Force run the verification of the signature on occ

Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
Joas Schilling 2021-01-15 16:29:54 +01:00
parent 6d291c3c19
commit f319660f60
No known key found for this signature in database
GPG Key ID: 7076EA9751AACDDA
2 changed files with 8 additions and 5 deletions

View File

@ -70,7 +70,7 @@ class CheckApp extends Base {
protected function execute(InputInterface $input, OutputInterface $output): int {
$appid = $input->getArgument('appid');
$path = (string)$input->getOption('path');
$result = $this->checker->verifyAppSignature($appid, $path);
$result = $this->checker->verifyAppSignature($appid, $path, true);
$this->writeArrayInOutputFormat($input, $output, $result);
if (count($result) > 0) {
return 1;

View File

@ -311,12 +311,13 @@ class Checker {
* @param string $signaturePath
* @param string $basePath
* @param string $certificateCN
* @param bool $forceVerify
* @return array
* @throws InvalidSignatureException
* @throws \Exception
*/
private function verify(string $signaturePath, string $basePath, string $certificateCN): array {
if (!$this->isCodeCheckEnforced()) {
private function verify(string $signaturePath, string $basePath, string $certificateCN, bool $forceVerify = false): array {
if (!$forceVerify && !$this->isCodeCheckEnforced()) {
return [];
}
@ -495,9 +496,10 @@ class Checker {
*
* @param string $appId
* @param string $path Optional path. If none is given it will be guessed.
* @param bool $forceVerify
* @return array
*/
public function verifyAppSignature(string $appId, string $path = ''): array {
public function verifyAppSignature(string $appId, string $path = '', bool $forceVerify = false): array {
try {
if ($path === '') {
$path = $this->appLocator->getAppPath($appId);
@ -505,7 +507,8 @@ class Checker {
$result = $this->verify(
$path . '/appinfo/signature.json',
$path,
$appId
$appId,
$forceVerify
);
} catch (\Exception $e) {
$result = [