ISPConfig3 devel
blame | history | patch | commit | commitdiff | ignore whitespace
tbrehm
2010-05-11 2e961201be67cc348e7da22ad7c32c87c9f3d30d 
 server/plugins-available/apache2_plugin.inc.php


@@ -83,7 +83,7 @@


      


      if(!is_dir($data["new"]["document_root"]."/ssl")) exec("mkdir -p ".$data["new"]["document_root"]."/ssl");


      $ssl_dir = $data["new"]["document_root"]."/ssl";


      $domain = $data["new"]["domain"];


      $domain = $data["new"]["ssl_domain"];


      $key_file = $ssl_dir.'/'.$domain.".key.org";


        $key_file2 = $ssl_dir.'/'.$domain.".key";


        $csr_file = $ssl_dir.'/'.$domain.".csr";


@@ -106,7 +106,7 @@


         $ssl_cnf = "        RANDFILE               = $rand_file




        [ req ]


        default_bits           = 1024


        default_bits           = 2048


        default_keyfile        = keyfile.pem


        distinguished_name     = req_distinguished_name


        attributes             = req_attributes


@@ -137,15 +137,15 @@


         $crt_file = escapeshellcmd($crt_file);




           if(is_file($ssl_cnf_file)){


                exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $key_file 1024 && openssl req -new -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -out $csr_file -days $ssl_days -config $config_file && openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -in $csr_file -out $crt_file -days $ssl_days -config $config_file && openssl rsa -passin pass:$ssl_password -in $key_file -out $key_file2");


                exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $key_file 2048 && openssl req -new -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -out $csr_file -days $ssl_days -config $config_file && openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -in $csr_file -out $crt_file -days $ssl_days -config $config_file && openssl rsa -passin pass:$ssl_password -in $key_file -out $key_file2");


            $app->log("Creating SSL Cert for: $domain",LOGLEVEL_DEBUG);


           }




          exec("chmod 400 $key_file2");


          @unlink($config_file);


          @unlink($rand_file);


          $ssl_request = file_get_contents($csr_file);


          $ssl_cert = file_get_contents($crt_file);


          $ssl_request = $app->db->quote(file_get_contents($csr_file));


          $ssl_cert = $app->db->quote(file_get_contents($crt_file));


         /* Update the DB of the (local) Server */


          $app->db->query("UPDATE web_domain SET ssl_request = '$ssl_request', ssl_cert = '$ssl_cert' WHERE domain = '".$data["new"]["domain"]."'");


         $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data["new"]["domain"]."'");


@@ -157,7 +157,7 @@


      //* Save a SSL certificate to disk


      if($data["new"]["ssl_action"] == 'save') {


         $ssl_dir = $data["new"]["document_root"]."/ssl";


         $domain = $data["new"]["domain"];


         $domain = $data["new"]["ssl_domain"];


           $csr_file = $ssl_dir.'/'.$domain.".csr";


           $crt_file = $ssl_dir.'/'.$domain.".crt";


         $bundle_file = $ssl_dir.'/'.$domain.".bundle";


@@ -174,7 +174,7 @@


      //* Delete a SSL certificate


      if($data["new"]["ssl_action"] == 'del') {


         $ssl_dir = $data["new"]["document_root"]."/ssl";


         $domain = $data["new"]["domain"];


         $domain = $data["new"]["ssl_domain"];


           $csr_file = $ssl_dir.'/'.$domain.".csr";


           $crt_file = $ssl_dir.'/'.$domain.".crt";


         $bundle_file = $ssl_dir.'/'.$domain.".bundle";


@@ -554,10 +554,13 @@


      $vhost_data["web_document_root_www"] = $web_config["website_basedir"]."/".$data["new"]["domain"]."/web";


      $vhost_data["web_basedir"] = $web_config["website_basedir"];


      $vhost_data["security_level"] = $web_config["security_level"];


      $vhost_data["allow_override"] = ($data["new"]["allow_override"] == '')?'All':$data["new"]["allow_override"];


      $vhost_data["php_open_basedir"] = ($data["new"]["php_open_basedir"] == '')?$data["new"]["document_root"]:$data["new"]["php_open_basedir"];


      $vhost_data["ssl_domain"] = $data["new"]["ssl_domain"];


      


      // Check if a SSL cert exists


      $ssl_dir = $data["new"]["document_root"]."/ssl";


      $domain = $data["new"]["domain"];


      $domain = $data["new"]["ssl_domain"];


        $key_file = $ssl_dir.'/'.$domain.".key";


        $crt_file = $ssl_dir.'/'.$domain.".crt";


      $bundle_file = $ssl_dir.'/'.$domain.".bundle";


@@ -579,6 +582,10 @@


      $rewrite_rules = array();


      if($data["new"]["redirect_type"] != '') {


         if(substr($data["new"]["redirect_path"],-1) != '/') $data["new"]["redirect_path"] .= '/';


         if($data["new"]["redirect_type"] == 'no' && substr($data["new"]["redirect_path"],0,4) != 'http') {


            $data["new"]["redirect_path"] = $data["new"]["document_root"]."/web".realpath($data["new"]["redirect_path"]).'/';


         }


			


         $rewrite_rules[] = array(   'rewrite_domain'    => $data["new"]["domain"],


                              'rewrite_type'       => ($data["new"]["redirect_type"] == 'no')?'':'['.$data["new"]["redirect_type"].']',


                              'rewrite_target'    => $data["new"]["redirect_path"]);


@@ -626,6 +633,9 @@


            // Rewriting


            if($alias["redirect_type"] != '') {


               if(substr($data["new"]["redirect_path"],-1) != '/') $data["new"]["redirect_path"] .= '/';


               if($data["new"]["redirect_type"] == 'no' && substr($data["new"]["redirect_path"],0,4) != 'http') {


                  $data["new"]["redirect_path"] = $data["new"]["document_root"]."/web".realpath($data["new"]["redirect_path"]).'/';


               }


               $rewrite_rules[] = array(   'rewrite_domain'    => $alias["domain"],


                                    'rewrite_type'       => ($alias["redirect_type"] == 'no')?'':'['.$alias["redirect_type"].']',


                                    'rewrite_target'    => $alias["redirect_path"]);


@@ -698,12 +708,15 @@


         $fcgi_tpl = new tpl();


         $fcgi_tpl->newTemplate("php-fcgi-starter.master");


            


         $fcgi_tpl->setVar('php_ini_path',$fastcgi_config["fastcgi_phpini_path"]);


         $fcgi_tpl->setVar('document_root',$data["new"]["document_root"]);


         $fcgi_tpl->setVar('php_fcgi_children',$fastcgi_config["fastcgi_children"]);


         $fcgi_tpl->setVar('php_fcgi_max_requests',$fastcgi_config["fastcgi_max_requests"]);


         $fcgi_tpl->setVar('php_fcgi_bin',$fastcgi_config["fastcgi_bin"]);


         $fcgi_tpl->setVar('security_level',$web_config["security_level"]);


         $fcgi_tpl->setVar('php_ini_path',escapeshellcmd($fastcgi_config["fastcgi_phpini_path"]));


         $fcgi_tpl->setVar('document_root',escapeshellcmd($data["new"]["document_root"]));


         $fcgi_tpl->setVar('php_fcgi_children',escapeshellcmd($fastcgi_config["fastcgi_children"]));


         $fcgi_tpl->setVar('php_fcgi_max_requests',escapeshellcmd($fastcgi_config["fastcgi_max_requests"]));


         $fcgi_tpl->setVar('php_fcgi_bin',escapeshellcmd($fastcgi_config["fastcgi_bin"]));


         $fcgi_tpl->setVar('security_level',intval($web_config["security_level"]));


			


         $php_open_basedir = ($data["new"]["php_open_basedir"] == '')?$data["new"]["document_root"]:$data["new"]["php_open_basedir"];


         $fcgi_tpl->setVar('open_basedir', escapeshellcmd($php_open_basedir));


            


         $fcgi_starter_script = escapeshellcmd($fastcgi_starter_path.$fastcgi_config["fastcgi_starter_script"]);


         file_put_contents($fcgi_starter_script,$fcgi_tpl->grab());


@@ -751,7 +764,10 @@


         $cgi_tpl->newTemplate("php-cgi-starter.master");




         // This works, because php "rewrites" a symlink to the physical path


         $cgi_tpl->setVar('open_basedir', $data["new"]["document_root"]); 


         $php_open_basedir = ($data["new"]["php_open_basedir"] == '')?$data["new"]["document_root"]:$data["new"]["php_open_basedir"];


         $cgi_tpl->setVar('open_basedir', escapeshellcmd($php_open_basedir)); 


         $cgi_tpl->setVar('document_root', escapeshellcmd($data["new"]["document_root"]));


			


         // This will NOT work!


         //$cgi_tpl->setVar('open_basedir', "/var/www/" . $data["new"]["domain"]);


         $cgi_tpl->setVar('php_cgi_bin',$cgi_config["cgi_bin"]);


@@ -805,7 +821,7 @@


         if(!is_dir($data["new"]["document_root"].'/web/stats')) mkdir($data["new"]["document_root"].'/web/stats');


         $ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$data["new"]["document_root"]."/.htpasswd_stats\nrequire valid-user";


         file_put_contents($data["new"]["document_root"].'/web/stats/.htaccess',$ht_file);


         chmod($data["new"]["document_root"].'/web/stats/.htaccess',0664);


         chmod($data["new"]["document_root"].'/web/stats/.htaccess',0755);


         unset($ht_file);


      }


      


@@ -813,7 +829,7 @@


         if(trim($data["new"]["stats_password"]) != '') {


            $htp_file = 'admin:'.trim($data["new"]["stats_password"]);


            file_put_contents($data["new"]["document_root"].'/.htpasswd_stats',$htp_file);


            chmod($data["new"]["document_root"].'/.htpasswd_stats',0664);


            chmod($data["new"]["document_root"].'/.htpasswd_stats',0755);


            unset($htp_file);


         }


      }