Merge pull request #6645 from nextcloud/fix-6642-only-colons-for-ipv6
Only allow colons in db host for IPv6 addresses
This commit is contained in:
Morris Jobke
GitHub
commit
b87914be9c
1 changed files with 63 additions and 48 deletions
|
|
@ -42,6 +42,8 @@ namespace OC;
|
|||
use bantu\IniGetWrapper\IniGetWrapper;
|
||||
use Exception;
|
||||
use OC\App\AppStore\Bundles\BundleFetcher;
|
||||
use OC\Authentication\Token\DefaultTokenCleanupJob;
|
||||
use OC\Authentication\Token\DefaultTokenProvider;
|
||||
use OCP\Defaults;
|
||||
use OCP\IL10N;
|
||||
use OCP\ILogger;
|
||||
|
|
@ -84,7 +86,7 @@ class Setup {
|
|||
$this->random = $random;
|
||||
}
|
||||
|
||||
static $dbSetupClasses = [
|
||||
static protected $dbSetupClasses = [
|
||||
'mysql' => \OC\Setup\MySQL::class,
|
||||
'pgsql' => \OC\Setup\PostgreSQL::class,
|
||||
'oci' => \OC\Setup\OCI::class,
|
||||
|
|
@ -127,33 +129,33 @@ class Setup {
|
|||
* @throws Exception
|
||||
*/
|
||||
public function getSupportedDatabases($allowAllDatabases = false) {
|
||||
$availableDatabases = array(
|
||||
'sqlite' => array(
|
||||
$availableDatabases = [
|
||||
'sqlite' => [
|
||||
'type' => 'pdo',
|
||||
'call' => 'sqlite',
|
||||
'name' => 'SQLite'
|
||||
),
|
||||
'mysql' => array(
|
||||
'name' => 'SQLite',
|
||||
],
|
||||
'mysql' => [
|
||||
'type' => 'pdo',
|
||||
'call' => 'mysql',
|
||||
'name' => 'MySQL/MariaDB'
|
||||
),
|
||||
'pgsql' => array(
|
||||
'name' => 'MySQL/MariaDB',
|
||||
],
|
||||
'pgsql' => [
|
||||
'type' => 'pdo',
|
||||
'call' => 'pgsql',
|
||||
'name' => 'PostgreSQL'
|
||||
),
|
||||
'oci' => array(
|
||||
'name' => 'PostgreSQL',
|
||||
],
|
||||
'oci' => [
|
||||
'type' => 'function',
|
||||
'call' => 'oci_connect',
|
||||
'name' => 'Oracle'
|
||||
)
|
||||
);
|
||||
'name' => 'Oracle',
|
||||
],
|
||||
];
|
||||
if ($allowAllDatabases) {
|
||||
$configuredDatabases = array_keys($availableDatabases);
|
||||
} else {
|
||||
$configuredDatabases = $this->config->getValue('supportedDatabases',
|
||||
array('sqlite', 'mysql', 'pgsql'));
|
||||
['sqlite', 'mysql', 'pgsql']);
|
||||
}
|
||||
if(!is_array($configuredDatabases)) {
|
||||
throw new Exception('Supported databases are not properly configured.');
|
||||
|
|
@ -170,7 +172,7 @@ class Setup {
|
|||
if ($type === 'function') {
|
||||
$working = $this->is_callable($call);
|
||||
} elseif($type === 'pdo') {
|
||||
$working = in_array($call, $this->getAvailableDbDriversForPdo(), TRUE);
|
||||
$working = in_array($call, $this->getAvailableDbDriversForPdo(), true);
|
||||
}
|
||||
if($working) {
|
||||
$supportedDatabases[$database] = $availableDatabases[$database]['name'];
|
||||
|
|
@ -193,7 +195,7 @@ class Setup {
|
|||
|
||||
$dataDir = $this->config->getValue('datadirectory', \OC::$SERVERROOT.'/data');
|
||||
|
||||
$errors = array();
|
||||
$errors = [];
|
||||
|
||||
// Create data directory to test whether the .htaccess works
|
||||
// Notice that this is not necessarily the same data directory as the one
|
||||
|
|
@ -204,40 +206,40 @@ class Setup {
|
|||
$htAccessWorking = true;
|
||||
if (is_dir($dataDir) && is_writable($dataDir)) {
|
||||
// Protect data directory here, so we can test if the protection is working
|
||||
\OC\Setup::protectDataDirectory();
|
||||
self::protectDataDirectory();
|
||||
|
||||
try {
|
||||
$util = new \OC_Util();
|
||||
$htAccessWorking = $util->isHtaccessWorking(\OC::$server->getConfig());
|
||||
} catch (\OC\HintException $e) {
|
||||
$errors[] = array(
|
||||
$errors[] = [
|
||||
'error' => $e->getMessage(),
|
||||
'hint' => $e->getHint()
|
||||
);
|
||||
'hint' => $e->getHint(),
|
||||
];
|
||||
$htAccessWorking = false;
|
||||
}
|
||||
}
|
||||
|
||||
if (\OC_Util::runningOnMac()) {
|
||||
$errors[] = array(
|
||||
$errors[] = [
|
||||
'error' => $this->l10n->t(
|
||||
'Mac OS X is not supported and %s will not work properly on this platform. ' .
|
||||
'Use it at your own risk! ',
|
||||
[$this->defaults->getName()]
|
||||
),
|
||||
'hint' => $this->l10n->t('For the best results, please consider using a GNU/Linux server instead.')
|
||||
);
|
||||
'hint' => $this->l10n->t('For the best results, please consider using a GNU/Linux server instead.'),
|
||||
];
|
||||
}
|
||||
|
||||
if($this->iniWrapper->getString('open_basedir') !== '' && PHP_INT_SIZE === 4) {
|
||||
$errors[] = array(
|
||||
$errors[] = [
|
||||
'error' => $this->l10n->t(
|
||||
'It seems that this %s instance is running on a 32-bit PHP environment and the open_basedir has been configured in php.ini. ' .
|
||||
'This will lead to problems with files over 4 GB and is highly discouraged.',
|
||||
[$this->defaults->getName()]
|
||||
),
|
||||
'hint' => $this->l10n->t('Please remove the open_basedir setting within your php.ini or switch to 64-bit PHP.')
|
||||
);
|
||||
'hint' => $this->l10n->t('Please remove the open_basedir setting within your php.ini or switch to 64-bit PHP.'),
|
||||
];
|
||||
}
|
||||
|
||||
return array(
|
||||
|
|
@ -286,14 +288,15 @@ class Setup {
|
|||
$error = array_merge($error, $dbSetup->validate($options));
|
||||
|
||||
// validate the data directory
|
||||
if (
|
||||
(!is_dir($dataDir) and !mkdir($dataDir)) or
|
||||
!is_writable($dataDir)
|
||||
) {
|
||||
if ((!is_dir($dataDir) && !mkdir($dataDir)) || !is_writable($dataDir)) {
|
||||
$error[] = $l->t("Can't create or write into the data directory %s", array($dataDir));
|
||||
}
|
||||
|
||||
if(count($error) != 0) {
|
||||
if (!$this->validateDatabaseHost($options['dbhost'])) {
|
||||
$error[] = $l->t('Given database host is invalid and must not contain the port: %s', [$options['dbhost']]);
|
||||
}
|
||||
|
||||
if (!empty($error)) {
|
||||
return $error;
|
||||
}
|
||||
|
||||
|
|
@ -308,8 +311,8 @@ class Setup {
|
|||
}
|
||||
|
||||
//use sqlite3 when available, otherwise sqlite2 will be used.
|
||||
if($dbType=='sqlite' and class_exists('SQLite3')) {
|
||||
$dbType='sqlite3';
|
||||
if ($dbType === 'sqlite' && class_exists('SQLite3')) {
|
||||
$dbType = 'sqlite3';
|
||||
}
|
||||
|
||||
//generate a random salt that is used to salt the local user passwords
|
||||
|
|
@ -334,17 +337,17 @@ class Setup {
|
|||
// apply necessary migrations
|
||||
$dbSetup->runMigrations();
|
||||
} catch (\OC\DatabaseSetupException $e) {
|
||||
$error[] = array(
|
||||
$error[] = [
|
||||
'error' => $e->getMessage(),
|
||||
'hint' => $e->getHint()
|
||||
);
|
||||
return($error);
|
||||
'hint' => $e->getHint(),
|
||||
];
|
||||
return $error;
|
||||
} catch (Exception $e) {
|
||||
$error[] = array(
|
||||
$error[] = [
|
||||
'error' => 'Error while trying to create admin user: ' . $e->getMessage(),
|
||||
'hint' => ''
|
||||
);
|
||||
return($error);
|
||||
'hint' => '',
|
||||
];
|
||||
return $error;
|
||||
}
|
||||
|
||||
//create the user and group
|
||||
|
|
@ -358,7 +361,7 @@ class Setup {
|
|||
$error[] = $exception->getMessage();
|
||||
}
|
||||
|
||||
if(count($error) == 0) {
|
||||
if (empty($error)) {
|
||||
$config = \OC::$server->getConfig();
|
||||
$config->setAppValue('core', 'installedat', microtime(true));
|
||||
$config->setAppValue('core', 'lastupdatedat', microtime(true));
|
||||
|
|
@ -389,8 +392,8 @@ class Setup {
|
|||
file_put_contents($config->getSystemValue('datadirectory', \OC::$SERVERROOT.'/data').'/.ocdata', '');
|
||||
|
||||
// Update .htaccess files
|
||||
Setup::updateHtaccess();
|
||||
Setup::protectDataDirectory();
|
||||
self::updateHtaccess();
|
||||
self::protectDataDirectory();
|
||||
|
||||
self::installBackgroundJobs();
|
||||
|
||||
|
|
@ -401,7 +404,7 @@ class Setup {
|
|||
// The token provider requires a working db, so it's not injected on setup
|
||||
/* @var $userSession User\Session */
|
||||
$userSession = \OC::$server->getUserSession();
|
||||
$defaultTokenProvider = \OC::$server->query('OC\Authentication\Token\DefaultTokenProvider');
|
||||
$defaultTokenProvider = \OC::$server->query(DefaultTokenProvider::class);
|
||||
$userSession->setTokenProvider($defaultTokenProvider);
|
||||
$userSession->login($username, $password);
|
||||
$userSession->createSessionToken($request, $userSession->getUser()->getUID(), $username, $password);
|
||||
|
|
@ -410,8 +413,20 @@ class Setup {
|
|||
return $error;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $host
|
||||
* @return bool
|
||||
*/
|
||||
protected function validateDatabaseHost($host) {
|
||||
if (strpos($host, ':') === false) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return filter_var($host, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) !== false;
|
||||
}
|
||||
|
||||
public static function installBackgroundJobs() {
|
||||
\OC::$server->getJobList()->add('\OC\Authentication\Token\DefaultTokenCleanupJob');
|
||||
\OC::$server->getJobList()->add(DefaultTokenCleanupJob::class);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
Loading…
Reference in a new issue