Added a check to prevent that password protected ssl keys get saved. Thanks to Timo for finding the issue.
| | |
| | | $app->dbmaster->query("UPDATE web_domain SET ssl_request = ?, ssl_cert = ?, ssl_key = ? WHERE domain = ?", $ssl_request, $ssl_cert, $ssl_key2, $data['new']['domain']); |
| | | $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']); |
| | | } |
| | | |
| | | //* Check that the SSL key is not password protected |
| | | if($data["new"]["ssl_action"] == 'save') { |
| | | if(stristr($data["new"]["ssl_key"],'Proc-Type: 4,ENCRYPTED')) { |
| | | $data["new"]["ssl_action"] = ''; |
| | | |
| | | $app->log('SSL Certificate not saved. The SSL key is encrypted.', LOGLEVEL_WARN); |
| | | $app->dbmaster->datalogError('SSL Certificate not saved. The SSL key is encrypted.'); |
| | | |
| | | /* Update the DB of the (local) Server */ |
| | | $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']); |
| | | |
| | | /* Update also the master-DB of the Server-Farm */ |
| | | $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']); |
| | | } |
| | | } |
| | | |
| | | //* Save a SSL certificate to disk |
| | | if($data["new"]["ssl_action"] == 'save') { |
| | |
| | | $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']); |
| | | } |
| | | |
| | | //* Check that the SSL key is not password protected |
| | | if($data["new"]["ssl_action"] == 'save') { |
| | | if(stristr($data["new"]["ssl_key"],'Proc-Type: 4,ENCRYPTED')) { |
| | | $data["new"]["ssl_action"] = ''; |
| | | |
| | | $app->log('SSL Certificate not saved. The SSL key is encrypted.', LOGLEVEL_WARN); |
| | | $app->dbmaster->datalogError('SSL Certificate not saved. The SSL key is encrypted.'); |
| | | |
| | | /* Update the DB of the (local) Server */ |
| | | $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']); |
| | | |
| | | /* Update also the master-DB of the Server-Farm */ |
| | | $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']); |
| | | } |
| | | } |
| | | |
| | | //* Save a SSL certificate to disk |
| | | if($data["new"]["ssl_action"] == 'save') { |
| | | $this->ssl_certificate_changed = true; |