nextcloud/apps/files_external/ajax/addRootCertificate.php

<?php

OCP\JSON::checkAppEnabled('files_external');
OCP\JSON::callCheck();

if ( ! ($filename = $_FILES['rootcert_import']['name']) ) {
	header("Location: settings/personal.php");
	exit;
}

$fh = fopen($_FILES['rootcert_import']['tmp_name'], 'r');
$data = fread($fh, filesize($_FILES['rootcert_import']['tmp_name']));
fclose($fh);
$filename = $_FILES['rootcert_import']['name'];

$view = new \OC\Files\View('/'.\OCP\User::getUser().'/files_external/uploads');
if (!$view->file_exists('')) {
	$view->mkdir('');
}

$isValid = openssl_pkey_get_public($data);

//maybe it was just the wrong file format, try to convert it...
if ($isValid == false) {
	$data = chunk_split(base64_encode($data), 64, "\n");
	$data = "-----BEGIN CERTIFICATE-----\n".$data."-----END CERTIFICATE-----\n";
	$isValid = openssl_pkey_get_public($data);
}

// add the certificate if it could be verified
if ( $isValid ) {
	// disable proxy to prevent multiple fopen calls
	$proxyStatus = \OC_FileProxy::$enabled;
	\OC_FileProxy::$enabled = false;
	$view->file_put_contents($filename, $data);
	OC_Mount_Config::createCertificateBundle();
	\OC_FileProxy::$enabled = $proxyStatus;
} else {
	OCP\Util::writeLog('files_external',
			'Couldn\'t import SSL root certificate ('.$filename.'), allowed formats: PEM and DER',
			OCP\Util::WARN);
}

header('Location:' . OCP\Util::linkToRoute( "settings_personal" ));
exit;
allow users to upload ssl root certificates for the webdav client 2012-07-04 19:16:02 +04:00			`<?php`

			`OCP\JSON::checkAppEnabled('files_external');`
Check requesttoken 2013-02-12 14:35:16 +04:00			`OCP\JSON::callCheck();`
allow users to upload ssl root certificates for the webdav client 2012-07-04 19:16:02 +04:00
fix checkstyle for files_external app, add whitespace for readability 2012-11-30 19:27:11 +04:00			`if ( ! ($filename = $_FILES['rootcert_import']['name']) ) {`
don't use depricated OC_Filesystem 2012-10-10 15:18:36 +04:00			`header("Location: settings/personal.php");`
check if file really exist before add/remove it 2012-09-27 14:37:23 +04:00			`exit;`
			`}`

don't use depricated OC_Filesystem 2012-10-10 15:18:36 +04:00			`$fh = fopen($_FILES['rootcert_import']['tmp_name'], 'r');`
			`$data = fread($fh, filesize($_FILES['rootcert_import']['tmp_name']));`
use more oc file operations instead of plain PHP functions 2012-09-18 19:04:22 +04:00			`fclose($fh);`
only upload valid ssl root certificates 2012-09-27 13:20:37 +04:00			`$filename = $_FILES['rootcert_import']['name'];`
don't use depricated OC_Filesystem 2012-10-10 15:18:36 +04:00
			`$view = new \OC\Files\View('/'.\OCP\User::getUser().'/files_external/uploads');`
Fix SpaceBeforeOpenBrace errors 2013-02-09 19:46:55 +04:00			`if (!$view->file_exists('')) {`
merge master into filesystem 2012-12-03 21:02:22 +04:00			`$view->mkdir('');`
			`}`
allow users to upload ssl root certificates for the webdav client 2012-07-04 19:16:02 +04:00
only upload valid ssl root certificates 2012-09-27 13:20:37 +04:00			`$isValid = openssl_pkey_get_public($data);`

			`//maybe it was just the wrong file format, try to convert it...`
			`if ($isValid == false) {`
don't use depricated OC_Filesystem 2012-10-10 15:18:36 +04:00			`$data = chunk_split(base64_encode($data), 64, "\n");`
only upload valid ssl root certificates 2012-09-27 13:20:37 +04:00			`$data = "-----BEGIN CERTIFICATE-----\n".$data."-----END CERTIFICATE-----\n";`
			`$isValid = openssl_pkey_get_public($data);`
allow user to upload his own root certificate for secure webdav mount 2012-07-06 17:58:38 +04:00			`}`

only upload valid ssl root certificates 2012-09-27 13:20:37 +04:00			`// add the certificate if it could be verified`
			`if ( $isValid ) {`
disable proxys during ssl root cert upload to avoid encryption 2013-06-12 12:37:09 +04:00			`// disable proxy to prevent multiple fopen calls`
			`$proxyStatus = \OC_FileProxy::$enabled;`
			`\OC_FileProxy::$enabled = false;`
only upload valid ssl root certificates 2012-09-27 13:20:37 +04:00			`$view->file_put_contents($filename, $data);`
			`OC_Mount_Config::createCertificateBundle();`
disable proxys during ssl root cert upload to avoid encryption 2013-06-12 12:37:09 +04:00			`\OC_FileProxy::$enabled = $proxyStatus;`
only upload valid ssl root certificates 2012-09-27 13:20:37 +04:00			`} else {`
fix checkstyle for files_external app, add whitespace for readability 2012-11-30 19:27:11 +04:00			`OCP\Util::writeLog('files_external',`
			`'Couldn\'t import SSL root certificate ('.$filename.'), allowed formats: PEM and DER',`
			`OCP\Util::WARN);`
only upload valid ssl root certificates 2012-09-27 13:20:37 +04:00			`}`
allow user to upload his own root certificate for secure webdav mount 2012-07-06 17:58:38 +04:00
fix redirect, use the new routing 2013-02-18 17:38:29 +04:00			`header('Location:' . OCP\Util::linkToRoute( "settings_personal" ));`
allow users to upload ssl root certificates for the webdav client 2012-07-04 19:16:02 +04:00			`exit;`