Start a branch for easier OpenSSL configuration.

3 files changed, 17 insertions, 1 deletions

diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php
index e129bc9313e..7eab620baa5 100755
--- a/apps/files_encryption/lib/crypt.php
+++ b/apps/files_encryption/lib/crypt.php
@@ -52,6 +52,7 @@ class Crypt {
 

 		$return = false;

 

+		$res = \OCA\Encryption\Helper::getOpenSSLPkey();

 		$res = openssl_pkey_new(array('private_key_bits' => 4096));

 

 		if ($res === false) {

diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php
index 0209a5d18b7..2cc905c2914 100755
--- a/apps/files_encryption/lib/helper.php
+++ b/apps/files_encryption/lib/helper.php
@@ -265,7 +265,7 @@ class Helper {
 	 * @return bool true if configuration seems to be OK
 	 */
 	public static function checkConfiguration() {
-		if(openssl_pkey_new(array('private_key_bits' => 4096))) {
+		if(self::getOpenSSLPkey()) {
 			return true;
 		} else {
 			while ($msg = openssl_error_string()) {
@@ -276,6 +276,16 @@ class Helper {
 	}
 
 	/**
+	 * Create an openssl pkey with config-supplied settings
+	 * @return resource The pkey resource created
+	 */
+	public static function getOpenSSLPkey() {
+		$config = array('private_key_bits' => 4096);
+		$config = array_merge(\OCP\Config::getSystemValue('openssl'), $config);
+		return openssl_pkey_new($config);
+	}
+
+	/**
 	 * @brief glob uses different pattern than regular expressions, escape glob pattern only
 	 * @param unescaped path
 	 * @return escaped path
diff --git a/config/config.sample.php b/config/config.sample.php
index 5f748438bc7..6425baf87cb 100644
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -214,4 +214,9 @@ $CONFIG = array(
 'preview_libreoffice_path' => '/usr/bin/libreoffice',
 /* cl parameters for libreoffice / openoffice */
 'preview_office_cl_parameters' => '',
+
+// Extra SSL options to be used for configuration
+'openssl' => array(
+	//'config' => '/path/to/openssl.cnf',
+),
 );