Implement proper verification of certificate's public_key against the private_key

author: Kamil Trzcinski <ayufan@ayufan.eu> 2016-02-09 19:04:39 +0100
committer: James Edwards-Jones <jedwardsjones@gitlab.com> 2017-01-31 22:53:57 +0000
commit: 930a7030b5a0080128b2fe3e2b9506717c54a6a5 (patch)
tree: 52c998612b54ce45c87b6731a8b23f85a59d5b7d /app/controllers/projects/pages_controller.rb
parent: 5f7257c27dace1dcb9d3eb4732caf68f061a8d68 (diff)
download: gitlab-ce-930a7030b5a0080128b2fe3e2b9506717c54a6a5.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/app/controllers/projects/pages_controller.rb b/app/controllers/projects/pages_controller.rb
index ef0ed505142..359544472e9 100644
--- a/app/controllers/projects/pages_controller.rb
+++ b/app/controllers/projects/pages_controller.rb
@@ -54,8 +54,9 @@ class Projects::PagesController < Projects::ApplicationController
     return false unless certificate
     return false unless certificate_key
 
-    certificate.verify(certificate_key)
-  rescue OpenSSL::X509::CertificateError
+    # We compare the public key stored in certificate with public key from certificate key
+    certificate.public_key.to_pem == certificate_key.public_key.to_pem
+  rescue OpenSSL::X509::CertificateError, OpenSSL::PKey::PKeyError
     false
   end
author	Kamil Trzcinski <ayufan@ayufan.eu>	2016-02-09 19:04:39 +0100
committer	James Edwards-Jones <jedwardsjones@gitlab.com>	2017-01-31 22:53:57 +0000
commit	930a7030b5a0080128b2fe3e2b9506717c54a6a5 (patch)
tree	52c998612b54ce45c87b6731a8b23f85a59d5b7d /app/controllers/projects/pages_controller.rb
parent	5f7257c27dace1dcb9d3eb4732caf68f061a8d68 (diff)
download	gitlab-ce-930a7030b5a0080128b2fe3e2b9506717c54a6a5.tar.gz