diff options
| author | Côme Chilliet <come.chilliet@nextcloud.com> | 2024-04-22 16:55:42 +0200 |
|---|---|---|
| committer | Côme Chilliet <come.chilliet@nextcloud.com> | 2024-04-22 16:55:42 +0200 |
| commit | 5d1ca7e25aee8264b3dff79eed10eba0568ce82f (patch) | |
| tree | 648ff723576601c01bf99782e8b5c21a1ac95265 /lib/private/Installer.php | |
| parent | 37c89f41918b316c8ba2961a6c7e8ab417161ba9 (diff) | |
| download | nextcloud-server-5d1ca7e25aee8264b3dff79eed10eba0568ce82f.tar.gz nextcloud-server-5d1ca7e25aee8264b3dff79eed10eba0568ce82f.zip | |
fix: Drop workarounds for unsupported obsolete PHP versions
Also improved error handling in Installer.php to be type safe.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Diffstat (limited to 'lib/private/Installer.php')
| -rw-r--r-- | lib/private/Installer.php | 29 |
1 files changed, 19 insertions, 10 deletions
diff --git a/lib/private/Installer.php b/lib/private/Installer.php index c4af480d4ca..c4df7768d9e 100644 --- a/lib/private/Installer.php +++ b/lib/private/Installer.php @@ -281,10 +281,6 @@ class Installer { // Check if the signature actually matches the downloaded content $certificate = openssl_get_publickey($app['certificate']); $verified = (bool)openssl_verify(file_get_contents($tempFile), base64_decode($app['releases'][0]['signature']), $certificate, OPENSSL_ALGO_SHA512); - // PHP 8+ deprecates openssl_free_key and automatically destroys the key instance when it goes out of scope - if ((PHP_VERSION_ID < 80000)) { - openssl_free_key($certificate); - } if ($verified === true) { // Seems to match, let's proceed @@ -305,6 +301,15 @@ class Installer { $folders = array_diff($allFiles, ['.', '..']); $folders = array_values($folders); + if (count($folders) < 1) { + throw new \Exception( + sprintf( + 'Extracted app %s has no folders', + $appId + ) + ); + } + if (count($folders) > 1) { throw new \Exception( sprintf( @@ -315,13 +320,17 @@ class Installer { } // Check if appinfo/info.xml has the same app ID as well - if ((PHP_VERSION_ID < 80000)) { - $loadEntities = libxml_disable_entity_loader(false); - $xml = simplexml_load_string(file_get_contents($extractDir . '/' . $folders[0] . '/appinfo/info.xml')); - libxml_disable_entity_loader($loadEntities); - } else { - $xml = simplexml_load_string(file_get_contents($extractDir . '/' . $folders[0] . '/appinfo/info.xml')); + $xml = simplexml_load_string(file_get_contents($extractDir . '/' . $folders[0] . '/appinfo/info.xml')); + + if ($xml === false) { + throw new \Exception( + sprintf( + 'Failed to load info.xml for app id %s', + $appId, + ) + ); } + if ((string)$xml->id !== $appId) { throw new \Exception( sprintf( |