Add hidden config switch to disable code integrity checking

This adds a hidden config flag that allows somebody to disable the code integrity check. If `integrity.check.disabled` is set to `true` in the config file:

1. The integrity check functions will return always an empty result
2. The integrity check is not performed when installing apps
3. The integrity check is not performed when updating apps
4. The integrity check is not performed when updating the core

Furthermore this adds support for a list of channels that the code checker will run on. At the moment this is only stable because I didn't want to break any build scripts that we have. Once we have a proper CA setup and updated the build process to sign the releases we can add the RC, alpha, beta as well as daily releases. So everything except "git" basically.

3 files changed, 43 insertions, 2 deletions

diff --git a/lib/private/integritycheck/checker.php b/lib/private/integritycheck/checker.php
index edfe6b082e7..8748c398388 100644
--- a/lib/private/integritycheck/checker.php
+++ b/lib/private/integritycheck/checker.php
@@ -82,6 +82,34 @@ class Checker {
 	}
 
 	/**
+	 * Whether code signing is enforced or not.
+	 *
+	 * @return bool
+	 */
+	public function isCodeCheckEnforced() {
+		// FIXME: Once the signing server is instructed to sign daily, beta and
+		// RCs as well these need to be included also.
+		$signedChannels = [
+			'stable',
+		];
+		if(!in_array($this->environmentHelper->getChannel(), $signedChannels, true)) {
+			return false;
+		}
+
+		/**
+		 * This config option is undocumented and supposed to be so, it's only
+		 * applicable for very specific scenarios and we should not advertise it
+		 * too prominent. So please do not add it to config.sample.php.
+		 */
+		$isIntegrityCheckDisabled = $this->config->getSystemValue('integrity.check.disabled', false);
+		if($isIntegrityCheckDisabled === true) {
+			return false;
+		}
+
+		return true;
+	}
+
+	/**
 	 * Enumerates all files belonging to the folder. Sensible defaults are excluded.
 	 *
 	 * @param string $folderToIterate
@@ -209,6 +237,10 @@ class Checker {
 	 * @throws \Exception
 	 */
 	private function verify($signaturePath, $basePath, $certificateCN) {
+		if(!$this->isCodeCheckEnforced()) {
+			return [];
+		}
+
 		$signatureData = json_decode($this->fileAccessHelper->file_get_contents($signaturePath), true);
 		if(!is_array($signatureData)) {
 			throw new InvalidSignatureException('Signature data not found.');
diff --git a/lib/private/integritycheck/helpers/environmenthelper.php b/lib/private/integritycheck/helpers/environmenthelper.php
index d7747dbb966..7cfebdea46d 100644
--- a/lib/private/integritycheck/helpers/environmenthelper.php
+++ b/lib/private/integritycheck/helpers/environmenthelper.php
@@ -36,4 +36,13 @@ class EnvironmentHelper {
 	public function getServerRoot() {
 		return \OC::$SERVERROOT;
 	}
+
+	/**
+	 * Provides \OC_Util::getChannel()
+	 *
+	 * @return string
+	 */
+	public function getChannel() {
+		return \OC_Util::getChannel();
+	}
 }
diff --git a/lib/private/updater.php b/lib/private/updater.php
index 9ec72bab2f9..f2a24976e9a 100644
--- a/lib/private/updater.php
+++ b/lib/private/updater.php
@@ -345,8 +345,8 @@ class Updater extends BasicEmitter {
 			//Invalidate update feed
 			$this->config->setAppValue('core', 'lastupdatedat', 0);
 
-			// Check for code integrity on the stable channel
-			if(\OC_Util::getChannel() === 'stable') {
+			// Check for code integrity if not disabled
+			if(\OC::$server->getIntegrityCodeChecker()->isCodeCheckEnforced()) {
 				$this->emit('\OC\Updater', 'startCheckCodeIntegrity');
 				$this->checker->runInstanceVerification();
 				$this->emit('\OC\Updater', 'finishedCheckCodeIntegrity');