Merge pull request #16565 from owncloud/add-urandom-check
Add check for availability of /dev/urandom
This commit is contained in:
Thomas Müller
commit
07c6e523b1
4 changed files with 50 additions and 4 deletions
|
|
@ -64,6 +64,11 @@
|
|||
t('core', 'No memory cache has been configured. To enhance your performance please configure a memcache if available. Further information can be found in our <a href="{docLink}">documentation</a>.', {docLink: data.memcacheDocs})
|
||||
);
|
||||
}
|
||||
if(!data.isUrandomAvailable) {
|
||||
messages.push(
|
||||
t('core', '/dev/urandom is not readable by PHP which is highly discouraged for security reasons. Further information can be found in our <a href="{docLink}">documentation</a>.', {docLink: data.securityDocs})
|
||||
);
|
||||
}
|
||||
} else {
|
||||
messages.push(t('core', 'Error occurred while checking server setup'));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ describe('OC.SetupChecks tests', function() {
|
|||
{
|
||||
'Content-Type': 'application/json'
|
||||
},
|
||||
JSON.stringify({serverHasInternetConnection: false, memcacheDocs: 'https://doc.owncloud.org/server/go.php?to=admin-performance'})
|
||||
JSON.stringify({isUrandomAvailable: true, serverHasInternetConnection: false, memcacheDocs: 'https://doc.owncloud.org/server/go.php?to=admin-performance'})
|
||||
);
|
||||
|
||||
async.done(function( data, s, x ){
|
||||
|
|
@ -83,7 +83,7 @@ describe('OC.SetupChecks tests', function() {
|
|||
{
|
||||
'Content-Type': 'application/json'
|
||||
},
|
||||
JSON.stringify({serverHasInternetConnection: false, dataDirectoryProtected: false, memcacheDocs: 'https://doc.owncloud.org/server/go.php?to=admin-performance'})
|
||||
JSON.stringify({isUrandomAvailable: true, serverHasInternetConnection: false, dataDirectoryProtected: false, memcacheDocs: 'https://doc.owncloud.org/server/go.php?to=admin-performance'})
|
||||
);
|
||||
|
||||
async.done(function( data, s, x ){
|
||||
|
|
@ -100,7 +100,7 @@ describe('OC.SetupChecks tests', function() {
|
|||
{
|
||||
'Content-Type': 'application/json',
|
||||
},
|
||||
JSON.stringify({serverHasInternetConnection: false, dataDirectoryProtected: false, isMemcacheConfigured: true})
|
||||
JSON.stringify({isUrandomAvailable: true, serverHasInternetConnection: false, dataDirectoryProtected: false, isMemcacheConfigured: true})
|
||||
);
|
||||
|
||||
async.done(function( data, s, x ){
|
||||
|
|
@ -109,6 +109,22 @@ describe('OC.SetupChecks tests', function() {
|
|||
});
|
||||
});
|
||||
|
||||
it('should return an error if /dev/urandom is not accessible', function(done) {
|
||||
var async = OC.SetupChecks.checkSetup();
|
||||
|
||||
suite.server.requests[0].respond(
|
||||
200,
|
||||
{
|
||||
'Content-Type': 'application/json',
|
||||
},
|
||||
JSON.stringify({isUrandomAvailable: false, securityDocs: 'https://docs.owncloud.org/myDocs.html', serverHasInternetConnection: true, dataDirectoryProtected: true, isMemcacheConfigured: true})
|
||||
);
|
||||
|
||||
async.done(function( data, s, x ){
|
||||
expect(data).toEqual(['/dev/urandom is not readable by PHP which is highly discouraged for security reasons. Further information can be found in our <a href="https://docs.owncloud.org/myDocs.html">documentation</a>.']);
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('should return an error if the response has no statuscode 200', function(done) {
|
||||
var async = OC.SetupChecks.checkSetup();
|
||||
|
|
|
|||
|
|
@ -90,6 +90,23 @@ class CheckSetupController extends Controller {
|
|||
return $this->config->getSystemValue('memcache.local', null) !== null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Whether /dev/urandom is available to the PHP controller
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
private function isUrandomAvailable() {
|
||||
if(@file_exists('/dev/urandom')) {
|
||||
$file = fopen('/dev/urandom', 'rb');
|
||||
if($file) {
|
||||
fclose($file);
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return DataResponse
|
||||
*/
|
||||
|
|
@ -100,6 +117,8 @@ class CheckSetupController extends Controller {
|
|||
'dataDirectoryProtected' => $this->util->isHtaccessWorking($this->config),
|
||||
'isMemcacheConfigured' => $this->isMemcacheConfigured(),
|
||||
'memcacheDocs' => $this->urlGenerator->linkToDocs('admin-performance'),
|
||||
'isUrandomAvailable' => $this->isUrandomAvailable(),
|
||||
'securityDocs' => $this->urlGenerator->linkToDocs('admin-security'),
|
||||
]
|
||||
);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -224,10 +224,14 @@ class CheckSetupControllerTest extends TestCase {
|
|||
$this->util->expects($this->once())
|
||||
->method('isHtaccessWorking')
|
||||
->will($this->returnValue(true));
|
||||
$this->urlGenerator->expects($this->once())
|
||||
$this->urlGenerator->expects($this->at(0))
|
||||
->method('linkToDocs')
|
||||
->with('admin-performance')
|
||||
->willReturn('http://doc.owncloud.org/server/go.php?to=admin-performance');
|
||||
$this->urlGenerator->expects($this->at(1))
|
||||
->method('linkToDocs')
|
||||
->with('admin-security')
|
||||
->willReturn('https://doc.owncloud.org/server/8.1/admin_manual/configuration_server/hardening.html');
|
||||
|
||||
$expected = new DataResponse(
|
||||
[
|
||||
|
|
@ -235,6 +239,8 @@ class CheckSetupControllerTest extends TestCase {
|
|||
'dataDirectoryProtected' => true,
|
||||
'isMemcacheConfigured' => true,
|
||||
'memcacheDocs' => 'http://doc.owncloud.org/server/go.php?to=admin-performance',
|
||||
'isUrandomAvailable' => \Test_Helper::invokePrivate($this->checkSetupController, 'isUrandomAvailable'),
|
||||
'securityDocs' => 'https://doc.owncloud.org/server/8.1/admin_manual/configuration_server/hardening.html',
|
||||
]
|
||||
);
|
||||
$this->assertEquals($expected, $this->checkSetupController->check());
|
||||
|
|
|
|||
Loading…
Reference in a new issue