From b31bb1f27f066a2d49f5ab9ee0ca15e985efc788 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Mon, 26 Sep 2011 06:50:23 -0400
Subject: [PATCH] Fixed: FS#1619 - Add apache SNI / SAN support for SSL.
---
interface/web/sites/web_domain_edit.php | 16 ++++++++++++----
1 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/interface/web/sites/web_domain_edit.php b/interface/web/sites/web_domain_edit.php
index ee865c5..13af0a1 100644
--- a/interface/web/sites/web_domain_edit.php
+++ b/interface/web/sites/web_domain_edit.php
@@ -397,9 +397,8 @@
unset($tmp);
// When the record is inserted
} else {
- // set the server ID to the default mailserver of the client
+ //* set the server ID to the default webserver of the client
$this->dataRecord["server_id"] = $client["default_webserver"];
-
// Check if the user may add another web_domain
if($client["limit_web_domain"] >= 0) {
@@ -410,7 +409,6 @@
}
}
-
// Clients may not set the client_group_id, so we unset them if user is not a admin and the client is not a reseller
if(!$app->auth->has_clients($_SESSION['s']['user']['userid'])) unset($this->dataRecord["client_group_id"]);
@@ -418,7 +416,17 @@
//* make sure that the email domain is lowercase
if(isset($this->dataRecord["domain"])) $this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
-
+
+ //* get the server config for this server
+ $app->uses("getconf");
+ $web_config = $app->getconf->get_server_config(intval($this->dataRecord["server_id"]),'web');
+ //* Check for duplicate ssl certs per IP if SNI is disabled
+ if(isset($this->dataRecord['ssl']) && $this->dataRecord['ssl'] == 'y' && $web_config['enable_sni'] != 'y') {
+ $sql = "SELECT count(domain_id) as number FROM web_domain WHERE `ssl` = 'y' AND ip_address = '".$app->db->quote($this->dataRecord['ip_address'])."' and domain_id != ".$this->id;
+ $tmp = $app->db->queryOneRecord($sql);
+ if($tmp['number'] > 0) $app->tform->errorMessage .= $app->tform->lng("error_no_sni_txt");
+ }
+
parent::onSubmit();
}
--
Gitblit v1.9.1