diff options
author | Christoph Wurst <christoph@winzerhof-wurst.at> | 2020-04-10 14:19:56 +0200 |
---|---|---|
committer | Christoph Wurst <christoph@winzerhof-wurst.at> | 2020-04-10 14:19:56 +0200 |
commit | caff1023ea72bb2ea94130e18a2a6e2ccf819e5f (patch) | |
tree | 186d494c2aea5dea7255d3584ef5d595fc6e6194 /lib/private/Security | |
parent | edf8ce32cffdb920e8171207b342abbd7f1fbe73 (diff) | |
download | nextcloud-server-caff1023ea72bb2ea94130e18a2a6e2ccf819e5f.tar.gz nextcloud-server-caff1023ea72bb2ea94130e18a2a6e2ccf819e5f.zip |
Format control structures, classes, methods and function
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.
This also removes and empty lines from method/function bodies at the
beginning and end.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Diffstat (limited to 'lib/private/Security')
18 files changed, 37 insertions, 46 deletions
diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php index d8e06032ef1..c04e0e1b383 100644 --- a/lib/private/Security/Bruteforce/Throttler.php +++ b/lib/private/Security/Bruteforce/Throttler.php @@ -100,7 +100,7 @@ class Throttler { $ip, array $metadata = []) { // No need to log if the bruteforce protection is disabled - if($this->config->getSystemValue('auth.bruteforce.protection.enabled', true) === false) { + if ($this->config->getSystemValue('auth.bruteforce.protection.enabled', true) === false) { return; } @@ -126,7 +126,7 @@ class Throttler { $qb = $this->db->getQueryBuilder(); $qb->insert('bruteforce_attempts'); - foreach($values as $column => $value) { + foreach ($values as $column => $value) { $qb->setValue($column, $qb->createNamedParameter($value)); } $qb->execute(); @@ -139,7 +139,7 @@ class Throttler { * @return bool */ private function isIPWhitelisted($ip) { - if($this->config->getSystemValue('auth.bruteforce.protection.enabled', true) === false) { + if ($this->config->getSystemValue('auth.bruteforce.protection.enabled', true) === false) { return true; } @@ -175,7 +175,7 @@ class Throttler { $addr = inet_pton($addr); $valid = true; - for($i = 0; $i < $mask; $i++) { + for ($i = 0; $i < $mask; $i++) { $part = ord($addr[(int)($i/8)]); $orig = ord($ip[(int)($i/8)]); @@ -196,7 +196,6 @@ class Throttler { } return false; - } /** @@ -234,7 +233,7 @@ class Throttler { $maxDelay = 25; $firstDelay = 0.1; - if ($attempts > (8 * PHP_INT_SIZE - 1)) { + if ($attempts > (8 * PHP_INT_SIZE - 1)) { // Don't ever overflow. Just assume the maxDelay time:s $firstDelay = $maxDelay; } else { diff --git a/lib/private/Security/CSP/ContentSecurityPolicy.php b/lib/private/Security/CSP/ContentSecurityPolicy.php index 4db1314e782..4d41bd56206 100644 --- a/lib/private/Security/CSP/ContentSecurityPolicy.php +++ b/lib/private/Security/CSP/ContentSecurityPolicy.php @@ -245,5 +245,4 @@ class ContentSecurityPolicy extends \OCP\AppFramework\Http\ContentSecurityPolicy public function setReportTo(array $reportTo) { $this->reportTo = $reportTo; } - } diff --git a/lib/private/Security/CSP/ContentSecurityPolicyManager.php b/lib/private/Security/CSP/ContentSecurityPolicyManager.php index 9f1a480ccce..4245fdcb2de 100644 --- a/lib/private/Security/CSP/ContentSecurityPolicyManager.php +++ b/lib/private/Security/CSP/ContentSecurityPolicyManager.php @@ -59,7 +59,7 @@ class ContentSecurityPolicyManager implements IContentSecurityPolicyManager { $this->dispatcher->dispatch(AddContentSecurityPolicyEvent::class, $event); $defaultPolicy = new \OC\Security\CSP\ContentSecurityPolicy(); - foreach($this->policies as $policy) { + foreach ($this->policies as $policy) { $defaultPolicy = $this->mergePolicies($defaultPolicy, $policy); } return $defaultPolicy; @@ -74,9 +74,9 @@ class ContentSecurityPolicyManager implements IContentSecurityPolicyManager { */ public function mergePolicies(ContentSecurityPolicy $defaultPolicy, EmptyContentSecurityPolicy $originalPolicy): ContentSecurityPolicy { - foreach((object)(array)$originalPolicy as $name => $value) { + foreach ((object)(array)$originalPolicy as $name => $value) { $setter = 'set'.ucfirst($name); - if(\is_array($value)) { + if (\is_array($value)) { $getter = 'get'.ucfirst($name); $currentValues = \is_array($defaultPolicy->$getter()) ? $defaultPolicy->$getter() : []; $defaultPolicy->$setter(array_values(array_unique(array_merge($currentValues, $value)))); diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php index 9dec2907b2f..06f8faece13 100644 --- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php +++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php @@ -61,7 +61,7 @@ class ContentSecurityPolicyNonceManager { * @return string */ public function getNonce(): string { - if($this->nonce === '') { + if ($this->nonce === '') { if (empty($this->request->server['CSP_NONCE'])) { $this->nonce = base64_encode($this->csrfTokenManager->getToken()->getEncryptedValue()); } else { @@ -86,7 +86,7 @@ class ContentSecurityPolicyNonceManager { '/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Version\/(?:1[2-9]|[2-9][0-9])\.[0-9]+(?:\.[0-9]+)? Safari\/[0-9.A-Z]+$/', ]; - if($this->request->isUserAgent($browserWhitelist)) { + if ($this->request->isUserAgent($browserWhitelist)) { return true; } diff --git a/lib/private/Security/CSRF/CsrfToken.php b/lib/private/Security/CSRF/CsrfToken.php index 9b6b249e20f..a0ecdbd1008 100644 --- a/lib/private/Security/CSRF/CsrfToken.php +++ b/lib/private/Security/CSRF/CsrfToken.php @@ -55,7 +55,7 @@ class CsrfToken { * @return string */ public function getEncryptedValue(): string { - if($this->encryptedValue === '') { + if ($this->encryptedValue === '') { $sharedSecret = random_bytes(\strlen($this->value)); $this->encryptedValue = base64_encode($this->value ^ $sharedSecret) . ':' . base64_encode($sharedSecret); } diff --git a/lib/private/Security/CSRF/CsrfTokenManager.php b/lib/private/Security/CSRF/CsrfTokenManager.php index 8314639e8ef..2f64aeb24f4 100644 --- a/lib/private/Security/CSRF/CsrfTokenManager.php +++ b/lib/private/Security/CSRF/CsrfTokenManager.php @@ -57,11 +57,11 @@ class CsrfTokenManager { * @return CsrfToken */ public function getToken(): CsrfToken { - if(!\is_null($this->csrfToken)) { + if (!\is_null($this->csrfToken)) { return $this->csrfToken; } - if($this->sessionStorage->hasToken()) { + if ($this->sessionStorage->hasToken()) { $value = $this->sessionStorage->getToken(); } else { $value = $this->tokenGenerator->generateToken(); @@ -99,7 +99,7 @@ class CsrfTokenManager { * @return bool */ public function isTokenValid(CsrfToken $token): bool { - if(!$this->sessionStorage->hasToken()) { + if (!$this->sessionStorage->hasToken()) { return false; } diff --git a/lib/private/Security/CSRF/TokenStorage/SessionStorage.php b/lib/private/Security/CSRF/TokenStorage/SessionStorage.php index d73c8d94206..34adc566bf7 100644 --- a/lib/private/Security/CSRF/TokenStorage/SessionStorage.php +++ b/lib/private/Security/CSRF/TokenStorage/SessionStorage.php @@ -60,7 +60,7 @@ class SessionStorage { */ public function getToken(): string { $token = $this->session->get('requesttoken'); - if(empty($token)) { + if (empty($token)) { throw new \Exception('Session does not contain a requesttoken'); } diff --git a/lib/private/Security/Certificate.php b/lib/private/Security/Certificate.php index 5e6c425dbf7..cc4baeaa658 100644 --- a/lib/private/Security/Certificate.php +++ b/lib/private/Security/Certificate.php @@ -54,12 +54,12 @@ class Certificate implements ICertificate { // If string starts with "file://" ignore the certificate $query = 'file://'; - if(strtolower(substr($data, 0, strlen($query))) === $query) { + if (strtolower(substr($data, 0, strlen($query))) === $query) { throw new \Exception('Certificate could not get parsed.'); } $info = openssl_x509_parse($data); - if(!is_array($info)) { + if (!is_array($info)) { throw new \Exception('Certificate could not get parsed.'); } diff --git a/lib/private/Security/CertificateManager.php b/lib/private/Security/CertificateManager.php index 86df38625e0..e69132ff4df 100644 --- a/lib/private/Security/CertificateManager.php +++ b/lib/private/Security/CertificateManager.php @@ -87,7 +87,6 @@ class CertificateManager implements ICertificateManager { * @return \OCP\ICertificate[] */ public function listCertificates() { - if (!$this->config->getSystemValue('installed', false)) { return []; } @@ -187,7 +186,6 @@ class CertificateManager implements ICertificateManager { } catch (\Exception $e) { throw $e; } - } /** @@ -287,5 +285,4 @@ class CertificateManager implements ICertificateManager { protected function getFilemtimeOfCaBundle() { return filemtime(\OC::$SERVERROOT . '/resources/config/ca-bundle.crt'); } - } diff --git a/lib/private/Security/CredentialsManager.php b/lib/private/Security/CredentialsManager.php index 0120f69e431..ab06a807613 100644 --- a/lib/private/Security/CredentialsManager.php +++ b/lib/private/Security/CredentialsManager.php @@ -33,7 +33,6 @@ use OCP\Security\ICrypto; * @package OC\Security */ class CredentialsManager implements ICredentialsManager { - const DB_TABLE = 'credentials'; /** @var ICrypto */ @@ -122,5 +121,4 @@ class CredentialsManager implements ICredentialsManager { ; return $qb->execute(); } - } diff --git a/lib/private/Security/Crypto.php b/lib/private/Security/Crypto.php index ca17b6e2b8a..19258d2018e 100644 --- a/lib/private/Security/Crypto.php +++ b/lib/private/Security/Crypto.php @@ -70,7 +70,7 @@ class Crypto implements ICrypto { * @return string Calculated HMAC */ public function calculateHMAC(string $message, string $password = ''): string { - if($password === '') { + if ($password === '') { $password = $this->config->getSystemValue('secret'); } @@ -89,7 +89,7 @@ class Crypto implements ICrypto { * @return string Authenticated ciphertext */ public function encrypt(string $plaintext, string $password = ''): string { - if($password === '') { + if ($password === '') { $password = $this->config->getSystemValue('secret'); } $this->cipher->setPassword($password); @@ -139,5 +139,4 @@ class Crypto implements ICrypto { return $result; } - } diff --git a/lib/private/Security/FeaturePolicy/FeaturePolicy.php b/lib/private/Security/FeaturePolicy/FeaturePolicy.php index b59d873b533..93556708789 100644 --- a/lib/private/Security/FeaturePolicy/FeaturePolicy.php +++ b/lib/private/Security/FeaturePolicy/FeaturePolicy.php @@ -27,7 +27,6 @@ declare(strict_types=1); namespace OC\Security\FeaturePolicy; class FeaturePolicy extends \OCP\AppFramework\Http\FeaturePolicy { - public function getAutoplayDomains(): array { return $this->autoplayDomains; } diff --git a/lib/private/Security/Hasher.php b/lib/private/Security/Hasher.php index 9850dbe1467..8c081414353 100644 --- a/lib/private/Security/Hasher.php +++ b/lib/private/Security/Hasher.php @@ -79,7 +79,7 @@ class Hasher implements IHasher { } $hashingCost = $this->config->getSystemValue('hashingCost', null); - if(!\is_null($hashingCost)) { + if (!\is_null($hashingCost)) { $this->options['cost'] = $hashingCost; } } @@ -113,8 +113,8 @@ class Hasher implements IHasher { */ protected function splitHash(string $prefixedHash) { $explodedString = explode('|', $prefixedHash, 2); - if(\count($explodedString) === 2) { - if((int)$explodedString[0] > 0) { + if (\count($explodedString) === 2) { + if ((int)$explodedString[0] > 0) { return ['version' => (int)$explodedString[0], 'hash' => $explodedString[1]]; } } @@ -130,13 +130,13 @@ class Hasher implements IHasher { * @return bool Whether $hash is a valid hash of $message */ protected function legacyHashVerify($message, $hash, &$newHash = null): bool { - if(empty($this->legacySalt)) { + if (empty($this->legacySalt)) { $this->legacySalt = $this->config->getSystemValue('passwordsalt', ''); } // Verify whether it matches a legacy PHPass or SHA1 string $hashLength = \strlen($hash); - if(($hashLength === 60 && password_verify($message.$this->legacySalt, $hash)) || + if (($hashLength === 60 && password_verify($message.$this->legacySalt, $hash)) || ($hashLength === 40 && hash_equals($hash, sha1($message)))) { $newHash = $this->hash($message); return true; @@ -155,7 +155,7 @@ class Hasher implements IHasher { * @return bool Whether $hash is a valid hash of $message */ protected function verifyHash(string $message, string $hash, &$newHash = null): bool { - if(password_verify($message, $hash)) { + if (password_verify($message, $hash)) { if ($this->needsRehash($hash)) { $newHash = $this->hash($message); } @@ -174,7 +174,7 @@ class Hasher implements IHasher { public function verify(string $message, string $hash, &$newHash = null): bool { $splittedHash = $this->splitHash($hash); - if(isset($splittedHash['version'])) { + if (isset($splittedHash['version'])) { switch ($splittedHash['version']) { case 3: case 2: @@ -211,5 +211,4 @@ class Hasher implements IHasher { return $default; } - } diff --git a/lib/private/Security/IdentityProof/Manager.php b/lib/private/Security/IdentityProof/Manager.php index 2c101769f18..abbda2f11eb 100644 --- a/lib/private/Security/IdentityProof/Manager.php +++ b/lib/private/Security/IdentityProof/Manager.php @@ -104,7 +104,8 @@ class Manager { // Write the private and public key to the disk try { $this->appData->newFolder($id); - } catch (\Exception $e) {} + } catch (\Exception $e) { + } $folder = $this->appData->getFolder($id); $folder->newFile('private') ->putContent($this->crypto->encrypt($privateKey)); @@ -167,6 +168,4 @@ class Manager { } $this->logger->critical('Something is wrong with your openssl setup: ' . implode(', ', $errors)); } - - } diff --git a/lib/private/Security/IdentityProof/Signer.php b/lib/private/Security/IdentityProof/Signer.php index c5410397a27..9f6b27d358f 100644 --- a/lib/private/Security/IdentityProof/Signer.php +++ b/lib/private/Security/IdentityProof/Signer.php @@ -83,7 +83,7 @@ class Signer { * @return bool */ public function verify(array $data): bool { - if(isset($data['message']) + if (isset($data['message']) && isset($data['signature']) && isset($data['message']['signer']) ) { @@ -91,7 +91,7 @@ class Signer { $userId = substr($data['message']['signer'], 0, $location); $user = $this->userManager->get($userId); - if($user !== null) { + if ($user !== null) { $key = $this->keyManager->getKey($user); return (bool)openssl_verify( json_encode($data['message']), diff --git a/lib/private/Security/RateLimiting/Backend/MemoryCache.php b/lib/private/Security/RateLimiting/Backend/MemoryCache.php index 2d4ff9812f5..ce8bacfb588 100644 --- a/lib/private/Security/RateLimiting/Backend/MemoryCache.php +++ b/lib/private/Security/RateLimiting/Backend/MemoryCache.php @@ -75,7 +75,7 @@ class MemoryCache implements IBackend { } $cachedAttempts = json_decode($cachedAttempts, true); - if(\is_array($cachedAttempts)) { + if (\is_array($cachedAttempts)) { return $cachedAttempts; } @@ -95,7 +95,7 @@ class MemoryCache implements IBackend { $currentTime = $this->timeFactory->getTime(); /** @var array $existingAttempts */ foreach ($existingAttempts as $attempt) { - if(($attempt + $seconds) > $currentTime) { + if (($attempt + $seconds) > $currentTime) { $count++; } } @@ -115,7 +115,7 @@ class MemoryCache implements IBackend { // Unset all attempts older than $period foreach ($existingAttempts as $key => $attempt) { - if(($attempt + $period) < $currentTime) { + if (($attempt + $period) < $currentTime) { unset($existingAttempts[$key]); } } diff --git a/lib/private/Security/SecureRandom.php b/lib/private/Security/SecureRandom.php index 0e3411f8ab6..4826399ff5b 100644 --- a/lib/private/Security/SecureRandom.php +++ b/lib/private/Security/SecureRandom.php @@ -51,7 +51,7 @@ class SecureRandom implements ISecureRandom { $maxCharIndex = \strlen($characters) - 1; $randomString = ''; - while($length > 0) { + while ($length > 0) { $randomNumber = \random_int(0, $maxCharIndex); $randomString .= $characters[$randomNumber]; $length--; diff --git a/lib/private/Security/TrustedDomainHelper.php b/lib/private/Security/TrustedDomainHelper.php index c1789da6ad7..320646e1b7f 100644 --- a/lib/private/Security/TrustedDomainHelper.php +++ b/lib/private/Security/TrustedDomainHelper.php @@ -98,7 +98,9 @@ class TrustedDomainHelper { if (gettype($trusted) !== 'string') { break; } - $regex = '/^' . implode('[-\.a-zA-Z0-9]*', array_map(function ($v) { return preg_quote($v, '/'); }, explode('*', $trusted))) . '$/i'; + $regex = '/^' . implode('[-\.a-zA-Z0-9]*', array_map(function ($v) { + return preg_quote($v, '/'); + }, explode('*', $trusted))) . '$/i'; if (preg_match($regex, $domain) || preg_match($regex, $domainWithPort)) { return true; } |