Merge pull request #21025 from owncloud/remove-legacy-trusted-domain-support

Remove legacy repair steps + do not cast trusted domains

4 files changed, 5 insertions, 91 deletions

diff --git a/lib/private/repair.php b/lib/private/repair.php
index f6ac7ebe65b..d870b472c4f 100644
--- a/lib/private/repair.php
+++ b/lib/private/repair.php
@@ -40,7 +40,6 @@ use OC\Repair\SqliteAutoincrement;
 use OC\Repair\DropOldTables;
 use OC\Repair\FillETags;
 use OC\Repair\InnoDB;
-use OC\Repair\RepairConfig;
 use OC\Repair\RepairLegacyStorages;
 use OC\Repair\RepairMimeTypes;
 use OC\Repair\SearchLuceneTables;
@@ -107,7 +106,6 @@ class Repair extends BasicEmitter {
 		return [
 			new RepairMimeTypes(\OC::$server->getConfig()),
 			new RepairLegacyStorages(\OC::$server->getConfig(), \OC::$server->getDatabaseConnection()),
-			new RepairConfig(),
 			new AssetCache(),
 			new FillETags(\OC::$server->getDatabaseConnection()),
 			new CleanTags(\OC::$server->getDatabaseConnection()),
@@ -138,13 +136,12 @@ class Repair extends BasicEmitter {
 	 * @return array of RepairStep instances
 	 */
 	public static function getBeforeUpgradeRepairSteps() {
-		$steps = array(
+		$steps = [
 			new InnoDB(),
 			new Collation(\OC::$server->getConfig(), \OC_DB::getConnection()),
 			new SqliteAutoincrement(\OC_DB::getConnection()),
 			new SearchLuceneTables(),
-			new RepairConfig()
-		);
+		];
 
 		//There is no need to delete all previews on every single update
 		//only 7.0.0 through 7.0.2 generated broken previews
diff --git a/lib/private/security/trusteddomainhelper.php b/lib/private/security/trusteddomainhelper.php
index 6dbaadfdb60..c1a397dd52d 100644
--- a/lib/private/security/trusteddomainhelper.php
+++ b/lib/private/security/trusteddomainhelper.php
@@ -74,16 +74,11 @@ class TrustedDomainHelper {
 			return false;
 		}
 
-		// TODO: Workaround for older instances still with port applied. Remove for ownCloud 9.
-		if(in_array($domainWithPort, $trustedList)) {
-			return true;
-		}
-
 		// Always allow access from localhost
 		if (preg_match(Request::REGEX_LOCALHOST, $domain) === 1) {
 			return true;
 		}
-		return in_array($domain, $trustedList);
+		return in_array($domain, $trustedList, true);
 	}
 
 }
diff --git a/lib/repair/repairconfig.php b/lib/repair/repairconfig.php
deleted file mode 100644
index 66fdd47269e..00000000000
--- a/lib/repair/repairconfig.php
+++ /dev/null
@@ -1,80 +0,0 @@
-<?php
-/**
- * @author Lukas Reschke <lukas@owncloud.com>
- * @author Morris Jobke <hey@morrisjobke.de>
- *
- * @copyright Copyright (c) 2015, ownCloud, Inc.
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program.  If not, see <http://www.gnu.org/licenses/>
- *
- */
-
-namespace OC\Repair;
-
-use OC\Hooks\BasicEmitter;
-use OC\RepairStep;
-use Sabre\DAV\Exception;
-
-/**
- * Class RepairConfig
- *
- * @package OC\Repair
- */
-class RepairConfig extends BasicEmitter implements RepairStep {
-
-	/**
-	 * @return string
-	 */
-	public function getName() {
-		return 'Repair config';
-	}
-
-	/**
-	 * Updates the configuration after running an update
-	 */
-	public function run() {
-		$this->addSecret();
-		$this->removePortsFromTrustedDomains();
-	}
-
-	/**
-	 * Adds a secret to config.php
-	 */
-	private function addSecret() {
-		if(\OC::$server->getConfig()->getSystemValue('secret', null) === null) {
-			$secret = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(48);
-			\OC::$server->getConfig()->setSystemValue('secret', $secret);
-		}
-	}
-
-
-	/**
-	 * Remove ports from existing trusted domains in config.php
-	 */
-	private function removePortsFromTrustedDomains() {
-		$trustedDomains = \OC::$server->getConfig()->getSystemValue('trusted_domains', array());
-		$newTrustedDomains = array();
-		foreach($trustedDomains as $domain) {
-			$pos = strrpos($domain, ':');
-			if ($pos !== false) {
-				$port = substr($domain, $pos + 1);
-				if (is_numeric($port)) {
-					$domain = substr($domain, 0, $pos);
-				}
-			}
-			$newTrustedDomains[] = $domain;
-		}
-		\OC::$server->getConfig()->setSystemValue('trusted_domains', $newTrustedDomains);
-	}
-}
diff --git a/tests/lib/security/trusteddomainhelper.php b/tests/lib/security/trusteddomainhelper.php
index c8d5ffa587b..52a8f1be630 100644
--- a/tests/lib/security/trusteddomainhelper.php
+++ b/tests/lib/security/trusteddomainhelper.php
@@ -64,6 +64,8 @@ class TrustedDomainHelperTest extends \Test\TestCase {
 			// do not trust invalid localhosts
 			[$trustedHostTestList, 'localhost:1:2', false],
 			[$trustedHostTestList, 'localhost: evil.host', false],
+			// do not trust casting
+			[[1], '1', false],
 		];
 	}