Home Explore Help
Sign In
yosoyhendrix
/
hestiacp
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge pull request #2097 from jaapmarcus/fix/2096-ssl-hostname-overwritten

Add check if domain.com exists in certificate
Jaap Marcus 4 years ago
parent
c127b25c5d 42094e5d41
commit
9bab92cc02
2 changed files with 25 additions and 10 deletions
Split View Show Diff Stats
  1. 20 10
      func/domain.sh
  2. 5 0
      install/upgrade/versions/1.4.13.sh

+ 20 - 10
func/domain.sh
View File 

@@ -697,20 +697,25 @@ add_mail_ssl_config() {
 
         rm -f /etc/dovecot/conf.d/domains/$domain.conf
 
     fi
 
     
-    echo "" >> /etc/dovecot/conf.d/domains/$domain.conf
 
-    echo "local_name $domain {" >> /etc/dovecot/conf.d/domains/$domain.conf
 
-    echo "  ssl_cert = <$HOMEDIR/$user/conf/mail/$domain/ssl/$domain.pem" >> /etc/dovecot/conf.d/domains/$domain.conf
 
-    echo "  ssl_key = <$HOMEDIR/$user/conf/mail/$domain/ssl/$domain.key" >> /etc/dovecot/conf.d/domains/$domain.conf
 
-    echo "}" >> /etc/dovecot/conf.d/domains/$domain.conf
 
+    mail_check=$(v-list-mail-domain-ssl $user $domain | grep SUBJECT | grep " $domain");
 
+    mail_check_alias=$(v-list-mail-domain-ssl $user $domain | grep ALIASES | grep " $domain");
 
+    if [ ! -z "$mail_check" ] || [ ! -z "$mail_check_alias" ]; then 
+        echo "" >> /etc/dovecot/conf.d/domains/$domain.conf
 
+        echo "local_name $domain {" >> /etc/dovecot/conf.d/domains/$domain.conf
 
+        echo "  ssl_cert = <$HOMEDIR/$user/conf/mail/$domain/ssl/$domain.pem" >> /etc/dovecot/conf.d/domains/$domain.conf
 
+        echo "  ssl_key = <$HOMEDIR/$user/conf/mail/$domain/ssl/$domain.key" >> /etc/dovecot/conf.d/domains/$domain.conf
 
+        echo "}" >> /etc/dovecot/conf.d/domains/$domain.conf
 
+        # Add domain SSL configuration to exim4
 
+        ln -s $HOMEDIR/$user/conf/mail/$domain/ssl/$domain.pem $HESTIA/ssl/mail/$domain.crt
 
+        ln -s $HOMEDIR/$user/conf/mail/$domain/ssl/$domain.key $HESTIA/ssl/mail/$domain.key
 
+    fi 
     echo "" >> /etc/dovecot/conf.d/domains/$domain.conf
 
     echo "local_name mail.$domain {" >> /etc/dovecot/conf.d/domains/$domain.conf
 
     echo "  ssl_cert = <$HOMEDIR/$user/conf/mail/$domain/ssl/$domain.pem" >> /etc/dovecot/conf.d/domains/$domain.conf
 
     echo "  ssl_key = <$HOMEDIR/$user/conf/mail/$domain/ssl/$domain.key" >> /etc/dovecot/conf.d/domains/$domain.conf
 
     echo "}" >> /etc/dovecot/conf.d/domains/$domain.conf
 
-
 
+    
     # Add domain SSL configuration to exim4
 
-    ln -s $HOMEDIR/$user/conf/mail/$domain/ssl/$domain.pem $HESTIA/ssl/mail/$domain.crt
 
-    ln -s $HOMEDIR/$user/conf/mail/$domain/ssl/$domain.key $HESTIA/ssl/mail/$domain.key
 
     ln -s $HOMEDIR/$user/conf/mail/$domain/ssl/$domain.pem $HESTIA/ssl/mail/mail.$domain.crt
 
     ln -s $HOMEDIR/$user/conf/mail/$domain/ssl/$domain.key $HESTIA/ssl/mail/mail.$domain.key
 
 
@@ -725,7 +730,10 @@ add_mail_ssl_config() {
 
 
 # Delete SSL support for mail domain
 
 del_mail_ssl_config() {
 
-    
+    # Do a few checks to prevent accidentally removal of domain.com
 
+    mail_check=$(v-list-mail-domain-ssl $user $domain | grep SUBJECT | grep " $domain");
 
+    mail_check_alias=$(v-list-mail-domain-ssl $user $domain | grep ALIASES | grep " $domain");
 
+
 
     # Remove old mail certificates
 
     rm -f $HOMEDIR/$user/conf/mail/$domain/ssl/*
 
 
@@ -739,7 +747,9 @@ del_mail_ssl_config() {
 
 
     # Remove SSL certificates
 
     rm -f $HOMEDIR/$user/conf/mail/$domain/ssl/*
 
-    rm -f $HESTIA/ssl/mail/$domain.crt $HESTIA/ssl/mail/$domain.key
 
+    if [ ! -z "$mail_check" ] || [ ! -z "$mail_check_alias" ]; then 
+        rm -f $HESTIA/ssl/mail/$domain.crt $HESTIA/ssl/mail/$domain.key
 
+    fi
 
     rm -f $HESTIA/ssl/mail/mail.$domain.crt $HESTIA/ssl/mail/mail.$domain.key
 
 }

+ 5 - 0
install/upgrade/versions/1.4.13.sh
View File 

@@ -21,4 +21,9 @@
 
 if [[ $(echo "$servername" | grep -o "\." | wc -l) -lt 2 ]] || [[ $servername =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]];; then
 
     UPGRADE_MESSAGE="$UPGRADE_MESSAGE\nWe've noticed that you're using a invalid hostname. Please have a look at the RFC1178 standard (https://datatracker.ietf.org/doc/html/rfc1178) and use a valid one (ex. hostname.domain.tld). You can change the hostname using v-change-sys-hostname and also add a ssl certificate using v-add-letsencypt-host (proper dns A record mandatory). You'll find more informations in our documentation: https://docs.hestiacp.com/admin_docs/web/ssl_certificates.html#how-to-setup-let-s-encrypt-for-the-control-panel"
 
     $HESTIA/bin/v-add-user-notification admin "Invalid Hostname detected" "Warning: We've noticed that you're using a invalid hostname. Please have a look at the <a href="https://datatracker.ietf.org/doc/html/rfc1178" target="_blank">RFC1178 standard</a> and use a valid one (ex. hostname.domain.tld). You can change the hostname using v-change-sys-hostname and also add a ssl certificate using v-add-letsencypt-host (proper dns A record mandatory). You'll find more informations in our <a href="https://docs.hestiacp.com/admin_docs/web/ssl_certificates.html#how-to-setup-let-s-encrypt-for-the-control-panel" target=_"blank">documentation</a>."
 
+fi
 
+
 
+# Empty $HESTIA/ssl/mail/ due to bug in #2066 
+if [ -e "$HESTIA/ssl/mail/" ]; then
 
+    rm -fr $HESTIA/ssl/mail/*
 
 fi