public static function CaBundle::validateCaFile in Smart IP 7.2
Same name and namespace in other branches
- 6.2 includes/vendor/composer/ca-bundle/src/CaBundle.php \Composer\CaBundle\CaBundle::validateCaFile()
Validates a CA file using opensl_x509_parse only if it is safe to use
Parameters
string $filename:
LoggerInterface $logger optional logger for information about which CA files were loaded:
Return value
bool
1 call to CaBundle::validateCaFile()
- CaBundle::getSystemCaRootBundlePath in includes/
vendor/ composer/ ca-bundle/ src/ CaBundle.php - Returns the system CA bundle path, or a path to the bundled one
File
- includes/
vendor/ composer/ ca-bundle/ src/ CaBundle.php, line 144
Class
- CaBundle
- @author Chris Smith <chris@cs278.org> @author Jordi Boggiano <j.boggiano@seld.be>
Namespace
Composer\CaBundleCode
public static function validateCaFile($filename, LoggerInterface $logger = null) {
static $warned = false;
if (isset(self::$caFileValidity[$filename])) {
return self::$caFileValidity[$filename];
}
$contents = file_get_contents($filename);
// assume the CA is valid if php is vulnerable to
// https://www.sektioneins.de/advisories/advisory-012013-php-openssl_x509_parse-memory-corruption-vulnerability.html
if (!static::isOpensslParseSafe()) {
if (!$warned && $logger) {
$logger
->warning(sprintf('Your version of PHP, %s, is affected by CVE-2013-6420 and cannot safely perform certificate validation, we strongly suggest you upgrade.', PHP_VERSION));
$warned = true;
}
$isValid = !empty($contents);
}
else {
$isValid = (bool) openssl_x509_parse($contents);
}
if ($logger) {
$logger
->debug('Checked CA file ' . realpath($filename) . ': ' . ($isValid ? 'valid' : 'invalid'));
}
return self::$caFileValidity[$filename] = $isValid;
}