From 696c78de58c6cb593bc76e0e9ef08892f93d650a Mon Sep 17 00:00:00 2001 From: David Hancock Date: Tue, 28 Nov 2017 09:03:40 +0000 Subject: [PATCH] Add toggle to disable key permissions check --- src/CryptKey.php | 25 +++++++++++-------------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/src/CryptKey.php b/src/CryptKey.php index 8b1ed110..d04c6051 100644 --- a/src/CryptKey.php +++ b/src/CryptKey.php @@ -29,8 +29,9 @@ class CryptKey /** * @param string $keyPath * @param null|string $passPhrase + * @param bool $keyPermissionsCheck */ - public function __construct($keyPath, $passPhrase = null) + public function __construct($keyPath, $passPhrase = null, $keyPermissionsCheck = true) { if (preg_match(self::RSA_KEY_PATTERN, $keyPath)) { $keyPath = $this->saveKeyToFile($keyPath); @@ -44,20 +45,16 @@ class CryptKey throw new \LogicException(sprintf('Key path "%s" does not exist or is not readable', $keyPath)); } - // Verify the permissions of the key - $keyPathPerms = decoct(fileperms($keyPath) & 0777); - if ($keyPathPerms !== '600') { - // Attempt to correct the permissions - if (chmod($keyPath, 0600) === false) { + if ($keyPermissionsCheck === true) { + // Verify the permissions of the key + $keyPathPerms = decoct(fileperms($keyPath) & 0777); + if (in_array($keyPathPerms, ['600', '660'], true) === false) { // @codeCoverageIgnoreStart - trigger_error( - sprintf( - 'Key file "%s" permissions are not correct, should be 600 instead of %s, unable to automatically resolve the issue', - $keyPath, - $keyPathPerms - ), - E_USER_NOTICE - ); + trigger_error(sprintf( + 'Key file "%s" permissions are not correct, should be 600 or 660 instead of %s', + $keyPath, + $keyPathPerms + ), E_USER_NOTICE); // @codeCoverageIgnoreEnd } }