allow user to upload his own root certificate for secure webdav mount
This commit is contained in:
parent
75d01b065d
commit
e91b4bc2ac
|
@ -4,9 +4,23 @@ OCP\JSON::checkAppEnabled('files_external');
|
|||
|
||||
$view = \OCP\Files::getStorage("files_external");
|
||||
$from = $_FILES['rootcert_import']['tmp_name'];
|
||||
$to = \OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("").$_FILES['rootcert_import']['name'];
|
||||
$path = \OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("").'uploads/';
|
||||
$to = $path.$_FILES['rootcert_import']['name'];
|
||||
move_uploaded_file($from, $to);
|
||||
|
||||
//check if it is a PEM certificate, otherwise convert it if possible
|
||||
$fh = fopen($to, 'r');
|
||||
$data = fread($fh, filesize($to));
|
||||
fclose($fh);
|
||||
if (!strpos($data, 'BEGIN CERTIFICATE')) {
|
||||
$pem = chunk_split(base64_encode($data), 64, "\n");
|
||||
$pem = "-----BEGIN CERTIFICATE-----\n".$pem."-----END CERTIFICATE-----\n";
|
||||
$fh = fopen($to, 'w');
|
||||
fwrite($fh, $pem);
|
||||
}
|
||||
|
||||
OC_Mount_Config::createCertificateBundle();
|
||||
|
||||
header("Location: settings/personal.php");
|
||||
exit;
|
||||
?>
|
|
@ -4,6 +4,7 @@ OCP\JSON::checkAppEnabled('files_external');
|
|||
|
||||
$view = \OCP\Files::getStorage("files_external");
|
||||
$cert = $_POST['cert'];
|
||||
$file = \OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("").$cert;
|
||||
$file = \OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("").'uploads/'.$cert;
|
||||
unlink($file);
|
||||
OC_Mount_Config::createCertificateBundle();
|
||||
?>
|
|
@ -244,7 +244,8 @@ class OC_Mount_Config {
|
|||
*/
|
||||
public static function getCertificates() {
|
||||
$view = \OCP\Files::getStorage('files_external');
|
||||
$path=\OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("");
|
||||
$path=\OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("").'uploads/';
|
||||
if (!is_dir($path)) mkdir($path);
|
||||
$result = array();
|
||||
$handle = opendir($path);
|
||||
while (false !== ($file = readdir($handle))) {
|
||||
|
@ -253,6 +254,30 @@ class OC_Mount_Config {
|
|||
return $result;
|
||||
}
|
||||
|
||||
/**
|
||||
* creates certificate bundle
|
||||
*/
|
||||
public static function createCertificateBundle() {
|
||||
$view = \OCP\Files::getStorage("files_external");
|
||||
$path = \OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("");
|
||||
|
||||
$certs = OC_Mount_Config::getCertificates();
|
||||
$fh_certs = fopen($path."/rootcerts.crt", 'w');
|
||||
foreach ($certs as $cert) {
|
||||
$file=$path.'/uploads/'.$cert;
|
||||
$fh = fopen($file, "r");
|
||||
$data = fread($fh, filesize($file));
|
||||
fclose($fh);
|
||||
if (strpos($data, 'BEGIN CERTIFICATE')) {
|
||||
fwrite($fh_certs, $data);
|
||||
}
|
||||
}
|
||||
|
||||
fclose($fh_certs);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
|
@ -45,7 +45,7 @@ class OC_FileStorage_DAV extends OC_Filestorage_Common{
|
|||
$this->client = new OC_Connector_Sabre_Client($settings);
|
||||
|
||||
if($caview = \OCP\Files::getStorage('files_external')) {
|
||||
$this->client->setCurlSettings(array(CURLOPT_CAPATH => \OCP\Config::getSystemValue('datadirectory').$caview->getAbsolutePath("")));
|
||||
$this->client->setCurlSettings(array(CURLOPT_CAINFO => \OCP\Config::getSystemValue('datadirectory').$caview->getAbsolutePath("").'rootcerts.crt'));
|
||||
}
|
||||
//create the root folder if necesary
|
||||
$this->mkdir('');
|
||||
|
|
|
@ -81,7 +81,7 @@
|
|||
</table>
|
||||
<br />
|
||||
|
||||
<?php if (!$_['isAdminPage'] && false): // disabled until sabredav can handle uploaded ca certs ?>
|
||||
<?php if (!$_['isAdminPage']): ?>
|
||||
<table id="sslCertificate" data-admin='<?php echo json_encode($_['isAdminPage']); ?>'>
|
||||
<thead>
|
||||
<tr>
|
||||
|
|
Loading…
Reference in New Issue