RemoteHostValidator::isValid() - Code Metrics - Inspection of "Merge pull request #34852 from nextcloud/enhanceme..." - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( bfb764...c00e59 )

by Christoph

created 2022-11-03 10:37 UTC

RemoteHostValidator::isValid() A

↳ Parent: RemoteHostValidator

Complexity

Conditions	6
Paths	5

Size

Total Lines	18
Code Lines	10

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	6
eloc	10
nc	5
nop	1
dl	0
loc	18
rs	9.2222
c	1
b	0
f	0

<?php

declare(strict_types=1);

/*
 * @copyright 2022 Christoph Wurst <[email protected]>
 *
 * @author 2022 Christoph Wurst <[email protected]>
 *
 * @license GNU AGPL version 3 or any later version
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

namespace OC\Security;

use OC\Net\HostnameClassifier;
use OC\Net\IpAddressClassifier;
use OCP\IConfig;
use OCP\Security\IRemoteHostValidator;
use Psr\Log\LoggerInterface;
use function strpos;
use function strtolower;
use function substr;
use function urldecode;

/**
 * @internal
 */
final class RemoteHostValidator implements IRemoteHostValidator {
	private IConfig $config;
	private HostnameClassifier $hostnameClassifier;
	private IpAddressClassifier $ipAddressClassifier;
	private LoggerInterface $logger;

	public function __construct(IConfig $config,
								HostnameClassifier $hostnameClassifier,
								IpAddressClassifier $ipAddressClassifier,
								LoggerInterface $logger) {
		$this->config = $config;
		$this->hostnameClassifier = $hostnameClassifier;
		$this->ipAddressClassifier = $ipAddressClassifier;
		$this->logger = $logger;
	}

	public function isValid(string $host): bool {
		if ($this->config->getSystemValueBool('allow_local_remote_servers', false)) {
			return true;
		}

		$host = idn_to_utf8(strtolower(urldecode($host)));
		// Remove brackets from IPv6 addresses
		if (strpos($host, '[') === 0 && substr($host, -1) === ']') {
			$host = substr($host, 1, -1);
		}

		if ($this->hostnameClassifier->isLocalHostname($host)
			|| $this->ipAddressClassifier->isLocalAddress($host)) {
			$this->logger->warning("Host $host was not connected to because it violates local access rules");
			return false;
		}

		return true;
	}
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* @copyright 2022 Christoph Wurst <[email protected]>
7			*
8			* @author 2022 Christoph Wurst <[email protected]>
9			*
10			* @license GNU AGPL version 3 or any later version
11			*
12			* This program is free software: you can redistribute it and/or modify
13			* it under the terms of the GNU Affero General Public License as
14			* published by the Free Software Foundation, either version 3 of the
15			* License, or (at your option) any later version.
16			*
17			* This program is distributed in the hope that it will be useful,
18			* but WITHOUT ANY WARRANTY; without even the implied warranty of
19			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20			* GNU Affero General Public License for more details.
21			*
22			* You should have received a copy of the GNU Affero General Public License
23			* along with this program. If not, see <http://www.gnu.org/licenses/>.
24			*/
25
26			namespace OC\Security;
27
28			use OC\Net\HostnameClassifier;
29			use OC\Net\IpAddressClassifier;
30			use OCP\IConfig;
31			use OCP\Security\IRemoteHostValidator;
32			use Psr\Log\LoggerInterface;
33			use function strpos;
34			use function strtolower;
35			use function substr;
36			use function urldecode;
37
38			/**
39			* @internal
40			*/
41			final class RemoteHostValidator implements IRemoteHostValidator {
42			private IConfig $config;
43			private HostnameClassifier $hostnameClassifier;
44			private IpAddressClassifier $ipAddressClassifier;
45			private LoggerInterface $logger;
46
47			public function __construct(IConfig $config,
48			HostnameClassifier $hostnameClassifier,
49			IpAddressClassifier $ipAddressClassifier,
50			LoggerInterface $logger) {
51			$this->config = $config;
52			$this->hostnameClassifier = $hostnameClassifier;
53			$this->ipAddressClassifier = $ipAddressClassifier;
54			$this->logger = $logger;
55			}
56
57			public function isValid(string $host): bool {
58			if ($this->config->getSystemValueBool('allow_local_remote_servers', false)) {
59			return true;
60			}
61
62			$host = idn_to_utf8(strtolower(urldecode($host)));
63			// Remove brackets from IPv6 addresses
64			if (strpos($host, '[') === 0 && substr($host, -1) === ']') {
65			$host = substr($host, 1, -1);
66			}
67
68			if ($this->hostnameClassifier->isLocalHostname($host)
69			\|\| $this->ipAddressClassifier->isLocalAddress($host)) {
70			$this->logger->warning("Host $host was not connected to because it violates local access rules");
71			return false;
72			}
73
74			return true;
75			}
76			}
77

nextcloud / server

Push — master ( bfb764...c00e59 )

RemoteHostValidator::isValid() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like