diff options
Diffstat (limited to 'lib/private/repair/updatecertificatestore.php')
| -rw-r--r-- | lib/private/repair/updatecertificatestore.php | 88 |
1 files changed, 88 insertions, 0 deletions
diff --git a/lib/private/repair/updatecertificatestore.php b/lib/private/repair/updatecertificatestore.php new file mode 100644 index 00000000000..5fad309a959 --- /dev/null +++ b/lib/private/repair/updatecertificatestore.php @@ -0,0 +1,88 @@ +<?php +/** + * @author Lukas Reschke <lukas@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OC\Repair; + +use OC\Files\View; +use OC\Hooks\BasicEmitter; +use OC\RepairStep; +use OC\Server; +use OCP\IConfig; + +/** + * Class UpdateCertificateStore rewrites the user specific certificate store after + * an update has been performed. This is done because a new root certificate file + * might have been added. + * + * @package OC\Repair + */ +class UpdateCertificateStore extends BasicEmitter implements RepairStep { + /** + * FIXME: The certificate manager does only allow specifying the user + * within the constructor. This makes DI impossible. + * @var Server + */ + protected $server; + /** @var IConfig */ + protected $config; + + /** + * @param Server $server + * @param IConfig $config + */ + public function __construct(Server $server, + IConfig $config) { + $this->server = $server; + $this->config = $config; + } + + /** {@inheritDoc} */ + public function getName() { + return 'Update user certificate stores with new root certificates'; + } + + /** {@inheritDoc} */ + public function run() { + $rootView = new View(); + $dataDirectory = $this->config->getSystemValue('datadirectory', null); + if(is_null($dataDirectory)) { + throw new \Exception('No data directory specified'); + } + + $pathToRootCerts = '/files_external/rootcerts.crt'; + + foreach($rootView->getDirectoryContent('', 'httpd/unix-directory') as $fileInfo) { + $uid = trim($fileInfo->getPath(), '/'); + if($rootView->file_exists($uid . $pathToRootCerts)) { + // Delete the existing root certificate + $rootView->unlink($uid . $pathToRootCerts); + + /** + * FIXME: The certificate manager does only allow specifying the user + * within the constructor. This makes DI impossible. + */ + // Regenerate the certificates + $certificateManager = $this->server->getCertificateManager($uid); + $certificateManager->createCertificateBundle(); + } + } + } +} |