maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

fix redirect to non-standard-ssl port and also implement it for lighttpd

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2013-09-30 08:20:03 +02:00
parent 5e4cb880f7
commit f9459e92e7
3 changed files with 50 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
scripts/jobs/cron_tasks.inc.http.10.apache.php
View File

@@ -663,15 +663,24 @@ class apache
&& $domain['ssl'] == '1' && $domain['ssl'] == '1'
&& $domain['ssl_redirect'] == '1') && $domain['ssl_redirect'] == '1')
) { ) {
$_sslport = ''; // We must not check if our port differs from port 443, but if there is a destination-port != 443 // We must not check if our port differs from port 443,
// This returns the lowest port != 443 with ssl enabled, if any // but if there is a destination-port != 443
$ssldestport = $this->db->query_first("SELECT `ip`.`port` FROM ".TABLE_PANEL_IPSANDPORTS." `ip` $_sslport = '';
LEFT JOIN `".TABLE_DOMAINTOIP."` `dip` ON (`ip`.`id` = `dip`.`id_ipandports`) // This returns the first port that is != 443 with ssl enabled, if any
WHERE `dip`.`id_domain` = '$domain[id]' AND `ip`.`ssl` = '1' AND `ip`.`port` != 443 // ordered by ssl-certificate (if any) so that the ip/port combo
ORDER BY `ip`.`port` LIMIT 1;"); // with certificate is used
$ssldestport = $this->db->query_first(
"SELECT `ip`.`port` FROM ".TABLE_PANEL_IPSANDPORTS." `ip`
LEFT JOIN `".TABLE_DOMAINTOIP."` `dip` ON (`ip`.`id` = `dip`.`id_ipandports`)
WHERE `dip`.`id_domain` = '".(int)$domain['id']."'
AND `ip`.`ssl` = '1' AND `ip`.`port` != 443
ORDER BY `ip`.`ssl_cert_file` DESC, `ip`.`port` LIMIT 1;"
);
if ($ssldestport['port'] != '') { if ($ssldestport['port'] != '') {
$_sslport = ":".$ssldestport['port']; $_sslport = ":".$ssldestport['port'];
} }
$domain['documentroot'] = 'https://' . $domain['domain'] . $_sslport . '/'; $domain['documentroot'] = 'https://' . $domain['domain'] . $_sslport . '/';
} }

20
scripts/jobs/cron_tasks.inc.http.20.lighttpd.php
View File

@@ -409,7 +409,25 @@ class lighttpd
&& $domain['ssl'] == '1' && $domain['ssl'] == '1'
&& $domain['ssl_redirect'] == '1' && $domain['ssl_redirect'] == '1'
) { ) {
$domain['documentroot'] = 'https://' . $domain['domain'] . '/'; // We must not check if our port differs from port 443,
// but if there is a destination-port != 443
$_sslport = '';
// This returns the first port that is != 443 with ssl enabled, if any
// ordered by ssl-certificate (if any) so that the ip/port combo
// with certificate is used
$ssldestport = $this->db->query_first(
"SELECT `ip`.`port` FROM ".TABLE_PANEL_IPSANDPORTS." `ip`
LEFT JOIN `".TABLE_DOMAINTOIP."` `dip` ON (`ip`.`id` = `dip`.`id_ipandports`)
WHERE `dip`.`id_domain` = '".(int)$domain['id']."'
AND `ip`.`ssl` = '1' AND `ip`.`port` != 443
ORDER BY `ip`.`ssl_cert_file` DESC, `ip`.`port` LIMIT 1;"
);
if ($ssldestport['port'] != '') {
$_sslport = ":".$ssldestport['port'];
}
$domain['documentroot'] = 'https://' . $domain['domain'] . $_sslport . '/';
} }
if (preg_match('/^https?\:\/\//', $domain['documentroot'])) { if (preg_match('/^https?\:\/\//', $domain['documentroot'])) {

18
scripts/jobs/cron_tasks.inc.http.30.nginx.php
View File

@@ -398,10 +398,24 @@ class nginx
&& $domain['ssl'] == '1' && $domain['ssl'] == '1'
&& $domain['ssl_redirect'] == '1') && $domain['ssl_redirect'] == '1')
{ {
// We must not check if our port differs from port 443,
// but if there is a destination-port != 443
$_sslport = ''; $_sslport = '';
if ($domain['port'] != '443') { // This returns the first port that is != 443 with ssl enabled, if any
$_sslport = ":".$domain['port']; // ordered by ssl-certificate (if any) so that the ip/port combo
// with certificate is used
$ssldestport = $this->db->query_first(
"SELECT `ip`.`port` FROM ".TABLE_PANEL_IPSANDPORTS." `ip`
LEFT JOIN `".TABLE_DOMAINTOIP."` `dip` ON (`ip`.`id` = `dip`.`id_ipandports`)
WHERE `dip`.`id_domain` = '".(int)$domain['id']."'
AND `ip`.`ssl` = '1' AND `ip`.`port` != 443
ORDER BY `ip`.`ssl_cert_file` DESC, `ip`.`port` LIMIT 1;"
);
if ($ssldestport['port'] != '') {
$_sslport = ":".$ssldestport['port'];
} }
$domain['documentroot'] = 'https://' . $domain['domain'] . $_sslport . '/'; $domain['documentroot'] = 'https://' . $domain['domain'] . $_sslport . '/';
} }