Skip to content

Commit fa8cb6a

Browse files
blizzzblizzz
authored
Merge pull request #562 from nextcloud/backport/556/stable25
[stable25] fix: Correctly check result of function
2 parents 739dff4 + de53367 commit fa8cb6a

File tree

3 files changed

+4
-4
lines changed

3 files changed

+4
-4
lines changed

index.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -688,12 +688,12 @@ public function verifyIntegrity() {
688688
-----END CERTIFICATE-----
689689
EOF;
690690

691-
$validSignature = (bool)openssl_verify(
691+
$validSignature = openssl_verify(
692692
file_get_contents($this->getDownloadedFilePath()),
693693
base64_decode($response['signature']),
694694
$certificate,
695695
OPENSSL_ALGO_SHA512
696-
);
696+
) === 1;
697697

698698
if ($validSignature === false) {
699699
throw new \Exception('Signature of update is not valid');

lib/Updater.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -652,12 +652,12 @@ public function verifyIntegrity() {
652652
-----END CERTIFICATE-----
653653
EOF;
654654

655-
$validSignature = (bool)openssl_verify(
655+
$validSignature = openssl_verify(
656656
file_get_contents($this->getDownloadedFilePath()),
657657
base64_decode($response['signature']),
658658
$certificate,
659659
OPENSSL_ALGO_SHA512
660-
);
660+
) === 1;
661661

662662
if ($validSignature === false) {
663663
throw new \Exception('Signature of update is not valid');

updater.phar

0 Bytes
Binary file not shown.

0 commit comments

Comments
 (0)