sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Do not write and read rootcerts.crt at the same time 

(Possibly) fixes #3470

When updating the main file /files_external/rootcerts.crt we should not
read from /files_external/rootcerts.crt at the same time.

For 2 reasons: writing to a file and reading from it at the same time
can have non deterministic results

And we don't want all the certificates to appear 2 times in there.

This isn't caught by our standard file locking (that does not allow this
actually) because it is in a non locked path....

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
pull/4758/head
Roeland Jago Douma 2017-05-09 13:00:07 +07:00
parent 46f7e8202f
commit 5a61a794d4
No known key found for this signature in database
GPG Key ID: F941078878347C0C
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/private/Security/CertificateManager.php
Unescape Escape View File

@ -119,7 +119,8 @@ class CertificateManager implements ICertificateManager {
return;
}
$fhCerts = $this->view->fopen($path . '/rootcerts.crt', 'w');
$certPath = $path . 'rootcerts.crt';
$fhCerts = $this->view->fopen($certPath, 'w');
// Write user certificates
foreach ($certs as $cert) {
@ -136,7 +137,7 @@ class CertificateManager implements ICertificateManager {
// Append the system certificate bundle
$systemBundle = $this->getCertificateBundle(null);
if ($this->view->file_exists($systemBundle)) {
if ($systemBundle !== $certPath && $this->view->file_exists($systemBundle)) {
$systemCertificates = $this->view->file_get_contents($systemBundle);
fwrite($fhCerts, $systemCertificates);
}