diff --git a/lib/private/security/certificate.php b/lib/private/security/certificate.php index 54486ff51f..9aca278174 100644 --- a/lib/private/security/certificate.php +++ b/lib/private/security/certificate.php @@ -50,6 +50,13 @@ class Certificate implements ICertificate { public function __construct($data, $name) { $this->name = $name; $gmt = new \DateTimeZone('GMT'); + + // If string starts with "file://" ignore the certificate + $query = 'file://'; + if(strtolower(substr($data, 0, strlen($query))) === $query) { + throw new \Exception('Certificate could not get parsed.'); + } + $info = openssl_x509_parse($data); if(!is_array($info)) { throw new \Exception('Certificate could not get parsed.'); diff --git a/tests/lib/security/certificate.php b/tests/lib/security/certificate.php index 81d159ebd5..82e91c7173 100644 --- a/tests/lib/security/certificate.php +++ b/tests/lib/security/certificate.php @@ -50,6 +50,14 @@ class CertificateTest extends \Test\TestCase { $certificate->getIssueDate(); } + /** + * @expectedException \Exception + * @expectedExceptionMessage Certificate could not get parsed. + */ + function testCertificateStartingWithFileReference() { + new Certificate('file://'.__DIR__ . '/../../data/certificates/goodCertificate.crt', 'bar'); + } + public function testGetName() { $this->assertSame('GoodCertificate', $this->goodCertificate->getName()); $this->assertSame('BadCertificate', $this->invalidCertificate->getName());