From dcc4f96d3e368ee976cd085c18dcb74ada3617ce Mon Sep 17 00:00:00 2001
From: Robin Appelman <icewind@owncloud.com>
Date: Thu, 14 Aug 2014 15:47:23 +0200
Subject: [PATCH] Verify names of certificates

---
 apps/files_external/ajax/removeRootCertificate.php |  4 +---
 lib/private/certificatemanager.php                 | 11 ++++++++++-
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/apps/files_external/ajax/removeRootCertificate.php b/apps/files_external/ajax/removeRootCertificate.php
index e6795800e0..0931138ad4 100644
--- a/apps/files_external/ajax/removeRootCertificate.php
+++ b/apps/files_external/ajax/removeRootCertificate.php
@@ -6,6 +6,4 @@ OCP\JSON::callCheck();
 
 $name = $_POST['cert'];
 $certificateManager = \OC::$server->getCertificateManager();
-if (\OC\Files\Filesystem::isValidPath($name)) {
-	$certificateManager->removeCertificate($name);
-}
+$certificateManager->removeCertificate($name);
diff --git a/lib/private/certificatemanager.php b/lib/private/certificatemanager.php
index 72e0541fa4..e07413c127 100644
--- a/lib/private/certificatemanager.php
+++ b/lib/private/certificatemanager.php
@@ -8,10 +8,12 @@
 
 namespace OC;
 
+use OCP\ICertificateManager;
+
 /**
  * Manage trusted certificates for users
  */
-class CertificateManager {
+class CertificateManager implements ICertificateManager {
 	/**
 	 * @var \OCP\IUser
 	 */
@@ -76,6 +78,9 @@ class CertificateManager {
 	 * @return bool
 	 */
 	public function addCertificate($certificate, $name) {
+		if (!\OC\Files\Filesystem::isValidPath($name)) {
+			return false;
+		}
 		$isValid = openssl_pkey_get_public($certificate);
 
 		if (!$isValid) {
@@ -96,8 +101,12 @@ class CertificateManager {
 
 	/**
 	 * @param string $name
+	 * @return bool
 	 */
 	public function removeCertificate($name) {
+		if (!\OC\Files\Filesystem::isValidPath($name)) {
+			return false;
+		}
 		$path = $this->user->getHome() . '/files_external/uploads/';
 		if (file_exists($path . $name)) {
 			unlink($path . $name);