From 10b47ccebdb3c25faba6d1075a08c2b9fb63f827 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 15 Jan 2013 08:51:08 -0500
Subject: [PATCH] Fixed: FS#2613 - Adding chrooted cron jobs not work and freeze ispconfig job queue

---
 server/plugins-available/nginx_plugin.inc.php |   90 ++++++++++++++++++++++++++++++++++++++-------
 1 files changed, 76 insertions(+), 14 deletions(-)

diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index 60a1e55..4234f94 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -120,8 +120,14 @@
 			$this->ssl_certificate_changed = true;
 			
 			//* Rename files if they exist
-			if(file_exists($key_file)) $app->system->rename($key_file,$key_file.'.bak');
-			if(file_exists($key_file2)) $app->system->rename($key_file2,$key_file2.'.bak');
+			if(file_exists($key_file)){
+				$app->system->rename($key_file,$key_file.'.bak');
+				$app->system->chmod($key_file.'.bak',0400);
+			}
+			if(file_exists($key_file2)){
+				$app->system->rename($key_file2,$key_file2.'.bak');
+				$app->system->chmod($key_file2.'.bak',0400);
+			}
 			if(file_exists($csr_file)) $app->system->rename($csr_file,$csr_file.'.bak');
 			if(file_exists($crt_file)) $app->system->rename($crt_file,$crt_file.'.bak');
 			
@@ -164,11 +170,15 @@
 
 			$rand_file = escapeshellcmd($rand_file);
 			$key_file = escapeshellcmd($key_file);
+			if(substr($domain, 0, 2) == '*.' && strpos($key_file, '/ssl/\*.') != false) $key_file = str_replace('/ssl/\*.', '/ssl/*.', $key_file); // wildcard certificate
 			$key_file2 = escapeshellcmd($key_file2);
+			if(substr($domain, 0, 2) == '*.' && strpos($key_file2, '/ssl/\*.') != false) $key_file2 = str_replace('/ssl/\*.', '/ssl/*.', $key_file2); // wildcard certificate
 			$ssl_days = 3650;
 			$csr_file = escapeshellcmd($csr_file);
+			if(substr($domain, 0, 2) == '*.' && strpos($csr_file, '/ssl/\*.') != false) $csr_file = str_replace('/ssl/\*.', '/ssl/*.', $csr_file); // wildcard certificate
 			$config_file = escapeshellcmd($ssl_cnf_file);
 			$crt_file = escapeshellcmd($crt_file);
+			if(substr($domain, 0, 2) == '*.' && strpos($crt_file, '/ssl/\*.') != false) $crt_file = str_replace('/ssl/\*.', '/ssl/*.', $crt_file); // wildcard certificate
 
 			if(is_file($ssl_cnf_file) && !is_link($ssl_cnf_file)) {
 				
@@ -189,6 +199,7 @@
 			
 			}
 
+			$app->system->chmod($key_file,0400);
 			$app->system->chmod($key_file2,0400);
 			@$app->system->unlink($config_file);
 			@$app->system->unlink($rand_file);
@@ -215,8 +226,14 @@
 			//$bundle_file = $ssl_dir.'/'.$domain.".bundle";
 			
 			//* Backup files
-			if(file_exists($key_file)) $app->system->copy($key_file,$key_file.'~');
-			if(file_exists($key_file2)) $app->system->copy($key_file2,$key_file2.'~');
+			if(file_exists($key_file)){
+				$app->system->copy($key_file,$key_file.'~');
+				$app->system->chmod($key_file.'~',0400);
+			}
+			if(file_exists($key_file2)){
+				$app->system->copy($key_file2,$key_file2.'~');
+				$app->system->chmod($key_file2.'~',0400);
+			}
 			if(file_exists($csr_file)) $app->system->copy($csr_file,$csr_file.'~');
 			if(file_exists($crt_file)) $app->system->copy($crt_file,$crt_file.'~');
 			//if(file_exists($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'~');
@@ -435,8 +452,8 @@
 			
 			//* Create new base directory, if it does not exist yet
 			if(!is_dir($new_dir)) $app->system->mkdirpath($new_dir);
-			//exec('mv '.$data['old']['document_root'].' '.$new_dir);
-			$app->system->rename($data['old']['document_root'],$new_dir);
+			exec('mv '.escapeshellarg($data['old']['document_root']).' '.escapeshellarg($new_dir));
+			//$app->system->rename($data['old']['document_root'],$new_dir);
 			$app->log('Moving site to new document root: mv '.$data['old']['document_root'].' '.$new_dir,LOGLEVEL_DEBUG);
 
 			// Handle the change in php_open_basedir
@@ -453,7 +470,12 @@
 			exec($command);
 
 			if($nginx_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);
-
+			
+			//* Change the log mount
+			$fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.'    none    bind';
+			$app->system->removeLine('/etc/fstab',$fstab_line);
+			$fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.'    none    bind,nobootwait    0 0';
+			$app->system->replaceLine('/etc/fstab',$fstab_line,$fstab_line,1,1);
 
 		}
 
@@ -483,19 +505,26 @@
 		if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
 			if(is_dir('/var/log/ispconfig/httpd/'.$data['old']['domain'])) exec('rm -rf /var/log/ispconfig/httpd/'.$data['old']['domain']);
 			if(is_link($data['old']['document_root'].'/'.$log_folder)) $app->system->unlink($data['old']['document_root'].'/'.$log_folder);
+		
+			//* remove old log mount
+			$fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.'    none    bind';
+			$app->system->removeLine('/etc/fstab',$fstab_line);
+			
+			//* Unmount log directory
+			exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
 		}
 		
 		//* Create the log dir if nescessary and mount it
-        if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data['new']['domain']);
-		if(!is_dir($data['new']['document_root'].'/'.$log_folder) || is_link($data['new']['document_root'].'/'.$log_folder)) {
+		if(!is_dir($data['new']['document_root'].'/'.$log_folder) || !is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain']) || is_link($data['new']['document_root'].'/'.$log_folder)) {
 			if(is_link($data['new']['document_root'].'/'.$log_folder)) unlink($data['new']['document_root'].'/'.$log_folder);
+			if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data['new']['domain']);
 			$app->system->mkdirpath($data['new']['document_root'].'/'.$log_folder);
 			$app->system->chown($data['new']['document_root'].'/'.$log_folder,'root');
 			$app->system->chgrp($data['new']['document_root'].'/'.$log_folder,'root');
 			$app->system->chmod($data['new']['document_root'].'/'.$log_folder,0755);
 			exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder));
 			//* add mountpoint to fstab
-			$fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.'    none    bind    0 0';
+			$fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.'    none    bind,nobootwait    0 0';
 			$app->system->replaceLine('/etc/fstab',$fstab_line,$fstab_line,1,1);
 		}
 		
@@ -1507,8 +1536,14 @@
 					//$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
 					
 					//* Backup the files that might have caused the error
-					if(is_file($key_file)) $app->system->copy($key_file,$key_file.'.err');
-					if(is_file($key_file2)) $app->system->copy($key_file2,$key_file2.'.err');
+					if(is_file($key_file)){
+						$app->system->copy($key_file,$key_file.'.err');
+						$app->system->chmod($key_file.'.err',0400);
+					}
+					if(is_file($key_file2)){
+						$app->system->copy($key_file2,$key_file2.'.err');
+						$app->system->chmod($key_file2.'.err',0400);
+					}
 					if(is_file($csr_file)) $app->system->copy($csr_file,$csr_file.'.err');
 					if(is_file($crt_file)) $app->system->copy($crt_file,$crt_file.'.err');
 					//if(is_file($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'.err');
@@ -1593,7 +1628,7 @@
 		exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
 		
 		//* remove mountpoint from fstab
-		$fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.'    none    bind    0 0';
+		$fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.'    none    bind';
 		$app->system->removeLine('/etc/fstab',$fstab_line);
 
 		if($data['old']['type'] != 'vhost' && $data['old']['type'] != 'vhostsubdomain' && $data['old']['parent_domain_id'] > 0) {
@@ -2278,8 +2313,35 @@
 
 		$lines = explode("\n", $vhost_conf);
 		
+		// if whole location block is in one line, split it up into multiple lines
 		if(is_array($lines) && !empty($lines)){
+			$linecount = sizeof($lines);
+			for($h=0;$h<$linecount;$h++){
+				$lines[$h] = rtrim($lines[$h]);
+				if(substr(ltrim($lines[$h]), 0, 8) == 'location' && strpos($lines[$h], '{') !== false && strpos($lines[$h], ';') !== false){
+					$lines[$h] = str_replace("{", "{\n", $lines[$h]);
+					$lines[$h] = str_replace(";", ";\n", $lines[$h]);
+					if(strpos($lines[$h], '##merge##') !== false){
+						$lines[$h] = str_replace('##merge##', '', $lines[$h]);
+						$lines[$h] = substr($lines[$h],0,strpos($lines[$h], '{')).' ##merge##'.substr($lines[$h],strpos($lines[$h], '{')+1);
+					}
+				}
+				if(substr(ltrim($lines[$h]), 0, 8) == 'location' && strpos($lines[$h], '{') !== false && strpos($lines[$h], '}') !== false && strpos($lines[$h], ';') === false){
+					$lines[$h] = str_replace("{", "{\n", $lines[$h]);
+					if(strpos($lines[$h], '##merge##') !== false){
+						$lines[$h] = str_replace('##merge##', '', $lines[$h]);
+						$lines[$h] = substr($lines[$h],0,strpos($lines[$h], '{')).' ##merge##'.substr($lines[$h],strpos($lines[$h], '{')+1);
+					}
+				}
+			}
+		}
+		$vhost_conf = implode("\n", $lines);
+		unset($lines);
+		unset($linecount);
 		
+		$lines = explode("\n", $vhost_conf);
+			
+		if(is_array($lines) && !empty($lines)){	
 			$locations = array();
 			$islocation = false;
 			$linecount = sizeof($lines);
@@ -2348,7 +2410,7 @@
 			$vhost_conf = implode("\n", $lines);
 		}
 		
-		return $vhost_conf;
+		return trim($vhost_conf);
 	}
 	
 	function client_delete($event_name,$data) {

--
Gitblit v1.9.1