diff options
| author | Lukas Reschke <lukas@owncloud.com> | 2016-01-20 23:05:37 +0100 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2016-01-22 11:51:54 +0100 |
| commit | bc62aa1ef564119d0a51c8140d0340c7d8dfa4d6 (patch) | |
| tree | eb6ef80f5bc688473e83a8c209330e7018fed3b2 /lib/private/integritycheck | |
| parent | 6a3efc6f1bb53bc87f0058d1399689715ded219a (diff) | |
| download | nextcloud-server-bc62aa1ef564119d0a51c8140d0340c7d8dfa4d6.tar.gz nextcloud-server-bc62aa1ef564119d0a51c8140d0340c7d8dfa4d6.zip | |
Exclude .htaccess modifications from code checker
After the initial installation ownCloud will write some content into the .htaccess file such as the 404 or 403 directives. This adds a magic marker into the .htaccess file and only the content above this marker will be compared in the integrity checker.
Diffstat (limited to 'lib/private/integritycheck')
3 files changed, 21 insertions, 3 deletions
diff --git a/lib/private/integritycheck/checker.php b/lib/private/integritycheck/checker.php index 0cd01df7fe1..4c6e114dc23 100644 --- a/lib/private/integritycheck/checker.php +++ b/lib/private/integritycheck/checker.php @@ -149,16 +149,33 @@ class Checker { } $relativeFileName = substr($filename, $baseDirectoryLength); + $relativeFileName = ltrim($relativeFileName, '/'); // Exclude signature.json files in the appinfo and root folder - if($relativeFileName === '/appinfo/signature.json') { + if($relativeFileName === 'appinfo/signature.json') { continue; } // Exclude signature.json files in the appinfo and core folder - if($relativeFileName === '/core/signature.json') { + if($relativeFileName === 'core/signature.json') { continue; } + // The .htaccess file in the root folder of ownCloud can contain + // custom content after the installation due to the fact that dynamic + // content is written into it at installation time as well. This + // includes for example the 404 and 403 instructions. + // Thus we ignore everything below the first occurrence of + // "#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####" and have the + // hash generated based on this. + if($filename === $this->environmentHelper->getServerRoot() . '/.htaccess') { + $fileContent = file_get_contents($filename); + $explodedArray = explode('#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####', $fileContent); + if(count($explodedArray) === 2) { + $hashes[$relativeFileName] = hash('sha512', $explodedArray[0]); + continue; + } + } + $hashes[$relativeFileName] = hash_file('sha512', $filename); } return $hashes; diff --git a/lib/private/integritycheck/helpers/environmenthelper.php b/lib/private/integritycheck/helpers/environmenthelper.php index 8bddcb3d794..f56f07486c2 100644 --- a/lib/private/integritycheck/helpers/environmenthelper.php +++ b/lib/private/integritycheck/helpers/environmenthelper.php @@ -34,7 +34,7 @@ class EnvironmentHelper { * @return string */ public function getServerRoot() { - return \OC::$SERVERROOT; + return rtrim(\OC::$SERVERROOT, '/'); } /** diff --git a/lib/private/integritycheck/iterator/excludefoldersbypathfilteriterator.php b/lib/private/integritycheck/iterator/excludefoldersbypathfilteriterator.php index efe7c114d9e..c3994197fc6 100644 --- a/lib/private/integritycheck/iterator/excludefoldersbypathfilteriterator.php +++ b/lib/private/integritycheck/iterator/excludefoldersbypathfilteriterator.php @@ -35,6 +35,7 @@ class ExcludeFoldersByPathFilterIterator extends \RecursiveFilterIterator { $this->excludedFolders = array_merge([ rtrim(\OC::$server->getConfig()->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data'), '/'), rtrim(\OC::$SERVERROOT.'/themes', '/'), + rtrim(\OC::$SERVERROOT.'/config', '/'), ], $appFolders); } |