gitlabFork/ISPConfig3.git - Solinfo Gitblit

parent: f1f72ff9 | patch | commit | ignore whitespace

- Make sure SSL keys and all copies always have 400 permissions.

ftimme

2013-01-14 0d8f456e416dda4337259c71c37710726790e4be

- Make sure SSL keys and all copies always have 400 permissions.

2 files modified

	server/plugins-available/apache2_plugin.inc.php	31 ●●●●● patch \| view \| raw \| blame \| history
	server/plugins-available/nginx_plugin.inc.php	31 ●●●●● patch \| view \| raw \| blame \| history

 server/plugins-available/apache2_plugin.inc.php

@@ -121,8 +121,14 @@
            $this->ssl_certificate_changed = true;
            
            //* Rename files if they exist
            if(file_exists($key_file)) $app->system->rename($key_file,$key_file.'.bak');
            if(file_exists($key_file2)) $app->system->rename($key_file2,$key_file2.'.bak');
            if(file_exists($key_file)){
                $app->system->rename($key_file,$key_file.'.bak');
                $app->system->chmod($key_file.'.bak',0400);
            }
            if(file_exists($key_file2)){
                $app->system->rename($key_file2,$key_file2.'.bak');
                $app->system->chmod($key_file2.'.bak',0400);
            }
            if(file_exists($csr_file)) $app->system->rename($csr_file,$csr_file.'.bak');
            if(file_exists($crt_file)) $app->system->rename($crt_file,$crt_file.'.bak');
            
@@ -194,6 +200,7 @@
            
            }

            $app->system->chmod($key_file,0400);
            $app->system->chmod($key_file2,0400);
            @$app->system->unlink($config_file);
            @$app->system->unlink($rand_file);
@@ -220,8 +227,14 @@
            $bundle_file = $ssl_dir.'/'.$domain.".bundle";
            
            //* Backup files
            if(file_exists($key_file)) $app->system->copy($key_file,$key_file.'~');
            if(file_exists($key_file2)) $app->system->copy($key_file2,$key_file2.'~');
            if(file_exists($key_file)){
                $app->system->copy($key_file,$key_file.'~');
                $app->system->chmod($key_file.'~',0400);
            }
            if(file_exists($key_file2)){
                $app->system->copy($key_file2,$key_file2.'~');
                $app->system->chmod($key_file2.'~',0400);
            }
            if(file_exists($csr_file)) $app->system->copy($csr_file,$csr_file.'~');
            if(file_exists($crt_file)) $app->system->copy($crt_file,$crt_file.'~');
            if(file_exists($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'~');
@@ -1454,8 +1467,14 @@
                    $bundle_file = $ssl_dir.'/'.$domain.'.bundle';
                    
                    //* Backup the files that might have caused the error
                    if(is_file($key_file)) $app->system->copy($key_file,$key_file.'.err');
                    if(is_file($key_file2)) $app->system->copy($key_file2,$key_file2.'.err');
                    if(is_file($key_file)){
                        $app->system->copy($key_file,$key_file.'.err');
                        $app->system->chmod($key_file.'.err',0400);
                    }
                    if(is_file($key_file2)){
                        $app->system->copy($key_file2,$key_file2.'.err');
                        $app->system->chmod($key_file2.'.err',0400);
                    }
                    if(is_file($csr_file)) $app->system->copy($csr_file,$csr_file.'.err');
                    if(is_file($crt_file)) $app->system->copy($crt_file,$crt_file.'.err');
                    if(is_file($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'.err');

 server/plugins-available/nginx_plugin.inc.php

@@ -120,8 +120,14 @@
            $this->ssl_certificate_changed = true;
            
            //* Rename files if they exist
            if(file_exists($key_file)) $app->system->rename($key_file,$key_file.'.bak');
            if(file_exists($key_file2)) $app->system->rename($key_file2,$key_file2.'.bak');
            if(file_exists($key_file)){
                $app->system->rename($key_file,$key_file.'.bak');
                $app->system->chmod($key_file.'.bak',0400);
            }
            if(file_exists($key_file2)){
                $app->system->rename($key_file2,$key_file2.'.bak');
                $app->system->chmod($key_file2.'.bak',0400);
            }
            if(file_exists($csr_file)) $app->system->rename($csr_file,$csr_file.'.bak');
            if(file_exists($crt_file)) $app->system->rename($crt_file,$crt_file.'.bak');
            
@@ -193,6 +199,7 @@
            
            }

            $app->system->chmod($key_file,0400);
            $app->system->chmod($key_file2,0400);
            @$app->system->unlink($config_file);
            @$app->system->unlink($rand_file);
@@ -219,8 +226,14 @@
            //$bundle_file = $ssl_dir.'/'.$domain.".bundle";
            
            //* Backup files
            if(file_exists($key_file)) $app->system->copy($key_file,$key_file.'~');
            if(file_exists($key_file2)) $app->system->copy($key_file2,$key_file2.'~');
            if(file_exists($key_file)){
                $app->system->copy($key_file,$key_file.'~');
                $app->system->chmod($key_file.'~',0400);
            }
            if(file_exists($key_file2)){
                $app->system->copy($key_file2,$key_file2.'~');
                $app->system->chmod($key_file2.'~',0400);
            }
            if(file_exists($csr_file)) $app->system->copy($csr_file,$csr_file.'~');
            if(file_exists($crt_file)) $app->system->copy($crt_file,$crt_file.'~');
            //if(file_exists($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'~');
@@ -1523,8 +1536,14 @@
                    //$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
                    
                    //* Backup the files that might have caused the error
                    if(is_file($key_file)) $app->system->copy($key_file,$key_file.'.err');
                    if(is_file($key_file2)) $app->system->copy($key_file2,$key_file2.'.err');
                    if(is_file($key_file)){
                        $app->system->copy($key_file,$key_file.'.err');
                        $app->system->chmod($key_file.'.err',0400);
                    }
                    if(is_file($key_file2)){
                        $app->system->copy($key_file2,$key_file2.'.err');
                        $app->system->chmod($key_file2.'.err',0400);
                    }
                    if(is_file($csr_file)) $app->system->copy($csr_file,$csr_file.'.err');
                    if(is_file($crt_file)) $app->system->copy($crt_file,$crt_file.'.err');
                    //if(is_file($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'.err');

			@@ -121,8 +121,14 @@
			$this->ssl_certificate_changed = true;

			//* Rename files if they exist
			if(file_exists($key_file)) $app->system->rename($key_file,$key_file.'.bak');
			if(file_exists($key_file2)) $app->system->rename($key_file2,$key_file2.'.bak');
			if(file_exists($key_file)){
			$app->system->rename($key_file,$key_file.'.bak');
			$app->system->chmod($key_file.'.bak',0400);
			}
			if(file_exists($key_file2)){
			$app->system->rename($key_file2,$key_file2.'.bak');
			$app->system->chmod($key_file2.'.bak',0400);
			}
			if(file_exists($csr_file)) $app->system->rename($csr_file,$csr_file.'.bak');
			if(file_exists($crt_file)) $app->system->rename($crt_file,$crt_file.'.bak');

			@@ -194,6 +200,7 @@

			}

			$app->system->chmod($key_file,0400);
			$app->system->chmod($key_file2,0400);
			@$app->system->unlink($config_file);
			@$app->system->unlink($rand_file);
			@@ -220,8 +227,14 @@
			$bundle_file = $ssl_dir.'/'.$domain.".bundle";

			//* Backup files
			if(file_exists($key_file)) $app->system->copy($key_file,$key_file.'~');
			if(file_exists($key_file2)) $app->system->copy($key_file2,$key_file2.'~');
			if(file_exists($key_file)){
			$app->system->copy($key_file,$key_file.'~');
			$app->system->chmod($key_file.'~',0400);
			}
			if(file_exists($key_file2)){
			$app->system->copy($key_file2,$key_file2.'~');
			$app->system->chmod($key_file2.'~',0400);
			}
			if(file_exists($csr_file)) $app->system->copy($csr_file,$csr_file.'~');
			if(file_exists($crt_file)) $app->system->copy($crt_file,$crt_file.'~');
			if(file_exists($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'~');
			@@ -1454,8 +1467,14 @@
			$bundle_file = $ssl_dir.'/'.$domain.'.bundle';

			//* Backup the files that might have caused the error
			if(is_file($key_file)) $app->system->copy($key_file,$key_file.'.err');
			if(is_file($key_file2)) $app->system->copy($key_file2,$key_file2.'.err');
			if(is_file($key_file)){
			$app->system->copy($key_file,$key_file.'.err');
			$app->system->chmod($key_file.'.err',0400);
			}
			if(is_file($key_file2)){
			$app->system->copy($key_file2,$key_file2.'.err');
			$app->system->chmod($key_file2.'.err',0400);
			}
			if(is_file($csr_file)) $app->system->copy($csr_file,$csr_file.'.err');
			if(is_file($crt_file)) $app->system->copy($crt_file,$crt_file.'.err');
			if(is_file($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'.err');

			@@ -120,8 +120,14 @@
			$this->ssl_certificate_changed = true;

			//* Rename files if they exist
			if(file_exists($key_file)) $app->system->rename($key_file,$key_file.'.bak');
			if(file_exists($key_file2)) $app->system->rename($key_file2,$key_file2.'.bak');
			if(file_exists($key_file)){
			$app->system->rename($key_file,$key_file.'.bak');
			$app->system->chmod($key_file.'.bak',0400);
			}
			if(file_exists($key_file2)){
			$app->system->rename($key_file2,$key_file2.'.bak');
			$app->system->chmod($key_file2.'.bak',0400);
			}
			if(file_exists($csr_file)) $app->system->rename($csr_file,$csr_file.'.bak');
			if(file_exists($crt_file)) $app->system->rename($crt_file,$crt_file.'.bak');

			@@ -193,6 +199,7 @@

			}

			$app->system->chmod($key_file,0400);
			$app->system->chmod($key_file2,0400);
			@$app->system->unlink($config_file);
			@$app->system->unlink($rand_file);
			@@ -219,8 +226,14 @@
			//$bundle_file = $ssl_dir.'/'.$domain.".bundle";

			//* Backup files
			if(file_exists($key_file)) $app->system->copy($key_file,$key_file.'~');
			if(file_exists($key_file2)) $app->system->copy($key_file2,$key_file2.'~');
			if(file_exists($key_file)){
			$app->system->copy($key_file,$key_file.'~');
			$app->system->chmod($key_file.'~',0400);
			}
			if(file_exists($key_file2)){
			$app->system->copy($key_file2,$key_file2.'~');
			$app->system->chmod($key_file2.'~',0400);
			}
			if(file_exists($csr_file)) $app->system->copy($csr_file,$csr_file.'~');
			if(file_exists($crt_file)) $app->system->copy($crt_file,$crt_file.'~');
			//if(file_exists($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'~');
			@@ -1523,8 +1536,14 @@
			//$bundle_file = $ssl_dir.'/'.$domain.'.bundle';

			//* Backup the files that might have caused the error
			if(is_file($key_file)) $app->system->copy($key_file,$key_file.'.err');
			if(is_file($key_file2)) $app->system->copy($key_file2,$key_file2.'.err');
			if(is_file($key_file)){
			$app->system->copy($key_file,$key_file.'.err');
			$app->system->chmod($key_file.'.err',0400);
			}
			if(is_file($key_file2)){
			$app->system->copy($key_file2,$key_file2.'.err');
			$app->system->chmod($key_file2.'.err',0400);
			}
			if(is_file($csr_file)) $app->system->copy($csr_file,$csr_file.'.err');
			if(is_file($crt_file)) $app->system->copy($crt_file,$crt_file.'.err');
			//if(is_file($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'.err');