- pre-release update files

be46cb19 · Marius Burkard · c14d6c0b · be46cb19 · be46cb19 · be46cb19
Commit be46cb19 authored 3 years ago by Marius Burkard
--- a/helper_scripts/cert_check.sh
+++ b/helper_scripts/cert_check.sh
+#!/bin/bash
+
+chkdata() {
+	F=$1
+	CRT=$2
+	KEY=$3
+	if [[ "$CRT" != "" && "$KEY" != "" ]] ; then
+		if [[ ! -f "$CRT" ]] ; then
+			echo "[WARN] CERTIFICATE FILE ${CRT} MISSING FOR ${F}" ;
+		else 
+			echo -n "Checking ${CRT}" ;
+			CHK=$(openssl x509 -in "${CRT}" -text -noout >/dev/null 2>&1 ; echo $?);
+			if [[ $CHK -ne 0 ]] ; then
+				echo " FAILED!" ;
+			else
+				echo " OK" ;
+			fi
+		fi
+		if [[ ! -f "$KEY" ]] ; then
+			echo "[WARN] KEY FILE ${KEY} MISSING FOR ${F}" ;
+		else
+			echo -n "Checking ${KEY}" ;
+			CHK=$(openssl rsa -in "${KEY}" -check -noout >/dev/null 2>&1 ; echo $?);
+			if [[ $CHK -ne 0 ]] ; then
+				echo " FAILED!" ;
+			else
+				echo " OK" ;
+			fi
+		fi
+	
+		if [[ -f "$CRT" && -f "$KEY" ]] ; then
+			echo -n "Checking that key and certificate match";
+			MDCRT=$(openssl x509 -noout -modulus -in "${CRT}" | openssl md5) ;
+			MDKEY=$(openssl rsa -noout -modulus -in "${KEY}" | openssl md5) ;
+			if [[ "$MDCRT" != "$MDKEY" ]] ; then
+				echo " FAILED!" ;
+			else
+				echo " OK" ;
+			fi
+		fi
+		echo "---" ;
+	elif [[ "$CRT" != ""  || "$KEY" != "" ]] ; then
+		echo "[WARN] Check SSL config of ${F}";
+		echo "---" ;
+	fi
+}
+
+if [[ -d /etc/apache2/sites-enabled ]] ; then
+	echo "Checking enabled apache vhosts" ;
+	for FIL in /etc/apache2/sites-enabled/* ; do
+		CRT=$(grep 'SSLCertificateFile' "${FIL}" | grep -E -v '^[[:space:]]*#' | awk '{print $2}' | head -n 1) ;
+		KEY=$(grep 'SSLCertificateKeyFile' "${FIL}" | grep -E -v '^[[:space:]]*#' | awk '{print $2}' | head -n 1) ;
+		chkdata "$FIL" "$CRT" "$KEY" ;
+	done
+fi
+
+if [[ -d /etc/nginx/sites-enabled ]] ; then
+	echo "Checking enabled nginx vhosts" ;
+	for FIL in /etc/nginx/sites-enabled/* ; do
+		CRT=$(grep 'ssl_certificate' "${FIL}" | grep -E -v '^[[:space:]]*#' | awk '{print $2}' | head -n 1) ;
+		CRT=${CRT%;}
+		KEY=$(grep 'ssl_certificate_key' "${FIL}" | grep -E -v '^[[:space:]]*#' | awk '{print $2}' | head -n 1) ;
+		KEY=${KEY%;}
+		chkdata "$FIL" "$CRT" "$KEY" ;
+	done
+fi
\ No newline at end of file
--- a/install/patches/upd_dev_collection.php
+++ b/install/patches/upd_dev_collection.php
--- a/install/sql/incremental/upd_0094.sql
+++ b/install/sql/incremental/upd_0094.sql
+-- Add column for email backup limit (#5732)
+ALTER TABLE `client_template` ADD `limit_mail_backup` ENUM( 'n', 'y' ) NOT NULL DEFAULT 'y' AFTER `limit_spamfilter_policy`;
+ALTER TABLE `client` ADD `limit_mail_backup` ENUM( 'n', 'y' ) NOT NULL DEFAULT 'y' AFTER `limit_spamfilter_policy`;
+
+-- default spamfilter_users.policy_id to 0
+ALTER TABLE `spamfilter_users` ALTER `policy_id` SET DEFAULT 0;
+
+-- mail_forwarding.source must be unique
+ALTER TABLE `mail_forwarding` DROP KEY `server_id`;
+ALTER TABLE `mail_forwarding` ADD KEY `server_id` (`server_id`, `source`);
+
+-- Purge apps & addons installer (#5795) - second time due to syntax error in 0093
+DROP TABLE IF EXISTS `software_package`;
+DROP TABLE IF EXISTS `software_repo`;
+DROP TABLE IF EXISTS `software_update`;
+DROP TABLE IF EXISTS `software_update_inst`;
+
+-- mail_transport.domain must be unique
+ALTER TABLE `mail_transport` DROP KEY `server_id_2`;
+ALTER TABLE `mail_transport` ADD UNIQUE KEY `server_id_2` (`server_id`, `domain`);
--- a/install/sql/incremental/upd_dev_collection.sql
+++ b/install/sql/incremental/upd_dev_collection.sql
-- Add column for email backup limit (#5732)
-ALTER TABLE `client_template` ADD `limit_mail_backup` ENUM( 'n', 'y' ) NOT NULL DEFAULT 'y' AFTER `limit_spamfilter_policy`;
-ALTER TABLE `client` ADD `limit_mail_backup` ENUM( 'n', 'y' ) NOT NULL DEFAULT 'y' AFTER `limit_spamfilter_policy`;
-
-- default spamfilter_users.policy_id to 0
-ALTER TABLE `spamfilter_users` ALTER `policy_id` SET DEFAULT 0;
-
-- mail_forwarding.source must be unique
-ALTER TABLE `mail_forwarding` DROP KEY `server_id`;
-ALTER TABLE `mail_forwarding` ADD KEY `server_id` (`server_id`, `source`);
-
-- Purge apps & addons installer (#5795) - second time due to syntax error in 0093
-DROP TABLE IF EXISTS `software_package`;
-DROP TABLE IF EXISTS `software_repo`;
-DROP TABLE IF EXISTS `software_update`;
-DROP TABLE IF EXISTS `software_update_inst`;
-
-- mail_transport.domain must be unique
-ALTER TABLE `mail_transport` DROP KEY `server_id_2`;
-ALTER TABLE `mail_transport` ADD UNIQUE KEY `server_id_2` (`server_id`, `domain`);