From da42d9b721ac4e7faff04a1a1ab33b598cec7e56 Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Thu, 11 Jan 2018 16:53:56 +0100
Subject: [PATCH] Additional check for #4910 Do not permit to add subdomains of
 domain acme.invalid

---
 .../plugins-available/apache2_plugin.inc.php  | 20 +++++++++++++++++++
 server/plugins-available/nginx_plugin.inc.php | 20 +++++++++++++++++++
 2 files changed, 40 insertions(+)

diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 37b903daf0..0c47817fed 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -394,6 +394,26 @@ class apache2_plugin {
 				$app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
 			}
 		}
+		
+		//* and check that SSL cert does not contain subdomain of domain acme.invalid
+		if($data["new"]["ssl_action"] == 'save') {
+			$tmp = array();
+			$crt_data = '';
+			exec('openssl x509 -noout -text -in '.escapeshellarg($crt_file),$tmp);
+			$crt_data = implode("\n",$tmp);
+			if(stristr($crt_data,'.acme.invalid')) {
+				$data["new"]["ssl_action"] = '';
+			
+				$app->log('SSL Certificate not saved. The SSL cert contains domain acme.invalid.', LOGLEVEL_WARN);
+				$app->dbmaster->datalogError('SSL Certificate not saved. The SSL cert contains domain acme.invalid.');
+			
+				/* Update the DB of the (local) Server */
+				$app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
+
+				/* Update also the master-DB of the Server-Farm */
+				$app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
+			}
+		}
 
 		//* Save a SSL certificate to disk
 		if($data["new"]["ssl_action"] == 'save') {
diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index 8ae79afd43..fa9fb81210 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -235,6 +235,26 @@ class nginx_plugin {
 				$app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
 			}
 		}
+		
+		//* and check that SSL cert does not contain subdomain of domain acme.invalid
+		if($data["new"]["ssl_action"] == 'save') {
+			$tmp = array();
+			$crt_data = '';
+			exec('openssl x509 -noout -text -in '.escapeshellarg($crt_file),$tmp);
+			$crt_data = implode("\n",$tmp);
+			if(stristr($crt_data,'.acme.invalid')) {
+				$data["new"]["ssl_action"] = '';
+			
+				$app->log('SSL Certificate not saved. The SSL cert contains domain acme.invalid.', LOGLEVEL_WARN);
+				$app->dbmaster->datalogError('SSL Certificate not saved. The SSL cert contains domain acme.invalid.');
+			
+				/* Update the DB of the (local) Server */
+				$app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
+
+				/* Update also the master-DB of the Server-Farm */
+				$app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
+			}
+		}
 
 		//* Save a SSL certificate to disk
 		if($data["new"]["ssl_action"] == 'save') {
-- 
GitLab