From 7ec1d068c8da9a47a3b575a47d1c6e4260873ea0 Mon Sep 17 00:00:00 2001 From: Benjamin Sonntag Date: Fri, 22 Jun 2018 11:24:03 +0200 Subject: [PATCH] [enh] ssl start of implementation --- etc/incron.d/alternc-ssl | 1 - install/mysql.sql | 36 ++++++++++-------------------------- install/upgrades/3.5.0.1.sql | 15 +++++++++++++++ install/upgrades/3.5.0.2.php | 2 ++ src/ssl_alias_manager.sh | 31 ------------------------------- 5 files changed, 27 insertions(+), 58 deletions(-) delete mode 100644 etc/incron.d/alternc-ssl create mode 100644 install/upgrades/3.5.0.1.sql create mode 100644 install/upgrades/3.5.0.2.php delete mode 100755 src/ssl_alias_manager.sh diff --git a/etc/incron.d/alternc-ssl b/etc/incron.d/alternc-ssl deleted file mode 100644 index a5617ce4..00000000 --- a/etc/incron.d/alternc-ssl +++ /dev/null @@ -1 +0,0 @@ -/var/run/alternc-ssl IN_CREATE,IN_ATTRIB,IN_NO_LOOP /usr/lib/alternc/ssl_alias_manager.sh diff --git a/install/mysql.sql b/install/mysql.sql index 0eb6b8da..7a614a09 100644 --- a/install/mysql.sql +++ b/install/mysql.sql @@ -222,6 +222,9 @@ CREATE TABLE IF NOT EXISTS sub_domaines ( web_action enum ('OK','UPDATE','DELETE') NOT NULL default 'UPDATE', web_result varchar(255) not null default '', enable enum ('ENABLED', 'ENABLE', 'DISABLED', 'DISABLE') NOT NULL DEFAULT 'ENABLED', + `certificate_id` INT UNSIGNED NOT NULL DEFAULT '0', + `provider` VARCHAR(16) NOT NULL DEFAULT '', + `https` VARCHAR(4) NOT NULL, -- SET(http,https,both) (also the suffix of the template name in /etc/alternc/templates/apache2/) PRIMARY KEY (id) -- ,FOREIGN KEY (type) REFERENCES (domaines_type) ) ENGINE=InnoDB; @@ -471,7 +474,8 @@ CREATE TABLE IF NOT EXISTS `domaines_type` ( `advanced` BOOLEAN DEFAULT TRUE, -- It's an advanced option `create_tmpdir` BOOLEAN NOT NULL DEFAULT FALSE, -- do we create tmp dir ? `create_targetdir` BOOLEAN NOT NULL DEFAULT FALSE, -- do we create target dir ? -PRIMARY KEY ( `name` ) + `has_https_option` BOOLEAN NOT NULL DEFAULT FALSE, -- shall we show the http/https/both dropdown ? + PRIMARY KEY ( `name` ) ) ENGINE=InnoDB COMMENT = 'Type of domains allowed'; INSERT IGNORE INTO `domaines_type` (name, description, target, entry, compatibility, only_dns, need_dns, advanced, enable) values @@ -767,16 +771,11 @@ CREATE TABLE IF NOT EXISTS `csrf` ( ) ENGINE=InnoDB DEFAULT CHARSET=latin1 COMMENT='csrf tokens for AlternC forms'; --- make it re-exec-proof -DELETE FROM alternc_status WHERE name='alternc_version'; -INSERT INTO alternc_status SET name='alternc_version',value='3.4.8.sql'; - -- SSL managment CREATE TABLE `certificates` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `uid` int(10) unsigned NOT NULL, `status` tinyint(3) unsigned NOT NULL, - `shared` tinyint(3) unsigned NOT NULL, `fqdn` varchar(255) NOT NULL, `altnames` text NOT NULL, `validstart` datetime NOT NULL, @@ -785,28 +784,13 @@ CREATE TABLE `certificates` ( `sslkey` text NOT NULL, `sslcrt` text NOT NULL, `sslchain` text NOT NULL, - `ssl_action` varchar(32) NOT NULL, - `ssl_result` varchar(32) NOT NULL, PRIMARY KEY (`id`), - KEY `uid` (`uid`), - KEY `ssl_action` (`ssl_action`) + KEY `uid` (`uid`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; -CREATE TABLE IF NOT EXISTS `certif_alias` ( - `name` varchar(255) NOT NULL, - `content` text NOT NULL, - `uid` int(10) unsigned NOT NULL, - `created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (`name`), - KEY `uid` (`uid`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='Global aliases defined for SSL certificates FILE validation processes'; +INSERT IGNORE INTO defquotas VALUES ('ssl', 0, 'default'); -CREATE TABLE IF NOT EXISTS `certif_hosts` ( - `certif` int(10) unsigned NOT NULL, - `sub` int(10) unsigned NOT NULL, - `uid` int(10) unsigned NOT NULL, - PRIMARY KEY (`certif`,`sub`), - KEY `uid` (`uid`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='VHosts of a user using defined or self-signed certificates'; -INSERT IGNORE INTO defquotas VALUES ('ssl', 0, 'default'); \ No newline at end of file +-- make it re-exec-proof +DELETE FROM alternc_status WHERE name='alternc_version'; +INSERT INTO alternc_status SET name='alternc_version',value='3.5.0.2.php'; diff --git a/install/upgrades/3.5.0.1.sql b/install/upgrades/3.5.0.1.sql new file mode 100644 index 00000000..4f938d50 --- /dev/null +++ b/install/upgrades/3.5.0.1.sql @@ -0,0 +1,15 @@ + +DROP TABLE `certif_alias`; +ALTER TABLE `certificates` DROP `shared`, DROP `ssl_action`, DROP `ssl_result`; + +ALTER TABLE `sub_domaines` + ADD `certificate_id` INT UNSIGNED NOT NULL DEFAULT '0' AFTER `enable`, + ADD `provider` VARCHAR(16) NOT NULL DEFAULT '' AFTER `certificate_id`, + ADD `https` VARCHAR(4) NOT NULL AFTER `provider`; -- SET(http,https,both) (also the suffix of the template name in /etc/alternc/templates/apache2/) + +ALTER TABLE `domaines_type` + ADD `has_https_option` BOOLEAN NOT NULL DEFAULT FALSE AFTER `create_targetdir`; + +UPDATE `domaines_type` SET `has_https_option`=1 WHERE name='vhost'; + + diff --git a/install/upgrades/3.5.0.2.php b/install/upgrades/3.5.0.2.php new file mode 100644 index 00000000..a4abe2da --- /dev/null +++ b/install/upgrades/3.5.0.2.php @@ -0,0 +1,2 @@ +$TMP -echo "# Please do not edit, your changes will be overwritten" >>$TMP - -mysql --defaults-file=/etc/alternc/my.cnf --skip-column-names -B -e "SELECT name,content FROM certif_alias;" | while read name content -do - echo "alias /$name ${FILEDIR}/${name}" >>$TMP - echo "$content" >"${FILEDIR}/${name}" -done -if ! diff -q "$TMP" "$APACHECONF" -then - mv -f "$TMP" "$APACHECONF" - service apache2 reload -else - rm -f "$TMP" -fi -