diff options
author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2017-03-22 12:33:24 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-03-22 12:33:24 +0100 |
commit | 11c4875190aced582f23b2041664972a3769008f (patch) | |
tree | aead0cc3613f1227928c4f9b6a4958f5dd72f559 | |
parent | d83b15cd8585b87b9bd1705dd5bb44cc975d9f9f (diff) | |
parent | 5a6e29e4a8d0df1dcb58810f5809cd820220467e (diff) | |
download | nextcloud-server-11c4875190aced582f23b2041664972a3769008f.tar.gz nextcloud-server-11c4875190aced582f23b2041664972a3769008f.zip |
Merge pull request #3983 from nextcloud/remove-owncloud-root-cert-as-per-todo
Remove ownCloud Root Authority as per todo
-rw-r--r-- | lib/private/IntegrityCheck/Checker.php | 9 |
1 files changed, 1 insertions, 8 deletions
diff --git a/lib/private/IntegrityCheck/Checker.php b/lib/private/IntegrityCheck/Checker.php index 419f989fa0f..d051dae11a7 100644 --- a/lib/private/IntegrityCheck/Checker.php +++ b/lib/private/IntegrityCheck/Checker.php @@ -347,14 +347,7 @@ class Checker { $x509->loadCA($rootCertificatePublicKey); $x509->loadX509($certificate); if(!$x509->validateSignature()) { - // FIXME: Once Nextcloud has it's own appstore we should remove the ownCloud Root Authority from here - $x509 = new \phpseclib\File\X509(); - $rootCertificatePublicKey = $this->fileAccessHelper->file_get_contents($this->environmentHelper->getServerRoot().'/resources/codesigning/owncloud.crt'); - $x509->loadCA($rootCertificatePublicKey); - $x509->loadX509($certificate); - if(!$x509->validateSignature()) { - throw new InvalidSignatureException('Certificate is not valid.'); - } + throw new InvalidSignatureException('Certificate is not valid.'); } // Verify if certificate has proper CN. "core" CN is always trusted. if($x509->getDN(X509::DN_OPENSSL)['CN'] !== $certificateCN && $x509->getDN(X509::DN_OPENSSL)['CN'] !== 'core') { |