'] != '')
{
$this->lighttpd_data[$vhost_filename].= 'ssl.engine = "enable"' . "\n";
$this->lighttpd_data[$vhost_filename].= 'ssl.pemfile = "' . makeCorrectFile($row_ipsandports['ssl_cert_file']) . '"' . "\n";
if($row_ipsandports['ssl_ca_file'] != '')
{
$this->lighttpd_data[$vhost_filename].= 'ssl.ca-file = "' . makeCorrectFile($row_ipsandports['ssl_ca_file']) . '"' . "\n";
}
}
} }
/** /**
@@ -313,12 +331,6 @@ class lighttpd
{ {
$this->lighttpd_data[$vhost_filename] = ''; $this->lighttpd_data[$vhost_filename] = '';
} }
$query = "SELECT * FROM " . TABLE_PANEL_IPSANDPORTS . " WHERE `id`='" . $domain['ipandport'] . "'";
$ipandport = $this->db->query_first($query);
$domain['ip'] = $ipandport['ip'];
$domain['port'] = $ipandport['port'];
$domain['ssl_cert_file'] = $ipandport['ssl_cert_file'];
if((!empty($this->lighttpd_data[$vhost_filename]) if((!empty($this->lighttpd_data[$vhost_filename])
&& !is_dir($this->settings['system']['apacheconf_vhost'])) && !is_dir($this->settings['system']['apacheconf_vhost']))
@@ -364,6 +376,7 @@ class lighttpd
$domain['ip'] = $ipandport['ip']; $domain['ip'] = $ipandport['ip'];
$domain['port'] = $ipandport['port']; $domain['port'] = $ipandport['port'];
$domain['ssl_cert_file'] = $ipandport['ssl_cert_file']; $domain['ssl_cert_file'] = $ipandport['ssl_cert_file'];
$domain['ssl_ca_file'] = $ipandport['ssl_ca_file'];
if(filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) if(filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
{ {
@@ -400,6 +413,7 @@ class lighttpd
$vhost_content.= $this->composePhpOptions($domain); $vhost_content.= $this->composePhpOptions($domain);
$vhost_content.= $this->getStats($domain); $vhost_content.= $this->getStats($domain);
$vhost_content.= $this->getLogFiles($domain); $vhost_content.= $this->getLogFiles($domain);
$vhost_content.= $this->getSslSettings($domain, $ssl_vhost);
} }
} }
@@ -411,6 +425,38 @@ class lighttpd
return $vhost_content; return $vhost_content;
} }
protected function getSslSettings($domain, $ssl_vhost)
{
$ssl_settings = '';
if($ssl_vhost === true
&& $domain['ssl'] == '1'
&& (int)$this->settings['system']['use_ssl'] == 1
) {
if($domain['ssl_cert_file'] == '')
{
$domain['ssl_cert_file'] = $this->settings['system']['ssl_cert_file'];
}
if($domain['ssl_ca_file'] == '')
{
$domain['ssl_ca_file'] = $this->settings['system']['ssl_ca_file'];
}
if($domain['ssl_cert_file'] != '')
{
$ssl_settings.= 'ssl.engine = "enable"' . "\n";
$ssl_settings.= 'ssl.pemfile = "' . makeCorrectFile($domain['ssl_cert_file']) . '"' . "\n";
if($domain['ssl_ca_file'] != '')
{
$ssl_settings.= 'ssl.ca-file = "' . makeCorrectFile($domain['ssl_ca_file']) . '"' . "\n";
}
}
}
return $ssl_settings;
}
protected function getLogFiles($domain) protected function getLogFiles($domain)
{ {
$logfiles_text = ''; $logfiles_text = '';

4
templates/admin/ipsandports/ipsandports_add.tpl
View File

@@ -98,6 +98,10 @@ $header
<td class="main_field_name">{$lng['admin']['ipsandports']['ssl_ca_file']}:</td> <td class="main_field_name">{$lng['admin']['ipsandports']['ssl_ca_file']}:</td>
<td class="main_field_display" nowrap="nowrap"><input type="text" class="text" name="ssl_ca_file" value="" size="32" /></td> <td class="main_field_display" nowrap="nowrap"><input type="text" class="text" name="ssl_ca_file" value="" size="32" /></td>
</tr> </tr>
<tr>
<td class="main_field_name">{$lng['admin']['ipsandports']['ssl_cert_chainfile']}:</td>
<td class="main_field_display" nowrap="nowrap"><input type="text" class="text" name="ssl_cert_chainfile" value="" size="32" /></td>
</tr>
</if> </if>
<tr> <tr>
<td class="main_field_confirm" colspan="2"><input type="hidden" name="send" value="send" /><input class="bottom" type="submit" value="{$lng['panel']['save']}" /></td> <td class="main_field_confirm" colspan="2"><input type="hidden" name="send" value="send" /><input class="bottom" type="submit" value="{$lng['panel']['save']}" /></td>

4
templates/admin/ipsandports/ipsandports_edit.tpl
View File

@@ -95,6 +95,10 @@ $header
<td class="main_field_name">{$lng['admin']['ipsandports']['ssl_ca_file']}:</td> <td class="main_field_name">{$lng['admin']['ipsandports']['ssl_ca_file']}:</td>
<td class="main_field_display" nowrap="nowrap"><input type="text" class="text" name="ssl_ca_file" value="{$result['ssl_ca_file']}" size="32" /></td> <td class="main_field_display" nowrap="nowrap"><input type="text" class="text" name="ssl_ca_file" value="{$result['ssl_ca_file']}" size="32" /></td>
</tr> </tr>
<tr>
<td class="main_field_name">{$lng['admin']['ipsandports']['ssl_cert_chainfile']}:</td>
<td class="main_field_display" nowrap="nowrap"><input type="text" class="text" name="ssl_cert_chainfile" value="{$result['ssl_cert_chainfile']}" size="32" /></td>
</tr>
</if> </if>
<tr> <tr>
<td class="main_field_confirm" colspan="2"><input type="hidden" name="send" value="send" /><input class="bottom" type="submit" value="{$lng['panel']['save']}" /></td> <td class="main_field_confirm" colspan="2"><input type="hidden" name="send" value="send" /><input class="bottom" type="submit" value="{$lng['panel']['save']}" /></td>