only upload valid ssl root certificates
This commit is contained in:
parent
cf14ad2f7d
commit
a56f2ec183
|
@ -5,19 +5,27 @@ OCP\JSON::checkAppEnabled('files_external');
|
|||
$fh = fopen($_FILES['rootcert_import']['tmp_name'], 'r');
|
||||
$data = fread($fh, filesize($_FILES['rootcert_import']['tmp_name']));
|
||||
fclose($fh);
|
||||
$filename = $_FILES['rootcert_import']['name'];
|
||||
|
||||
$view = new \OC_FilesystemView('/'.\OCP\User::getUser().'/files_external/uploads');
|
||||
if (!$view->file_exists('')) $view->mkdir('');
|
||||
|
||||
//check if it is a PEM certificate, otherwise convert it if possible
|
||||
if (!strpos($data, 'BEGIN CERTIFICATE')) {
|
||||
$isValid = openssl_pkey_get_public($data);
|
||||
|
||||
//maybe it was just the wrong file format, try to convert it...
|
||||
if ($isValid == false) {
|
||||
$data = chunk_split(base64_encode($data), 64, "\n");
|
||||
$data = "-----BEGIN CERTIFICATE-----\n".$data."-----END CERTIFICATE-----\n";
|
||||
$isValid = openssl_pkey_get_public($data);
|
||||
}
|
||||
|
||||
$view->file_put_contents($_FILES['rootcert_import']['name'], $data);
|
||||
|
||||
// add the certificate if it could be verified
|
||||
if ( $isValid ) {
|
||||
$view->file_put_contents($filename, $data);
|
||||
OC_Mount_Config::createCertificateBundle();
|
||||
} else {
|
||||
OCP\Util::writeLog("files_external", "Couldn't import SSL root certificate ($filename), allowed formats: PEM and DER", OCP\Util::WARN);
|
||||
}
|
||||
|
||||
header("Location: settings/personal.php");
|
||||
exit;
|
||||
|
|
Loading…
Reference in New Issue