mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Remove ownCloud Root Authority as per todo 

Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
Joas Schilling 2017-03-22 08:54:40 +01:00
parent 16a0bccefa
commit 5a6e29e4a8
No known key found for this signature in database
GPG Key ID: E166FD8976B3BAC8
1 changed files with 1 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/private/IntegrityCheck/Checker.php
View File

@ -347,14 +347,7 @@ class Checker {
$x509->loadCA($rootCertificatePublicKey);
$x509->loadX509($certificate);
if(!$x509->validateSignature()) {
// FIXME: Once Nextcloud has it's own appstore we should remove the ownCloud Root Authority from here
$x509 = new \phpseclib\File\X509();
$rootCertificatePublicKey = $this->fileAccessHelper->file_get_contents($this->environmentHelper->getServerRoot().'/resources/codesigning/owncloud.crt');
$x509->loadCA($rootCertificatePublicKey);
$x509->loadX509($certificate);
if(!$x509->validateSignature()) {
throw new InvalidSignatureException('Certificate is not valid.');
}
throw new InvalidSignatureException('Certificate is not valid.');
}
// Verify if certificate has proper CN. "core" CN is always trusted.
if($x509->getDN(X509::DN_OPENSSL)['CN'] !== $certificateCN && $x509->getDN(X509::DN_OPENSSL)['CN'] !== 'core') {