summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorXheni Myrtaj <myrtajxheni@gmail.com>2019-05-27 21:54:58 +0200
committerXheni Myrtaj <myrtajxheni@gmail.com>2019-05-29 22:43:23 +0200
commitd227f4d34ca0f7a6877063784f75481ff6631a4a (patch)
tree75a759241b08df0a1801633484266f0b7a48887c
parent89c701382f7a3dfaae3a45d1001ab26fb08cdd8a (diff)
downloadnextcloud-server-d227f4d34ca0f7a6877063784f75481ff6631a4a.tar.gz
nextcloud-server-d227f4d34ca0f7a6877063784f75481ff6631a4a.zip
Do not fail integrity check if mimetype list is changed
Signed-off-by: Xheni Myrtaj <myrtajxheni@gmail.com>
-rw-r--r--core/Command/Maintenance/Mimetype/GenerateMimetypeFileBuilder.php105
-rw-r--r--core/Command/Maintenance/Mimetype/UpdateJS.php75
-rw-r--r--lib/private/Files/Type/Detection.php6
-rw-r--r--lib/private/IntegrityCheck/Checker.php59
-rw-r--r--lib/private/Server.php3
-rw-r--r--resources/config/mimetypealiases.dist.json4
6 files changed, 155 insertions, 97 deletions
diff --git a/core/Command/Maintenance/Mimetype/GenerateMimetypeFileBuilder.php b/core/Command/Maintenance/Mimetype/GenerateMimetypeFileBuilder.php
new file mode 100644
index 00000000000..7645f801d88
--- /dev/null
+++ b/core/Command/Maintenance/Mimetype/GenerateMimetypeFileBuilder.php
@@ -0,0 +1,105 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019 Xheni Myrtaj <xheni@protonmail.com>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Core\Command\Maintenance\Mimetype;
+
+
+class GenerateMimetypeFileBuilder
+{
+ /**
+ * Generate mime type list file
+ * @param $aliases
+ * @return string
+ */
+ public function generateFile($aliases): string {
+ // Remove comments
+ $keys = array_filter(array_keys($aliases), function($k) {
+ return $k[0] === '_';
+ });
+ foreach($keys as $key) {
+ unset($aliases[$key]);
+ }
+
+ // Fetch all files
+ $dir = new \DirectoryIterator(\OC::$SERVERROOT.'/core/img/filetypes');
+
+ $files = [];
+ foreach($dir as $fileInfo) {
+ if ($fileInfo->isFile()) {
+ $file = preg_replace('/.[^.]*$/', '', $fileInfo->getFilename());
+ $files[] = $file;
+ }
+ }
+
+ //Remove duplicates
+ $files = array_values(array_unique($files));
+ sort($files);
+
+ // Fetch all themes!
+ $themes = [];
+ $dirs = new \DirectoryIterator(\OC::$SERVERROOT.'/themes/');
+ foreach($dirs as $dir) {
+ //Valid theme dir
+ if ($dir->isFile() || $dir->isDot()) {
+ continue;
+ }
+
+ $theme = $dir->getFilename();
+ $themeDir = $dir->getPath() . '/' . $theme . '/core/img/filetypes/';
+ // Check if this theme has its own filetype icons
+ if (!file_exists($themeDir)) {
+ continue;
+ }
+
+ $themes[$theme] = [];
+ // Fetch all the theme icons!
+ $themeIt = new \DirectoryIterator($themeDir);
+ foreach ($themeIt as $fileInfo) {
+ if ($fileInfo->isFile()) {
+ $file = preg_replace('/.[^.]*$/', '', $fileInfo->getFilename());
+ $themes[$theme][] = $file;
+ }
+ }
+
+ //Remove Duplicates
+ $themes[$theme] = array_values(array_unique($themes[$theme]));
+ sort($themes[$theme]);
+ }
+
+ //Generate the JS
+ return '/**
+* This file is automatically generated
+* DO NOT EDIT MANUALLY!
+*
+* You can update the list of MimeType Aliases in config/mimetypealiases.json
+* The list of files is fetched from core/img/filetypes
+* To regenerate this file run ./occ maintenance:mimetype:update-js
+*/
+OC.MimeTypeList={
+ aliases: ' . json_encode($aliases, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES) . ',
+ files: ' . json_encode($files, JSON_PRETTY_PRINT) . ',
+ themes: ' . json_encode($themes, JSON_PRETTY_PRINT) . '
+};
+';
+ }
+
+} \ No newline at end of file
diff --git a/core/Command/Maintenance/Mimetype/UpdateJS.php b/core/Command/Maintenance/Mimetype/UpdateJS.php
index a6925c5dc61..0606e210c3f 100644
--- a/core/Command/Maintenance/Mimetype/UpdateJS.php
+++ b/core/Command/Maintenance/Mimetype/UpdateJS.php
@@ -53,78 +53,9 @@ class UpdateJS extends Command {
// Fetch all the aliases
$aliases = $this->mimetypeDetector->getAllAliases();
- // Remove comments
- $keys = array_filter(array_keys($aliases), function($k) {
- return $k[0] === '_';
- });
- foreach($keys as $key) {
- unset($aliases[$key]);
- }
-
- // Fetch all files
- $dir = new \DirectoryIterator(\OC::$SERVERROOT.'/core/img/filetypes');
-
- $files = [];
- foreach($dir as $fileInfo) {
- if ($fileInfo->isFile()) {
- $file = preg_replace('/.[^.]*$/', '', $fileInfo->getFilename());
- $files[] = $file;
- }
- }
-
- //Remove duplicates
- $files = array_values(array_unique($files));
- sort($files);
-
- // Fetch all themes!
- $themes = [];
- $dirs = new \DirectoryIterator(\OC::$SERVERROOT.'/themes/');
- foreach($dirs as $dir) {
- //Valid theme dir
- if ($dir->isFile() || $dir->isDot()) {
- continue;
- }
-
- $theme = $dir->getFilename();
- $themeDir = $dir->getPath() . '/' . $theme . '/core/img/filetypes/';
- // Check if this theme has its own filetype icons
- if (!file_exists($themeDir)) {
- continue;
- }
-
- $themes[$theme] = [];
- // Fetch all the theme icons!
- $themeIt = new \DirectoryIterator($themeDir);
- foreach ($themeIt as $fileInfo) {
- if ($fileInfo->isFile()) {
- $file = preg_replace('/.[^.]*$/', '', $fileInfo->getFilename());
- $themes[$theme][] = $file;
- }
- }
-
- //Remove Duplicates
- $themes[$theme] = array_values(array_unique($themes[$theme]));
- sort($themes[$theme]);
- }
-
- //Generate the JS
- $js = '/**
-* This file is automatically generated
-* DO NOT EDIT MANUALLY!
-*
-* You can update the list of MimeType Aliases in config/mimetypealiases.json
-* The list of files is fetched from core/img/filetypes
-* To regenerate this file run ./occ maintenance:mimetype:update-js
-*/
-OC.MimeTypeList={
- aliases: ' . json_encode($aliases, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES) . ',
- files: ' . json_encode($files, JSON_PRETTY_PRINT) . ',
- themes: ' . json_encode($themes, JSON_PRETTY_PRINT) . '
-};
-';
-
- //Output the JS
- file_put_contents(\OC::$SERVERROOT.'/core/js/mimetypelist.js', $js);
+ // Output the JS
+ $generatedMimetypeFile = new GenerateMimetypeFileBuilder();
+ file_put_contents(\OC::$SERVERROOT.'/core/js/mimetypelist.js', $generatedMimetypeFile->generateFile($aliases));
$output->writeln('<info>mimetypelist.js is updated');
}
diff --git a/lib/private/Files/Type/Detection.php b/lib/private/Files/Type/Detection.php
index 32075627632..9bbbd0e07c7 100644
--- a/lib/private/Files/Type/Detection.php
+++ b/lib/private/Files/Type/Detection.php
@@ -133,6 +133,12 @@ class Detection implements IMimeTypeDetector {
return $this->mimeTypeAlias;
}
+ public function getOnlyDefaultAliases() {
+ $this->loadMappings();
+ $this->mimeTypeAlias = json_decode(file_get_contents($this->defaultConfigDir . '/mimetypealiases.dist.json'), true);
+ return $this->mimeTypeAlias;
+ }
+
/**
* Add mimetype mappings if they are not yet present
*/
diff --git a/lib/private/IntegrityCheck/Checker.php b/lib/private/IntegrityCheck/Checker.php
index 0a8876381f4..ac4f40b51ec 100644
--- a/lib/private/IntegrityCheck/Checker.php
+++ b/lib/private/IntegrityCheck/Checker.php
@@ -27,6 +27,7 @@ declare(strict_types=1);
namespace OC\IntegrityCheck;
+use OC\Core\Command\Maintenance\Mimetype\GenerateMimetypeFileBuilder;
use OC\IntegrityCheck\Exceptions\InvalidSignatureException;
use OC\IntegrityCheck\Helpers\AppLocator;
use OC\IntegrityCheck\Helpers\EnvironmentHelper;
@@ -34,6 +35,7 @@ use OC\IntegrityCheck\Helpers\FileAccessHelper;
use OC\IntegrityCheck\Iterator\ExcludeFileByNameFilterIterator;
use OC\IntegrityCheck\Iterator\ExcludeFoldersByPathFilterIterator;
use OCP\App\IAppManager;
+use OCP\Files\IMimeTypeDetector;
use OCP\ICache;
use OCP\ICacheFactory;
use OCP\IConfig;
@@ -67,6 +69,8 @@ class Checker {
private $appManager;
/** @var ITempManager */
private $tempManager;
+ /** @var IMimeTypeDetector */
+ private $mimeTypeDetector;
/**
* @param EnvironmentHelper $environmentHelper
@@ -76,6 +80,7 @@ class Checker {
* @param ICacheFactory $cacheFactory
* @param IAppManager $appManager
* @param ITempManager $tempManager
+ * @param IMimeTypeDetector $mimeTypeDetector
*/
public function __construct(EnvironmentHelper $environmentHelper,
FileAccessHelper $fileAccessHelper,
@@ -83,7 +88,8 @@ class Checker {
IConfig $config = null,
ICacheFactory $cacheFactory,
IAppManager $appManager = null,
- ITempManager $tempManager) {
+ ITempManager $tempManager,
+ IMimeTypeDetector $mimeTypeDetector) {
$this->environmentHelper = $environmentHelper;
$this->fileAccessHelper = $fileAccessHelper;
$this->appLocator = $appLocator;
@@ -91,6 +97,7 @@ class Checker {
$this->cache = $cacheFactory->createDistributed(self::CACHE_KEY);
$this->appManager = $appManager;
$this->tempManager = $tempManager;
+ $this->mimeTypeDetector = $mimeTypeDetector;
}
/**
@@ -193,6 +200,14 @@ class Checker {
continue;
}
}
+ if($filename === $this->environmentHelper->getServerRoot().'/core/js/mimetypelist.js') {
+ $oldMimetypeList = new GenerateMimetypeFileBuilder();
+ $newFile = $oldMimetypeList->generateFile($this->mimeTypeDetector->getAllAliases());
+ if($newFile === file_get_contents($filename)) {
+ $hashes[$relativeFileName] = hash('sha512', $oldMimetypeList->generateFile($this->mimeTypeDetector->getOnlyDefaultAliases()));
+ continue;
+ }
+ }
$hashes[$relativeFileName] = hash_file('sha512', $filename);
}
@@ -220,10 +235,10 @@ class Checker {
$signature = $privateKey->sign(json_encode($hashes));
return [
- 'hashes' => $hashes,
- 'signature' => base64_encode($signature),
- 'certificate' => $certificate->saveX509($certificate->currentCert),
- ];
+ 'hashes' => $hashes,
+ 'signature' => base64_encode($signature),
+ 'certificate' => $certificate->saveX509($certificate->currentCert),
+ ];
}
/**
@@ -244,8 +259,8 @@ class Checker {
$iterator = $this->getFolderIterator($path);
$hashes = $this->generateHashes($iterator, $path);
$signature = $this->createSignatureData($hashes, $certificate, $privateKey);
- $this->fileAccessHelper->file_put_contents(
- $appInfoDir . '/signature.json',
+ $this->fileAccessHelper->file_put_contents(
+ $appInfoDir . '/signature.json',
json_encode($signature, JSON_PRETTY_PRINT)
);
} catch (\Exception $e){
@@ -327,7 +342,7 @@ class Checker {
// Verify if certificate has proper CN. "core" CN is always trusted.
if($x509->getDN(X509::DN_OPENSSL)['CN'] !== $certificateCN && $x509->getDN(X509::DN_OPENSSL)['CN'] !== 'core') {
throw new InvalidSignatureException(
- sprintf('Certificate is not valid for required scope. (Requested: %s, current: CN=%s)', $certificateCN, $x509->getDN(true)['CN'])
+ sprintf('Certificate is not valid for required scope. (Requested: %s, current: CN=%s)', $certificateCN, $x509->getDN(true)['CN'])
);
}
@@ -484,16 +499,16 @@ class Checker {
$path = $this->appLocator->getAppPath($appId);
}
$result = $this->verify(
- $path . '/appinfo/signature.json',
- $path,
- $appId
+ $path . '/appinfo/signature.json',
+ $path,
+ $appId
);
} catch (\Exception $e) {
$result = [
- 'EXCEPTION' => [
- 'class' => \get_class($e),
- 'message' => $e->getMessage(),
- ],
+ 'EXCEPTION' => [
+ 'class' => \get_class($e),
+ 'message' => $e->getMessage(),
+ ],
];
}
$this->storeResults($appId, $result);
@@ -534,16 +549,16 @@ class Checker {
public function verifyCoreSignature(): array {
try {
$result = $this->verify(
- $this->environmentHelper->getServerRoot() . '/core/signature.json',
- $this->environmentHelper->getServerRoot(),
- 'core'
+ $this->environmentHelper->getServerRoot() . '/core/signature.json',
+ $this->environmentHelper->getServerRoot(),
+ 'core'
);
} catch (\Exception $e) {
$result = [
- 'EXCEPTION' => [
- 'class' => \get_class($e),
- 'message' => $e->getMessage(),
- ],
+ 'EXCEPTION' => [
+ 'class' => \get_class($e),
+ 'message' => $e->getMessage(),
+ ],
];
}
$this->storeResults('core', $result);
diff --git a/lib/private/Server.php b/lib/private/Server.php
index 408b457ec39..599e14f1cd3 100644
--- a/lib/private/Server.php
+++ b/lib/private/Server.php
@@ -791,7 +791,8 @@ class Server extends ServerContainer implements IServerContainer {
$config,
$c->getMemCacheFactory(),
$appManager,
- $c->getTempManager()
+ $c->getTempManager(),
+ $c->getMimeTypeDetector()
);
});
$this->registerService(\OCP\IRequest::class, function ($c) {
diff --git a/resources/config/mimetypealiases.dist.json b/resources/config/mimetypealiases.dist.json
index eea7081dd71..384c31b493b 100644
--- a/resources/config/mimetypealiases.dist.json
+++ b/resources/config/mimetypealiases.dist.json
@@ -7,7 +7,6 @@
"_comment5": "./occ maintenance:mimetype:update-js",
"_comment6": "Otherwise your update won't propagate through the system.",
-
"application/coreldraw": "image",
"application/epub+zip": "text",
"application/font-sfnt": "image",
@@ -100,6 +99,7 @@
"text/x-ldif": "text/code",
"text/x-python": "text/code",
"text/x-shellscript": "text/code",
- "web": "text/code"
+ "web": "text/code",
+ "application/internet-shortcut": "link"
}