nextcloud /
server
@@ -63,293 +63,293 @@ discard block |
||
| 63 | 63 | * @package OC\Settings\Controller |
| 64 | 64 | */ |
| 65 | 65 | class CheckSetupController extends Controller { |
| 66 | - /** @var IConfig */ |
|
| 67 | - private $config; |
|
| 68 | - /** @var IClientService */ |
|
| 69 | - private $clientService; |
|
| 70 | - /** @var \OC_Util */ |
|
| 71 | - private $util; |
|
| 72 | - /** @var IURLGenerator */ |
|
| 73 | - private $urlGenerator; |
|
| 74 | - /** @var IL10N */ |
|
| 75 | - private $l10n; |
|
| 76 | - /** @var Checker */ |
|
| 77 | - private $checker; |
|
| 78 | - /** @var ILogger */ |
|
| 79 | - private $logger; |
|
| 80 | - /** @var EventDispatcherInterface */ |
|
| 81 | - private $dispatcher; |
|
| 82 | - /** @var IDBConnection|Connection */ |
|
| 83 | - private $db; |
|
| 84 | - /** @var ILockingProvider */ |
|
| 85 | - private $lockingProvider; |
|
| 86 | - /** @var IDateTimeFormatter */ |
|
| 87 | - private $dateTimeFormatter; |
|
| 88 | - /** @var MemoryInfo */ |
|
| 89 | - private $memoryInfo; |
|
| 90 | - /** @var ISecureRandom */ |
|
| 91 | - private $secureRandom; |
|
| 92 | - |
|
| 93 | - public function __construct($AppName, |
|
| 94 | - IRequest $request, |
|
| 95 | - IConfig $config, |
|
| 96 | - IClientService $clientService, |
|
| 97 | - IURLGenerator $urlGenerator, |
|
| 98 | - \OC_Util $util, |
|
| 99 | - IL10N $l10n, |
|
| 100 | - Checker $checker, |
|
| 101 | - ILogger $logger, |
|
| 102 | - EventDispatcherInterface $dispatcher, |
|
| 103 | - IDBConnection $db, |
|
| 104 | - ILockingProvider $lockingProvider, |
|
| 105 | - IDateTimeFormatter $dateTimeFormatter, |
|
| 106 | - MemoryInfo $memoryInfo, |
|
| 107 | - ISecureRandom $secureRandom) { |
|
| 108 | - parent::__construct($AppName, $request); |
|
| 109 | - $this->config = $config; |
|
| 110 | - $this->clientService = $clientService; |
|
| 111 | - $this->util = $util; |
|
| 112 | - $this->urlGenerator = $urlGenerator; |
|
| 113 | - $this->l10n = $l10n; |
|
| 114 | - $this->checker = $checker; |
|
| 115 | - $this->logger = $logger; |
|
| 116 | - $this->dispatcher = $dispatcher; |
|
| 117 | - $this->db = $db; |
|
| 118 | - $this->lockingProvider = $lockingProvider; |
|
| 119 | - $this->dateTimeFormatter = $dateTimeFormatter; |
|
| 120 | - $this->memoryInfo = $memoryInfo; |
|
| 121 | - $this->secureRandom = $secureRandom; |
|
| 122 | - } |
|
| 123 | - |
|
| 124 | - /** |
|
| 125 | - * Checks if the server can connect to the internet using HTTPS and HTTP |
|
| 126 | - * @return bool |
|
| 127 | - */ |
|
| 128 | - private function isInternetConnectionWorking() { |
|
| 129 | - if ($this->config->getSystemValue('has_internet_connection', true) === false) { |
|
| 130 | - return false; |
|
| 131 | - } |
|
| 132 | - |
|
| 133 | - $siteArray = ['www.nextcloud.com', |
|
| 134 | - 'www.startpage.com', |
|
| 135 | - 'www.eff.org', |
|
| 136 | - 'www.edri.org', |
|
| 137 | - ]; |
|
| 138 | - |
|
| 139 | - foreach($siteArray as $site) { |
|
| 140 | - if ($this->isSiteReachable($site)) { |
|
| 141 | - return true; |
|
| 142 | - } |
|
| 143 | - } |
|
| 144 | - return false; |
|
| 145 | - } |
|
| 146 | - |
|
| 147 | - /** |
|
| 148 | - * Checks if the Nextcloud server can connect to a specific URL using both HTTPS and HTTP |
|
| 149 | - * @return bool |
|
| 150 | - */ |
|
| 151 | - private function isSiteReachable($sitename) { |
|
| 152 | - $httpSiteName = 'http://' . $sitename . '/'; |
|
| 153 | - $httpsSiteName = 'https://' . $sitename . '/'; |
|
| 154 | - |
|
| 155 | - try { |
|
| 156 | - $client = $this->clientService->newClient(); |
|
| 157 | - $client->get($httpSiteName); |
|
| 158 | - $client->get($httpsSiteName); |
|
| 159 | - } catch (\Exception $e) { |
|
| 160 | - $this->logger->logException($e, ['app' => 'internet_connection_check']); |
|
| 161 | - return false; |
|
| 162 | - } |
|
| 163 | - return true; |
|
| 164 | - } |
|
| 165 | - |
|
| 166 | - /** |
|
| 167 | - * Checks whether a local memcache is installed or not |
|
| 168 | - * @return bool |
|
| 169 | - */ |
|
| 170 | - private function isMemcacheConfigured() { |
|
| 171 | - return $this->config->getSystemValue('memcache.local', null) !== null; |
|
| 172 | - } |
|
| 173 | - |
|
| 174 | - /** |
|
| 175 | - * Whether PHP can generate "secure" pseudorandom integers |
|
| 176 | - * |
|
| 177 | - * @return bool |
|
| 178 | - */ |
|
| 179 | - private function isRandomnessSecure() { |
|
| 180 | - try { |
|
| 181 | - $this->secureRandom->generate(1); |
|
| 182 | - } catch (\Exception $ex) { |
|
| 183 | - return false; |
|
| 184 | - } |
|
| 185 | - return true; |
|
| 186 | - } |
|
| 187 | - |
|
| 188 | - /** |
|
| 189 | - * Public for the sake of unit-testing |
|
| 190 | - * |
|
| 191 | - * @return array |
|
| 192 | - */ |
|
| 193 | - protected function getCurlVersion() { |
|
| 194 | - return curl_version(); |
|
| 195 | - } |
|
| 196 | - |
|
| 197 | - /** |
|
| 198 | - * Check if the used SSL lib is outdated. Older OpenSSL and NSS versions do |
|
| 199 | - * have multiple bugs which likely lead to problems in combination with |
|
| 200 | - * functionality required by ownCloud such as SNI. |
|
| 201 | - * |
|
| 202 | - * @link https://github.com/owncloud/core/issues/17446#issuecomment-122877546 |
|
| 203 | - * @link https://bugzilla.redhat.com/show_bug.cgi?id=1241172 |
|
| 204 | - * @return string |
|
| 205 | - */ |
|
| 206 | - private function isUsedTlsLibOutdated() { |
|
| 207 | - // Don't run check when: |
|
| 208 | - // 1. Server has `has_internet_connection` set to false |
|
| 209 | - // 2. AppStore AND S2S is disabled |
|
| 210 | - if(!$this->config->getSystemValue('has_internet_connection', true)) { |
|
| 211 | - return ''; |
|
| 212 | - } |
|
| 213 | - if(!$this->config->getSystemValue('appstoreenabled', true) |
|
| 214 | - && $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') === 'no' |
|
| 215 | - && $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes') === 'no') { |
|
| 216 | - return ''; |
|
| 217 | - } |
|
| 218 | - |
|
| 219 | - $versionString = $this->getCurlVersion(); |
|
| 220 | - if(isset($versionString['ssl_version'])) { |
|
| 221 | - $versionString = $versionString['ssl_version']; |
|
| 222 | - } else { |
|
| 223 | - return ''; |
|
| 224 | - } |
|
| 225 | - |
|
| 226 | - $features = (string)$this->l10n->t('installing and updating apps via the app store or Federated Cloud Sharing'); |
|
| 227 | - if(!$this->config->getSystemValue('appstoreenabled', true)) { |
|
| 228 | - $features = (string)$this->l10n->t('Federated Cloud Sharing'); |
|
| 229 | - } |
|
| 230 | - |
|
| 231 | - // Check if at least OpenSSL after 1.01d or 1.0.2b |
|
| 232 | - if(strpos($versionString, 'OpenSSL/') === 0) { |
|
| 233 | - $majorVersion = substr($versionString, 8, 5); |
|
| 234 | - $patchRelease = substr($versionString, 13, 6); |
|
| 235 | - |
|
| 236 | - if(($majorVersion === '1.0.1' && ord($patchRelease) < ord('d')) || |
|
| 237 | - ($majorVersion === '1.0.2' && ord($patchRelease) < ord('b'))) { |
|
| 238 | - return $this->l10n->t('cURL is using an outdated %1$s version (%2$s). Please update your operating system or features such as %3$s will not work reliably.', ['OpenSSL', $versionString, $features]); |
|
| 239 | - } |
|
| 240 | - } |
|
| 241 | - |
|
| 242 | - // Check if NSS and perform heuristic check |
|
| 243 | - if(strpos($versionString, 'NSS/') === 0) { |
|
| 244 | - try { |
|
| 245 | - $firstClient = $this->clientService->newClient(); |
|
| 246 | - $firstClient->get('https://nextcloud.com/'); |
|
| 247 | - |
|
| 248 | - $secondClient = $this->clientService->newClient(); |
|
| 249 | - $secondClient->get('https://nextcloud.com/'); |
|
| 250 | - } catch (ClientException $e) { |
|
| 251 | - if($e->getResponse()->getStatusCode() === 400) { |
|
| 252 | - return $this->l10n->t('cURL is using an outdated %1$s version (%2$s). Please update your operating system or features such as %3$s will not work reliably.', ['NSS', $versionString, $features]); |
|
| 253 | - } |
|
| 254 | - } |
|
| 255 | - } |
|
| 256 | - |
|
| 257 | - return ''; |
|
| 258 | - } |
|
| 259 | - |
|
| 260 | - /** |
|
| 261 | - * Whether the version is outdated |
|
| 262 | - * |
|
| 263 | - * @return bool |
|
| 264 | - */ |
|
| 265 | - protected function isPhpOutdated() { |
|
| 266 | - if (version_compare(PHP_VERSION, '7.0.0', '<')) { |
|
| 267 | - return true; |
|
| 268 | - } |
|
| 269 | - |
|
| 270 | - return false; |
|
| 271 | - } |
|
| 272 | - |
|
| 273 | - /** |
|
| 274 | - * Whether the php version is still supported (at time of release) |
|
| 275 | - * according to: https://secure.php.net/supported-versions.php |
|
| 276 | - * |
|
| 277 | - * @return array |
|
| 278 | - */ |
|
| 279 | - private function isPhpSupported() { |
|
| 280 | - return ['eol' => $this->isPhpOutdated(), 'version' => PHP_VERSION]; |
|
| 281 | - } |
|
| 282 | - |
|
| 283 | - /** |
|
| 284 | - * Check if the reverse proxy configuration is working as expected |
|
| 285 | - * |
|
| 286 | - * @return bool |
|
| 287 | - */ |
|
| 288 | - private function forwardedForHeadersWorking() { |
|
| 289 | - $trustedProxies = $this->config->getSystemValue('trusted_proxies', []); |
|
| 290 | - $remoteAddress = $this->request->getHeader('REMOTE_ADDR'); |
|
| 291 | - |
|
| 292 | - if (\is_array($trustedProxies) && \in_array($remoteAddress, $trustedProxies)) { |
|
| 293 | - return $remoteAddress !== $this->request->getRemoteAddress(); |
|
| 294 | - } |
|
| 295 | - // either not enabled or working correctly |
|
| 296 | - return true; |
|
| 297 | - } |
|
| 298 | - |
|
| 299 | - /** |
|
| 300 | - * Checks if the correct memcache module for PHP is installed. Only |
|
| 301 | - * fails if memcached is configured and the working module is not installed. |
|
| 302 | - * |
|
| 303 | - * @return bool |
|
| 304 | - */ |
|
| 305 | - private function isCorrectMemcachedPHPModuleInstalled() { |
|
| 306 | - if ($this->config->getSystemValue('memcache.distributed', null) !== '\OC\Memcache\Memcached') { |
|
| 307 | - return true; |
|
| 308 | - } |
|
| 309 | - |
|
| 310 | - // there are two different memcached modules for PHP |
|
| 311 | - // we only support memcached and not memcache |
|
| 312 | - // https://code.google.com/p/memcached/wiki/PHPClientComparison |
|
| 313 | - return !(!extension_loaded('memcached') && extension_loaded('memcache')); |
|
| 314 | - } |
|
| 315 | - |
|
| 316 | - /** |
|
| 317 | - * Checks if set_time_limit is not disabled. |
|
| 318 | - * |
|
| 319 | - * @return bool |
|
| 320 | - */ |
|
| 321 | - private function isSettimelimitAvailable() { |
|
| 322 | - if (function_exists('set_time_limit') |
|
| 323 | - && strpos(@ini_get('disable_functions'), 'set_time_limit') === false) { |
|
| 324 | - return true; |
|
| 325 | - } |
|
| 326 | - |
|
| 327 | - return false; |
|
| 328 | - } |
|
| 329 | - |
|
| 330 | - /** |
|
| 331 | - * @return RedirectResponse |
|
| 332 | - */ |
|
| 333 | - public function rescanFailedIntegrityCheck() { |
|
| 334 | - $this->checker->runInstanceVerification(); |
|
| 335 | - return new RedirectResponse( |
|
| 336 | - $this->urlGenerator->linkToRoute('settings.AdminSettings.index') |
|
| 337 | - ); |
|
| 338 | - } |
|
| 339 | - |
|
| 340 | - /** |
|
| 341 | - * @NoCSRFRequired |
|
| 342 | - * @return DataResponse |
|
| 343 | - */ |
|
| 344 | - public function getFailedIntegrityCheckFiles() { |
|
| 345 | - if(!$this->checker->isCodeCheckEnforced()) { |
|
| 346 | - return new DataDisplayResponse('Integrity checker has been disabled. Integrity cannot be verified.'); |
|
| 347 | - } |
|
| 348 | - |
|
| 349 | - $completeResults = $this->checker->getResults(); |
|
| 350 | - |
|
| 351 | - if(!empty($completeResults)) { |
|
| 352 | - $formattedTextResponse = 'Technical information |
|
| 66 | + /** @var IConfig */ |
|
| 67 | + private $config; |
|
| 68 | + /** @var IClientService */ |
|
| 69 | + private $clientService; |
|
| 70 | + /** @var \OC_Util */ |
|
| 71 | + private $util; |
|
| 72 | + /** @var IURLGenerator */ |
|
| 73 | + private $urlGenerator; |
|
| 74 | + /** @var IL10N */ |
|
| 75 | + private $l10n; |
|
| 76 | + /** @var Checker */ |
|
| 77 | + private $checker; |
|
| 78 | + /** @var ILogger */ |
|
| 79 | + private $logger; |
|
| 80 | + /** @var EventDispatcherInterface */ |
|
| 81 | + private $dispatcher; |
|
| 82 | + /** @var IDBConnection|Connection */ |
|
| 83 | + private $db; |
|
| 84 | + /** @var ILockingProvider */ |
|
| 85 | + private $lockingProvider; |
|
| 86 | + /** @var IDateTimeFormatter */ |
|
| 87 | + private $dateTimeFormatter; |
|
| 88 | + /** @var MemoryInfo */ |
|
| 89 | + private $memoryInfo; |
|
| 90 | + /** @var ISecureRandom */ |
|
| 91 | + private $secureRandom; |
|
| 92 | + |
|
| 93 | + public function __construct($AppName, |
|
| 94 | + IRequest $request, |
|
| 95 | + IConfig $config, |
|
| 96 | + IClientService $clientService, |
|
| 97 | + IURLGenerator $urlGenerator, |
|
| 98 | + \OC_Util $util, |
|
| 99 | + IL10N $l10n, |
|
| 100 | + Checker $checker, |
|
| 101 | + ILogger $logger, |
|
| 102 | + EventDispatcherInterface $dispatcher, |
|
| 103 | + IDBConnection $db, |
|
| 104 | + ILockingProvider $lockingProvider, |
|
| 105 | + IDateTimeFormatter $dateTimeFormatter, |
|
| 106 | + MemoryInfo $memoryInfo, |
|
| 107 | + ISecureRandom $secureRandom) { |
|
| 108 | + parent::__construct($AppName, $request); |
|
| 109 | + $this->config = $config; |
|
| 110 | + $this->clientService = $clientService; |
|
| 111 | + $this->util = $util; |
|
| 112 | + $this->urlGenerator = $urlGenerator; |
|
| 113 | + $this->l10n = $l10n; |
|
| 114 | + $this->checker = $checker; |
|
| 115 | + $this->logger = $logger; |
|
| 116 | + $this->dispatcher = $dispatcher; |
|
| 117 | + $this->db = $db; |
|
| 118 | + $this->lockingProvider = $lockingProvider; |
|
| 119 | + $this->dateTimeFormatter = $dateTimeFormatter; |
|
| 120 | + $this->memoryInfo = $memoryInfo; |
|
| 121 | + $this->secureRandom = $secureRandom; |
|
| 122 | + } |
|
| 123 | + |
|
| 124 | + /** |
|
| 125 | + * Checks if the server can connect to the internet using HTTPS and HTTP |
|
| 126 | + * @return bool |
|
| 127 | + */ |
|
| 128 | + private function isInternetConnectionWorking() { |
|
| 129 | + if ($this->config->getSystemValue('has_internet_connection', true) === false) { |
|
| 130 | + return false; |
|
| 131 | + } |
|
| 132 | + |
|
| 133 | + $siteArray = ['www.nextcloud.com', |
|
| 134 | + 'www.startpage.com', |
|
| 135 | + 'www.eff.org', |
|
| 136 | + 'www.edri.org', |
|
| 137 | + ]; |
|
| 138 | + |
|
| 139 | + foreach($siteArray as $site) { |
|
| 140 | + if ($this->isSiteReachable($site)) { |
|
| 141 | + return true; |
|
| 142 | + } |
|
| 143 | + } |
|
| 144 | + return false; |
|
| 145 | + } |
|
| 146 | + |
|
| 147 | + /** |
|
| 148 | + * Checks if the Nextcloud server can connect to a specific URL using both HTTPS and HTTP |
|
| 149 | + * @return bool |
|
| 150 | + */ |
|
| 151 | + private function isSiteReachable($sitename) { |
|
| 152 | + $httpSiteName = 'http://' . $sitename . '/'; |
|
| 153 | + $httpsSiteName = 'https://' . $sitename . '/'; |
|
| 154 | + |
|
| 155 | + try { |
|
| 156 | + $client = $this->clientService->newClient(); |
|
| 157 | + $client->get($httpSiteName); |
|
| 158 | + $client->get($httpsSiteName); |
|
| 159 | + } catch (\Exception $e) { |
|
| 160 | + $this->logger->logException($e, ['app' => 'internet_connection_check']); |
|
| 161 | + return false; |
|
| 162 | + } |
|
| 163 | + return true; |
|
| 164 | + } |
|
| 165 | + |
|
| 166 | + /** |
|
| 167 | + * Checks whether a local memcache is installed or not |
|
| 168 | + * @return bool |
|
| 169 | + */ |
|
| 170 | + private function isMemcacheConfigured() { |
|
| 171 | + return $this->config->getSystemValue('memcache.local', null) !== null; |
|
| 172 | + } |
|
| 173 | + |
|
| 174 | + /** |
|
| 175 | + * Whether PHP can generate "secure" pseudorandom integers |
|
| 176 | + * |
|
| 177 | + * @return bool |
|
| 178 | + */ |
|
| 179 | + private function isRandomnessSecure() { |
|
| 180 | + try { |
|
| 181 | + $this->secureRandom->generate(1); |
|
| 182 | + } catch (\Exception $ex) { |
|
| 183 | + return false; |
|
| 184 | + } |
|
| 185 | + return true; |
|
| 186 | + } |
|
| 187 | + |
|
| 188 | + /** |
|
| 189 | + * Public for the sake of unit-testing |
|
| 190 | + * |
|
| 191 | + * @return array |
|
| 192 | + */ |
|
| 193 | + protected function getCurlVersion() { |
|
| 194 | + return curl_version(); |
|
| 195 | + } |
|
| 196 | + |
|
| 197 | + /** |
|
| 198 | + * Check if the used SSL lib is outdated. Older OpenSSL and NSS versions do |
|
| 199 | + * have multiple bugs which likely lead to problems in combination with |
|
| 200 | + * functionality required by ownCloud such as SNI. |
|
| 201 | + * |
|
| 202 | + * @link https://github.com/owncloud/core/issues/17446#issuecomment-122877546 |
|
| 203 | + * @link https://bugzilla.redhat.com/show_bug.cgi?id=1241172 |
|
| 204 | + * @return string |
|
| 205 | + */ |
|
| 206 | + private function isUsedTlsLibOutdated() { |
|
| 207 | + // Don't run check when: |
|
| 208 | + // 1. Server has `has_internet_connection` set to false |
|
| 209 | + // 2. AppStore AND S2S is disabled |
|
| 210 | + if(!$this->config->getSystemValue('has_internet_connection', true)) { |
|
| 211 | + return ''; |
|
| 212 | + } |
|
| 213 | + if(!$this->config->getSystemValue('appstoreenabled', true) |
|
| 214 | + && $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') === 'no' |
|
| 215 | + && $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes') === 'no') { |
|
| 216 | + return ''; |
|
| 217 | + } |
|
| 218 | + |
|
| 219 | + $versionString = $this->getCurlVersion(); |
|
| 220 | + if(isset($versionString['ssl_version'])) { |
|
| 221 | + $versionString = $versionString['ssl_version']; |
|
| 222 | + } else { |
|
| 223 | + return ''; |
|
| 224 | + } |
|
| 225 | + |
|
| 226 | + $features = (string)$this->l10n->t('installing and updating apps via the app store or Federated Cloud Sharing'); |
|
| 227 | + if(!$this->config->getSystemValue('appstoreenabled', true)) { |
|
| 228 | + $features = (string)$this->l10n->t('Federated Cloud Sharing'); |
|
| 229 | + } |
|
| 230 | + |
|
| 231 | + // Check if at least OpenSSL after 1.01d or 1.0.2b |
|
| 232 | + if(strpos($versionString, 'OpenSSL/') === 0) { |
|
| 233 | + $majorVersion = substr($versionString, 8, 5); |
|
| 234 | + $patchRelease = substr($versionString, 13, 6); |
|
| 235 | + |
|
| 236 | + if(($majorVersion === '1.0.1' && ord($patchRelease) < ord('d')) || |
|
| 237 | + ($majorVersion === '1.0.2' && ord($patchRelease) < ord('b'))) { |
|
| 238 | + return $this->l10n->t('cURL is using an outdated %1$s version (%2$s). Please update your operating system or features such as %3$s will not work reliably.', ['OpenSSL', $versionString, $features]); |
|
| 239 | + } |
|
| 240 | + } |
|
| 241 | + |
|
| 242 | + // Check if NSS and perform heuristic check |
|
| 243 | + if(strpos($versionString, 'NSS/') === 0) { |
|
| 244 | + try { |
|
| 245 | + $firstClient = $this->clientService->newClient(); |
|
| 246 | + $firstClient->get('https://nextcloud.com/'); |
|
| 247 | + |
|
| 248 | + $secondClient = $this->clientService->newClient(); |
|
| 249 | + $secondClient->get('https://nextcloud.com/'); |
|
| 250 | + } catch (ClientException $e) { |
|
| 251 | + if($e->getResponse()->getStatusCode() === 400) { |
|
| 252 | + return $this->l10n->t('cURL is using an outdated %1$s version (%2$s). Please update your operating system or features such as %3$s will not work reliably.', ['NSS', $versionString, $features]); |
|
| 253 | + } |
|
| 254 | + } |
|
| 255 | + } |
|
| 256 | + |
|
| 257 | + return ''; |
|
| 258 | + } |
|
| 259 | + |
|
| 260 | + /** |
|
| 261 | + * Whether the version is outdated |
|
| 262 | + * |
|
| 263 | + * @return bool |
|
| 264 | + */ |
|
| 265 | + protected function isPhpOutdated() { |
|
| 266 | + if (version_compare(PHP_VERSION, '7.0.0', '<')) { |
|
| 267 | + return true; |
|
| 268 | + } |
|
| 269 | + |
|
| 270 | + return false; |
|
| 271 | + } |
|
| 272 | + |
|
| 273 | + /** |
|
| 274 | + * Whether the php version is still supported (at time of release) |
|
| 275 | + * according to: https://secure.php.net/supported-versions.php |
|
| 276 | + * |
|
| 277 | + * @return array |
|
| 278 | + */ |
|
| 279 | + private function isPhpSupported() { |
|
| 280 | + return ['eol' => $this->isPhpOutdated(), 'version' => PHP_VERSION]; |
|
| 281 | + } |
|
| 282 | + |
|
| 283 | + /** |
|
| 284 | + * Check if the reverse proxy configuration is working as expected |
|
| 285 | + * |
|
| 286 | + * @return bool |
|
| 287 | + */ |
|
| 288 | + private function forwardedForHeadersWorking() { |
|
| 289 | + $trustedProxies = $this->config->getSystemValue('trusted_proxies', []); |
|
| 290 | + $remoteAddress = $this->request->getHeader('REMOTE_ADDR'); |
|
| 291 | + |
|
| 292 | + if (\is_array($trustedProxies) && \in_array($remoteAddress, $trustedProxies)) { |
|
| 293 | + return $remoteAddress !== $this->request->getRemoteAddress(); |
|
| 294 | + } |
|
| 295 | + // either not enabled or working correctly |
|
| 296 | + return true; |
|
| 297 | + } |
|
| 298 | + |
|
| 299 | + /** |
|
| 300 | + * Checks if the correct memcache module for PHP is installed. Only |
|
| 301 | + * fails if memcached is configured and the working module is not installed. |
|
| 302 | + * |
|
| 303 | + * @return bool |
|
| 304 | + */ |
|
| 305 | + private function isCorrectMemcachedPHPModuleInstalled() { |
|
| 306 | + if ($this->config->getSystemValue('memcache.distributed', null) !== '\OC\Memcache\Memcached') { |
|
| 307 | + return true; |
|
| 308 | + } |
|
| 309 | + |
|
| 310 | + // there are two different memcached modules for PHP |
|
| 311 | + // we only support memcached and not memcache |
|
| 312 | + // https://code.google.com/p/memcached/wiki/PHPClientComparison |
|
| 313 | + return !(!extension_loaded('memcached') && extension_loaded('memcache')); |
|
| 314 | + } |
|
| 315 | + |
|
| 316 | + /** |
|
| 317 | + * Checks if set_time_limit is not disabled. |
|
| 318 | + * |
|
| 319 | + * @return bool |
|
| 320 | + */ |
|
| 321 | + private function isSettimelimitAvailable() { |
|
| 322 | + if (function_exists('set_time_limit') |
|
| 323 | + && strpos(@ini_get('disable_functions'), 'set_time_limit') === false) { |
|
| 324 | + return true; |
|
| 325 | + } |
|
| 326 | + |
|
| 327 | + return false; |
|
| 328 | + } |
|
| 329 | + |
|
| 330 | + /** |
|
| 331 | + * @return RedirectResponse |
|
| 332 | + */ |
|
| 333 | + public function rescanFailedIntegrityCheck() { |
|
| 334 | + $this->checker->runInstanceVerification(); |
|
| 335 | + return new RedirectResponse( |
|
| 336 | + $this->urlGenerator->linkToRoute('settings.AdminSettings.index') |
|
| 337 | + ); |
|
| 338 | + } |
|
| 339 | + |
|
| 340 | + /** |
|
| 341 | + * @NoCSRFRequired |
|
| 342 | + * @return DataResponse |
|
| 343 | + */ |
|
| 344 | + public function getFailedIntegrityCheckFiles() { |
|
| 345 | + if(!$this->checker->isCodeCheckEnforced()) { |
|
| 346 | + return new DataDisplayResponse('Integrity checker has been disabled. Integrity cannot be verified.'); |
|
| 347 | + } |
|
| 348 | + |
|
| 349 | + $completeResults = $this->checker->getResults(); |
|
| 350 | + |
|
| 351 | + if(!empty($completeResults)) { |
|
| 352 | + $formattedTextResponse = 'Technical information |
|
| 353 | 353 | ===================== |
| 354 | 354 | The following list covers which files have failed the integrity check. Please read |
| 355 | 355 | the previous linked documentation to learn more about the errors and how to fix |
@@ -358,272 +358,272 @@ discard block |
||
| 358 | 358 | Results |
| 359 | 359 | ======= |
| 360 | 360 | '; |
| 361 | - foreach($completeResults as $context => $contextResult) { |
|
| 362 | - $formattedTextResponse .= "- $context\n"; |
|
| 363 | - |
|
| 364 | - foreach($contextResult as $category => $result) { |
|
| 365 | - $formattedTextResponse .= "\t- $category\n"; |
|
| 366 | - if($category !== 'EXCEPTION') { |
|
| 367 | - foreach ($result as $key => $results) { |
|
| 368 | - $formattedTextResponse .= "\t\t- $key\n"; |
|
| 369 | - } |
|
| 370 | - } else { |
|
| 371 | - foreach ($result as $key => $results) { |
|
| 372 | - $formattedTextResponse .= "\t\t- $results\n"; |
|
| 373 | - } |
|
| 374 | - } |
|
| 375 | - |
|
| 376 | - } |
|
| 377 | - } |
|
| 378 | - |
|
| 379 | - $formattedTextResponse .= ' |
|
| 361 | + foreach($completeResults as $context => $contextResult) { |
|
| 362 | + $formattedTextResponse .= "- $context\n"; |
|
| 363 | + |
|
| 364 | + foreach($contextResult as $category => $result) { |
|
| 365 | + $formattedTextResponse .= "\t- $category\n"; |
|
| 366 | + if($category !== 'EXCEPTION') { |
|
| 367 | + foreach ($result as $key => $results) { |
|
| 368 | + $formattedTextResponse .= "\t\t- $key\n"; |
|
| 369 | + } |
|
| 370 | + } else { |
|
| 371 | + foreach ($result as $key => $results) { |
|
| 372 | + $formattedTextResponse .= "\t\t- $results\n"; |
|
| 373 | + } |
|
| 374 | + } |
|
| 375 | + |
|
| 376 | + } |
|
| 377 | + } |
|
| 378 | + |
|
| 379 | + $formattedTextResponse .= ' |
|
| 380 | 380 | Raw output |
| 381 | 381 | ========== |
| 382 | 382 | '; |
| 383 | - $formattedTextResponse .= print_r($completeResults, true); |
|
| 384 | - } else { |
|
| 385 | - $formattedTextResponse = 'No errors have been found.'; |
|
| 386 | - } |
|
| 387 | - |
|
| 388 | - |
|
| 389 | - $response = new DataDisplayResponse( |
|
| 390 | - $formattedTextResponse, |
|
| 391 | - Http::STATUS_OK, |
|
| 392 | - [ |
|
| 393 | - 'Content-Type' => 'text/plain', |
|
| 394 | - ] |
|
| 395 | - ); |
|
| 396 | - |
|
| 397 | - return $response; |
|
| 398 | - } |
|
| 399 | - |
|
| 400 | - /** |
|
| 401 | - * Checks whether a PHP opcache is properly set up |
|
| 402 | - * @return bool |
|
| 403 | - */ |
|
| 404 | - protected function isOpcacheProperlySetup() { |
|
| 405 | - $iniWrapper = new IniGetWrapper(); |
|
| 406 | - |
|
| 407 | - if(!$iniWrapper->getBool('opcache.enable')) { |
|
| 408 | - return false; |
|
| 409 | - } |
|
| 410 | - |
|
| 411 | - if(!$iniWrapper->getBool('opcache.save_comments')) { |
|
| 412 | - return false; |
|
| 413 | - } |
|
| 414 | - |
|
| 415 | - if(!$iniWrapper->getBool('opcache.enable_cli')) { |
|
| 416 | - return false; |
|
| 417 | - } |
|
| 418 | - |
|
| 419 | - if($iniWrapper->getNumeric('opcache.max_accelerated_files') < 10000) { |
|
| 420 | - return false; |
|
| 421 | - } |
|
| 422 | - |
|
| 423 | - if($iniWrapper->getNumeric('opcache.memory_consumption') < 128) { |
|
| 424 | - return false; |
|
| 425 | - } |
|
| 426 | - |
|
| 427 | - if($iniWrapper->getNumeric('opcache.interned_strings_buffer') < 8) { |
|
| 428 | - return false; |
|
| 429 | - } |
|
| 430 | - |
|
| 431 | - return true; |
|
| 432 | - } |
|
| 433 | - |
|
| 434 | - /** |
|
| 435 | - * Check if the required FreeType functions are present |
|
| 436 | - * @return bool |
|
| 437 | - */ |
|
| 438 | - protected function hasFreeTypeSupport() { |
|
| 439 | - return function_exists('imagettfbbox') && function_exists('imagettftext'); |
|
| 440 | - } |
|
| 441 | - |
|
| 442 | - protected function hasMissingIndexes(): array { |
|
| 443 | - $indexInfo = new MissingIndexInformation(); |
|
| 444 | - // Dispatch event so apps can also hint for pending index updates if needed |
|
| 445 | - $event = new GenericEvent($indexInfo); |
|
| 446 | - $this->dispatcher->dispatch(IDBConnection::CHECK_MISSING_INDEXES_EVENT, $event); |
|
| 447 | - |
|
| 448 | - return $indexInfo->getListOfMissingIndexes(); |
|
| 449 | - } |
|
| 450 | - |
|
| 451 | - /** |
|
| 452 | - * warn if outdated version of a memcache module is used |
|
| 453 | - */ |
|
| 454 | - protected function getOutdatedCaches(): array { |
|
| 455 | - $caches = [ |
|
| 456 | - 'apcu' => ['name' => 'APCu', 'version' => '4.0.6'], |
|
| 457 | - 'redis' => ['name' => 'Redis', 'version' => '2.2.5'], |
|
| 458 | - ]; |
|
| 459 | - $outdatedCaches = []; |
|
| 460 | - foreach ($caches as $php_module => $data) { |
|
| 461 | - $isOutdated = extension_loaded($php_module) && version_compare(phpversion($php_module), $data['version'], '<'); |
|
| 462 | - if ($isOutdated) { |
|
| 463 | - $outdatedCaches[] = $data; |
|
| 464 | - } |
|
| 465 | - } |
|
| 466 | - |
|
| 467 | - return $outdatedCaches; |
|
| 468 | - } |
|
| 469 | - |
|
| 470 | - protected function isSqliteUsed() { |
|
| 471 | - return strpos($this->config->getSystemValue('dbtype'), 'sqlite') !== false; |
|
| 472 | - } |
|
| 473 | - |
|
| 474 | - protected function isReadOnlyConfig(): bool { |
|
| 475 | - return \OC_Helper::isReadOnlyConfigEnabled(); |
|
| 476 | - } |
|
| 477 | - |
|
| 478 | - protected function hasValidTransactionIsolationLevel(): bool { |
|
| 479 | - try { |
|
| 480 | - if ($this->db->getDatabasePlatform() instanceof SqlitePlatform) { |
|
| 481 | - return true; |
|
| 482 | - } |
|
| 483 | - |
|
| 484 | - return $this->db->getTransactionIsolation() === Connection::TRANSACTION_READ_COMMITTED; |
|
| 485 | - } catch (DBALException $e) { |
|
| 486 | - // ignore |
|
| 487 | - } |
|
| 488 | - |
|
| 489 | - return true; |
|
| 490 | - } |
|
| 491 | - |
|
| 492 | - protected function hasFileinfoInstalled(): bool { |
|
| 493 | - return \OC_Util::fileInfoLoaded(); |
|
| 494 | - } |
|
| 495 | - |
|
| 496 | - protected function hasWorkingFileLocking(): bool { |
|
| 497 | - return !($this->lockingProvider instanceof NoopLockingProvider); |
|
| 498 | - } |
|
| 499 | - |
|
| 500 | - protected function getSuggestedOverwriteCliURL(): string { |
|
| 501 | - $suggestedOverwriteCliUrl = ''; |
|
| 502 | - if ($this->config->getSystemValue('overwrite.cli.url', '') === '') { |
|
| 503 | - $suggestedOverwriteCliUrl = $this->request->getServerProtocol() . '://' . $this->request->getInsecureServerHost() . \OC::$WEBROOT; |
|
| 504 | - if (!$this->config->getSystemValue('config_is_read_only', false)) { |
|
| 505 | - // Set the overwrite URL when it was not set yet. |
|
| 506 | - $this->config->setSystemValue('overwrite.cli.url', $suggestedOverwriteCliUrl); |
|
| 507 | - $suggestedOverwriteCliUrl = ''; |
|
| 508 | - } |
|
| 509 | - } |
|
| 510 | - return $suggestedOverwriteCliUrl; |
|
| 511 | - } |
|
| 512 | - |
|
| 513 | - protected function getLastCronInfo(): array { |
|
| 514 | - $lastCronRun = $this->config->getAppValue('core', 'lastcron', 0); |
|
| 515 | - return [ |
|
| 516 | - 'diffInSeconds' => time() - $lastCronRun, |
|
| 517 | - 'relativeTime' => $this->dateTimeFormatter->formatTimeSpan($lastCronRun), |
|
| 518 | - 'backgroundJobsUrl' => $this->urlGenerator->linkToRoute('settings.AdminSettings.index', ['section' => 'server']) . '#backgroundjobs', |
|
| 519 | - ]; |
|
| 520 | - } |
|
| 521 | - |
|
| 522 | - protected function getCronErrors() { |
|
| 523 | - $errors = json_decode($this->config->getAppValue('core', 'cronErrors', ''), true); |
|
| 524 | - |
|
| 525 | - if (is_array($errors)) { |
|
| 526 | - return $errors; |
|
| 527 | - } |
|
| 528 | - |
|
| 529 | - return []; |
|
| 530 | - } |
|
| 531 | - |
|
| 532 | - protected function isPhpMailerUsed(): bool { |
|
| 533 | - return $this->config->getSystemValue('mail_smtpmode', 'smtp') === 'php'; |
|
| 534 | - } |
|
| 535 | - |
|
| 536 | - protected function hasOpcacheLoaded(): bool { |
|
| 537 | - return function_exists('opcache_get_status'); |
|
| 538 | - } |
|
| 539 | - |
|
| 540 | - /** |
|
| 541 | - * Iterates through the configured app roots and |
|
| 542 | - * tests if the subdirectories are owned by the same user than the current user. |
|
| 543 | - * |
|
| 544 | - * @return array |
|
| 545 | - */ |
|
| 546 | - protected function getAppDirsWithDifferentOwner(): array { |
|
| 547 | - $currentUser = posix_getuid(); |
|
| 548 | - $appDirsWithDifferentOwner = [[]]; |
|
| 549 | - |
|
| 550 | - foreach (OC::$APPSROOTS as $appRoot) { |
|
| 551 | - if ($appRoot['writable'] === true) { |
|
| 552 | - $appDirsWithDifferentOwner[] = $this->getAppDirsWithDifferentOwnerForAppRoot($currentUser, $appRoot); |
|
| 553 | - } |
|
| 554 | - } |
|
| 555 | - |
|
| 556 | - $appDirsWithDifferentOwner = array_merge(...$appDirsWithDifferentOwner); |
|
| 557 | - sort($appDirsWithDifferentOwner); |
|
| 558 | - |
|
| 559 | - return $appDirsWithDifferentOwner; |
|
| 560 | - } |
|
| 561 | - |
|
| 562 | - /** |
|
| 563 | - * Tests if the directories for one apps directory are writable by the current user. |
|
| 564 | - * |
|
| 565 | - * @param int $currentUser The current user |
|
| 566 | - * @param array $appRoot The app root config |
|
| 567 | - * @return string[] The none writable directory paths inside the app root |
|
| 568 | - */ |
|
| 569 | - private function getAppDirsWithDifferentOwnerForAppRoot(int $currentUser, array $appRoot): array { |
|
| 570 | - $appDirsWithDifferentOwner = []; |
|
| 571 | - $appsPath = $appRoot['path']; |
|
| 572 | - $appsDir = new DirectoryIterator($appRoot['path']); |
|
| 573 | - |
|
| 574 | - foreach ($appsDir as $fileInfo) { |
|
| 575 | - if ($fileInfo->isDir() && !$fileInfo->isDot()) { |
|
| 576 | - $absAppPath = $appsPath . DIRECTORY_SEPARATOR . $fileInfo->getFilename(); |
|
| 577 | - $appDirUser = fileowner($absAppPath); |
|
| 578 | - if ($appDirUser !== $currentUser) { |
|
| 579 | - $appDirsWithDifferentOwner[] = $absAppPath; |
|
| 580 | - } |
|
| 581 | - } |
|
| 582 | - } |
|
| 583 | - |
|
| 584 | - return $appDirsWithDifferentOwner; |
|
| 585 | - } |
|
| 586 | - |
|
| 587 | - /** |
|
| 588 | - * @return DataResponse |
|
| 589 | - */ |
|
| 590 | - public function check() { |
|
| 591 | - return new DataResponse( |
|
| 592 | - [ |
|
| 593 | - 'isGetenvServerWorking' => !empty(getenv('PATH')), |
|
| 594 | - 'isReadOnlyConfig' => $this->isReadOnlyConfig(), |
|
| 595 | - 'hasValidTransactionIsolationLevel' => $this->hasValidTransactionIsolationLevel(), |
|
| 596 | - 'outdatedCaches' => $this->getOutdatedCaches(), |
|
| 597 | - 'hasFileinfoInstalled' => $this->hasFileinfoInstalled(), |
|
| 598 | - 'hasWorkingFileLocking' => $this->hasWorkingFileLocking(), |
|
| 599 | - 'suggestedOverwriteCliURL' => $this->getSuggestedOverwriteCliURL(), |
|
| 600 | - 'cronInfo' => $this->getLastCronInfo(), |
|
| 601 | - 'cronErrors' => $this->getCronErrors(), |
|
| 602 | - 'serverHasInternetConnection' => $this->isInternetConnectionWorking(), |
|
| 603 | - 'isMemcacheConfigured' => $this->isMemcacheConfigured(), |
|
| 604 | - 'memcacheDocs' => $this->urlGenerator->linkToDocs('admin-performance'), |
|
| 605 | - 'isRandomnessSecure' => $this->isRandomnessSecure(), |
|
| 606 | - 'securityDocs' => $this->urlGenerator->linkToDocs('admin-security'), |
|
| 607 | - 'isUsedTlsLibOutdated' => $this->isUsedTlsLibOutdated(), |
|
| 608 | - 'phpSupported' => $this->isPhpSupported(), |
|
| 609 | - 'forwardedForHeadersWorking' => $this->forwardedForHeadersWorking(), |
|
| 610 | - 'reverseProxyDocs' => $this->urlGenerator->linkToDocs('admin-reverse-proxy'), |
|
| 611 | - 'isCorrectMemcachedPHPModuleInstalled' => $this->isCorrectMemcachedPHPModuleInstalled(), |
|
| 612 | - 'hasPassedCodeIntegrityCheck' => $this->checker->hasPassedCheck(), |
|
| 613 | - 'codeIntegrityCheckerDocumentation' => $this->urlGenerator->linkToDocs('admin-code-integrity'), |
|
| 614 | - 'isOpcacheProperlySetup' => $this->isOpcacheProperlySetup(), |
|
| 615 | - 'hasOpcacheLoaded' => $this->hasOpcacheLoaded(), |
|
| 616 | - 'phpOpcacheDocumentation' => $this->urlGenerator->linkToDocs('admin-php-opcache'), |
|
| 617 | - 'isSettimelimitAvailable' => $this->isSettimelimitAvailable(), |
|
| 618 | - 'hasFreeTypeSupport' => $this->hasFreeTypeSupport(), |
|
| 619 | - 'missingIndexes' => $this->hasMissingIndexes(), |
|
| 620 | - 'isSqliteUsed' => $this->isSqliteUsed(), |
|
| 621 | - 'databaseConversionDocumentation' => $this->urlGenerator->linkToDocs('admin-db-conversion'), |
|
| 622 | - 'isPhpMailerUsed' => $this->isPhpMailerUsed(), |
|
| 623 | - 'mailSettingsDocumentation' => $this->urlGenerator->getAbsoluteURL('index.php/settings/admin'), |
|
| 624 | - 'isMemoryLimitSufficient' => $this->memoryInfo->isMemoryLimitSufficient(), |
|
| 625 | - 'appDirsWithDifferentOwner' => $this->getAppDirsWithDifferentOwner(), |
|
| 626 | - ] |
|
| 627 | - ); |
|
| 628 | - } |
|
| 383 | + $formattedTextResponse .= print_r($completeResults, true); |
|
| 384 | + } else { |
|
| 385 | + $formattedTextResponse = 'No errors have been found.'; |
|
| 386 | + } |
|
| 387 | + |
|
| 388 | + |
|
| 389 | + $response = new DataDisplayResponse( |
|
| 390 | + $formattedTextResponse, |
|
| 391 | + Http::STATUS_OK, |
|
| 392 | + [ |
|
| 393 | + 'Content-Type' => 'text/plain', |
|
| 394 | + ] |
|
| 395 | + ); |
|
| 396 | + |
|
| 397 | + return $response; |
|
| 398 | + } |
|
| 399 | + |
|
| 400 | + /** |
|
| 401 | + * Checks whether a PHP opcache is properly set up |
|
| 402 | + * @return bool |
|
| 403 | + */ |
|
| 404 | + protected function isOpcacheProperlySetup() { |
|
| 405 | + $iniWrapper = new IniGetWrapper(); |
|
| 406 | + |
|
| 407 | + if(!$iniWrapper->getBool('opcache.enable')) { |
|
| 408 | + return false; |
|
| 409 | + } |
|
| 410 | + |
|
| 411 | + if(!$iniWrapper->getBool('opcache.save_comments')) { |
|
| 412 | + return false; |
|
| 413 | + } |
|
| 414 | + |
|
| 415 | + if(!$iniWrapper->getBool('opcache.enable_cli')) { |
|
| 416 | + return false; |
|
| 417 | + } |
|
| 418 | + |
|
| 419 | + if($iniWrapper->getNumeric('opcache.max_accelerated_files') < 10000) { |
|
| 420 | + return false; |
|
| 421 | + } |
|
| 422 | + |
|
| 423 | + if($iniWrapper->getNumeric('opcache.memory_consumption') < 128) { |
|
| 424 | + return false; |
|
| 425 | + } |
|
| 426 | + |
|
| 427 | + if($iniWrapper->getNumeric('opcache.interned_strings_buffer') < 8) { |
|
| 428 | + return false; |
|
| 429 | + } |
|
| 430 | + |
|
| 431 | + return true; |
|
| 432 | + } |
|
| 433 | + |
|
| 434 | + /** |
|
| 435 | + * Check if the required FreeType functions are present |
|
| 436 | + * @return bool |
|
| 437 | + */ |
|
| 438 | + protected function hasFreeTypeSupport() { |
|
| 439 | + return function_exists('imagettfbbox') && function_exists('imagettftext'); |
|
| 440 | + } |
|
| 441 | + |
|
| 442 | + protected function hasMissingIndexes(): array { |
|
| 443 | + $indexInfo = new MissingIndexInformation(); |
|
| 444 | + // Dispatch event so apps can also hint for pending index updates if needed |
|
| 445 | + $event = new GenericEvent($indexInfo); |
|
| 446 | + $this->dispatcher->dispatch(IDBConnection::CHECK_MISSING_INDEXES_EVENT, $event); |
|
| 447 | + |
|
| 448 | + return $indexInfo->getListOfMissingIndexes(); |
|
| 449 | + } |
|
| 450 | + |
|
| 451 | + /** |
|
| 452 | + * warn if outdated version of a memcache module is used |
|
| 453 | + */ |
|
| 454 | + protected function getOutdatedCaches(): array { |
|
| 455 | + $caches = [ |
|
| 456 | + 'apcu' => ['name' => 'APCu', 'version' => '4.0.6'], |
|
| 457 | + 'redis' => ['name' => 'Redis', 'version' => '2.2.5'], |
|
| 458 | + ]; |
|
| 459 | + $outdatedCaches = []; |
|
| 460 | + foreach ($caches as $php_module => $data) { |
|
| 461 | + $isOutdated = extension_loaded($php_module) && version_compare(phpversion($php_module), $data['version'], '<'); |
|
| 462 | + if ($isOutdated) { |
|
| 463 | + $outdatedCaches[] = $data; |
|
| 464 | + } |
|
| 465 | + } |
|
| 466 | + |
|
| 467 | + return $outdatedCaches; |
|
| 468 | + } |
|
| 469 | + |
|
| 470 | + protected function isSqliteUsed() { |
|
| 471 | + return strpos($this->config->getSystemValue('dbtype'), 'sqlite') !== false; |
|
| 472 | + } |
|
| 473 | + |
|
| 474 | + protected function isReadOnlyConfig(): bool { |
|
| 475 | + return \OC_Helper::isReadOnlyConfigEnabled(); |
|
| 476 | + } |
|
| 477 | + |
|
| 478 | + protected function hasValidTransactionIsolationLevel(): bool { |
|
| 479 | + try { |
|
| 480 | + if ($this->db->getDatabasePlatform() instanceof SqlitePlatform) { |
|
| 481 | + return true; |
|
| 482 | + } |
|
| 483 | + |
|
| 484 | + return $this->db->getTransactionIsolation() === Connection::TRANSACTION_READ_COMMITTED; |
|
| 485 | + } catch (DBALException $e) { |
|
| 486 | + // ignore |
|
| 487 | + } |
|
| 488 | + |
|
| 489 | + return true; |
|
| 490 | + } |
|
| 491 | + |
|
| 492 | + protected function hasFileinfoInstalled(): bool { |
|
| 493 | + return \OC_Util::fileInfoLoaded(); |
|
| 494 | + } |
|
| 495 | + |
|
| 496 | + protected function hasWorkingFileLocking(): bool { |
|
| 497 | + return !($this->lockingProvider instanceof NoopLockingProvider); |
|
| 498 | + } |
|
| 499 | + |
|
| 500 | + protected function getSuggestedOverwriteCliURL(): string { |
|
| 501 | + $suggestedOverwriteCliUrl = ''; |
|
| 502 | + if ($this->config->getSystemValue('overwrite.cli.url', '') === '') { |
|
| 503 | + $suggestedOverwriteCliUrl = $this->request->getServerProtocol() . '://' . $this->request->getInsecureServerHost() . \OC::$WEBROOT; |
|
| 504 | + if (!$this->config->getSystemValue('config_is_read_only', false)) { |
|
| 505 | + // Set the overwrite URL when it was not set yet. |
|
| 506 | + $this->config->setSystemValue('overwrite.cli.url', $suggestedOverwriteCliUrl); |
|
| 507 | + $suggestedOverwriteCliUrl = ''; |
|
| 508 | + } |
|
| 509 | + } |
|
| 510 | + return $suggestedOverwriteCliUrl; |
|
| 511 | + } |
|
| 512 | + |
|
| 513 | + protected function getLastCronInfo(): array { |
|
| 514 | + $lastCronRun = $this->config->getAppValue('core', 'lastcron', 0); |
|
| 515 | + return [ |
|
| 516 | + 'diffInSeconds' => time() - $lastCronRun, |
|
| 517 | + 'relativeTime' => $this->dateTimeFormatter->formatTimeSpan($lastCronRun), |
|
| 518 | + 'backgroundJobsUrl' => $this->urlGenerator->linkToRoute('settings.AdminSettings.index', ['section' => 'server']) . '#backgroundjobs', |
|
| 519 | + ]; |
|
| 520 | + } |
|
| 521 | + |
|
| 522 | + protected function getCronErrors() { |
|
| 523 | + $errors = json_decode($this->config->getAppValue('core', 'cronErrors', ''), true); |
|
| 524 | + |
|
| 525 | + if (is_array($errors)) { |
|
| 526 | + return $errors; |
|
| 527 | + } |
|
| 528 | + |
|
| 529 | + return []; |
|
| 530 | + } |
|
| 531 | + |
|
| 532 | + protected function isPhpMailerUsed(): bool { |
|
| 533 | + return $this->config->getSystemValue('mail_smtpmode', 'smtp') === 'php'; |
|
| 534 | + } |
|
| 535 | + |
|
| 536 | + protected function hasOpcacheLoaded(): bool { |
|
| 537 | + return function_exists('opcache_get_status'); |
|
| 538 | + } |
|
| 539 | + |
|
| 540 | + /** |
|
| 541 | + * Iterates through the configured app roots and |
|
| 542 | + * tests if the subdirectories are owned by the same user than the current user. |
|
| 543 | + * |
|
| 544 | + * @return array |
|
| 545 | + */ |
|
| 546 | + protected function getAppDirsWithDifferentOwner(): array { |
|
| 547 | + $currentUser = posix_getuid(); |
|
| 548 | + $appDirsWithDifferentOwner = [[]]; |
|
| 549 | + |
|
| 550 | + foreach (OC::$APPSROOTS as $appRoot) { |
|
| 551 | + if ($appRoot['writable'] === true) { |
|
| 552 | + $appDirsWithDifferentOwner[] = $this->getAppDirsWithDifferentOwnerForAppRoot($currentUser, $appRoot); |
|
| 553 | + } |
|
| 554 | + } |
|
| 555 | + |
|
| 556 | + $appDirsWithDifferentOwner = array_merge(...$appDirsWithDifferentOwner); |
|
| 557 | + sort($appDirsWithDifferentOwner); |
|
| 558 | + |
|
| 559 | + return $appDirsWithDifferentOwner; |
|
| 560 | + } |
|
| 561 | + |
|
| 562 | + /** |
|
| 563 | + * Tests if the directories for one apps directory are writable by the current user. |
|
| 564 | + * |
|
| 565 | + * @param int $currentUser The current user |
|
| 566 | + * @param array $appRoot The app root config |
|
| 567 | + * @return string[] The none writable directory paths inside the app root |
|
| 568 | + */ |
|
| 569 | + private function getAppDirsWithDifferentOwnerForAppRoot(int $currentUser, array $appRoot): array { |
|
| 570 | + $appDirsWithDifferentOwner = []; |
|
| 571 | + $appsPath = $appRoot['path']; |
|
| 572 | + $appsDir = new DirectoryIterator($appRoot['path']); |
|
| 573 | + |
|
| 574 | + foreach ($appsDir as $fileInfo) { |
|
| 575 | + if ($fileInfo->isDir() && !$fileInfo->isDot()) { |
|
| 576 | + $absAppPath = $appsPath . DIRECTORY_SEPARATOR . $fileInfo->getFilename(); |
|
| 577 | + $appDirUser = fileowner($absAppPath); |
|
| 578 | + if ($appDirUser !== $currentUser) { |
|
| 579 | + $appDirsWithDifferentOwner[] = $absAppPath; |
|
| 580 | + } |
|
| 581 | + } |
|
| 582 | + } |
|
| 583 | + |
|
| 584 | + return $appDirsWithDifferentOwner; |
|
| 585 | + } |
|
| 586 | + |
|
| 587 | + /** |
|
| 588 | + * @return DataResponse |
|
| 589 | + */ |
|
| 590 | + public function check() { |
|
| 591 | + return new DataResponse( |
|
| 592 | + [ |
|
| 593 | + 'isGetenvServerWorking' => !empty(getenv('PATH')), |
|
| 594 | + 'isReadOnlyConfig' => $this->isReadOnlyConfig(), |
|
| 595 | + 'hasValidTransactionIsolationLevel' => $this->hasValidTransactionIsolationLevel(), |
|
| 596 | + 'outdatedCaches' => $this->getOutdatedCaches(), |
|
| 597 | + 'hasFileinfoInstalled' => $this->hasFileinfoInstalled(), |
|
| 598 | + 'hasWorkingFileLocking' => $this->hasWorkingFileLocking(), |
|
| 599 | + 'suggestedOverwriteCliURL' => $this->getSuggestedOverwriteCliURL(), |
|
| 600 | + 'cronInfo' => $this->getLastCronInfo(), |
|
| 601 | + 'cronErrors' => $this->getCronErrors(), |
|
| 602 | + 'serverHasInternetConnection' => $this->isInternetConnectionWorking(), |
|
| 603 | + 'isMemcacheConfigured' => $this->isMemcacheConfigured(), |
|
| 604 | + 'memcacheDocs' => $this->urlGenerator->linkToDocs('admin-performance'), |
|
| 605 | + 'isRandomnessSecure' => $this->isRandomnessSecure(), |
|
| 606 | + 'securityDocs' => $this->urlGenerator->linkToDocs('admin-security'), |
|
| 607 | + 'isUsedTlsLibOutdated' => $this->isUsedTlsLibOutdated(), |
|
| 608 | + 'phpSupported' => $this->isPhpSupported(), |
|
| 609 | + 'forwardedForHeadersWorking' => $this->forwardedForHeadersWorking(), |
|
| 610 | + 'reverseProxyDocs' => $this->urlGenerator->linkToDocs('admin-reverse-proxy'), |
|
| 611 | + 'isCorrectMemcachedPHPModuleInstalled' => $this->isCorrectMemcachedPHPModuleInstalled(), |
|
| 612 | + 'hasPassedCodeIntegrityCheck' => $this->checker->hasPassedCheck(), |
|
| 613 | + 'codeIntegrityCheckerDocumentation' => $this->urlGenerator->linkToDocs('admin-code-integrity'), |
|
| 614 | + 'isOpcacheProperlySetup' => $this->isOpcacheProperlySetup(), |
|
| 615 | + 'hasOpcacheLoaded' => $this->hasOpcacheLoaded(), |
|
| 616 | + 'phpOpcacheDocumentation' => $this->urlGenerator->linkToDocs('admin-php-opcache'), |
|
| 617 | + 'isSettimelimitAvailable' => $this->isSettimelimitAvailable(), |
|
| 618 | + 'hasFreeTypeSupport' => $this->hasFreeTypeSupport(), |
|
| 619 | + 'missingIndexes' => $this->hasMissingIndexes(), |
|
| 620 | + 'isSqliteUsed' => $this->isSqliteUsed(), |
|
| 621 | + 'databaseConversionDocumentation' => $this->urlGenerator->linkToDocs('admin-db-conversion'), |
|
| 622 | + 'isPhpMailerUsed' => $this->isPhpMailerUsed(), |
|
| 623 | + 'mailSettingsDocumentation' => $this->urlGenerator->getAbsoluteURL('index.php/settings/admin'), |
|
| 624 | + 'isMemoryLimitSufficient' => $this->memoryInfo->isMemoryLimitSufficient(), |
|
| 625 | + 'appDirsWithDifferentOwner' => $this->getAppDirsWithDifferentOwner(), |
|
| 626 | + ] |
|
| 627 | + ); |
|
| 628 | + } |
|
| 629 | 629 | } |
