You are here

public static function CaBundle::getSystemCaRootBundlePath in Smart IP 7.2

Same name and namespace in other branches
  1. 6.2 includes/vendor/composer/ca-bundle/src/CaBundle.php \Composer\CaBundle\CaBundle::getSystemCaRootBundlePath()

Returns the system CA bundle path, or a path to the bundled one

This method was adapted from Sslurp. https://github.com/EvanDotPro/Sslurp

(c) Evan Coury <me@evancoury.com>

For the full copyright and license information, please see below:

Copyright (c) 2013, Evan Coury All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

  • Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
  • Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Parameters

LoggerInterface $logger optional logger for information about which CA files were loaded:

Return value

string path to a CA bundle file or directory

1 call to CaBundle::getSystemCaRootBundlePath()
Client::getCaBundle in includes/vendor/maxmind/web-service-common/src/WebService/Client.php

File

includes/vendor/composer/ca-bundle/src/CaBundle.php, line 64

Class

CaBundle
@author Chris Smith <chris@cs278.org> @author Jordi Boggiano <j.boggiano@seld.be>

Namespace

Composer\CaBundle

Code

public static function getSystemCaRootBundlePath(LoggerInterface $logger = null) {
  if (self::$caPath !== null) {
    return self::$caPath;
  }

  // If SSL_CERT_FILE env variable points to a valid certificate/bundle, use that.
  // This mimics how OpenSSL uses the SSL_CERT_FILE env variable.
  $envCertFile = getenv('SSL_CERT_FILE');
  if ($envCertFile && is_readable($envCertFile) && static::validateCaFile($envCertFile, $logger)) {
    return self::$caPath = $envCertFile;
  }

  // If SSL_CERT_DIR env variable points to a valid certificate/bundle, use that.
  // This mimics how OpenSSL uses the SSL_CERT_FILE env variable.
  $envCertDir = getenv('SSL_CERT_DIR');
  if ($envCertDir && is_dir($envCertDir) && is_readable($envCertDir)) {
    return self::$caPath = $envCertDir;
  }
  $configured = ini_get('openssl.cafile');
  if ($configured && strlen($configured) > 0 && is_readable($configured) && static::validateCaFile($configured, $logger)) {
    return self::$caPath = $configured;
  }
  $configured = ini_get('openssl.capath');
  if ($configured && is_dir($configured) && is_readable($configured)) {
    return self::$caPath = $configured;
  }
  $caBundlePaths = array(
    '/etc/pki/tls/certs/ca-bundle.crt',
    // Fedora, RHEL, CentOS (ca-certificates package)
    '/etc/ssl/certs/ca-certificates.crt',
    // Debian, Ubuntu, Gentoo, Arch Linux (ca-certificates package)
    '/etc/ssl/ca-bundle.pem',
    // SUSE, openSUSE (ca-certificates package)
    '/usr/local/share/certs/ca-root-nss.crt',
    // FreeBSD (ca_root_nss_package)
    '/usr/ssl/certs/ca-bundle.crt',
    // Cygwin
    '/opt/local/share/curl/curl-ca-bundle.crt',
    // OS X macports, curl-ca-bundle package
    '/usr/local/share/curl/curl-ca-bundle.crt',
    // Default cURL CA bunde path (without --with-ca-bundle option)
    '/usr/share/ssl/certs/ca-bundle.crt',
    // Really old RedHat?
    '/etc/ssl/cert.pem',
    // OpenBSD
    '/usr/local/etc/ssl/cert.pem',
    // FreeBSD 10.x
    '/usr/local/etc/openssl/cert.pem',
  );
  foreach ($caBundlePaths as $caBundle) {
    if (@is_readable($caBundle) && static::validateCaFile($caBundle, $logger)) {
      return self::$caPath = $caBundle;
    }
  }
  foreach ($caBundlePaths as $caBundle) {
    $caBundle = dirname($caBundle);
    if (@is_dir($caBundle) && glob($caBundle . '/*')) {
      return self::$caPath = $caBundle;
    }
  }
  return self::$caPath = static::getBundledCaBundlePath();

  // Bundled CA file, last resort
}