diff options
author | Lukas Reschke <lukas@statuscode.ch> | 2016-12-21 13:03:13 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-12-21 13:03:13 +0100 |
commit | 091bf07385a6e850383ee8364e282a5bbac6adc2 (patch) | |
tree | b131cd3760bc11f1a41de6844c624c9033705b3d /lib | |
parent | 0d138c85915d3ae80de27d73da4ff1fafb1dd1cd (diff) | |
parent | 3eb3e437c8a0520192ec7c1018d4d1c55e780dc0 (diff) | |
download | nextcloud-server-091bf07385a6e850383ee8364e282a5bbac6adc2.tar.gz nextcloud-server-091bf07385a6e850383ee8364e282a5bbac6adc2.zip |
Merge pull request #2724 from nextcloud/fix-23591
[downstream] Report failures for SignApp and SignCore
Diffstat (limited to 'lib')
-rw-r--r-- | lib/private/IntegrityCheck/Checker.php | 48 | ||||
-rw-r--r-- | lib/private/IntegrityCheck/Helpers/FileAccessHelper.php | 29 |
2 files changed, 59 insertions, 18 deletions
diff --git a/lib/private/IntegrityCheck/Checker.php b/lib/private/IntegrityCheck/Checker.php index cba290e6aa7..419f989fa0f 100644 --- a/lib/private/IntegrityCheck/Checker.php +++ b/lib/private/IntegrityCheck/Checker.php @@ -267,16 +267,23 @@ class Checker { public function writeAppSignature($path, X509 $certificate, RSA $privateKey) { - if(!is_dir($path)) { - throw new \Exception('Directory does not exist.'); - } - $iterator = $this->getFolderIterator($path); - $hashes = $this->generateHashes($iterator, $path); - $signature = $this->createSignatureData($hashes, $certificate, $privateKey); - $this->fileAccessHelper->file_put_contents( - $path . '/appinfo/signature.json', + $appInfoDir = $path . '/appinfo'; + try { + $this->fileAccessHelper->assertDirectoryExists($appInfoDir); + + $iterator = $this->getFolderIterator($path); + $hashes = $this->generateHashes($iterator, $path); + $signature = $this->createSignatureData($hashes, $certificate, $privateKey); + $this->fileAccessHelper->file_put_contents( + $appInfoDir . '/signature.json', json_encode($signature, JSON_PRETTY_PRINT) - ); + ); + } catch (\Exception $e){ + if (!$this->fileAccessHelper->is_writable($appInfoDir)) { + throw new \Exception($appInfoDir . ' is not writable'); + } + throw $e; + } } /** @@ -285,17 +292,28 @@ class Checker { * @param X509 $certificate * @param RSA $rsa * @param string $path + * @throws \Exception */ public function writeCoreSignature(X509 $certificate, RSA $rsa, $path) { - $iterator = $this->getFolderIterator($path, $path); - $hashes = $this->generateHashes($iterator, $path); - $signatureData = $this->createSignatureData($hashes, $certificate, $rsa); - $this->fileAccessHelper->file_put_contents( - $path . '/core/signature.json', + $coreDir = $path . '/core'; + try { + + $this->fileAccessHelper->assertDirectoryExists($coreDir); + $iterator = $this->getFolderIterator($path, $path); + $hashes = $this->generateHashes($iterator, $path); + $signatureData = $this->createSignatureData($hashes, $certificate, $rsa); + $this->fileAccessHelper->file_put_contents( + $coreDir . '/signature.json', json_encode($signatureData, JSON_PRETTY_PRINT) - ); + ); + } catch (\Exception $e){ + if (!$this->fileAccessHelper->is_writable($coreDir)) { + throw new \Exception($coreDir . ' is not writable'); + } + throw $e; + } } /** diff --git a/lib/private/IntegrityCheck/Helpers/FileAccessHelper.php b/lib/private/IntegrityCheck/Helpers/FileAccessHelper.php index 9e2b76ce11a..a7e378c165e 100644 --- a/lib/private/IntegrityCheck/Helpers/FileAccessHelper.php +++ b/lib/private/IntegrityCheck/Helpers/FileAccessHelper.php @@ -53,10 +53,33 @@ class FileAccessHelper { * Wrapper around file_put_contents($filename, $data) * * @param string $filename - * @param $data - * @return int|false + * @param string $data + * @return int + * @throws \Exception */ public function file_put_contents($filename, $data) { - return file_put_contents($filename, $data); + $bytesWritten = @file_put_contents($filename, $data); + if ($bytesWritten === false || $bytesWritten !== strlen($data)){ + throw new \Exception('Failed to write into ' . $filename); + } + return $bytesWritten; + } + + /** + * @param string $path + * @return bool + */ + public function is_writable($path) { + return is_writable($path); + } + + /** + * @param string $path + * @throws \Exception + */ + public function assertDirectoryExists($path) { + if (!is_dir($path)) { + throw new \Exception('Directory ' . $path . ' does not exist.'); + } } } |