use OCP\ICertificateManager;
use OCP\IConfig;
use OCP\ILogger;
+use OCP\Security\ISecureRandom;
/**
* Manage trusted certificates for users
*/
protected $logger;
+ /** @var ISecureRandom */
+ protected $random;
+
/**
* @param string $uid
* @param \OC\Files\View $view relative to data/
* @param IConfig $config
* @param ILogger $logger
+ * @param ISecureRandom $random
*/
- public function __construct($uid, \OC\Files\View $view, IConfig $config, ILogger $logger) {
+ public function __construct($uid,
+ \OC\Files\View $view,
+ IConfig $config,
+ ILogger $logger,
+ ISecureRandom $random) {
$this->uid = $uid;
$this->view = $view;
$this->config = $config;
$this->logger = $logger;
+ $this->random = $random;
}
/**
}
$certPath = $path . 'rootcerts.crt';
- $fhCerts = $this->view->fopen($certPath, 'w');
+ $tmpPath = $certPath . '.tmp' . $this->random->generate(10, ISecureRandom::CHAR_DIGITS);
+ $fhCerts = $this->view->fopen($tmpPath, 'w');
// Write user certificates
foreach ($certs as $cert) {
}
fclose($fhCerts);
+
+ $this->view->rename($tmpPath, $certPath);
}
/**
}
if ($this->needsRebundling($uid)) {
if (is_null($uid)) {
- $manager = new CertificateManager(null, $this->view, $this->config, $this->logger);
+ $manager = new CertificateManager(null, $this->view, $this->config, $this->logger, $this->random);
$manager->createCertificateBundle();
} else {
$this->createCertificateBundle();
$uid = $user ? $user : null;
return new ClientService(
$c->getConfig(),
- new \OC\Security\CertificateManager($uid, new View(), $c->getConfig(), $c->getLogger())
+ new \OC\Security\CertificateManager(
+ $uid,
+ new View(),
+ $c->getConfig(),
+ $c->getLogger(),
+ $c->getSecureRandom()
+ )
);
});
$this->registerAlias('HttpClientService', \OCP\Http\Client\IClientService::class);
}
$userId = $user->getUID();
}
- return new CertificateManager($userId, new View(), $this->getConfig(), $this->getLogger());
+ return new CertificateManager(
+ $userId,
+ new View(),
+ $this->getConfig(),
+ $this->getLogger(),
+ $this->getSecureRandom()
+ );
}
/**
use \OC\Security\CertificateManager;
use OCP\IConfig;
use OCP\ILogger;
+use OCP\Security\ISecureRandom;
/**
* Class CertificateManagerTest
private $certificateManager;
/** @var String */
private $username;
+ /** @var ISecureRandom */
+ private $random;
protected function setUp() {
parent::setUp();
$config->expects($this->any())->method('getSystemValue')
->with('installed', false)->willReturn(true);
- $this->certificateManager = new CertificateManager($this->username, new \OC\Files\View(), $config, $this->createMock(ILogger::class));
+ $this->random = $this->createMock(ISecureRandom::class);
+ $this->random->method('generate')
+ ->willReturn('random');
+
+ $this->certificateManager = new CertificateManager(
+ $this->username,
+ new \OC\Files\View(),
+ $config,
+ $this->createMock(ILogger::class),
+ $this->random
+ );
}
protected function tearDown() {
/** @var CertificateManager | \PHPUnit_Framework_MockObject_MockObject $certificateManager */
$certificateManager = $this->getMockBuilder('OC\Security\CertificateManager')
- ->setConstructorArgs([$uid, $view, $config, $this->createMock(ILogger::class)])
+ ->setConstructorArgs([$uid, $view, $config, $this->createMock(ILogger::class), $this->random])
->setMethods(['getFilemtimeOfCaBundle', 'getCertificateBundle'])
->getMock();
projects / nextcloud-server.git / commitdiff