ecommun / owncloud_ynh

Blame view

sources/apps/files_external/ajax/addRootCertificate.php 1.35 KB
edit raw normal view history
03e52840d   Kload   Init 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
 
  <?php
  
  OCP\JSON::checkAppEnabled('files_external');
  OCP\JSON::callCheck();
  
  if ( ! ($filename = $_FILES['rootcert_import']['name']) ) {
  	header("Location: settings/personal.php");
  	exit;
  }
  
  $fh = fopen($_FILES['rootcert_import']['tmp_name'], 'r');
  $data = fread($fh, filesize($_FILES['rootcert_import']['tmp_name']));
  fclose($fh);
  $filename = $_FILES['rootcert_import']['name'];
  
  $view = new \OC\Files\View('/'.\OCP\User::getUser().'/files_external/uploads');
  if (!$view->file_exists('')) {
  	$view->mkdir('');
  }
  
  $isValid = openssl_pkey_get_public($data);
  
  //maybe it was just the wrong file format, try to convert it...
  if ($isValid == false) {
  	$data = chunk_split(base64_encode($data), 64, "
  ");
  	$data = "-----BEGIN CERTIFICATE-----
  ".$data."-----END CERTIFICATE-----
  ";
  	$isValid = openssl_pkey_get_public($data);
  }
  
  // add the certificate if it could be verified
  if ( $isValid ) {
  	// disable proxy to prevent multiple fopen calls
  	$proxyStatus = \OC_FileProxy::$enabled;
  	\OC_FileProxy::$enabled = false;
  	$view->file_put_contents($filename, $data);
  	OC_Mount_Config::createCertificateBundle();
  	\OC_FileProxy::$enabled = $proxyStatus;
  } else {
  	OCP\Util::writeLog('files_external',
  			'Couldn\'t import SSL root certificate ('.$filename.'), allowed formats: PEM and DER',
  			OCP\Util::WARN);
  }
  
  header('Location:' . OCP\Util::linkToRoute( "settings_personal" ));
  exit;