Skip to content

Commit 797ed5b

Browse files
author
Marius Burkard
committed
- fixed issue with hostname inside of single quotes
- added escaping to hostname
1 parent 6af96c6 commit 797ed5b

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

install/lib/installer_base.lib.php

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -2908,7 +2908,7 @@ public function make_ispconfig_ssl_cert() {
29082908
$out = null;
29092909
$ret = null;
29102910
if($conf['nginx']['installed'] == true || $conf['apache']['installed'] == true) {
2911-
exec("$acme --issue -w /usr/local/ispconfig/interface/acme -d $hostname $renew_hook", $out, $ret);
2911+
exec("$acme --issue -w /usr/local/ispconfig/interface/acme -d " . escapeshellarg($hostname) . " $renew_hook", $out, $ret);
29122912
}
29132913
// Else, it is not webserver, so we use standalone
29142914
else {
@@ -2934,7 +2934,7 @@ public function make_ispconfig_ssl_cert() {
29342934
//$acme_cert = "--cert-file $acme_cert_dir/cert.pem";
29352935
$acme_key = "--key-file " . escapeshellarg($ssl_key_file);
29362936
$acme_chain = "--fullchain-file " . escapeshellarg($ssl_crt_file);
2937-
exec("$acme --install-cert -d $hostname $acme_key $acme_chain");
2937+
exec("$acme --install-cert -d " . escapeshellarg($hostname) . " $acme_key $acme_chain");
29382938
$issued_successfully = true;
29392939
} else {
29402940
swriteln('Issuing certificate via acme.sh failed. Please check that your hostname can be verified by letsencrypt');
@@ -2959,11 +2959,11 @@ public function make_ispconfig_ssl_cert() {
29592959

29602960
// If this is a webserver
29612961
if($conf['nginx']['installed'] == true || $conf['apache']['installed'] == true) {
2962-
exec("$le_client $certonly $acme_version --authenticator webroot --webroot-path /usr/local/ispconfig/interface/acme --email " . escapeshellarg('postmaster@$hostname') . " -d " . escapeshellarg($hostname) . " $renew_hook", $out, $ret);
2962+
exec("$le_client $certonly $acme_version --authenticator webroot --webroot-path /usr/local/ispconfig/interface/acme --email " . escapeshellarg('postmaster@' . $hostname) . " -d " . escapeshellarg($hostname) . " $renew_hook", $out, $ret);
29632963
}
29642964
// Else, it is not webserver, so we use standalone
29652965
else {
2966-
exec("$le_client $certonly $acme_version --standalone --email " . escapeshellarg('postmaster@$hostname') . " -d " . escapeshellarg($hostname) . " $hook", $out, $ret);
2966+
exec("$le_client $certonly $acme_version --standalone --email " . escapeshellarg('postmaster@' . $hostname) . " -d " . escapeshellarg($hostname) . " $hook", $out, $ret);
29672967
}
29682968

29692969
if($ret == 0) {

0 commit comments

Comments
 (0)