From d9bcf68e395d6156645a7974b1a992aa6e6c00aa Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Mon, 14 Oct 2013 08:57:25 -0400
Subject: [PATCH] Added missing empty directories from svn import
---
server/plugins-available/apache2_plugin.inc.php | 111 ++++++++++++++++++++++++++++++++++++++++++-------------
1 files changed, 85 insertions(+), 26 deletions(-)
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 38d99e3..2e1e80c 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -100,7 +100,7 @@
$app->uses('getconf');
$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
if ($web_config['CA_path']!='' && !file_exists($web_config['CA_path'].'/openssl.cnf'))
- $app->log("CA path error, file does not exist:".$web_config['CA_path'].'/openssl.conf',LOGLEVEL_ERROR);
+ $app->log("CA path error, file does not exist:".$web_config['CA_path'].'/openssl.cnf',LOGLEVEL_ERROR);
//* Only vhosts can have a ssl cert
if($data["new"]["type"] != "vhost" && $data["new"]["type"] != "vhostsubdomain") return;
@@ -171,15 +171,15 @@
$rand_file = escapeshellcmd($rand_file);
$key_file = escapeshellcmd($key_file);
- if(substr($domain, 0, 2) == '*.' && strpos($key_file, '/ssl/\*.') != false) $key_file = str_replace('/ssl/\*.', '/ssl/*.', $key_file); // wildcard certificate
+ if(substr($domain, 0, 2) == '*.' && strpos($key_file, '/ssl/\*.') !== false) $key_file = str_replace('/ssl/\*.', '/ssl/*.', $key_file); // wildcard certificate
$key_file2 = escapeshellcmd($key_file2);
- if(substr($domain, 0, 2) == '*.' && strpos($key_file2, '/ssl/\*.') != false) $key_file2 = str_replace('/ssl/\*.', '/ssl/*.', $key_file2); // wildcard certificate
+ if(substr($domain, 0, 2) == '*.' && strpos($key_file2, '/ssl/\*.') !== false) $key_file2 = str_replace('/ssl/\*.', '/ssl/*.', $key_file2); // wildcard certificate
$ssl_days = 3650;
$csr_file = escapeshellcmd($csr_file);
- if(substr($domain, 0, 2) == '*.' && strpos($csr_file, '/ssl/\*.') != false) $csr_file = str_replace('/ssl/\*.', '/ssl/*.', $csr_file); // wildcard certificate
+ if(substr($domain, 0, 2) == '*.' && strpos($csr_file, '/ssl/\*.') !== false) $csr_file = str_replace('/ssl/\*.', '/ssl/*.', $csr_file); // wildcard certificate
$config_file = escapeshellcmd($ssl_cnf_file);
$crt_file = escapeshellcmd($crt_file);
- if(substr($domain, 0, 2) == '*.' && strpos($crt_file, '/ssl/\*.') != false) $crt_file = str_replace('/ssl/\*.', '/ssl/*.', $crt_file); // wildcard certificate
+ if(substr($domain, 0, 2) == '*.' && strpos($crt_file, '/ssl/\*.') !== false) $crt_file = str_replace('/ssl/\*.', '/ssl/*.', $crt_file); // wildcard certificate
if(is_file($ssl_cnf_file) && !is_link($ssl_cnf_file)) {
@@ -247,6 +247,7 @@
//* Write the key file, if field is empty then import the key into the db
if(trim($data["new"]["ssl_key"]) != '') {
$app->system->file_put_contents($key_file2,$data["new"]["ssl_key"]);
+ $app->system->chmod($key_file2,0400);
} else {
$ssl_key2 = $app->db->quote($app->system->file_get_contents($key_file2));
/* Update the DB of the (local) Server */
@@ -651,8 +652,8 @@
exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.$error_page_path);
} // end copy error docs
- // Set the quota for the user
- if($username != '' && $app->system->is_user($username)) {
+ // Set the quota for the user, but only for vhosts, not vhostsubdomains
+ if($username != '' && $app->system->is_user($username) && $data['new']['type'] == 'vhost') {
if($data['new']['hd_quota'] > 0) {
$blocks_soft = $data['new']['hd_quota'] * 1024;
$blocks_hard = $blocks_soft + 1024;
@@ -673,6 +674,9 @@
$this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder);
}
}
+
+ //* add the Apache user to the client group if this is a vhost and security level is set to high, no matter if this is an insert or update and regardless of set_folder_permissions_on_update
+ if($data['new']['type'] == 'vhost' && $web_config['security_level'] == 20) $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
//* If the security level is set to high
if(($this->action == 'insert' && $data['new']['type'] == 'vhost') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhost')) {
@@ -716,9 +720,6 @@
$app->system->server_conf['group_datei'] = $tmp_groupfile;
unset($tmp_groupfile);
}
-
- //* add the Apache user to the client group
- $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
//* Chown all default directories
$app->system->chown($data['new']['document_root'],'root');
@@ -834,7 +835,7 @@
//* Create custom php.ini
if(trim($data['new']['custom_php_ini']) != '') {
$has_custom_php_ini = true;
- if(!is_dir($custom_php_ini_dir)) $app->system->mkdir($custom_php_ini_dir);
+ if(!is_dir($custom_php_ini_dir)) $app->system->mkdirpath($custom_php_ini_dir);
$php_ini_content = '';
if($data['new']['php'] == 'mod') {
$master_php_ini_path = $web_config['php_ini_path_apache'];
@@ -1032,7 +1033,7 @@
// Rewriting
if($alias['redirect_type'] != '' && $alias['redirect_path'] != '') {
- if(substr($alias['redirect_path'],-1) != '/' && !preg_match('/^(https?|\[scheme\]):\/\//', $data['new']['redirect_path'])) $alias['redirect_path'] .= '/';
+ if(substr($alias['redirect_path'],-1) != '/' && !preg_match('/^(https?|\[scheme\]):\/\//', $alias['redirect_path'])) $alias['redirect_path'] .= '/';
if(substr($alias['redirect_path'],0,8) == '[scheme]'){
$rewrite_target = 'http'.substr($alias['redirect_path'],8);
$rewrite_target_ssl = 'https'.substr($alias['redirect_path'],8);
@@ -1263,9 +1264,9 @@
if (!is_dir($cgi_starter_path)) {
$app->system->mkdirpath($cgi_starter_path);
- $app->system->chmod($cgi_starter_script,0755);
- $app->system->chown($cgi_starter_script,$data['new']['system_user']);
- $app->system->chgrp($cgi_starter_script,$data['new']['system_group']);
+ $app->system->chown($cgi_starter_path,$data['new']['system_user']);
+ $app->system->chgrp($cgi_starter_path,$data['new']['system_group']);
+ $app->system->chmod($cgi_starter_path,0755);
$app->log('Creating cgi starter script directory: '.$cgi_starter_path,LOGLEVEL_DEBUG);
}
@@ -1329,9 +1330,15 @@
if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0) && (@filesize($key_file)>0)) {
$tmp_vhost_arr = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 1, 'port' => '443');
if(count($rewrite_rules) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('redirects' => $rewrite_rules);
- if(count($alias_seo_redirects) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('alias_seo_redirects' => $alias_seo_redirects);
+ $ipv4_ssl_alias_seo_redirects = $alias_seo_redirects;
+ if(is_array($ipv4_ssl_alias_seo_redirects) && !empty($ipv4_ssl_alias_seo_redirects)){
+ for($i=0;$i<count($ipv4_ssl_alias_seo_redirects);$i++){
+ $ipv4_ssl_alias_seo_redirects[$i]['ssl_enabled'] = 1;
+ }
+ }
+ if(count($ipv4_ssl_alias_seo_redirects) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('alias_seo_redirects' => $ipv4_ssl_alias_seo_redirects);
$vhosts[] = $tmp_vhost_arr;
- unset($tmp_vhost_arr);
+ unset($tmp_vhost_arr, $ipv4_ssl_alias_seo_redirects);
$app->log('Enable SSL for: '.$domain,LOGLEVEL_DEBUG);
}
@@ -1359,9 +1366,15 @@
if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0) && (@filesize($key_file)>0)) {
$tmp_vhost_arr = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 1, 'port' => '443');
if(count($rewrite_rules) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('redirects' => $rewrite_rules);
- if(count($alias_seo_redirects) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('alias_seo_redirects' => $alias_seo_redirects);
+ $ipv6_ssl_alias_seo_redirects = $alias_seo_redirects;
+ if(is_array($ipv6_ssl_alias_seo_redirects) && !empty($ipv6_ssl_alias_seo_redirects)){
+ for($i=0;$i<count($ipv6_ssl_alias_seo_redirects);$i++){
+ $ipv6_ssl_alias_seo_redirects[$i]['ssl_enabled'] = 1;
+ }
+ }
+ if(count($ipv6_ssl_alias_seo_redirects) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('alias_seo_redirects' => $ipv6_ssl_alias_seo_redirects);
$vhosts[] = $tmp_vhost_arr;
- unset($tmp_vhost_arr);
+ unset($tmp_vhost_arr, $ipv6_ssl_alias_seo_redirects);
$app->log('Enable SSL for IPv6: '.$domain,LOGLEVEL_DEBUG);
}
}
@@ -1461,9 +1474,10 @@
if($web_config['check_apache_config'] == 'y') {
//* Test if apache starts with the new configuration file
$apache_online_status_before_restart = $this->_checkTcp('localhost',80);
- $app->log('Apache status is: '.$apache_online_status_before_restart,LOGLEVEL_DEBUG);
+ $app->log('Apache status is: '.($apache_online_status_before_restart === true? 'running' : 'down'),LOGLEVEL_DEBUG);
- $app->services->restartService('httpd','restart');
+ $retval = $app->services->restartService('httpd','restart'); // $retval['retval'] is 0 on success and > 0 on failure
+ $app->log('Apache restart return value is: '.$retval['retval'],LOGLEVEL_DEBUG);
// wait a few seconds, before we test the apache status again
$apache_online_status_after_restart = false;
@@ -1474,9 +1488,52 @@
sleep(1);
}
//* Check if apache restarted successfully if it was online before
- $app->log('Apache online status after restart is: '.$apache_online_status_after_restart,LOGLEVEL_DEBUG);
- if($apache_online_status_before_restart && !$apache_online_status_after_restart) {
- $app->log('Apache did not restart after the configuration change for website '.$data['new']['domain'].' Reverting the configuration. Saved non-working config as '.$vhost_file.'.err',LOGLEVEL_WARN);
+ $app->log('Apache online status after restart is: '.($apache_online_status_after_restart === true? 'running' : 'down'),LOGLEVEL_DEBUG);
+ if($apache_online_status_before_restart && !$apache_online_status_after_restart || $retval['retval'] > 0) {
+ $app->log('Apache did not restart after the configuration change for website '.$data['new']['domain'].'. Reverting the configuration. Saved non-working config as '.$vhost_file.'.err',LOGLEVEL_WARN);
+ if(is_array($retval['output']) && !empty($retval['output'])){
+ $app->log('Reason for Apache restart failure: '.implode("\n", $retval['output']),LOGLEVEL_WARN);
+ $app->dbmaster->datalogError(implode("\n", $retval['output']));
+ } else {
+ // if no output is given, check again
+ $webserver_binary = '';
+ exec('which apache2ctl', $webserver_check_output, $webserver_check_retval);
+ if($webserver_check_retval == 0){
+ $webserver_binary = 'apache2ctl';
+ } else {
+ unset($webserver_check_output, $webserver_check_retval);
+ exec('which apache2', $webserver_check_output, $webserver_check_retval);
+ if($webserver_check_retval == 0){
+ $webserver_binary = 'apache2';
+ } else {
+ unset($webserver_check_output, $webserver_check_retval);
+ exec('which httpd2', $webserver_check_output, $webserver_check_retval);
+ if($webserver_check_retval == 0){
+ $webserver_binary = 'httpd2';
+ } else {
+ unset($webserver_check_output, $webserver_check_retval);
+ exec('which httpd', $webserver_check_output, $webserver_check_retval);
+ if($webserver_check_retval == 0){
+ $webserver_binary = 'httpd';
+ } else {
+ unset($webserver_check_output, $webserver_check_retval);
+ exec('which apache', $webserver_check_output, $webserver_check_retval);
+ if($webserver_check_retval == 0){
+ $webserver_binary = 'apache';
+ }
+ }
+ }
+ }
+ }
+ if($webserver_binary != ''){
+ exec($webserver_binary.' -t 2>&1', $tmp_output, $tmp_retval);
+ if($tmp_retval > 0 && is_array($tmp_output) && !empty($tmp_output)){
+ $app->log('Reason for Apache restart failure: '.implode("\n", $tmp_output),LOGLEVEL_WARN);
+ $app->dbmaster->datalogError(implode("\n", $tmp_output));
+ }
+ unset($tmp_output, $tmp_retval);
+ }
+ }
$app->system->copy($vhost_file,$vhost_file.'.err');
if(is_file($vhost_file.'~')) {
//* Copy back the last backup file
@@ -2754,8 +2811,10 @@
$app->log('Removed client directory: '.$client_dir,LOGLEVEL_DEBUG);
}
- $this->_exec('groupdel client'.$client_id);
- $app->log('Removed group client'.$client_id,LOGLEVEL_DEBUG);
+ if($app->system->is_group('client'.$client_id)){
+ $this->_exec('groupdel client'.$client_id);
+ $app->log('Removed group client'.$client_id,LOGLEVEL_DEBUG);
+ }
}
}
--
Gitblit v1.9.1