gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -75,11 +75,16 @@
			$app->plugins->registerEvent('webdav_user_insert',$this->plugin_name,'webdav');
			$app->plugins->registerEvent('webdav_user_update',$this->plugin_name,'webdav');
			$app->plugins->registerEvent('webdav_user_delete',$this->plugin_name,'webdav');

			$app->plugins->registerEvent('client_delete',$this->plugin_name,'client_delete');
			}

			// Handle the creation of SSL certificates
			function ssl($event_name,$data) {
			global $app, $conf;

			//* Only vhosts can have a ssl cert
			if($data["new"]["type"] != "vhost") return;

			if(!is_dir($data['new']['document_root'].'/ssl')) exec('mkdir -p '.$data['new']['document_root'].'/ssl');
			$ssl_dir = $data['new']['document_root'].'/ssl';
			@@ -137,8 +142,18 @@
			$crt_file = escapeshellcmd($crt_file);

			if(is_file($ssl_cnf_file)) {
			exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $key_file 2048 && openssl req -new -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -out $csr_file -days $ssl_days -config $config_file && openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -in $csr_file -out $crt_file -days $ssl_days -config $config_file && openssl rsa -passin pass:$ssl_password -in $key_file -out $key_file2");
			$app->log('Creating SSL Cert for: '.$domain,LOGLEVEL_DEBUG);

			exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $key_file 2048");
			exec("openssl req -new -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -out $csr_file -days $ssl_days -config $config_file");
			if(isset($conf['CA-path']) && isset($conf['CA-pass']) )
			{
			exec("openssl ca -batch -out $crt_file -config ".$conf['CA-path']."/openssl.cnf -passin pass:".$conf['CA-pass']." -in $csr_file");
			$app->log("Creating CA-signed SSL Cert for: $domain",LOGLEVEL_DEBUG);
			} else{
			exec("openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -in $csr_file -out $crt_file -days $ssl_days -config $config_file ");
			$app->log("Creating self-signed SSL Cert for: $domain",LOGLEVEL_DEBUG);
			};
			exec("openssl rsa -passin pass:$ssl_password -in $key_file -out $key_file2");
			}

			exec('chmod 400 '.$key_file2);
			@@ -155,15 +170,15 @@
			}

			//* Save a SSL certificate to disk
			if($data['new']['ssl_action'] == 'save') {
			$ssl_dir = $data['new']['document_root'].'/ssl';
			$domain = $data['new']['ssl_domain'];
			$csr_file = $ssl_dir.'/'.$domain.'.csr';
			$crt_file = $ssl_dir.'/'.$domain.'.crt';
			$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
			file_put_contents($csr_file,$data['new']['ssl_request']);
			file_put_contents($crt_file,$data['new']['ssl_cert']);
			if(trim($data['new']['ssl_bundle']) != '') file_put_contents($bundle_file,$data['new']['ssl_bundle']);
			if($data["new"]["ssl_action"] == 'save') {
			$ssl_dir = $data["new"]["document_root"]."/ssl";
			$domain = $data["new"]["ssl_domain"];
			$csr_file = $ssl_dir.'/'.$domain.".csr";
			$crt_file = $ssl_dir.'/'.$domain.".crt";
			$bundle_file = $ssl_dir.'/'.$domain.".bundle";
			if(trim($data["new"]["ssl_request"]) != '') file_put_contents($csr_file,$data["new"]["ssl_request"]);
			if(trim($data["new"]["ssl_cert"]) != '') file_put_contents($crt_file,$data["new"]["ssl_cert"]);
			if(trim($data["new"]["ssl_bundle"]) != '') file_put_contents($bundle_file,$data["new"]["ssl_bundle"]);
			/* Update the DB of the (local) Server */
			$app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
			/* Update also the master-DB of the Server-Farm */
			@@ -178,6 +193,11 @@
			$csr_file = $ssl_dir.'/'.$domain.'.csr';
			$crt_file = $ssl_dir.'/'.$domain.'.crt';
			$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
			if(isset($conf['CA-path']) && isset($conf['CA-pass']) )
			{
			exec("openssl ca -batch -config ".$conf['CA-path']."/openssl.cnf -passin pass:".$conf['CA-pass']." -revoke $crt_file");
			$app->log("Revoking CA-signed SSL Cert for: $domain",LOGLEVEL_DEBUG);
			};
			unlink($csr_file);
			unlink($crt_file);
			unlink($bundle_file);
			@@ -215,7 +235,7 @@
			$old_parent_domain_id = intval($data['old']['parent_domain_id']);
			$new_parent_domain_id = intval($data['new']['parent_domain_id']);

			// If the parent_domain_id has been chenged, we will have to update the old site as well.
			// If the parent_domain_id has been changed, we will have to update the old site as well.
			if($this->action == 'update' && $data['new']['parent_domain_id'] != $data['old']['parent_domain_id']) {
			$tmp = $app->db->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = '.$old_parent_domain_id." AND active = 'y'");
			$data['new'] = $tmp;
			@@ -289,6 +309,9 @@
			if(!is_dir($new_dir)) exec('mkdir -p '.$new_dir);
			exec('mv '.$data['old']['document_root'].' '.$new_dir);
			$app->log('Moving site to new document root: mv '.$data['old']['document_root'].' '.$new_dir,LOGLEVEL_DEBUG);

			// Handle the change in php_open_basedir
			$data['new']['php_open_basedir'] = str_replace($data['old']['document_root'],$data['new']['document_root'],$data['old']['php_open_basedir']);

			//* Change the owner of the website files to the new website owner
			exec('chown --recursive --from='.escapeshellcmd($data['old']['system_user']).':'.escapeshellcmd($data['old']['system_group']).' '.escapeshellcmd($data['new']['system_user']).':'.escapeshellcmd($data['new']['system_group']).' '.$new_dir);
			@@ -469,7 +492,7 @@
			exec('setquota -T -u '.$username.' 604800 604800 -a &> /dev/null');
			}

			if($this->action == 'insert') {
			if($this->action == 'insert' \|\| $data["new"]["system_user"] != $data["old"]["system_user"]) {
			// Chown and chmod the directories below the document root
			$this->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']));
			// The document root itself has to be owned by root in normal level and by the web owner in security level 20
			@@ -491,6 +514,9 @@

			// make tmp directory writable for Apache and the website users
			$this->_exec('chmod 777 '.escapeshellcmd($data['new']['document_root'].'/tmp'));

			// Set Log symlink to 755 to make the logs accessible by the FTP user
			$this->_exec("chmod 755 ".escapeshellcmd($data["new"]["document_root"])."/log");

			$command = 'usermod';
			$command .= ' --groups sshusers';
			@@ -553,7 +579,11 @@
			if($data['new']['php'] == 'mod') {
			$master_php_ini_path = $web_config['php_ini_path_apache'];
			} else {
			$master_php_ini_path = $web_config['php_ini_path_cgi'];
			if($data["new"]['php'] == 'fast-cgi' && file_exists($fastcgi_config["fastcgi_phpini_path"])) {
			$master_php_ini_path = $fastcgi_config["fastcgi_phpini_path"];
			} else {
			$master_php_ini_path = $web_config['php_ini_path_cgi'];
			}
			}
			if($master_php_ini_path != '' && substr($master_php_ini_path,-7) == 'php.ini' && is_file($master_php_ini_path)) {
			$php_ini_content .= file_get_contents($master_php_ini_path)."\n";
			@@ -590,7 +620,7 @@
			$crt_file = $ssl_dir.'/'.$domain.'.crt';
			$bundle_file = $ssl_dir.'/'.$domain.'.bundle';

			if($data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file)) {
			if($data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0) && (@filesize($key_file)>0)) {
			$vhost_data['ssl_enabled'] = 1;
			$app->log('Enable SSL for: '.$domain,LOGLEVEL_DEBUG);
			} else {
			@@ -890,6 +920,9 @@
			$app->log('Apache status is: '.$apache_online_status_before_restart,LOGLEVEL_DEBUG);

			$app->services->restartService('httpd','restart');

			// wait a few seconds, before we test the apache status again
			sleep(2);

			//* Check if apache restarted successfully if it was online before
			$apache_online_status_after_restart = $this->_checkTcp('localhost',80);
			@@ -911,7 +944,7 @@
			}

			// Remove the backup copy of the config file.
			unlink($vhost_file.'~');
			if(@is_file($vhost_file.'~')) unlink($vhost_file.'~');


			//* Unset action to clean it for next processed vhost.
			@@ -1246,7 +1279,8 @@
			/*
			* add all the webdav-dirs to the webdav-section
			*/
			$files = scandir($webdavRoot);
			$files = @scandir($webdavRoot);
			if(is_array($files)) {
			foreach($files as $file) {
			if (substr($file, strlen($file) - strlen('.htdigest')) == '.htdigest') {
			/*
			@@ -1254,8 +1288,10 @@
			*/
			$fn = substr($file, 0, strlen($file) - strlen('.htdigest'));
			$output .= "\n";
			$output .= " Alias /" . $fn . ' ' . $webdavRoot . '/' . $fn . "\n";
			$output .= " <Location /" . $fn . ">\n";
			// $output .= " Alias /" . $fn . ' ' . $webdavRoot . '/' . $fn . "\n";
			// $output .= " <Location /" . $fn . ">\n";
			$output .= " Alias /webdav/" . $fn . ' ' . $webdavRoot . '/' . $fn . "\n";
			$output .= " <Location /webdav/" . $fn . ">\n";
			$output .= " DAV On\n";
			$output .= " AuthType Digest\n";
			$output .= " AuthName \"" . $fn . "\"\n";
			@@ -1266,6 +1302,7 @@
			$output .= " Allow from all \n";
			$output .= " </Location> \n";
			}
			}
			}
			}
			/*
			@@ -1327,6 +1364,27 @@
			$app->log('Removed AWStats config file: '.$awstats_conf_dir.'/awstats.'.$data['old']['domain'].'.conf',LOGLEVEL_DEBUG);
			}
			}

			function client_delete($event_name,$data) {
			global $app, $conf;

			$app->uses("getconf");
			$web_config = $app->getconf->get_server_config($conf["server_id"], 'web');

			$client_id = intval($data['old']['client_id']);
			if($client_id > 0) {

			$client_dir = $web_config['website_basedir'].'/clients/client'.$client_id;
			if(is_dir($client_dir) && !stristr($client_dir,'..')) {
			@rmdir($client_dir);
			$app->log('Removed client directory: '.$client_dir,LOGLEVEL_DEBUG);
			}

			$this->_exec('groupdel client'.$client_id);
			$app->log('Removed group client'.$client_id,LOGLEVEL_DEBUG);
			}

			}

			//* Wrapper for exec function for easier debugging
			private function _exec($command) {