diff --git a/apps/files_external/ajax/addRootCertificate.php b/apps/files_external/ajax/addRootCertificate.php index 33cd64d2c7a6e261d39876b9a8d41b5407b1fe98..c192855629209e5b45491ca9f5339f30a5f43fe2 100644 --- a/apps/files_external/ajax/addRootCertificate.php +++ b/apps/files_external/ajax/addRootCertificate.php @@ -4,9 +4,23 @@ OCP\JSON::checkAppEnabled('files_external'); $view = \OCP\Files::getStorage("files_external"); $from = $_FILES['rootcert_import']['tmp_name']; -$to = \OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("").$_FILES['rootcert_import']['name']; +$path = \OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("").'uploads/'; +$to = $path.$_FILES['rootcert_import']['name']; move_uploaded_file($from, $to); +//check if it is a PEM certificate, otherwise convert it if possible +$fh = fopen($to, 'r'); +$data = fread($fh, filesize($to)); +fclose($fh); +if (!strpos($data, 'BEGIN CERTIFICATE')) { + $pem = chunk_split(base64_encode($data), 64, "\n"); + $pem = "-----BEGIN CERTIFICATE-----\n".$pem."-----END CERTIFICATE-----\n"; + $fh = fopen($to, 'w'); + fwrite($fh, $pem); +} + +OC_Mount_Config::createCertificateBundle(); + header("Location: settings/personal.php"); exit; ?> \ No newline at end of file diff --git a/apps/files_external/ajax/removeRootCertificate.php b/apps/files_external/ajax/removeRootCertificate.php index 05f2fdef2d16445f62bead338df92acf585cb737..a00922f4210023298491d7f8d0f9662a6711c605 100644 --- a/apps/files_external/ajax/removeRootCertificate.php +++ b/apps/files_external/ajax/removeRootCertificate.php @@ -4,6 +4,7 @@ OCP\JSON::checkAppEnabled('files_external'); $view = \OCP\Files::getStorage("files_external"); $cert = $_POST['cert']; -$file = \OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("").$cert; +$file = \OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("").'uploads/'.$cert; unlink($file); +OC_Mount_Config::createCertificateBundle(); ?> \ No newline at end of file diff --git a/apps/files_external/lib/config.php b/apps/files_external/lib/config.php index 4e82e6b254859fd92911e25266e4e971055a6e09..5630df77a91a5936c0962b8bfdca3076d43a3d21 100755 --- a/apps/files_external/lib/config.php +++ b/apps/files_external/lib/config.php @@ -244,7 +244,8 @@ class OC_Mount_Config { */ public static function getCertificates() { $view = \OCP\Files::getStorage('files_external'); - $path=\OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath(""); + $path=\OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("").'uploads/'; + if (!is_dir($path)) mkdir($path); $result = array(); $handle = opendir($path); while (false !== ($file = readdir($handle))) { @@ -252,6 +253,30 @@ class OC_Mount_Config { } return $result; } + + /** + * creates certificate bundle + */ + public static function createCertificateBundle() { + $view = \OCP\Files::getStorage("files_external"); + $path = \OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath(""); + + $certs = OC_Mount_Config::getCertificates(); + $fh_certs = fopen($path."/rootcerts.crt", 'w'); + foreach ($certs as $cert) { + $file=$path.'/uploads/'.$cert; + $fh = fopen($file, "r"); + $data = fread($fh, filesize($file)); + fclose($fh); + if (strpos($data, 'BEGIN CERTIFICATE')) { + fwrite($fh_certs, $data); + } + } + + fclose($fh_certs); + + return true; + } } diff --git a/apps/files_external/lib/webdav.php b/apps/files_external/lib/webdav.php index 9b874e62e33495cf0d1e1a44ee94da3c95893443..ea6ca65b976206109c26b581e1887f843cb37fc4 100644 --- a/apps/files_external/lib/webdav.php +++ b/apps/files_external/lib/webdav.php @@ -45,7 +45,7 @@ class OC_FileStorage_DAV extends OC_Filestorage_Common{ $this->client = new OC_Connector_Sabre_Client($settings); if($caview = \OCP\Files::getStorage('files_external')) { - $this->client->setCurlSettings(array(CURLOPT_CAPATH => \OCP\Config::getSystemValue('datadirectory').$caview->getAbsolutePath(""))); + $this->client->setCurlSettings(array(CURLOPT_CAINFO => \OCP\Config::getSystemValue('datadirectory').$caview->getAbsolutePath("").'rootcerts.crt')); } //create the root folder if necesary $this->mkdir(''); diff --git a/apps/files_external/templates/settings.php b/apps/files_external/templates/settings.php index 8f8fe8d527f3218db6462396cfae4b7f76755818..3d65e9b74733519824f5b815f6971ac90d8c647d 100644 --- a/apps/files_external/templates/settings.php +++ b/apps/files_external/templates/settings.php @@ -81,7 +81,7 @@ </table> <br /> - <?php if (!$_['isAdminPage'] && false): // disabled until sabredav can handle uploaded ca certs ?> + <?php if (!$_['isAdminPage']): ?> <table id="sslCertificate" data-admin='<?php echo json_encode($_['isAdminPage']); ?>'> <thead> <tr> diff --git a/lib/connector/sabre/client.php b/lib/connector/sabre/client.php index bcf564c06d15dcedac118f66acf9ab41331ba5ae..b799b541a055b5dd5af23f95bb8e7131ed29b6dd 100644 --- a/lib/connector/sabre/client.php +++ b/lib/connector/sabre/client.php @@ -68,7 +68,7 @@ class OC_Connector_Sabre_Client extends Sabre_DAV_Client { * @return array */ public function request($method, $url = '', $body = null, $headers = array()) { - + $this->curlSettings[CURLOPT_POSTFIELDS] = $body; $url = $this->getAbsoluteUrl($url);