Merge pull request #10420 from owncloud/external-share-self-signed

Make external shares work with imported self signed certificates

2 files changed, 39 insertions, 0 deletions

diff --git a/settings/ajax/addRootCertificate.php b/settings/ajax/addRootCertificate.php
new file mode 100644
index 00000000000..378ef39c1e5
--- /dev/null
+++ b/settings/ajax/addRootCertificate.php
@@ -0,0 +1,32 @@
+<?php
+OCP\JSON::checkLoggedIn();
+OCP\JSON::callCheck();
+
+$l = new OC_L10N('core');
+
+if (!isset($_FILES['rootcert_import'])) {
+	OCP\JSON::error(array('error' => 'No certificate uploaded'));
+	exit;
+}
+
+$data = file_get_contents($_FILES['rootcert_import']['tmp_name']);
+$filename = basename($_FILES['rootcert_import']['name']);
+
+$certificateManager = \OC::$server->getCertificateManager();
+
+try {
+	$cert = $certificateManager->addCertificate($data, $filename);
+	OCP\JSON::success(array(
+		'name' => $cert->getName(),
+		'commonName' => $cert->getCommonName(),
+		'organization' => $cert->getOrganization(),
+		'validFrom' => $cert->getIssueDate()->getTimestamp(),
+		'validTill' => $cert->getExpireDate()->getTimestamp(),
+		'validFromString' => $l->l('date', $cert->getIssueDate()),
+		'validTillString' => $l->l('date', $cert->getExpireDate()),
+		'issuer' => $cert->getIssuerName(),
+		'issuerOrganization' => $cert->getIssuerOrganization()
+	));
+} catch(\Exception $e) {
+	OCP\JSON::error(array('error' => 'Couldn\'t import SSL root certificate, allowed formats: PEM and DER'));
+}
diff --git a/settings/ajax/removeRootCertificate.php b/settings/ajax/removeRootCertificate.php
new file mode 100644
index 00000000000..a3de035269e
--- /dev/null
+++ b/settings/ajax/removeRootCertificate.php
@@ -0,0 +1,7 @@
+<?php
+OCP\JSON::checkLoggedIn();
+OCP\JSON::callCheck();
+
+$name = $_POST['cert'];
+$certificateManager = \OC::$server->getCertificateManager();
+$certificateManager->removeCertificate($name);