diff options
author | Richard Steinmetz <richard@steinmetz.cloud> | 2024-09-24 10:33:07 +0200 |
---|---|---|
committer | Richard Steinmetz <richard@steinmetz.cloud> | 2024-09-30 09:21:59 +0200 |
commit | e2373b56fe9441a1f5a6b5b802410ff4164579da (patch) | |
tree | 83ff4cf7caf933aab67cec0a525e29fb5bfa7881 /lib | |
parent | aec1ac1da4504f2c0c4ee2d5dd5b85eab19a4579 (diff) | |
download | nextcloud-server-e2373b56fe9441a1f5a6b5b802410ff4164579da.tar.gz nextcloud-server-e2373b56fe9441a1f5a6b5b802410ff4164579da.zip |
fix: gracefully parse non-standard trusted certificatesbackport/48307/stable29
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/private/Security/Certificate.php | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/lib/private/Security/Certificate.php b/lib/private/Security/Certificate.php index 759c71b2eec..a198bdd886e 100644 --- a/lib/private/Security/Certificate.php +++ b/lib/private/Security/Certificate.php @@ -61,6 +61,16 @@ class Certificate implements ICertificate { $info = openssl_x509_parse($data); if (!is_array($info)) { + // There is a non-standardized certificate format only used by OpenSSL. Replace all + // separators and try again. + $data = str_replace( + ['-----BEGIN TRUSTED CERTIFICATE-----', '-----END TRUSTED CERTIFICATE-----'], + ['-----BEGIN CERTIFICATE-----', '-----END CERTIFICATE-----'], + $data, + ); + $info = openssl_x509_parse($data); + } + if (!is_array($info)) { throw new \Exception('Certificate could not get parsed.'); } |