change default path of custom-ssl-certificates as too many people can't read. Also, don't let updaters specify '/' (result of an empty value) as custom-ssl path and let the cron only clean the custom-ssl-path of ssl is enabled (just in case), refs #1279

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>

actions/admin/settings/130.webserver.php

@@ -100,7 +100,7 @@ return array(
 					'varname' => 'customer_ssl_path',
 					'type' => 'string',
 					'string_type' => 'dir',
-					'default' => '/etc/apache2/ssl/',
+					'default' => '/etc/ssl/froxlor-custom/',
 					'save_method' => 'storeSettingField',
 					),
 				'system_phpappendopenbasedir' => array(

install/froxlor.sql

@@ -510,7 +510,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'documentroot_use_default_value', '0'),
 	('system', 'passwordcryptfunc', '1'),
 	('system', 'axfrservers', ''),
-	('system', 'customer_ssl_path', '/etc/apache2/ssl/'),
+	('system', 'customer_ssl_path', '/etc/ssl/froxlor-custom/'),
 	('panel', 'decimal_places', '4'),
 	('panel', 'adminmail', 'admin@SERVERNAME'),
 	('panel', 'phpmyadmin_url', ''),

install/updates/froxlor/0.9/update_0.9.inc.php

@@ -2126,7 +2126,11 @@ if (isFroxlorVersion('0.9.29-dev3')) {
 	) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;");
 	lastStepStatus(0);
 
-	$system_customersslpath = isset($_POST['system_customersslpath']) ? makeCorrectDir($_POST['system_customersslpath']) : '/etc/apache2/ssl/';
+	$system_customersslpath = isset($_POST['system_customersslpath']) ? makeCorrectDir($_POST['system_customersslpath']) : '/etc/ssl/froxlor-custom/';
+	if (trim($system_customersslpath) == '/') {
+		// prevent users from specifying nonsense here
+		$system_customersslpath = '/etc/ssl/froxlor-custom/';
+	}
 	$db->query("INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('system', 'customer_ssl_path', '".$db->escape($system_customersslpath)."');");
 	updateToVersion('0.9.29-dev4');
 }

install/updates/preconfig/0.9/preconfig_0.9.inc.php

@@ -538,7 +538,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		$has_preconfig = true;
 		$description  = 'As customers can now specify ssl-certificate data for their domains, you need to specify where the generated files are stored<br />';
 		$question = '<strong>Specify the directory for customer ssl-certificates:</strong>&nbsp;';
-		$question.= '<input type="text" class="text" name="system_customersslpath" value="/etc/apache2/ssl/" />';
+		$question.= '<input type="text" class="text" name="system_customersslpath" value="/etc/ssl/froxlor-custom/" />';
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}
 

lib/classes/webserver/class.ConfigIO.php

@@ -70,17 +70,22 @@ class ConfigIO {
 	 */
 	private function _cleanCustomerSslCerts() {
 
-		// get correct directory
+		/*
-		$configdir = $this->_getFile('system', 'customer_ssl_path');
+		 * only clean up if we're actually using SSL
-		if ($configdir !== false) {
+		 */
+		if ($this->_settings['system']['use_ssl'] == '1') {
+			// get correct directory
+			$configdir = $this->_getFile('system', 'customer_ssl_path');
+			if ($configdir !== false) {
 
-			$configdir = makeCorrectDir($configdir);
+				$configdir = makeCorrectDir($configdir);
 
-			if (@is_dir($configdir)) {
+				if (@is_dir($configdir)) {
-				// now get rid of old stuff
+					// now get rid of old stuff
-				//(but append /* so we don't delete the directory)
+					//(but append /* so we don't delete the directory)
-				$configdir.='/*';
+					$configdir.='/*';
-				safe_exec('rm -rf '. makeCorrectFile($configdir));
+					safe_exec('rm -rf '. makeCorrectFile($configdir));
+				}
 			}
 		}
 	}