diff options
| author | Thomas Müller <DeepDiver1975@users.noreply.github.com> | 2016-04-22 09:35:06 +0200 |
|---|---|---|
| committer | Thomas Müller <DeepDiver1975@users.noreply.github.com> | 2016-04-22 09:35:06 +0200 |
| commit | 75e770c8cf8057bf09535d4de1b8eb93d02b3aa1 (patch) | |
| tree | ac05e9c5450cc3c532961798bfb52356b1788073 | |
| parent | e5691ab5cc703e6fab4f1b29ef8bafa455fa1d09 (diff) | |
| parent | 9cdb8817258e62917c78765efc127247eb181b87 (diff) | |
| download | nextcloud-server-75e770c8cf8057bf09535d4de1b8eb93d02b3aa1.tar.gz nextcloud-server-75e770c8cf8057bf09535d4de1b8eb93d02b3aa1.zip | |
Merge pull request #24168 from owncloud/stable8-certificate
[stable8] Ignore certificate file if it starts with file://
| -rw-r--r-- | lib/private/security/certificate.php | 7 | ||||
| -rw-r--r-- | tests/lib/security/certificate.php | 8 |
2 files changed, 15 insertions, 0 deletions
diff --git a/lib/private/security/certificate.php b/lib/private/security/certificate.php index 58563550f81..c957a2a6a00 100644 --- a/lib/private/security/certificate.php +++ b/lib/private/security/certificate.php @@ -34,6 +34,13 @@ class Certificate implements ICertificate { */ public function __construct($data, $name) { $this->name = $name; + + // If string starts with "file://" ignore the certificate + $query = 'file://'; + if(strtolower(substr($data, 0, strlen($query))) === $query) { + throw new \Exception('Certificate could not get parsed.'); + } + try { $gmt = new \DateTimeZone('GMT'); $info = openssl_x509_parse($data); diff --git a/tests/lib/security/certificate.php b/tests/lib/security/certificate.php index 4caacf900e7..e59f06db5c4 100644 --- a/tests/lib/security/certificate.php +++ b/tests/lib/security/certificate.php @@ -36,6 +36,14 @@ class CertificateTest extends \Test\TestCase { new Certificate('foo', 'bar'); } + /** + * @expectedException \Exception + * @expectedExceptionMessage Certificate could not get parsed. + */ + function testCertificateStartingWithFileReference() { + new Certificate('file://'.__DIR__ . '/../../data/certificates/goodCertificate.crt', 'bar'); + } + function testGetName() { $this->assertSame('GoodCertificate', $this->goodCertificate->getName()); $this->assertSame('BadCertificate', $this->invalidCertificate->getName()); |