gitlabFork/ISPConfig3.git - Solinfo Gitblit

parent: 337473b2 | patch | commit | show whitespace

Marius Burkard

2016-01-21 50b59af5b65ae0562fb9dfbc27332cc4fc91e437

Merge branch 'stable-3.1'

2 files modified

	server/plugins-available/apache2_plugin.inc.php	37 ●●●●● patch \| view \| raw \| blame \| history
	server/plugins-available/nginx_plugin.inc.php	40 ●●●●● patch \| view \| raw \| blame \| history

 server/plugins-available/apache2_plugin.inc.php

@@ -1116,7 +1116,12 @@
        */

        //* Generate Let's Encrypt SSL certificat
        if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y') {
        if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y' && ( // ssl and let's encrypt is active
            ($data['old']['ssl'] == 'n' || $data['old']['ssl_letsencrypt'] == 'n') // we have new let's encrypt configuration
            || ($data['old']['domain'] != $data['new']['domain']) // we have domain update
            || ($data['old']['subdomain'] != $data['new']['subdomain']) // we have new or update on "auto" subdomain
            || ($data['new']['type'] == 'subdomain') // we have new or update on subdomain
        )) {
            if(substr($domain, 0, 2) === '*.') {
                // wildcard domain not yet supported by letsencrypt!
                $app->log('Wildcard domains not yet supported by letsencrypt, so changing ' . $domain . ' to ' . substr($domain, 2), LOGLEVEL_WARN);
@@ -1126,11 +1131,35 @@
            $data['new']['ssl_domain'] = $domain;
            $vhost_data['ssl_domain'] = $domain;

            // default values
            $temp_domains = array();
            $lddomain = $domain;
            $subdomains = null;

            //* be sure to have good domain
            $lddomain = (string) "$domain";
            if($data['new']['subdomain'] == "www" OR $data['new']['subdomain'] == "*") {
                $lddomain .= (string) " --domains www." . $domain;
                $temp_domains[] = "www." . $domain;
            }

            //* then, add subdomain if we have
            $subdomains = $app->db->queryAllRecords('SELECT domain FROM web_domain WHERE parent_domain_id = '.intval($data['new']['domain_id'])." AND active = 'y' AND type = 'subdomain'");
            if(is_array($subdomains)) {
                foreach($subdomains as $subdomain) {
                    $temp_domains[] = $subdomain['domain'];
                }
            }

            // prevent duplicate
            $temp_domains = array_unique($temp_domains);

            // generate cli format
            foreach($temp_domains as $temp_domain) {
                $lddomain .= (string) " --domains " . $temp_domain;
            }

            // useless data
            unset($subdomains);
            unset($temp_domains);

                $crt_tmp_file = "/etc/letsencrypt/live/".$domain."/cert.pem";
                $key_tmp_file = "/etc/letsencrypt/live/".$domain."/privkey.pem";
@@ -1207,7 +1236,7 @@
                    $app->dbmaster->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '$ssl_cert', ssl_key = '$ssl_key' WHERE domain = '".$data['new']['domain']."'");
                    $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
                }
            };
        }

        if(@is_file($bundle_file)) $vhost_data['has_bundle_cert'] = 1;


 server/plugins-available/nginx_plugin.inc.php

@@ -1231,8 +1231,15 @@


        $tpl->setVar('ssl_letsencrypt', "n");
		
        //* Generate Let's Encrypt SSL certificat
        if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y') {
        if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y' && ( // ssl and let's encrypt is active
            ($data['old']['ssl'] == 'n' || $data['old']['ssl_letsencrypt'] == 'n') // we have new let's encrypt configuration
            || ($data['old']['domain'] != $data['new']['domain']) // we have domain update
            || ($data['old']['subdomain'] != $data['new']['subdomain']) // we have new or update on "auto" subdomain
            || ($data['new']['type'] == 'subdomain') // we have new or update on subdomain
        )) {

            //* be sure to have good domain
            if(substr($domain, 0, 2) === '*.') {
                // wildcard domain not yet supported by letsencrypt!
@@ -1243,10 +1250,35 @@
            $data['new']['ssl_domain'] = $domain;
            $vhost_data['ssl_domain'] = $domain;
            
            $lddomain = (string) "$domain";
            // default values
            $temp_domains = array();
            $lddomain = $domain;
            $subdomains = null;

             //* be sure to have good domain
            if($data['new']['subdomain'] == "www" OR $data['new']['subdomain'] == "*") {
                $lddomain .= (string) " --domains www." . $domain;
                $temp_domains[] = "www." . $domain;
            }

            //* then, add subdomain if we have
            $subdomains = $app->db->queryAllRecords('SELECT domain FROM web_domain WHERE parent_domain_id = '.intval($data['new']['domain_id'])." AND active = 'y' AND type = 'subdomain'");
            if(is_array($subdomains)) {
                foreach($subdomains as $subdomain) {
                    $temp_domains[] = $subdomain['domain'];
                }
             }
 
            // prevent duplicate
            $temp_domains = array_unique($temp_domains);

            // generate cli format
            foreach($temp_domains as $temp_domain) {
                $lddomain .= (string) " --domains " . $temp_domain;
            }

            // useless data
            unset($subdomains);
            unset($temp_domains);

            $tpl->setVar('ssl_letsencrypt', "y");
            //* TODO: check dns entry is correct
@@ -1265,7 +1297,7 @@

                $app->log("Create challenge directory", LOGLEVEL_DEBUG);
                $app->system->mkdirpath($webroot . "/.well-known/");
                $app->system->chown($webroot . "/.well-known/", $$data['new']['system_user']);
                $app->system->chown($webroot . "/.well-known/", $data['new']['system_user']);
                $app->system->chgrp($webroot . "/.well-known/", $data['new']['system_group']);
                $app->system->mkdirpath($webroot . "/.well-known/acme-challenge");
                $app->system->chown($webroot . "/.well-known/acme-challenge/", $data['new']['system_user']);

			@@ -1116,7 +1116,12 @@
			*/

			//* Generate Let's Encrypt SSL certificat
			if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y') {
			if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y' && ( // ssl and let's encrypt is active
			($data['old']['ssl'] == 'n' \|\| $data['old']['ssl_letsencrypt'] == 'n') // we have new let's encrypt configuration
			\|\| ($data['old']['domain'] != $data['new']['domain']) // we have domain update
			\|\| ($data['old']['subdomain'] != $data['new']['subdomain']) // we have new or update on "auto" subdomain
			\|\| ($data['new']['type'] == 'subdomain') // we have new or update on subdomain
			)) {
			if(substr($domain, 0, 2) === '*.') {
			// wildcard domain not yet supported by letsencrypt!
			$app->log('Wildcard domains not yet supported by letsencrypt, so changing ' . $domain . ' to ' . substr($domain, 2), LOGLEVEL_WARN);
			@@ -1126,11 +1131,35 @@
			$data['new']['ssl_domain'] = $domain;
			$vhost_data['ssl_domain'] = $domain;

			// default values
			$temp_domains = array();
			$lddomain = $domain;
			$subdomains = null;

			//* be sure to have good domain
			$lddomain = (string) "$domain";
			if($data['new']['subdomain'] == "www" OR $data['new']['subdomain'] == "*") {
			$lddomain .= (string) " --domains www." . $domain;
			$temp_domains[] = "www." . $domain;
			}

			//* then, add subdomain if we have
			$subdomains = $app->db->queryAllRecords('SELECT domain FROM web_domain WHERE parent_domain_id = '.intval($data['new']['domain_id'])." AND active = 'y' AND type = 'subdomain'");
			if(is_array($subdomains)) {
			foreach($subdomains as $subdomain) {
			$temp_domains[] = $subdomain['domain'];
			}
			}

			// prevent duplicate
			$temp_domains = array_unique($temp_domains);

			// generate cli format
			foreach($temp_domains as $temp_domain) {
			$lddomain .= (string) " --domains " . $temp_domain;
			}

			// useless data
			unset($subdomains);
			unset($temp_domains);

			$crt_tmp_file = "/etc/letsencrypt/live/".$domain."/cert.pem";
			$key_tmp_file = "/etc/letsencrypt/live/".$domain."/privkey.pem";
			@@ -1207,7 +1236,7 @@
			$app->dbmaster->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '$ssl_cert', ssl_key = '$ssl_key' WHERE domain = '".$data['new']['domain']."'");
			$app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
			}
			};
			}

			if(@is_file($bundle_file)) $vhost_data['has_bundle_cert'] = 1;

			@@ -1231,8 +1231,15 @@


			$tpl->setVar('ssl_letsencrypt', "n");

			//* Generate Let's Encrypt SSL certificat
			if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y') {
			if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y' && ( // ssl and let's encrypt is active
			($data['old']['ssl'] == 'n' \|\| $data['old']['ssl_letsencrypt'] == 'n') // we have new let's encrypt configuration
			\|\| ($data['old']['domain'] != $data['new']['domain']) // we have domain update
			\|\| ($data['old']['subdomain'] != $data['new']['subdomain']) // we have new or update on "auto" subdomain
			\|\| ($data['new']['type'] == 'subdomain') // we have new or update on subdomain
			)) {

			//* be sure to have good domain
			if(substr($domain, 0, 2) === '*.') {
			// wildcard domain not yet supported by letsencrypt!
			@@ -1243,10 +1250,35 @@
			$data['new']['ssl_domain'] = $domain;
			$vhost_data['ssl_domain'] = $domain;

			$lddomain = (string) "$domain";
			// default values
			$temp_domains = array();
			$lddomain = $domain;
			$subdomains = null;

			//* be sure to have good domain
			if($data['new']['subdomain'] == "www" OR $data['new']['subdomain'] == "*") {
			$lddomain .= (string) " --domains www." . $domain;
			$temp_domains[] = "www." . $domain;
			}

			//* then, add subdomain if we have
			$subdomains = $app->db->queryAllRecords('SELECT domain FROM web_domain WHERE parent_domain_id = '.intval($data['new']['domain_id'])." AND active = 'y' AND type = 'subdomain'");
			if(is_array($subdomains)) {
			foreach($subdomains as $subdomain) {
			$temp_domains[] = $subdomain['domain'];
			}
			}

			// prevent duplicate
			$temp_domains = array_unique($temp_domains);

			// generate cli format
			foreach($temp_domains as $temp_domain) {
			$lddomain .= (string) " --domains " . $temp_domain;
			}

			// useless data
			unset($subdomains);
			unset($temp_domains);

			$tpl->setVar('ssl_letsencrypt', "y");
			//* TODO: check dns entry is correct
			@@ -1265,7 +1297,7 @@

			$app->log("Create challenge directory", LOGLEVEL_DEBUG);
			$app->system->mkdirpath($webroot . "/.well-known/");
			$app->system->chown($webroot . "/.well-known/", $$data['new']['system_user']);
			$app->system->chown($webroot . "/.well-known/", $data['new']['system_user']);
			$app->system->chgrp($webroot . "/.well-known/", $data['new']['system_group']);
			$app->system->mkdirpath($webroot . "/.well-known/acme-challenge");
			$app->system->chown($webroot . "/.well-known/acme-challenge/", $data['new']['system_user']);