@@ -1683,6 +1683,7 @@ public function configure_xmpp($options = '') {
16831683 // Copy isp libs
16841684 if (!@is_dir ('/usr/lib/metronome/isp-modules ' )) mkdir ('/usr/lib/metronome/isp-modules ' , 0755 , true );
16851685 caselog ('cp -rf apps/metronome_libs/* /usr/lib/metronome/isp-modules/ ' , __FILE__ , __LINE__ );
1686+ caselog ('chmod 755 /usr/lib/metronome/isp-modules/mod_auth_external/authenticate_isp.sh ' , __FILE__ , __LINE__ );
16861687 // Process db config
16871688 $ full_file_name'/usr/lib/metronome/isp-modules/mod_auth_external/db_conf.inc.php ' ;
16881689 $ contentrf ($ full_file_name
@@ -1695,13 +1696,14 @@ public function configure_xmpp($options = '') {
16951696
16961697 if (!stristr ($ options'dont-create-certs ' )){
16971698 // Create SSL Certificate for localhost
1698- echo "writing new private key to 'localhost.key' \n----- \n" ;
1699- $ ssl_country$ this free_query ('Country Name (2 letter code) ' , 'AU ' );
1700- $ ssl_locality$ this free_query ('Locality Name (eg, city) ' , '' );
1699+ // Ensure no line is left blank
1700+ echo "writing new private key to 'localhost.key' \n----- \n" ;
1701+ $ ssl_country$ this free_query ('Country Name (2 letter code) ' , 'AU ' );
1702+ $ ssl_locality$ this free_query ('Locality Name (eg, city) ' , 'City Name ' );
17011703 $ ssl_organisation$ this free_query ('Organization Name (eg, company) ' , 'Internet Widgits Pty Ltd ' );
1702- $ ssl_organisation_unit$ this free_query ('Organizational Unit Name (eg, section) ' , '' );
1704+ $ ssl_organisation_unit$ this free_query ('Organizational Unit Name (eg, section) ' , 'Infrastructure ' );
17031705 $ ssl_domain$ this free_query ('Common Name (e.g. server FQDN or YOUR name) ' , $ conf'hostname ' ]);
1704- $ ssl_email$ this free_query ('Email Address ' , '' );
1706+ $ ssl_email$ this free_query ('Email Address ' , 'hostmaster@ ' . $ conf [ ' hostname ' ] );
17051707
17061708 $ tplnew tpl ('metronome_conf_ssl.master ' );
17071709 $ tplsetVar ('ssl_country ' ,$ ssl_country
@@ -1718,6 +1720,14 @@ public function configure_xmpp($options = '') {
17181720 exec ("(cd /etc/metronome/certs && make localhost.cert) " );
17191721 exec ('chmod 0400 /etc/metronome/certs/localhost.key ' );
17201722 exec ('chown metronome /etc/metronome/certs/localhost.key ' );
1723+
1724+ echo "IMPORTANT: \n" ;
1725+ echo "Localhost Key, Csr and a self-signed Cert have been saved to /etc/metronome/certs \n" ;
1726+ echo "In order to work with all clients, the server must have a trusted certificate, so use the Csr \n" ;
1727+ echo "to get a trusted certificate from your CA or replace Key and Cert with already signed files for \n" ;
1728+ echo "your domain. Clients like Pidgin dont allow to use untrusted self-signed certificates. \n" ;
1729+ echo "\n" ;
1730+
17211731 }else {
17221732 echo "----- \n" ;
17231733 echo "Metronome XMPP SSL server certificate is not renewed. Run the following command manual as root to recreate it: \n" ;
@@ -1731,45 +1741,6 @@ public function configure_xmpp($options = '') {
17311741 caselog ('update-rc.d metronome defaults ' , __FILE__ , __LINE__ );
17321742
17331743 exec ($ this getinitcommand ($ conf'xmpp ' ]['init_script ' ], 'restart ' ));
1734-
1735- /*
1736- writing new private key to 'smtpd.key'
1737- -----
1738- You are about to be asked to enter information that will be incorporated
1739- into your certificate request.
1740- What you are about to enter is what is called a Distinguished Name or a DN.
1741- There are quite a few fields but you can leave some blank
1742- For some fields there will be a default value,
1743- If you enter '.', the field will be left blank.
1744- -----
1745- Country Name (2 letter code) [AU]:
1746- State or Province Name (full name) [Some-State]:
1747- Locality Name (eg, city) []:
1748- Organization Name (eg, company) [Internet Widgits Pty Ltd]:
1749- Organizational Unit Name (eg, section) []:
1750- Common Name (e.g. server FQDN or YOUR name) []:
1751- Email Address []:
1752- * */
1753-
1754- /*// Dont just copy over the virtualhost template but add some custom settings
1755- $tpl = new tpl('apache_apps.vhost.master');
1756-
1757- $tpl->setVar('apps_vhost_port',$conf['web']['apps_vhost_port']);
1758- $tpl->setVar('apps_vhost_dir',$conf['web']['website_basedir'].'/apps');
1759- $tpl->setVar('apps_vhost_basedir',$conf['web']['website_basedir']);
1760- $tpl->setVar('apps_vhost_servername',$apps_vhost_servername);
1761- $tpl->setVar('apache_version',getapacheversion());
1762-
1763-
1764- // comment out the listen directive if port is 80 or 443
1765- if($conf['web']['apps_vhost_ip'] == 80 or $conf['web']['apps_vhost_ip'] == 443) {
1766- $tpl->setVar('vhost_port_listen','#');
1767- } else {
1768- $tpl->setVar('vhost_port_listen','');
1769- }
1770-
1771- wf($vhost_conf_dir.'/apps.vhost', $tpl->grab());
1772- unset($tpl);*/
17731744 }
17741745
17751746
@@ -2649,8 +2620,8 @@ public function install_ispconfig() {
26492620 if (is_file ('/usr/local/bin/ispconfig_update_from_dev.sh ' )) unlink ('/usr/local/bin/ispconfig_update_from_dev.sh ' );
26502621 chown ($ install_dir'/server/scripts/update_from_dev.sh ' , 'root ' );
26512622 chmod ($ install_dir'/server/scripts/update_from_dev.sh ' , 0700 );
2652- chown ($ install_dir'/server/scripts/update_from_tgz.sh ' , 'root ' );
2653- chmod ($ install_dir'/server/scripts/update_from_tgz.sh ' , 0700 );
2623+ // chown($install_dir.'/server/scripts/update_from_tgz.sh', 'root');
2624+ // chmod($install_dir.'/server/scripts/update_from_tgz.sh', 0700);
26542625 chown ($ install_dir'/server/scripts/ispconfig_update.sh ' , 'root ' );
26552626 chmod ($ install_dir'/server/scripts/ispconfig_update.sh ' , 0700 );
26562627 if (!is_link ('/usr/local/bin/ispconfig_update_from_dev.sh ' )) symlink ($ install_dir'/server/scripts/ispconfig_update.sh ' , '/usr/local/bin/ispconfig_update_from_dev.sh ' );
0 commit comments