mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Employ config option for OpenSSL config file, if provided. 

This should help make OpenSSL configuration on Windows servers easier by allowing the openssl.cnf file to be set directly in the ownCloud config, rather than in SetEnv commands that don't exist and are hard to replicate in IIS.
This commit is contained in:
Owen Winkler 2013-08-19 06:36:19 -04:00 committed by ringmaster
parent fb34f49913
commit 9a263a500a
3 changed files with 21 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
apps/files_encryption/lib/crypt.php
View File

@ -52,15 +52,14 @@ class Crypt {
$return = false; $return = false;
$res = \OCA\Encryption\Helper::getOpenSSLPkey(); $res = Helper::getOpenSSLPkey();
$res = openssl_pkey_new(array('private_key_bits' => 4096));
if ($res === false) { if ($res === false) {
\OCP\Util::writeLog('Encryption library', 'couldn\'t generate users key-pair for ' . \OCP\User::getUser(), \OCP\Util::ERROR); \OCP\Util::writeLog('Encryption library', 'couldn\'t generate users key-pair for ' . \OCP\User::getUser(), \OCP\Util::ERROR);
while ($msg = openssl_error_string()) { while ($msg = openssl_error_string()) {
\OCP\Util::writeLog('Encryption library', 'openssl_pkey_new() fails: ' . $msg, \OCP\Util::ERROR); \OCP\Util::writeLog('Encryption library', 'openssl_pkey_new() fails: ' . $msg, \OCP\Util::ERROR);
} }
} elseif (openssl_pkey_export($res, $privateKey)) { } elseif (openssl_pkey_export($res, $privateKey, null, Helper::getOpenSSLConfig())) {
// Get public key // Get public key
$keyDetails = openssl_pkey_get_details($res); $keyDetails = openssl_pkey_get_details($res);
$publicKey = $keyDetails['key']; $publicKey = $keyDetails['key'];
@ -71,7 +70,9 @@ class Crypt {
); );
} else { } else {
\OCP\Util::writeLog('Encryption library', 'couldn\'t export users private key, please check your servers openSSL configuration.' . \OCP\User::getUser(), \OCP\Util::ERROR); \OCP\Util::writeLog('Encryption library', 'couldn\'t export users private key, please check your servers openSSL configuration.' . \OCP\User::getUser(), \OCP\Util::ERROR);
\OCP\Util::writeLog('Encryption library', openssl_error_string(), \OCP\Util::ERROR); while($errMsg = openssl_error_string()) {
\OCP\Util::writeLog('Encryption library', $errMsg, \OCP\Util::ERROR);
}
} }
return $return; return $return;

17
apps/files_encryption/lib/helper.php
View File

@ -280,9 +280,22 @@ class Helper {
* @return resource The pkey resource created * @return resource The pkey resource created
*/ */
public static function getOpenSSLPkey() { public static function getOpenSSLPkey() {
static $res = null;
if (is_null($res)) {
$res = openssl_pkey_new(self::getOpenSSLConfig());
}
return $res;
}
/**
* Return an array of OpenSSL config options, default + config
* Used for multiple OpenSSL functions
* @return array The combined defaults and config settings
*/
public static function getOpenSSLConfig() {
$config = array('private_key_bits' => 4096); $config = array('private_key_bits' => 4096);
$config = array_merge(\OCP\Config::getSystemValue('openssl'), $config); $config = array_merge(\OCP\Config::getSystemValue('openssl', array()), $config);
return openssl_pkey_new($config); return $config;
} }
/** /**

2
config/config.sample.php
View File

@ -217,6 +217,6 @@ $CONFIG = array(
// Extra SSL options to be used for configuration // Extra SSL options to be used for configuration
'openssl' => array( 'openssl' => array(
//'config' => '/path/to/openssl.cnf', //'config' => '/absolute/location/of/openssl.cnf',
), ),
); );