michael/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2026-03-20 08:40:24 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Completed webmin per-domain cert support

Browse Source
This commit is contained in:
Jamie Cameron
2017-03-12 17:42:03 -07:00
parent 33d45b19d4
commit 24cf47dde0
5 changed files with 19 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
miniserv.pl
View File

@@ -272,6 +272,18 @@ if ($use_ssl) {
$ssl_contexts{$ip} = $ctx;
}
}
# Setup per-hostname SSL contexts on the main IP
Net::SSLeay::CTX_set_tlsext_servername_callback($ssl_contexts{"*"},
sub {
my $ssl = shift;
my $h = Net::SSLeay::get_servername($ssl);
my $c = $ssl_contexts{$h} ||
$h =~ /^[^\.]+\.(.*)$/ && $ssl_contexts{"*.$1"};
if ($c) {
Net::SSLeay::set_SSL_CTX($ssl, $c);
}
});
}
# Load gzip library if enabled

2
usermin/CHANGELOG
View File

@@ -53,3 +53,5 @@ Updated the SSL Encryption page to have the same UI and features as Webmin.
Added a button to copy the SSL certificate and other settings from Webmin.
---- Changes since 1.770 ----
Converted all pages to use the new Webmin UI library, for a more consistent and themeable experience.
---- Changes since 1.830 ----
Per-domain-name SSL certificates can now be created as well as per-IP, allowing for multiple certs to exist on the same IP address.

3
usermin/save_ipkey.cgi
View File

@@ -22,7 +22,8 @@ else {
@ips = split(/\s+/, $in{'ips'});
foreach $i (@ips) {
&check_ipaddress($i) || &check_ip6address($i) ||
&to_ipaddress($i) || &error(&text('ipkey_eip2', $i));
$i =~ /^(\*\.)?[a-z0-9\.\_\-]+$/i ||
&error(&text('ipkey_eip2', $i));
}
@ips || &error(&text('ipkey_eips'));
$ipkey->{'ips'} = \@ips;

1
webmin/CHANGELOG
View File

@@ -139,3 +139,4 @@ The Let's Encrypt key size can now be customized.
When Perfect Forward Secrecy ciphers are selected, the required DH params file is now created and used by Webmin.
---- Changes since 1.830 ----
Added DNS validation support for Let's Encrypt certificate requests, for use when a system is hosting the DNS zone that you want to request a cert for.
Per-domain-name SSL certificates can now be created as well as per-IP, allowing for multiple certs to exist on the same IP address.

3
webmin/save_ipkey.cgi
View File

@@ -22,7 +22,8 @@ else {
@ips = split(/\s+/, $in{'ips'});
foreach $i (@ips) {
&check_ipaddress($i) || &check_ip6address($i) ||
&to_ipaddress($i) || &error(&text('ipkey_eip2', $i));
$i =~ /^(\*\.)?[a-z0-9\.\_\-]+$/i ||
&error(&text('ipkey_eip2', $i));
}
@ips || &error(&text('ipkey_eips'));
$ipkey->{'ips'} = \@ips;