Improve handling when no certificate is provided.

- PHP 7.4 (sensibly) raises a notice when trying to access `false` as if it where an array, i.e. via $Plain_Client_Cerfificate['name']
GOCDB · Jan 24, 2025 · 4a58855 · 4a58855
1 parent 5474afb
commit 4a58855
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/lib/Authentication/AuthTokens/X509AuthenticationToken.php b/lib/Authentication/AuthTokens/X509AuthenticationToken.php
@@ -85,6 +85,14 @@ private function getDN() {
             $Raw_Client_Certificate = $_SERVER['SSL_CLIENT_CERT'];
             if (isset($Raw_Client_Certificate)) {
                 $Plain_Client_Cerfificate = openssl_x509_parse($Raw_Client_Certificate);
+
+                // $Plain_Client_Cerfificate will be an array in the presence of
+                // a certificate, otherwise, it will be `false`.
+                if (is_array($Plain_Client_Cerfificate)) {
+                    // Then no valid certificate was provided.
+                    return;
+                }
+
                 $User_DN = $Plain_Client_Cerfificate['name'];
                 if (isset($User_DN)) {
                     // Check that the dn does not contain a backslash - utf8 chars