diff --git a/install/sql/ispconfig3.sql b/install/sql/ispconfig3.sql
index 7badb5405a64f61c19ea0e5ebffc8642d404ae01..17cb382d8e34ef9bc9d383134c38ae0ec8512a70 100644
--- a/install/sql/ispconfig3.sql
+++ b/install/sql/ispconfig3.sql
@@ -533,12 +533,12 @@ CREATE TABLE `shell_user` (
`password` varchar(255) default NULL,
`quota_size` int(11) NOT NULL default '-1',
`active` varchar(255) NOT NULL default 'y',
- `uid` varchar(255) NOT NULL default '0',
- `gid` varchar(255) NOT NULL default '0',
+ `puser` varchar(255) default NULL,
+ `pgroup` varchar(255) default NULL,
`shell` varchar(255) NOT NULL default '/bin/bash',
`dir` varchar(255) default NULL,
PRIMARY KEY (`shell_user_id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
--
-- Daten für Tabelle `shell_user`
diff --git a/interface/web/sites/form/shell_user.tform.php b/interface/web/sites/form/shell_user.tform.php
index 7ddc28157cb291a90c4cbe3c865065996849001c..3b79613fb7891dd02fe1445b4628950293ee5e5a 100644
--- a/interface/web/sites/form/shell_user.tform.php
+++ b/interface/web/sites/form/shell_user.tform.php
@@ -138,7 +138,7 @@ $form["tabs"]['advanced'] = array (
##################################
# Begin Datatable fields
##################################
- 'uid' => array (
+ 'puser' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'validators' => array ( 0 => array ( 'type' => 'NOTEMPTY',
@@ -149,7 +149,7 @@ $form["tabs"]['advanced'] = array (
'width' => '30',
'maxlength' => '255'
),
- 'gid' => array (
+ 'pgroup' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'validators' => array ( 0 => array ( 'type' => 'NOTEMPTY',
diff --git a/interface/web/sites/form/web_domain.tform.php b/interface/web/sites/form/web_domain.tform.php
index 009e6aecaf797870c901c544d0970575ce72da93..0ab593bb722a58ced26671cc07044a3e8348f7ee 100644
--- a/interface/web/sites/form/web_domain.tform.php
+++ b/interface/web/sites/form/web_domain.tform.php
@@ -288,7 +288,7 @@ $form["tabs"]['ssl'] = array (
'datatype' => 'VARCHAR',
'formtype' => 'SELECT',
'default' => '',
- 'value' => array('' => 'None', 'save' => 'Save Certificate', 'create' => 'Create Certificate')
+ 'value' => array('' => 'None', 'save' => 'Save Certificate', 'create' => 'Create Certificate','del' => 'Delete Certificate')
),
##################################
# ENDE Datatable fields
diff --git a/interface/web/sites/shell_user_edit.php b/interface/web/sites/shell_user_edit.php
index be7ded6a30615690e47728f8f2ef099ba7f3e066..a6d45a45b303d5e4843dfb5b460bb032812bbb32 100644
--- a/interface/web/sites/shell_user_edit.php
+++ b/interface/web/sites/shell_user_edit.php
@@ -81,10 +81,10 @@ class page_action extends tform_actions {
$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
$server_id = $web["server_id"];
$dir = $web["document_root"];
- $uid = $web["system_user"];
- $gid = $web["system_group"];
+ $puser = $web["system_user"];
+ $pgroup = $web["system_group"];
- $sql = "UPDATE shell_user SET server_id = $server_id, dir = '$dir', uid = '$uid', gid = '$gid' WHERE shell_user_id = ".$this->id;
+ $sql = "UPDATE shell_user SET server_id = $server_id, dir = '$dir', puser = '$puser', pgroup = '$pgroup' WHERE shell_user_id = ".$this->id;
$app->db->query($sql);
}
diff --git a/server/conf/vhost.conf.master b/server/conf/vhost.conf.master
index 986d9d6ad43d1005a0ae5c7465b00140e776d444..d5199de788becc7aaa40d1b5d6bf7cc8c13e0c59 100644
--- a/server/conf/vhost.conf.master
+++ b/server/conf/vhost.conf.master
@@ -59,7 +59,9 @@
-<tmpl_if name='ssl' op='==' value='y'>
+<tmpl_if name='ssl_enabled'>
+
+<IfModule mod_ssl.c>
###########################################################
# SSL Vhost
###########################################################
@@ -77,6 +79,13 @@
ErrorDocument 405 /error/methodNotAllowed.html
ErrorDocument 500 /error/internalServerError.html
ErrorDocument 503 /error/overloaded.html
+
+ SSLEngine on
+ SSLCertificateFile <tmpl_var name='document_root'>/<tmpl_var name='domain'>.crt
+ SSLCertificateKeyFile <tmpl_var name='document_root'>/<tmpl_var name='domain'>.key
+<tmpl_if name='has_bundle_cert'>
+ SSLCACertificateFile <tmpl_var name='document_root'>/<tmpl_var name='domain'>.bundle
+</tmpl_if>
<tmpl_if name='alias'>
ServerAlias <tmpl_var name='alias'>
@@ -121,5 +130,6 @@
</tmpl_if>
</VirtualHost>
+</IfModule>
</tmpl_if>
\ No newline at end of file
diff --git a/server/plugins-enabled/apache2_plugin.inc.php b/server/plugins-enabled/apache2_plugin.inc.php
index 1d4533e8cd2028f9d5b732dd429cd9476b123a6c..d593fc7ace3875391355e54657a7482dd4daca27 100644
--- a/server/plugins-enabled/apache2_plugin.inc.php
+++ b/server/plugins-enabled/apache2_plugin.inc.php
@@ -117,7 +117,7 @@ class apache2_plugin {
$key_file2 = escapeshellcmd($key_file2);
$ssl_days = 3650;
$csr_file = escapeshellcmd($csr_file);
- $config_file = escapeshellcmd($config_file);
+ $config_file = escapeshellcmd($ssl_cnf_file);
$crt_file escapeshellcmd($crt_file);
if(is_file($ssl_cnf_file)){
@@ -136,11 +136,13 @@ class apache2_plugin {
&& openssl rsa -passin pass:$ssl_password \
-in $key_file \
-out $key_file2");
+
+ $app->log("Creating SSL Cert for: $domain",LOGLEVEL_DEBUG);
}
exec("chmod 400 $key_file2");
- exec("rm -f $config_file");
- exec("rm -f $rand_file");
+ unlink($config_file);
+ unlink($rand_file);
$ssl_request = file_get_contents($csr_file);
$ssl_cert = file_get_contents($crt_file);
$mod->db->query("UPDATE web_domain SET ssl_request = '$ssl_request', ssl_cert = '$ssl_cert' WHERE domain = '".$data["new"]["domain"]."'");
@@ -148,7 +150,28 @@ class apache2_plugin {
//* Save a SSL certificate to disk
if($data["new"]["ssl_action"] == 'save') {
-
+ $ssl_dir = $data["new"]["document_root"]."/ssl";
+ $domain = $data["new"]["domain"];
+ $csr_file = $ssl_dir.'/'.$domain.".csr";
+ $crt_file = $ssl_dir.'/'.$domain.".crt";
+ $bundle_file = $ssl_dir.'/'.$domain.".bundle";
+ file_put_contents($csr_file,$data["new"]["ssl_request"]);
+ file_put_contents($crt_file,$data["new"]["ssl_cert"]);
+ if(trim($data["new"]["ssl_bundle"]) != '') file_put_contents($bundle_file,$data["new"]["ssl_bundle"]);
+ $app->log("Saving SSL Cert for: $domain",LOGLEVEL_DEBUG);
+ }
+
+ //* Delete a SSL certificate
+ if($data["new"]["ssl_action"] == 'del') {
+ $ssl_dir = $data["new"]["document_root"]."/ssl";
+ $domain = $data["new"]["domain"];
+ $csr_file = $ssl_dir.'/'.$domain.".csr";
+ $crt_file = $ssl_dir.'/'.$domain.".crt";
+ $bundle_file = $ssl_dir.'/'.$domain.".bundle";
+ unlink($csr_file);
+ unlink($crt_file);
+ unlink($bundle_file);
+ $app->log("Deleting SSL Cert for: $domain",LOGLEVEL_DEBUG);
}
@@ -267,6 +290,24 @@ class apache2_plugin {
$vhost_data = $data["new"];
$vhost_data["web_document_root"] = $data["new"]["document_root"]."/web";
+
+ // Check if a SSL cert exists
+ $ssl_dir = $data["new"]["document_root"]."/ssl";
+ $domain = $data["new"]["domain"];
+ $key_file = $ssl_dir.'/'.$domain.".key";
+ $crt_file = $ssl_dir.'/'.$domain.".crt";
+ $bundle_file = $ssl_dir.'/'.$domain.".bundle";
+
+ if($data["new"]["ssl"] == 'y' && @is_file($crt_file) && @is_file($key_file) {
+ $vhost_data["ssl_enabled"] = 1;
+ $app->log("Enable SSL for: $domain",LOGLEVEL_DEBUG);
+ } else {
+ $vhost_data["ssl_enabled"] = 0;
+ $app->log("Disable SSL for: $domain",LOGLEVEL_DEBUG);
+ }
+
+ if(@is_file($bundle_file)) $vhost_data['has_bundle_cert'] = 1;
+
//$vhost_data["document_root"] = $data["new"]["document_root"]."/web";
$tpl->setVar($vhost_data);
diff --git a/server/plugins-enabled/shelluser_plugin.inc.php b/server/plugins-enabled/shelluser_plugin.inc.php
new file mode 100644
index 0000000000000000000000000000000000000000..b4967f815ff387b27be6c48985df8aba68fb320e
--- /dev/null
+++ b/server/plugins-enabled/shelluser_plugin.inc.php
@@ -0,0 +1,133 @@
+<?php
+
+/*
+Copyright (c) 2007, Till Brehm, projektfarm Gmbh
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+ * Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+ * Neither the name of ISPConfig nor the names of its contributors
+ may be used to endorse or promote products derived from this software without
+ specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+class apache2_plugin {
+
+ var $plugin_name = 'apache2_plugin';
+ var $class_name = 'apache2_plugin';
+
+
+ /*
+ This function is called when the plugin is loaded
+ */
+
+ function onLoad() {
+ global $app;
+
+ /*
+ Register for the events
+ */
+
+ $app->plugins->registerEvent('web_domain_insert',$this->plugin_name,'insert');
+ $app->plugins->registerEvent('web_domain_update',$this->plugin_name,'update');
+ $app->plugins->registerEvent('web_domain_delete',$this->plugin_name,'delete');
+
+
+ }
+
+
+ function insert($event_name,$data) {
+ global $app, $conf;
+
+ $app->uses('system');
+
+ // Get the UID of the parent user
+ $uid = intval($app->system->getuid($data['new']['puser']));
+ if($uid > 999) {
+ $command = 'useradd';
+ $command .= ' --home '.escapeshellcmd($data['new']['dir']);
+ $command .= ' --gid '.escapeshellcmd($data['new']['pgroup']);
+ $command .= ' --non-unique ';
+ $command .= ' --password '.escapeshellcmd($data['new']['password']);
+ $command .= ' --shell '.escapeshellcmd($data['new']['shell']);
+ $command .= ' --uid '.escapeshellcmd($uid);
+ $command .= ' '.escapeshellcmd($data['new']['username']);
+
+ exec($command);
+ $app->log("Added shelluser: ".$data['new']['username'],LOGLEVEL_DEBUG);
+
+ } else {
+ $app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR);
+ }
+ }
+
+ function update($event_name,$data) {
+ global $app, $conf;
+
+ $app->uses('system');
+
+ // Get the UID of the parent user
+ $uid = intval($app->system->getuid($data['new']['puser']));
+ if($uid > 999) {
+ $command = 'usermod';
+ $command .= ' --home '.escapeshellcmd($data['new']['dir']);
+ $command .= ' --gid '.escapeshellcmd($data['new']['pgroup']);
+ $command .= ' --non-unique ';
+ $command .= ' --password '.escapeshellcmd($data['new']['password']);
+ $command .= ' --shell '.escapeshellcmd($data['new']['shell']);
+ $command .= ' --uid '.escapeshellcmd($uid);
+ $command .= ' --login '.escapeshellcmd($data['new']['username']);
+ $command .= ' '.escapeshellcmd($data['old']['username']);
+
+ exec($command);
+ $app->log("Updated shelluser: ".$data['new']['username'],LOGLEVEL_DEBUG);
+
+ } else {
+ $app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR);
+ }
+
+ }
+
+ function delete($event_name,$data) {
+ global $app, $conf;
+
+ $app->uses('system');
+
+ // Get the UID of the user
+ $userid = intval($app->system->getuid($data['old']['username']));
+ if($userid > 999) {
+ $command = 'userdel';
+ $command .= ' '.escapeshellcmd($data['old']['username']);
+
+ exec($command);
+ $app->log("Deleted shelluser: ".$data['old']['username'],LOGLEVEL_DEBUG);
+
+ } else {
+ $app->log("UID = $userid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR);
+ }
+
+ }
+
+
+
+
+} // end class
+
+?>
\ No newline at end of file