Inspection of "Merge pull request #53866 from nextcloud/chore/upd..." - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( c7b83e...f077bb )

by Joas

created 2025-07-09 14:18 UTC

Status

Indentation +128 added lines, -128 removed lines patch added patch discarded remove patch

@@ -14,132 +14,132 @@
 block discarded – undo
 
 class DnsPinMiddleware {
 
-	public function __construct(
-		private NegativeDnsCache $negativeDnsCache,
-		private IpAddressClassifier $ipAddressClassifier,
-	) {
-	}
-
-	/**
-	 * Fetch soa record for a target
-	 */
-	private function soaRecord(string $target): ?array {
-		$labels = explode('.', $target);
-
-		$top = count($labels) >= 2 ? array_pop($labels) : '';
-		$second = array_pop($labels);
-
-		$hostname = $second . '.' . $top;
-		$responses = $this->dnsGetRecord($hostname, DNS_SOA);
-
-		if ($responses === false || count($responses) === 0) {
-			return null;
-		}
-
-		return reset($responses);
-	}
-
-	private function dnsResolve(string $target, int $recursionCount) : array {
-		if ($recursionCount >= 10) {
-			return [];
-		}
-
-		$recursionCount++;
-		$targetIps = [];
-
-		$soaDnsEntry = $this->soaRecord($target);
-		$dnsNegativeTtl = $soaDnsEntry['minimum-ttl'] ?? null;
-		$canHaveCnameRecord = true;
-
-		$dnsTypes = \defined('AF_INET6') || @inet_pton('::1')
-			? [DNS_A, DNS_AAAA, DNS_CNAME]
-			: [DNS_A, DNS_CNAME];
-		foreach ($dnsTypes as $dnsType) {
-			if ($canHaveCnameRecord === false && $dnsType === DNS_CNAME) {
-				continue;
-			}
-
-			if ($this->negativeDnsCache->isNegativeCached($target, $dnsType)) {
-				continue;
-			}
-
-			$dnsResponses = $this->dnsGetRecord($target, $dnsType);
-			if ($dnsResponses !== false && count($dnsResponses) > 0) {
-				foreach ($dnsResponses as $dnsResponse) {
-					if (isset($dnsResponse['ip'])) {
-						$targetIps[] = $dnsResponse['ip'];
-						$canHaveCnameRecord = false;
-					} elseif (isset($dnsResponse['ipv6'])) {
-						$targetIps[] = $dnsResponse['ipv6'];
-						$canHaveCnameRecord = false;
-					} elseif (isset($dnsResponse['target']) && $canHaveCnameRecord) {
-						$targetIps = array_merge($targetIps, $this->dnsResolve($dnsResponse['target'], $recursionCount));
-					}
-				}
-			} elseif ($dnsNegativeTtl !== null) {
-				$this->negativeDnsCache->setNegativeCacheForDnsType($target, $dnsType, $dnsNegativeTtl);
-			}
-		}
-
-		return $targetIps;
-	}
-
-	/**
-	 * Wrapper for dns_get_record
-	 */
-	protected function dnsGetRecord(string $hostname, int $type): array|false {
-		return \dns_get_record($hostname, $type);
-	}
-
-	public function addDnsPinning(): callable {
-		return function (callable $handler) {
-			return function (
-				RequestInterface $request,
-				array $options,
-			) use ($handler) {
-				if ($options['nextcloud']['allow_local_address'] === true) {
-					return $handler($request, $options);
-				}
-
-				$hostName = $request->getUri()->getHost();
-				$port = $request->getUri()->getPort();
-
-				$ports = [
-					'80',
-					'443',
-				];
-
-				if ($port !== null) {
-					$ports[] = (string)$port;
-				}
-
-				$targetIps = $this->dnsResolve(idn_to_utf8($hostName), 0);
-
-				if (empty($targetIps)) {
-					throw new LocalServerException('No DNS record found for ' . $hostName);
-				}
-
-				$curlResolves = [];
-
-				foreach ($ports as $port) {
-					$curlResolves["$hostName:$port"] = [];
-
-					foreach ($targetIps as $ip) {
-						if ($this->ipAddressClassifier->isLocalAddress($ip)) {
-							// TODO: continue with all non-local IPs?
-							throw new LocalServerException('Host "' . $ip . '" (' . $hostName . ':' . $port . ') violates local access rules');
-						}
-						$curlResolves["$hostName:$port"][] = $ip;
-					}
-				}
-
-				// Coalesce the per-host:port ips back into a comma separated list
-				foreach ($curlResolves as $hostport => $ips) {
-					$options['curl'][CURLOPT_RESOLVE][] = "$hostport:" . implode(',', $ips);
-				}
-
-				return $handler($request, $options);
-			};
-		};
-	}
+    public function __construct(
+        private NegativeDnsCache $negativeDnsCache,
+        private IpAddressClassifier $ipAddressClassifier,
+    ) {
+    }
+
+    /**
+     * Fetch soa record for a target
+     */
+    private function soaRecord(string $target): ?array {
+        $labels = explode('.', $target);
+
+        $top = count($labels) >= 2 ? array_pop($labels) : '';
+        $second = array_pop($labels);
+
+        $hostname = $second . '.' . $top;
+        $responses = $this->dnsGetRecord($hostname, DNS_SOA);
+
+        if ($responses === false || count($responses) === 0) {
+            return null;
+        }
+
+        return reset($responses);
+    }
+
+    private function dnsResolve(string $target, int $recursionCount) : array {
+        if ($recursionCount >= 10) {
+            return [];
+        }
+
+        $recursionCount++;
+        $targetIps = [];
+
+        $soaDnsEntry = $this->soaRecord($target);
+        $dnsNegativeTtl = $soaDnsEntry['minimum-ttl'] ?? null;
+        $canHaveCnameRecord = true;
+
+        $dnsTypes = \defined('AF_INET6') || @inet_pton('::1')
+            ? [DNS_A, DNS_AAAA, DNS_CNAME]
+            : [DNS_A, DNS_CNAME];
+        foreach ($dnsTypes as $dnsType) {
+            if ($canHaveCnameRecord === false && $dnsType === DNS_CNAME) {
+                continue;
+            }
+
+            if ($this->negativeDnsCache->isNegativeCached($target, $dnsType)) {
+                continue;
+            }
+
+            $dnsResponses = $this->dnsGetRecord($target, $dnsType);
+            if ($dnsResponses !== false && count($dnsResponses) > 0) {
+                foreach ($dnsResponses as $dnsResponse) {
+                    if (isset($dnsResponse['ip'])) {
+                        $targetIps[] = $dnsResponse['ip'];
+                        $canHaveCnameRecord = false;
+                    } elseif (isset($dnsResponse['ipv6'])) {
+                        $targetIps[] = $dnsResponse['ipv6'];
+                        $canHaveCnameRecord = false;
+                    } elseif (isset($dnsResponse['target']) && $canHaveCnameRecord) {
+                        $targetIps = array_merge($targetIps, $this->dnsResolve($dnsResponse['target'], $recursionCount));
+                    }
+                }
+            } elseif ($dnsNegativeTtl !== null) {
+                $this->negativeDnsCache->setNegativeCacheForDnsType($target, $dnsType, $dnsNegativeTtl);
+            }
+        }
+
+        return $targetIps;
+    }
+
+    /**
+     * Wrapper for dns_get_record
+     */
+    protected function dnsGetRecord(string $hostname, int $type): array|false {
+        return \dns_get_record($hostname, $type);
+    }
+
+    public function addDnsPinning(): callable {
+        return function (callable $handler) {
+            return function (
+                RequestInterface $request,
+                array $options,
+            ) use ($handler) {
+                if ($options['nextcloud']['allow_local_address'] === true) {
+                    return $handler($request, $options);
+                }
+
+                $hostName = $request->getUri()->getHost();
+                $port = $request->getUri()->getPort();
+
+                $ports = [
+                    '80',
+                    '443',
+                ];
+
+                if ($port !== null) {
+                    $ports[] = (string)$port;
+                }
+
+                $targetIps = $this->dnsResolve(idn_to_utf8($hostName), 0);
+
+                if (empty($targetIps)) {
+                    throw new LocalServerException('No DNS record found for ' . $hostName);
+                }
+
+                $curlResolves = [];
+
+                foreach ($ports as $port) {
+                    $curlResolves["$hostName:$port"] = [];
+
+                    foreach ($targetIps as $ip) {
+                        if ($this->ipAddressClassifier->isLocalAddress($ip)) {
+                            // TODO: continue with all non-local IPs?
+                            throw new LocalServerException('Host "' . $ip . '" (' . $hostName . ':' . $port . ') violates local access rules');
+                        }
+                        $curlResolves["$hostName:$port"][] = $ip;
+                    }
+                }
+
+                // Coalesce the per-host:port ips back into a comma separated list
+                foreach ($curlResolves as $hostport => $ips) {
+                    $options['curl'][CURLOPT_RESOLVE][] = "$hostport:" . implode(',', $ips);
+                }
+
+                return $handler($request, $options);
+            };
+        };
+    }
 }

Please login to merge, or discard this patch.

Spacing +8 added lines, -8 removed lines patch added patch discarded remove patch

@@ -29,7 +29,7 @@  discard block
 block discarded – undo
 		$top = count($labels) >= 2 ? array_pop($labels) : '';
 		$second = array_pop($labels);
 
-		$hostname = $second . '.' . $top;
+		$hostname = $second.'.'.$top;
 		$responses = $this->dnsGetRecord($hostname, DNS_SOA);
 
 		if ($responses === false || count($responses) === 0) {
@@ -87,13 +87,13 @@  discard block
 block discarded – undo
 	/**
 	 * Wrapper for dns_get_record
 	 */
-	protected function dnsGetRecord(string $hostname, int $type): array|false {
+	protected function dnsGetRecord(string $hostname, int $type): array | false {
 		return \dns_get_record($hostname, $type);
 	}
 
 	public function addDnsPinning(): callable {
-		return function (callable $handler) {
-			return function (
+		return function(callable $handler) {
+			return function(
 				RequestInterface $request,
 				array $options,
 			) use ($handler) {
@@ -110,13 +110,13 @@  discard block
 block discarded – undo
 				];
 
 				if ($port !== null) {
-					$ports[] = (string)$port;
+					$ports[] = (string) $port;
 				}
 
 				$targetIps = $this->dnsResolve(idn_to_utf8($hostName), 0);
 
 				if (empty($targetIps)) {
-					throw new LocalServerException('No DNS record found for ' . $hostName);
+					throw new LocalServerException('No DNS record found for '.$hostName);
 				}
 
 				$curlResolves = [];
@@ -127,7 +127,7 @@  discard block
 block discarded – undo
 					foreach ($targetIps as $ip) {
 						if ($this->ipAddressClassifier->isLocalAddress($ip)) {
 							// TODO: continue with all non-local IPs?
-							throw new LocalServerException('Host "' . $ip . '" (' . $hostName . ':' . $port . ') violates local access rules');
+							throw new LocalServerException('Host "'.$ip.'" ('.$hostName.':'.$port.') violates local access rules');
 						}
 						$curlResolves["$hostName:$port"][] = $ip;
 					}
@@ -135,7 +135,7 @@  discard block
 block discarded – undo
 
 				// Coalesce the per-host:port ips back into a comma separated list
 				foreach ($curlResolves as $hostport => $ips) {
-					$options['curl'][CURLOPT_RESOLVE][] = "$hostport:" . implode(',', $ips);
+					$options['curl'][CURLOPT_RESOLVE][] = "$hostport:".implode(',', $ips);
 				}
 
 				return $handler($request, $options);

Please login to merge, or discard this patch.

		@@ -29,7 +29,7 @@ discard block
		block discarded – undo
29	29	$top = count($labels) >= 2 ? array_pop($labels) : '';
30	30	$second = array_pop($labels);
31	31
32		- $hostname = $second . '.' . $top;
	32	+ $hostname = $second.'.'.$top;
33	33	$responses = $this->dnsGetRecord($hostname, DNS_SOA);
34	34
35	35	if ($responses === false \|\| count($responses) === 0) {
		@@ -87,13 +87,13 @@ discard block
		block discarded – undo
87	87	/**
88	88	* Wrapper for dns_get_record
89	89	*/
90		- protected function dnsGetRecord(string $hostname, int $type): array\|false {
	90	+ protected function dnsGetRecord(string $hostname, int $type): array \| false {
91	91	return \dns_get_record($hostname, $type);
92	92	}
93	93
94	94	public function addDnsPinning(): callable {
95		- return function (callable $handler) {
96		- return function (
	95	+ return function(callable $handler) {
	96	+ return function(
97	97	RequestInterface $request,
98	98	array $options,
99	99	) use ($handler) {
		@@ -110,13 +110,13 @@ discard block
		block discarded – undo
110	110	];
111	111
112	112	if ($port !== null) {
113		- $ports[] = (string)$port;
	113	+ $ports[] = (string) $port;
114	114	}
115	115
116	116	$targetIps = $this->dnsResolve(idn_to_utf8($hostName), 0);
117	117
118	118	if (empty($targetIps)) {
119		- throw new LocalServerException('No DNS record found for ' . $hostName);
	119	+ throw new LocalServerException('No DNS record found for '.$hostName);
120	120	}
121	121
122	122	$curlResolves = [];
		@@ -127,7 +127,7 @@ discard block
		block discarded – undo
127	127	foreach ($targetIps as $ip) {
128	128	if ($this->ipAddressClassifier->isLocalAddress($ip)) {
129	129	// TODO: continue with all non-local IPs?
130		- throw new LocalServerException('Host "' . $ip . '" (' . $hostName . ':' . $port . ') violates local access rules');
	130	+ throw new LocalServerException('Host "'.$ip.'" ('.$hostName.':'.$port.') violates local access rules');
131	131	}
132	132	$curlResolves["$hostName:$port"][] = $ip;
133	133	}
		@@ -135,7 +135,7 @@ discard block
		block discarded – undo
135	135
136	136	// Coalesce the per-host:port ips back into a comma separated list
137	137	foreach ($curlResolves as $hostport => $ips) {
138		- $options['curl'][CURLOPT_RESOLVE][] = "$hostport:" . implode(',', $ips);
	138	+ $options['curl'][CURLOPT_RESOLVE][] = "$hostport:".implode(',', $ips);
139	139	}
140	140
141	141	return $handler($request, $options);

		@@ -14,132 +14,132 @@
		block discarded – undo
14	14
15	15	class DnsPinMiddleware {
16	16
17		- public function __construct(
18		- private NegativeDnsCache $negativeDnsCache,
19		- private IpAddressClassifier $ipAddressClassifier,
20		- ) {
21		- }
22		-
23		- /**
24		- * Fetch soa record for a target
25		- */
26		- private function soaRecord(string $target): ?array {
27		- $labels = explode('.', $target);
28		-
29		- $top = count($labels) >= 2 ? array_pop($labels) : '';
30		- $second = array_pop($labels);
31		-
32		- $hostname = $second . '.' . $top;
33		- $responses = $this->dnsGetRecord($hostname, DNS_SOA);
34		-
35		- if ($responses === false \|\| count($responses) === 0) {
36		- return null;
37		- }
38		-
39		- return reset($responses);
40		- }
41		-
42		- private function dnsResolve(string $target, int $recursionCount) : array {
43		- if ($recursionCount >= 10) {
44		- return [];
45		- }
46		-
47		- $recursionCount++;
48		- $targetIps = [];
49		-
50		- $soaDnsEntry = $this->soaRecord($target);
51		- $dnsNegativeTtl = $soaDnsEntry['minimum-ttl'] ?? null;
52		- $canHaveCnameRecord = true;
53		-
54		- $dnsTypes = \defined('AF_INET6') \|\| @inet_pton('::1')
55		- ? [DNS_A, DNS_AAAA, DNS_CNAME]
56		- : [DNS_A, DNS_CNAME];
57		- foreach ($dnsTypes as $dnsType) {
58		- if ($canHaveCnameRecord === false && $dnsType === DNS_CNAME) {
59		- continue;
60		- }
61		-
62		- if ($this->negativeDnsCache->isNegativeCached($target, $dnsType)) {
63		- continue;
64		- }
65		-
66		- $dnsResponses = $this->dnsGetRecord($target, $dnsType);
67		- if ($dnsResponses !== false && count($dnsResponses) > 0) {
68		- foreach ($dnsResponses as $dnsResponse) {
69		- if (isset($dnsResponse['ip'])) {
70		- $targetIps[] = $dnsResponse['ip'];
71		- $canHaveCnameRecord = false;
72		- } elseif (isset($dnsResponse['ipv6'])) {
73		- $targetIps[] = $dnsResponse['ipv6'];
74		- $canHaveCnameRecord = false;
75		- } elseif (isset($dnsResponse['target']) && $canHaveCnameRecord) {
76		- $targetIps = array_merge($targetIps, $this->dnsResolve($dnsResponse['target'], $recursionCount));
77		- }
78		- }
79		- } elseif ($dnsNegativeTtl !== null) {
80		- $this->negativeDnsCache->setNegativeCacheForDnsType($target, $dnsType, $dnsNegativeTtl);
81		- }
82		- }
83		-
84		- return $targetIps;
85		- }
86		-
87		- /**
88		- * Wrapper for dns_get_record
89		- */
90		- protected function dnsGetRecord(string $hostname, int $type): array\|false {
91		- return \dns_get_record($hostname, $type);
92		- }
93		-
94		- public function addDnsPinning(): callable {
95		- return function (callable $handler) {
96		- return function (
97		- RequestInterface $request,
98		- array $options,
99		- ) use ($handler) {
100		- if ($options['nextcloud']['allow_local_address'] === true) {
101		- return $handler($request, $options);
102		- }
103		-
104		- $hostName = $request->getUri()->getHost();
105		- $port = $request->getUri()->getPort();
106		-
107		- $ports = [
108		- '80',
109		- '443',
110		- ];
111		-
112		- if ($port !== null) {
113		- $ports[] = (string)$port;
114		- }
115		-
116		- $targetIps = $this->dnsResolve(idn_to_utf8($hostName), 0);
117		-
118		- if (empty($targetIps)) {
119		- throw new LocalServerException('No DNS record found for ' . $hostName);
120		- }
121		-
122		- $curlResolves = [];
123		-
124		- foreach ($ports as $port) {
125		- $curlResolves["$hostName:$port"] = [];
126		-
127		- foreach ($targetIps as $ip) {
128		- if ($this->ipAddressClassifier->isLocalAddress($ip)) {
129		- // TODO: continue with all non-local IPs?
130		- throw new LocalServerException('Host "' . $ip . '" (' . $hostName . ':' . $port . ') violates local access rules');
131		- }
132		- $curlResolves["$hostName:$port"][] = $ip;
133		- }
134		- }
135		-
136		- // Coalesce the per-host:port ips back into a comma separated list
137		- foreach ($curlResolves as $hostport => $ips) {
138		- $options['curl'][CURLOPT_RESOLVE][] = "$hostport:" . implode(',', $ips);
139		- }
140		-
141		- return $handler($request, $options);
142		- };
143		- };
144		- }
	17	+ public function __construct(
	18	+ private NegativeDnsCache $negativeDnsCache,
	19	+ private IpAddressClassifier $ipAddressClassifier,
	20	+ ) {
	21	+ }
	22	+
	23	+ /**
	24	+ * Fetch soa record for a target
	25	+ */
	26	+ private function soaRecord(string $target): ?array {
	27	+ $labels = explode('.', $target);
	28	+
	29	+ $top = count($labels) >= 2 ? array_pop($labels) : '';
	30	+ $second = array_pop($labels);
	31	+
	32	+ $hostname = $second . '.' . $top;
	33	+ $responses = $this->dnsGetRecord($hostname, DNS_SOA);
	34	+
	35	+ if ($responses === false \|\| count($responses) === 0) {
	36	+ return null;
	37	+ }
	38	+
	39	+ return reset($responses);
	40	+ }
	41	+
	42	+ private function dnsResolve(string $target, int $recursionCount) : array {
	43	+ if ($recursionCount >= 10) {
	44	+ return [];
	45	+ }
	46	+
	47	+ $recursionCount++;
	48	+ $targetIps = [];
	49	+
	50	+ $soaDnsEntry = $this->soaRecord($target);
	51	+ $dnsNegativeTtl = $soaDnsEntry['minimum-ttl'] ?? null;
	52	+ $canHaveCnameRecord = true;
	53	+
	54	+ $dnsTypes = \defined('AF_INET6') \|\| @inet_pton('::1')
	55	+ ? [DNS_A, DNS_AAAA, DNS_CNAME]
	56	+ : [DNS_A, DNS_CNAME];
	57	+ foreach ($dnsTypes as $dnsType) {
	58	+ if ($canHaveCnameRecord === false && $dnsType === DNS_CNAME) {
	59	+ continue;
	60	+ }
	61	+
	62	+ if ($this->negativeDnsCache->isNegativeCached($target, $dnsType)) {
	63	+ continue;
	64	+ }
	65	+
	66	+ $dnsResponses = $this->dnsGetRecord($target, $dnsType);
	67	+ if ($dnsResponses !== false && count($dnsResponses) > 0) {
	68	+ foreach ($dnsResponses as $dnsResponse) {
	69	+ if (isset($dnsResponse['ip'])) {
	70	+ $targetIps[] = $dnsResponse['ip'];
	71	+ $canHaveCnameRecord = false;
	72	+ } elseif (isset($dnsResponse['ipv6'])) {
	73	+ $targetIps[] = $dnsResponse['ipv6'];
	74	+ $canHaveCnameRecord = false;
	75	+ } elseif (isset($dnsResponse['target']) && $canHaveCnameRecord) {
	76	+ $targetIps = array_merge($targetIps, $this->dnsResolve($dnsResponse['target'], $recursionCount));
	77	+ }
	78	+ }
	79	+ } elseif ($dnsNegativeTtl !== null) {
	80	+ $this->negativeDnsCache->setNegativeCacheForDnsType($target, $dnsType, $dnsNegativeTtl);
	81	+ }
	82	+ }
	83	+
	84	+ return $targetIps;
	85	+ }
	86	+
	87	+ /**
	88	+ * Wrapper for dns_get_record
	89	+ */
	90	+ protected function dnsGetRecord(string $hostname, int $type): array\|false {
	91	+ return \dns_get_record($hostname, $type);
	92	+ }
	93	+
	94	+ public function addDnsPinning(): callable {
	95	+ return function (callable $handler) {
	96	+ return function (
	97	+ RequestInterface $request,
	98	+ array $options,
	99	+ ) use ($handler) {
	100	+ if ($options['nextcloud']['allow_local_address'] === true) {
	101	+ return $handler($request, $options);
	102	+ }
	103	+
	104	+ $hostName = $request->getUri()->getHost();
	105	+ $port = $request->getUri()->getPort();
	106	+
	107	+ $ports = [
	108	+ '80',
	109	+ '443',
	110	+ ];
	111	+
	112	+ if ($port !== null) {
	113	+ $ports[] = (string)$port;
	114	+ }
	115	+
	116	+ $targetIps = $this->dnsResolve(idn_to_utf8($hostName), 0);
	117	+
	118	+ if (empty($targetIps)) {
	119	+ throw new LocalServerException('No DNS record found for ' . $hostName);
	120	+ }
	121	+
	122	+ $curlResolves = [];
	123	+
	124	+ foreach ($ports as $port) {
	125	+ $curlResolves["$hostName:$port"] = [];
	126	+
	127	+ foreach ($targetIps as $ip) {
	128	+ if ($this->ipAddressClassifier->isLocalAddress($ip)) {
	129	+ // TODO: continue with all non-local IPs?
	130	+ throw new LocalServerException('Host "' . $ip . '" (' . $hostName . ':' . $port . ') violates local access rules');
	131	+ }
	132	+ $curlResolves["$hostName:$port"][] = $ip;
	133	+ }
	134	+ }
	135	+
	136	+ // Coalesce the per-host:port ips back into a comma separated list
	137	+ foreach ($curlResolves as $hostport => $ips) {
	138	+ $options['curl'][CURLOPT_RESOLVE][] = "$hostport:" . implode(',', $ips);
	139	+ }
	140	+
	141	+ return $handler($request, $options);
	142	+ };
	143	+ };
	144	+ }
145	145	}

nextcloud / server

Push — master ( c7b83e...f077bb )

Status

Category

Indentation +128 added lines, -128 removed lines patch added patch discarded remove patch

Spacing +8 added lines, -8 removed lines patch added patch discarded remove patch