get_config('cacertinfo') will be null in default installs unless overridden, a default should be used
Bug #1084351 reported by
Hugh Davenport
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Confirmed
|
Low
|
Unassigned |
Bug Description
htdocs/lib/web.php line 3532
This config variable is both undocumented, and no default is given. I think that we should try and detect some reasonable default and give up if none possible. Documentation could also be good ;)
It appears to be only used in that one place, as a flag to set up more checks.
Changed in mahara: | |
milestone: | 1.7.0 → 1.8.0 |
Changed in mahara: | |
milestone: | 1.8rc1 → 1.8.0 |
no longer affects: | mahara/1.8 |
no longer affects: | mahara/1.9 |
Changed in mahara: | |
milestone: | 15.04.0 → 15.04.1 |
no longer affects: | mahara/1.10 |
Changed in mahara: | |
milestone: | 15.04.1 → 15.10.0 |
Changed in mahara: | |
milestone: | 15.10.0 → 16.04.0 |
Changed in mahara: | |
milestone: | 16.04.0 → 16.10.0 |
Changed in mahara: | |
milestone: | 16.10.0 → 16.10.1 |
Changed in mahara: | |
milestone: | 16.10.1 → 17.04.0 |
Changed in mahara: | |
milestone: | 17.04.0 → none |
status: | In Progress → Confirmed |
To post a comment you must log in.
What this config does is provides for PHP curl to verify the certificates of HTTPS servers that it connects to. Without this, it apparently just trusts anything.
We can perhaps copy the logic from https:/ /tracker. moodle. org/browse/ MDL-39356 , where Moodle recently implemented something similar. They appear to have included the cacert.pem from http:// curl.haxx. se/docs/ caextract. html