Skip to content

Commit 5f14605

Browse files
author
Marius Burkard
committed
- migrated apache2 code
1 parent 1fa53e9 commit 5f14605

File tree

2 files changed

+12
-35
lines changed

2 files changed

+12
-35
lines changed

server/plugins-available/apache2_plugin.inc.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -353,10 +353,10 @@ function ssl($event_name, $data) {
353353
if(is_file($ssl_cnf_file) && !is_link($ssl_cnf_file)) {
354354
$openssl_cmd = 'openssl req -nodes -newkey rsa:4096 -x509 -days ? -keyout ? -out ? -config ?';
355355
$app->system->exec_safe($openssl_cmd, $ssl_days, $openssl_cmd_key_file, $openssl_cmd_crt_file, $config_file);
356+
$app->system->exec_safe("openssl req -new -sha256 -key ? -out ? -days ? -config ?", $openssl_cmd_key_file, $openssl_cmd_csr_file, $ssl_days, $config_file);
356357

357358
if(file_exists($web_config['CA_path'].'/openssl.cnf'))
358359
{
359-
$app->system->exec_safe("openssl req -new -sha256 -key ? -out ? -days ? -config ?", $openssl_cmd_key_file, $openssl_cmd_csr_file, $ssl_days, $config_file);
360360
$app->system->exec_safe("openssl ca -batch -out ? -config ? -passin pass:? -in ? -extfile ?", $openssl_cmd_crt_file, $web_config['CA_path']."/openssl.cnf", $web_config['CA_pass'], $openssl_cmd_csr_file, $ssl_ext_file);
361361
$app->log("Creating CA-signed SSL Cert for: $domain", LOGLEVEL_DEBUG);
362362
if(filesize($crt_file) == 0 || !file_exists($crt_file)) {

server/plugins-available/nginx_plugin.inc.php

Lines changed: 11 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -112,7 +112,6 @@ function ssl($event_name, $data) {
112112
$ssl_dir = $data['new']['document_root'].'/ssl';
113113
$domain = ($data['new']['ssl_domain'] != '') ? $data['new']['ssl_domain'] : $data['new']['domain'];
114114
$key_file = $ssl_dir.'/'.$domain.'.key';
115-
$key_file2 = $ssl_dir.'/'.$domain.'.key.org';
116115
$csr_file = $ssl_dir.'/'.$domain.'.csr';
117116
$crt_file = $ssl_dir.'/'.$domain.'.crt';
118117

@@ -126,10 +125,6 @@ function ssl($event_name, $data) {
126125
$app->system->rename($key_file, $key_file.'.bak');
127126
$app->system->chmod($key_file.'.bak', 0400);
128127
}
129-
if(file_exists($key_file2)){
130-
$app->system->rename($key_file2, $key_file2.'.bak');
131-
$app->system->chmod($key_file2.'.bak', 0400);
132-
}
133128
if(file_exists($csr_file)) $app->system->rename($csr_file, $csr_file.'.bak');
134129
if(file_exists($crt_file)) $app->system->rename($crt_file, $crt_file.'.bak');
135130

@@ -179,42 +174,35 @@ function ssl($event_name, $data) {
179174
$ssl_ext_file = $ssl_dir.'/v3.ext';
180175
$app->system->file_put_contents($ssl_ext_file, $ext_cnf);
181176

182-
$rand_file = $rand_file;
183-
$key_file2 = $key_file2;
184-
$openssl_cmd_key_file2 = $key_file2;
185-
if(substr($domain, 0, 2) == '*.' && strpos($key_file2, '/ssl/\*.') !== false) $key_file2 = str_replace('/ssl/\*.', '/ssl/*.', $key_file2); // wildcard certificate
186-
$key_file = $key_file;
187177
$openssl_cmd_key_file = $key_file;
188178
if(substr($domain, 0, 2) == '*.' && strpos($key_file, '/ssl/\*.') !== false) $key_file = str_replace('/ssl/\*.', '/ssl/*.', $key_file); // wildcard certificate
189179
$ssl_days = 3650;
190-
$csr_file = $csr_file;
191180
$openssl_cmd_csr_file = $csr_file;
192181
if(substr($domain, 0, 2) == '*.' && strpos($csr_file, '/ssl/\*.') !== false) $csr_file = str_replace('/ssl/\*.', '/ssl/*.', $csr_file); // wildcard certificate
193182
$config_file = $ssl_cnf_file;
194-
$crt_file = $crt_file;
195183
$openssl_cmd_crt_file = $crt_file;
196184
if(substr($domain, 0, 2) == '*.' && strpos($crt_file, '/ssl/\*.') !== false) $crt_file = str_replace('/ssl/\*.', '/ssl/*.', $crt_file); // wildcard certificate
197185

198186
if(is_file($ssl_cnf_file) && !is_link($ssl_cnf_file)) {
199-
200-
$app->system->exec_safe("openssl genrsa -des3 -rand ? -passout pass:? -out ? 2048", $rand_file, $ssl_password, $openssl_cmd_key_file2);
201-
$app->system->exec_safe("openssl req -new -sha256 -passin pass:? -passout pass:? -key ? -out ? -days ? -config ?", $ssl_password, $ssl_password, $openssl_cmd_key_file2, $openssl_cmd_csr_file, $ssl_days, $config_file);
202-
$app->system->exec_safe("openssl rsa -passin pass:? -in ? -out ?", $ssl_password, $openssl_cmd_key_file2, $openssl_cmd_key_file);
187+
$openssl_cmd = 'openssl req -nodes -newkey rsa:4096 -x509 -days ? -keyout ? -out ? -config ?';
188+
$app->system->exec_safe($openssl_cmd, $ssl_days, $openssl_cmd_key_file, $openssl_cmd_crt_file, $config_file);
189+
$app->system->exec_safe("openssl req -new -sha256 -key ? -out ? -days ? -config ?", $openssl_cmd_key_file, $openssl_cmd_csr_file, $ssl_days, $config_file);
203190

204191
if(file_exists($web_config['CA_path'].'/openssl.cnf'))
205192
{
206193
$app->system->exec_safe("openssl ca -batch -out ? -config ? -passin pass:? -in ? -extfile ?", $openssl_cmd_crt_file, $web_config['CA_path']."/openssl.cnf", $web_config['CA_pass'], $openssl_cmd_csr_file, $ssl_ext_file);
207194
$app->log("Creating CA-signed SSL Cert for: $domain", LOGLEVEL_DEBUG);
208-
if (filesize($crt_file)==0 || !file_exists($crt_file)) $app->log("CA-Certificate signing failed. openssl ca -out $openssl_cmd_crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $openssl_cmd_csr_file -extfile $ssl_ext_file", LOGLEVEL_ERROR);
209-
};
195+
if(filesize($crt_file) == 0 || !file_exists($crt_file)) {
196+
$app->log("CA-Certificate signing failed. openssl ca -out $openssl_cmd_crt_file -config " . $web_config['CA_path'] . "/openssl.cnf -passin pass:" . $web_config['CA_pass'] . " -in $openssl_cmd_csr_file -extfile $ssl_ext_file", LOGLEVEL_ERROR);
197+
}
198+
}
210199
if (@filesize($crt_file)==0 || !file_exists($crt_file)){
211-
$app->system->exec_safe("openssl req -x509 -passin pass:? -passout pass:? -key ? -in ? -out ? -days ? -config ?", $ssl_password, $ssl_password, $openssl_cmd_key_file2, $openssl_cmd_csr_file, $openssl_cmd_crt_file, $ssl_days, $config_file);
200+
$app->system->exec_safe($openssl_cmd, $ssl_days, $openssl_cmd_key_file, $openssl_cmd_crt_file, $config_file);
212201
$app->log("Creating self-signed SSL Cert for: $domain", LOGLEVEL_DEBUG);
213-
};
202+
}
214203

215204
}
216205

217-
$app->system->chmod($key_file2, 0400);
218206
$app->system->chmod($key_file, 0400);
219207
@$app->system->unlink($config_file);
220208
@$app->system->unlink($rand_file);
@@ -276,10 +264,7 @@ function ssl($event_name, $data) {
276264
$app->system->copy($key_file, $key_file.'~');
277265
$app->system->chmod($key_file.'~', 0400);
278266
}
279-
if(file_exists($key_file2)){
280-
$app->system->copy($key_file2, $key_file2.'~');
281-
$app->system->chmod($key_file2.'~', 0400);
282-
}
267+
283268
if(file_exists($csr_file)) $app->system->copy($csr_file, $csr_file.'~');
284269
if(file_exists($crt_file)) $app->system->copy($crt_file, $crt_file.'~');
285270

@@ -1377,7 +1362,6 @@ function update($event_name, $data) {
13771362
$tmp = $app->letsencrypt->get_website_certificate_paths($data);
13781363
$domain = $tmp['domain'];
13791364
$key_file = $tmp['key'];
1380-
$key_file2 = $tmp['key2'];
13811365
$csr_file = $tmp['csr'];
13821366
$crt_file = $tmp['crt'];
13831367
$bundle_file = $tmp['bundle'];
@@ -2080,8 +2064,7 @@ function update($event_name, $data) {
20802064

20812065
$ssl_dir = $data['new']['document_root'].'/ssl';
20822066
$domain = $data['new']['ssl_domain'];
2083-
$key_file = $ssl_dir.'/'.$domain.'.key.org';
2084-
$key_file2 = $ssl_dir.'/'.$domain.'.key';
2067+
$key_file = $ssl_dir.'/'.$domain.'.key';
20852068
$csr_file = $ssl_dir.'/'.$domain.'.csr';
20862069
$crt_file = $ssl_dir.'/'.$domain.'.crt';
20872070
//$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
@@ -2091,17 +2074,12 @@ function update($event_name, $data) {
20912074
$app->system->copy($key_file, $key_file.'.err');
20922075
$app->system->chmod($key_file.'.err', 0400);
20932076
}
2094-
if(is_file($key_file2)){
2095-
$app->system->copy($key_file2, $key_file2.'.err');
2096-
$app->system->chmod($key_file2.'.err', 0400);
2097-
}
20982077
if(is_file($csr_file)) $app->system->copy($csr_file, $csr_file.'.err');
20992078
if(is_file($crt_file)) $app->system->copy($crt_file, $crt_file.'.err');
21002079
//if(is_file($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'.err');
21012080

21022081
//* Restore the ~ backup files
21032082
if(is_file($key_file.'~')) $app->system->copy($key_file.'~', $key_file);
2104-
if(is_file($key_file2.'~')) $app->system->copy($key_file2.'~', $key_file2);
21052083
if(is_file($crt_file.'~')) $app->system->copy($crt_file.'~', $crt_file);
21062084
if(is_file($csr_file.'~')) $app->system->copy($csr_file.'~', $csr_file);
21072085
//if(is_file($bundle_file.'~')) $app->system->copy($bundle_file.'~',$bundle_file);
@@ -2121,7 +2099,6 @@ function update($event_name, $data) {
21212099
$this->ssl_certificate_changed = false;
21222100

21232101
if(@is_file($key_file.'~')) $app->system->unlink($key_file.'~');
2124-
if(@is_file($key_file2.'~')) $app->system->unlink($key_file2.'~');
21252102
if(@is_file($crt_file.'~')) $app->system->unlink($crt_file.'~');
21262103
if(@is_file($csr_file.'~')) $app->system->unlink($csr_file.'~');
21272104
//if(@is_file($bundle_file.'~')) $app->system->unlink($bundle_file.'~');

0 commit comments

Comments
 (0)