dropdevcoding
diff --git a/‎phpseclib/File/X509.php‎
Lines changed: 9 additions & 5 deletions b/‎phpseclib/File/X509.php‎
Lines changed: 9 additions & 5 deletions
@@ -53,8 +53,9 @@
 /**
  * Flag to only accept signatures signed by certificate authorities
  *
+ * Not really used anymore but retained all the same to suppress E_NOTICEs from old installs
+ *
  * @access public
- * @see File_X509::validateSignature()
  */
 define('FILE_X509_VALIDATE_SIGNATURE_BY_CA', 1);
 
@@ -1989,13 +1990,16 @@ function validateDate($date = NULL)
  * Works on X.509 certs, CSR's and CRL's.
  * Returns true if the signature is verified, false if it is not correct or NULL on error
  *
+ * By default returns false for self-signed certs. Call validateSignature(false) to make this support
+ * self-signed.
+ *
  * The behavior of this function is inspired by {@link http://php.net/openssl-verify openssl_verify}.
  *
- * @param Integer $options optional
+ * @param Boolean $caonly optional
  * @access public
  * @return Mixed
  */
- function validateSignature($options = 0)
+ function validateSignature($caonly = true)
  {
  if (!is_array($this->currentCert) || !isset($this->signatureSubject)) {
  return 0;
@@ -2036,10 +2040,10 @@ function validateSignature($options = 0)
  }
  }
  }
- if (count($this->CAs) == $i && ($options & FILE_X509_VALIDATE_SIGNATURE_BY_CA)) {
+ if (count($this->CAs) == $i && $caonly) {
  return false;
  }
- } elseif (!isset($signingCert) || ($options & FILE_X509_VALIDATE_SIGNATURE_BY_CA)) {
+ } elseif (!isset($signingCert) || $caonly) {
  return false;
  }
  return $this->_validateSignature(
Original file line number	Diff line number	Diff line change
`@@ -53,8 +53,9 @@`
`53`	`53`	`/**`
`54`	`54`	`* Flag to only accept signatures signed by certificate authorities`
`55`	`55`	`*`
	`56`	`+ * Not really used anymore but retained all the same to suppress E_NOTICEs from old installs`
	`57`	`+ *`
`56`	`58`	`* @access public`
`57`		`- * @see File_X509::validateSignature()`
`58`	`59`	`*/`
`59`	`60`	`define('FILE_X509_VALIDATE_SIGNATURE_BY_CA', 1);`
`60`	`61`
`@@ -1989,13 +1990,16 @@ function validateDate($date = NULL)`
`1989`	`1990`	`* Works on X.509 certs, CSR's and CRL's.`
`1990`	`1991`	`* Returns true if the signature is verified, false if it is not correct or NULL on error`
`1991`	`1992`	`*`
	`1993`	`+ * By default returns false for self-signed certs. Call validateSignature(false) to make this support`
	`1994`	`+ * self-signed.`
	`1995`	`+ *`
`1992`	`1996`	`* The behavior of this function is inspired by {@link http://php.net/openssl-verify openssl_verify}.`
`1993`	`1997`	`*`
`1994`		`- * @param Integer $options optional`
	`1998`	`+ * @param Boolean $caonly optional`
`1995`	`1999`	`* @access public`
`1996`	`2000`	`* @return Mixed`
`1997`	`2001`	`*/`
`1998`		`- function validateSignature($options = 0)`
	`2002`	`+ function validateSignature($caonly = true)`
`1999`	`2003`	`{`
`2000`	`2004`	`if (!is_array($this->currentCert) \|\| !isset($this->signatureSubject)) {`
`2001`	`2005`	`return 0;`
`@@ -2036,10 +2040,10 @@ function validateSignature($options = 0)`
`2036`	`2040`	`}`
`2037`	`2041`	`}`
`2038`	`2042`	`}`
`2039`		`- if (count($this->CAs) == $i && ($options & FILE_X509_VALIDATE_SIGNATURE_BY_CA)) {`
	`2043`	`+ if (count($this->CAs) == $i && $caonly) {`
`2040`	`2044`	`return false;`
`2041`	`2045`	`}`
`2042`		`- } elseif (!isset($signingCert) \|\| ($options & FILE_X509_VALIDATE_SIGNATURE_BY_CA)) {`
	`2046`	`+ } elseif (!isset($signingCert) \|\| $caonly) {`
`2043`	`2047`	`return false;`
`2044`	`2048`	`}`
`2045`	`2049`	`return $this->_validateSignature(`