aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRoeland Jago Douma <rullzer@users.noreply.github.com>2017-03-22 12:33:24 +0100
committerGitHub <noreply@github.com>2017-03-22 12:33:24 +0100
commit11c4875190aced582f23b2041664972a3769008f (patch)
treeaead0cc3613f1227928c4f9b6a4958f5dd72f559
parentd83b15cd8585b87b9bd1705dd5bb44cc975d9f9f (diff)
parent5a6e29e4a8d0df1dcb58810f5809cd820220467e (diff)
downloadnextcloud-server-11c4875190aced582f23b2041664972a3769008f.tar.gz
nextcloud-server-11c4875190aced582f23b2041664972a3769008f.zip
Merge pull request #3983 from nextcloud/remove-owncloud-root-cert-as-per-todo
Remove ownCloud Root Authority as per todo
-rw-r--r--lib/private/IntegrityCheck/Checker.php9
1 files changed, 1 insertions, 8 deletions
diff --git a/lib/private/IntegrityCheck/Checker.php b/lib/private/IntegrityCheck/Checker.php
index 419f989fa0f..d051dae11a7 100644
--- a/lib/private/IntegrityCheck/Checker.php
+++ b/lib/private/IntegrityCheck/Checker.php
@@ -347,14 +347,7 @@ class Checker {
$x509->loadCA($rootCertificatePublicKey);
$x509->loadX509($certificate);
if(!$x509->validateSignature()) {
- // FIXME: Once Nextcloud has it's own appstore we should remove the ownCloud Root Authority from here
- $x509 = new \phpseclib\File\X509();
- $rootCertificatePublicKey = $this->fileAccessHelper->file_get_contents($this->environmentHelper->getServerRoot().'/resources/codesigning/owncloud.crt');
- $x509->loadCA($rootCertificatePublicKey);
- $x509->loadX509($certificate);
- if(!$x509->validateSignature()) {
- throw new InvalidSignatureException('Certificate is not valid.');
- }
+ throw new InvalidSignatureException('Certificate is not valid.');
}
// Verify if certificate has proper CN. "core" CN is always trusted.
if($x509->getDN(X509::DN_OPENSSL)['CN'] !== $certificateCN && $x509->getDN(X509::DN_OPENSSL)['CN'] !== 'core') {