summaryrefslogtreecommitdiffstats
path: root/lib/private/Security/CertificateManager.php
Commit message (Collapse)AuthorAgeFilesLines
* log failures to read certificates during listingRobin Appelman2023-07-101-1/+7
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Merge pull request #35092 from Messj1/bugfix/type-error-cert-manager-cache-pathJohn Molakvoæ2023-05-041-5/+12
|\
| * [BUGFIX] throw exception instead of error if unable to create file handler ↵Jan Messer2023-04-061-0/+4
| | | | | | | | | | | | (only exceptions are catch) Signed-off-by: Jan Messer <jan@mtec-studios.ch>
| * [BUGFIX] check return value and improve error handlingJan Messer2023-04-061-5/+8
| | | | | | | | | | | | | | With S3 primary storage there was a problem with getting the CA bundle from the storage without having the CA bundle for the connection which causes that the CertificateManager was throwing an Error. This commit improves the handling in CertificateManager and log unexpected behaviors. Signed-off-by: Jan Messer <jan@mtec-studios.ch>
* | Use typed version of IConfig::getSystemValue as much as possibleCôme Chilliet2023-04-051-2/+2
|/ | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Fix return type of methods returning false on errorCôme Chilliet2023-04-031-20/+10
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Migrate from ILogger to LoggerInterface in lib/privateCôme Chilliet2022-03-241-13/+5
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* cache the path of the certificate bundleRobin Appelman2022-03-171-7/+15
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* return default bundle when there is an error getting the bundleRobin Appelman2022-03-141-7/+11
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Update php licensesJohn Molakvoæ (skjnldsv)2021-06-041-1/+1
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Make Security module strictJ0WI2021-04-191-9/+13
| | | | Signed-off-by: J0WI <J0WI@users.noreply.github.com>
* Always return the default path if we canRoeland Jago Douma2020-11-031-0/+28
| | | | | | | | Just check in the certifcate manager. So every part of the system that request the certificatebundle gets the defaullt one (the 99% case) if we can. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Improve CertificateManager to not be user context dependentMorris Jobke2020-11-031-51/+15
| | | | | | | | | * removes the ability for users to import their own certificates (for external storage) * reliably returns the same certificate bundles system wide (and not depending on the user context and available sessions) The user specific certificates were broken in some cases anyways, as they are only loaded if the specific user is logged in and thus causing unexpected behavior for background jobs and other non-user triggered code paths. Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Format control structures, classes, methods and functionChristoph Wurst2020-04-101-3/+0
| | | | | | | | | | | | | | | To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Update the license headers for Nextcloud 19Christoph Wurst2020-03-311-0/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Use the short array syntax, everywhereChristoph Wurst2020-03-261-4/+4
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Update license headersChristoph Wurst2019-12-051-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Return value immediately instead of assigning to a one-time variableMorris Jobke2018-01-261-3/+1
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Update license headersMorris Jobke2017-11-061-0/+1
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* null is a valid parameterLukas Reschke2017-08-011-2/+2
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Write cert bundle to tmp file firstRoeland Jago Douma2017-07-121-3/+16
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Do not write and read rootcerts.crt at the same timeRoeland Jago Douma2017-05-091-2/+3
| | | | | | | | | | | | | | | | | (Possibly) fixes #3470 When updating the main file /files_external/rootcerts.crt we should not read from /files_external/rootcerts.crt at the same time. For 2 reasons: writing to a file and reading from it at the same time can have non deterministic results And we don't want all the certificates to appear 2 times in there. This isn't caught by our standard file locking (that does not allow this actually) because it is in a non locked path.... Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* dont write a certificate bundle if the shipped ca bundle is emptyRobin Appelman2017-01-091-3/+17
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Update with robinJoas Schilling2016-07-211-1/+1
|
* Fix othersJoas Schilling2016-07-211-2/+4
|
* add test for needsRebundling() checkBjoern Schiessle2016-07-111-1/+11
|
* always check the mtime of the system bundle and additionally the user ↵Bjoern Schiessle2016-07-081-1/+2
| | | | specific certificate bundle if a user is given
* Update license headersLukas Reschke2016-05-261-2/+2
|
* Move \OC\Security to PSR-4Roeland Jago Douma2016-04-141-0/+250
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-21 13:20:46 +0000