From 54b9f639a6cec14236f432c9907edb18d323d94d Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Sun, 1 Nov 2020 21:05:36 +0100
Subject: [PATCH] Always return the default path if we can

Just check in the certifcate manager. So every part of the system that
request the certificatebundle gets the defaullt one (the 99% case) if we
can.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 lib/private/Http/Client/Client.php          |  4 ---
 lib/private/Security/CertificateManager.php | 28 +++++++++++++++++++++
 2 files changed, 28 insertions(+), 4 deletions(-)

diff --git a/lib/private/Http/Client/Client.php b/lib/private/Http/Client/Client.php
index 35171810a6..5ac29afe31 100644
--- a/lib/private/Http/Client/Client.php
+++ b/lib/private/Http/Client/Client.php
@@ -105,10 +105,6 @@ class Client implements IClient {
 			return \OC::$SERVERROOT . '/resources/config/ca-bundle.crt';
 		}
 
-		if ($this->certificateManager->listCertificates() === []) {
-			return \OC::$SERVERROOT . '/resources/config/ca-bundle.crt';
-		}
-
 		return $this->certificateManager->getAbsoluteBundlePath();
 	}
 
diff --git a/lib/private/Security/CertificateManager.php b/lib/private/Security/CertificateManager.php
index ed873527d3..ef0c656332 100644
--- a/lib/private/Security/CertificateManager.php
+++ b/lib/private/Security/CertificateManager.php
@@ -104,6 +104,29 @@ class CertificateManager implements ICertificateManager {
 		return $result;
 	}
 
+	private function hasCertificates(): bool {
+		if (!$this->config->getSystemValue('installed', false)) {
+			return false;
+		}
+
+		$path = $this->getPathToCertificates() . 'uploads/';
+		if (!$this->view->is_dir($path)) {
+			return false;
+		}
+		$result = [];
+		$handle = $this->view->opendir($path);
+		if (!is_resource($handle)) {
+			return false;
+		}
+		while (false !== ($file = readdir($handle))) {
+			if ($file !== '.' && $file !== '..') {
+				return true;
+			}
+		}
+		closedir($handle);
+		return false;
+	}
+
 	/**
 	 * create the certificate bundle of all trusted certificated
 	 */
@@ -213,9 +236,14 @@ class CertificateManager implements ICertificateManager {
 	 * @return string
 	 */
 	public function getAbsoluteBundlePath() {
+		if (!$this->hasCertificates()) {
+			return \OC::$SERVERROOT . '/resources/config/ca-bundle.crt';
+		}
+
 		if ($this->needsRebundling()) {
 			$this->createCertificateBundle();
 		}
+
 		return $this->view->getLocalFile($this->getCertificateBundle());
 	}