Skip to content

Conversation

inuitviking
Copy link
Contributor

No description provided.

@inuitviking inuitviking requested a review from stankut October 26, 2023 08:25
$certificateLocator = $this->certificateLocatorHelper->getCertificateLocator();
$certificateLocator->getCertificates();
$certificate = $this->settings->getCertificate();
($certificate[CertificateLocatorHelper::LOCATOR_TYPE_FILE_SYSTEM]['path'] != NULL) ? $certificateLocator->getCertificate() : $certificateLocator->getCertificates();
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the code need some commenting, it take a while to process these two lines.

When you're using condition, it is preferred to use if structure, a shortened notation of a condition used when assigning the variable.

I don't think that the code servers the purpose now - before we checked of the cetificate can read by openssl_pkcs12_read, however now the test will pass even when cerificate file is simply present in the system:
$certificateLocator->getCertificate() is simply checking if there is a file with such name.

@inuitviking inuitviking requested a review from stankut October 27, 2023 12:18
},
"zaporylie/composer-drupal-optimizations": "^1.2",
"ext-openssl": "*"
},
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

will you fix the formatting?

$certificateLocator = $this->certificateLocatorHelper->getCertificateLocator();
$certificateLocator->getCertificates();
$this->messenger()->addStatus($this->t('Certificate succesfully tested'));
$certificatePath = $this->settings->getCertificate()[CertificateLocatorHelper::LOCATOR_TYPE_FILE_SYSTEM]['path'];
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if the returned array is empty, you will get a warning here - because value is not set. Might be wise to handle that gracefully

// Check the private key against the certificate.
$result = openssl_x509_check_private_key($certificateKeyFile, $keyCheckData);
// If the result is not "1", throw an exception.
if ($result != 1) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

returned result $result is of type boolean. It would be more correct to compare it against boolean value, instead of int.
If fact syntax can be simplified to:

if ($result) {
...

@rimi-itk
Copy link
Collaborator

rimi-itk commented Nov 8, 2023

@inuitviking and @stanbellcom, it seems weird that this PR is made from develop to main. PRs should be from a new branch to develop.

@stankut
Copy link
Collaborator

stankut commented Nov 9, 2023

@inuitviking and @stanbellcom, it seems weird that this PR is made from develop to main. PRs should be from a new branch to develop.

@rimi-itk i completely agree. I suggest to protected the develop and master branches from direct commits.
Who can do that? i do not have settings for this repository

@rimi-itk
Copy link
Collaborator

rimi-itk commented Nov 9, 2023

@stanbellcom, I've set up branch protection on the develop and master branches.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants