public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code

Merge pull request #7649 from aragon999/bugfix/fix-detection-of-supported-ssl-algos 

Use a case insenstive method to check that SHA384 is a supported openssl algorithm
pull/7673/head
Jordi Boggiano 2018-09-24 12:51:55 +02:00 committed by GitHub
parent 0124e7b553 4d86414dd1
commit 7e2e231899
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Composer/Command/SelfUpdateCommand.php
View File

@ -220,7 +220,7 @@ TAGSPUBKEY
$pubkeyid = openssl_pkey_get_public($sigFile); $pubkeyid = openssl_pkey_get_public($sigFile);
$algo = defined('OPENSSL_ALGO_SHA384') ? OPENSSL_ALGO_SHA384 : 'SHA384'; $algo = defined('OPENSSL_ALGO_SHA384') ? OPENSSL_ALGO_SHA384 : 'SHA384';
if (!in_array('SHA384', openssl_get_md_methods())) { if (!in_array('sha384', array_map('strtolower', openssl_get_md_methods()))) {
throw new \RuntimeException('SHA384 is not supported by your openssl extension, could not verify the phar file integrity'); throw new \RuntimeException('SHA384 is not supported by your openssl extension, could not verify the phar file integrity');
} }
$signature = json_decode($signature, true); $signature = json_decode($signature, true);