From fb34f49913e55731031a2e5c1b8041259df5c5ef Mon Sep 17 00:00:00 2001
From: Owen Winkler <epithet@gmail.com>
Date: Sun, 18 Aug 2013 13:11:48 -0400
Subject: [PATCH] Start a branch for easier OpenSSL configuration.

---
 apps/files_encryption/lib/crypt.php  |  1 +
 apps/files_encryption/lib/helper.php | 12 +++++++++++-
 config/config.sample.php             |  5 +++++
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php
index e129bc9313..7eab620baa 100755
--- a/apps/files_encryption/lib/crypt.php
+++ b/apps/files_encryption/lib/crypt.php
@@ -52,6 +52,7 @@ class Crypt {
 
 		$return = false;
 
+		$res = \OCA\Encryption\Helper::getOpenSSLPkey();
 		$res = openssl_pkey_new(array('private_key_bits' => 4096));
 
 		if ($res === false) {
diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php
index 0209a5d18b..2cc905c291 100755
--- a/apps/files_encryption/lib/helper.php
+++ b/apps/files_encryption/lib/helper.php
@@ -265,7 +265,7 @@ class Helper {
 	 * @return bool true if configuration seems to be OK
 	 */
 	public static function checkConfiguration() {
-		if(openssl_pkey_new(array('private_key_bits' => 4096))) {
+		if(self::getOpenSSLPkey()) {
 			return true;
 		} else {
 			while ($msg = openssl_error_string()) {
@@ -275,6 +275,16 @@ class Helper {
 		}
 	}
 
+	/**
+	 * Create an openssl pkey with config-supplied settings
+	 * @return resource The pkey resource created
+	 */
+	public static function getOpenSSLPkey() {
+		$config = array('private_key_bits' => 4096);
+		$config = array_merge(\OCP\Config::getSystemValue('openssl'), $config);
+		return openssl_pkey_new($config);
+	}
+
 	/**
 	 * @brief glob uses different pattern than regular expressions, escape glob pattern only
 	 * @param unescaped path
diff --git a/config/config.sample.php b/config/config.sample.php
index 5f748438bc..6425baf87c 100644
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -214,4 +214,9 @@ $CONFIG = array(
 'preview_libreoffice_path' => '/usr/bin/libreoffice',
 /* cl parameters for libreoffice / openoffice */
 'preview_office_cl_parameters' => '',
+
+// Extra SSL options to be used for configuration
+'openssl' => array(
+	//'config' => '/path/to/openssl.cnf',
+),
 );
-- 
GitLab