Fix certificate testing, and allowing RSA certs as well as pkcs12 #72
Conversation
| @@ -258,7 +258,8 @@ public function submitForm(array &$form, FormStateInterface $formState): void { | |||
| private function testCertificate(): void { | |||
| try { | |||
| $certificateLocator = $this->certificateLocatorHelper->getCertificateLocator(); | |||
| $certificateLocator->getCertificates(); | |||
| $certificate = $this->settings->getCertificate(); | |||
| ($certificate[CertificateLocatorHelper::LOCATOR_TYPE_FILE_SYSTEM]['path'] != NULL) ? $certificateLocator->getCertificate() : $certificateLocator->getCertificates(); | |||
There was a problem hiding this comment.
the code need some commenting, it take a while to process these two lines.
When you're using condition, it is preferred to use if structure, a shortened notation of a condition used when assigning the variable.
I don't think that the code servers the purpose now - before we checked of the cetificate can read by openssl_pkcs12_read, however now the test will pass even when cerificate file is simply present in the system:
$certificateLocator->getCertificate() is simply checking if there is a file with such name.
| }, | ||
| "zaporylie/composer-drupal-optimizations": "^1.2", | ||
| "ext-openssl": "*" | ||
| }, |
There was a problem hiding this comment.
will you fix the formatting?
| @@ -258,8 +258,27 @@ public function submitForm(array &$form, FormStateInterface $formState): void { | |||
| private function testCertificate(): void { | |||
| try { | |||
| $certificateLocator = $this->certificateLocatorHelper->getCertificateLocator(); | |||
| $certificateLocator->getCertificates(); | |||
| $this->messenger()->addStatus($this->t('Certificate succesfully tested')); | |||
| $certificatePath = $this->settings->getCertificate()[CertificateLocatorHelper::LOCATOR_TYPE_FILE_SYSTEM]['path']; | |||
There was a problem hiding this comment.
if the returned array is empty, you will get a warning here - because value is not set. Might be wise to handle that gracefully
| // Check the private key against the certificate. | ||
| $result = openssl_x509_check_private_key($certificateKeyFile, $keyCheckData); | ||
| // If the result is not "1", throw an exception. | ||
| if ($result != 1) { |
There was a problem hiding this comment.
returned result $result is of type boolean. It would be more correct to compare it against boolean value, instead of int.
If fact syntax can be simplified to:
if ($result) {
...
…values Handled nested elements in webform inherit
|
@inuitviking and @stanbellcom, it seems weird that this PR is made from |
@rimi-itk i completely agree. I suggest to protected the develop and master branches from direct commits. |
|
@stanbellcom, I've set up branch protection on the |
No description provided.