summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--core/Command/Integrity/CheckApp.php2
-rw-r--r--core/Command/Integrity/CheckCore.php5
-rw-r--r--core/Command/Upgrade.php2
-rw-r--r--lib/private/IntegrityCheck/Checker.php29
-rw-r--r--lib/private/Server.php1
-rw-r--r--tests/lib/IntegrityCheck/CheckerTest.php2
6 files changed, 20 insertions, 21 deletions
diff --git a/core/Command/Integrity/CheckApp.php b/core/Command/Integrity/CheckApp.php
index 7bf92001cc8..b95d879941e 100644
--- a/core/Command/Integrity/CheckApp.php
+++ b/core/Command/Integrity/CheckApp.php
@@ -70,7 +70,7 @@ class CheckApp extends Base {
protected function execute(InputInterface $input, OutputInterface $output): int {
$appid = $input->getArgument('appid');
$path = (string)$input->getOption('path');
- $result = $this->checker->verifyAppSignature($appid, $path);
+ $result = $this->checker->verifyAppSignature($appid, $path, true);
$this->writeArrayInOutputFormat($input, $output, $result);
if (count($result) > 0) {
return 1;
diff --git a/core/Command/Integrity/CheckCore.php b/core/Command/Integrity/CheckCore.php
index 6f319abdf74..cca72535f36 100644
--- a/core/Command/Integrity/CheckCore.php
+++ b/core/Command/Integrity/CheckCore.php
@@ -61,6 +61,11 @@ class CheckCore extends Base {
* {@inheritdoc }
*/
protected function execute(InputInterface $input, OutputInterface $output): int {
+ if (!$this->checker->isCodeCheckEnforced()) {
+ $output->writeln('<comment>integrity:check-core can not be used on git checkouts</comment>');
+ return 2;
+ }
+
$result = $this->checker->verifyCoreSignature();
$this->writeArrayInOutputFormat($input, $output, $result);
if (count($result) > 0) {
diff --git a/core/Command/Upgrade.php b/core/Command/Upgrade.php
index b5361382190..7ab5fe8e5fd 100644
--- a/core/Command/Upgrade.php
+++ b/core/Command/Upgrade.php
@@ -263,7 +263,7 @@ class Upgrade extends Command {
return self::ERROR_SUCCESS;
} elseif ($this->config->getSystemValueBool('maintenance')) {
//Possible scenario: Nextcloud core is updated but an app failed
- $output->writeln('<warning>Nextcloud is in maintenance mode</warning>');
+ $output->writeln('<comment>Nextcloud is in maintenance mode</comment>');
$output->write('<comment>Maybe an upgrade is already in process. Please check the '
. 'logfile (data/nextcloud.log). If you want to re-run the '
. 'upgrade procedure, remove the "maintenance mode" from '
diff --git a/lib/private/IntegrityCheck/Checker.php b/lib/private/IntegrityCheck/Checker.php
index 504cd391c42..fc28d0e7393 100644
--- a/lib/private/IntegrityCheck/Checker.php
+++ b/lib/private/IntegrityCheck/Checker.php
@@ -44,7 +44,6 @@ use OCP\Files\IMimeTypeDetector;
use OCP\ICache;
use OCP\ICacheFactory;
use OCP\IConfig;
-use OCP\ITempManager;
use phpseclib\Crypt\RSA;
use phpseclib\File\X509;
@@ -66,14 +65,12 @@ class Checker {
private $appLocator;
/** @var FileAccessHelper */
private $fileAccessHelper;
- /** @var IConfig */
+ /** @var IConfig|null */
private $config;
/** @var ICache */
private $cache;
- /** @var IAppManager */
+ /** @var IAppManager|null */
private $appManager;
- /** @var ITempManager */
- private $tempManager;
/** @var IMimeTypeDetector */
private $mimeTypeDetector;
@@ -81,19 +78,17 @@ class Checker {
* @param EnvironmentHelper $environmentHelper
* @param FileAccessHelper $fileAccessHelper
* @param AppLocator $appLocator
- * @param IConfig $config
+ * @param IConfig|null $config
* @param ICacheFactory $cacheFactory
- * @param IAppManager $appManager
- * @param ITempManager $tempManager
+ * @param IAppManager|null $appManager
* @param IMimeTypeDetector $mimeTypeDetector
*/
public function __construct(EnvironmentHelper $environmentHelper,
FileAccessHelper $fileAccessHelper,
AppLocator $appLocator,
- IConfig $config = null,
+ ?IConfig $config,
ICacheFactory $cacheFactory,
- IAppManager $appManager = null,
- ITempManager $tempManager,
+ ?IAppManager $appManager,
IMimeTypeDetector $mimeTypeDetector) {
$this->environmentHelper = $environmentHelper;
$this->fileAccessHelper = $fileAccessHelper;
@@ -101,7 +96,6 @@ class Checker {
$this->config = $config;
$this->cache = $cacheFactory->createDistributed(self::CACHE_KEY);
$this->appManager = $appManager;
- $this->tempManager = $tempManager;
$this->mimeTypeDetector = $mimeTypeDetector;
}
@@ -311,12 +305,13 @@ class Checker {
* @param string $signaturePath
* @param string $basePath
* @param string $certificateCN
+ * @param bool $forceVerify
* @return array
* @throws InvalidSignatureException
* @throws \Exception
*/
- private function verify(string $signaturePath, string $basePath, string $certificateCN): array {
- if (!$this->isCodeCheckEnforced()) {
+ private function verify(string $signaturePath, string $basePath, string $certificateCN, bool $forceVerify = false): array {
+ if (!$forceVerify && !$this->isCodeCheckEnforced()) {
return [];
}
@@ -495,9 +490,10 @@ class Checker {
*
* @param string $appId
* @param string $path Optional path. If none is given it will be guessed.
+ * @param bool $forceVerify
* @return array
*/
- public function verifyAppSignature(string $appId, string $path = ''): array {
+ public function verifyAppSignature(string $appId, string $path = '', bool $forceVerify = false): array {
try {
if ($path === '') {
$path = $this->appLocator->getAppPath($appId);
@@ -505,7 +501,8 @@ class Checker {
$result = $this->verify(
$path . '/appinfo/signature.json',
$path,
- $appId
+ $appId,
+ $forceVerify
);
} catch (\Exception $e) {
$result = [
diff --git a/lib/private/Server.php b/lib/private/Server.php
index 680eea3beca..1114e60f475 100644
--- a/lib/private/Server.php
+++ b/lib/private/Server.php
@@ -942,7 +942,6 @@ class Server extends ServerContainer implements IServerContainer {
$config,
$c->get(ICacheFactory::class),
$appManager,
- $c->get(ITempManager::class),
$c->get(IMimeTypeDetector::class)
);
});
diff --git a/tests/lib/IntegrityCheck/CheckerTest.php b/tests/lib/IntegrityCheck/CheckerTest.php
index 995b0c68e30..bc1987bedab 100644
--- a/tests/lib/IntegrityCheck/CheckerTest.php
+++ b/tests/lib/IntegrityCheck/CheckerTest.php
@@ -77,7 +77,6 @@ class CheckerTest extends TestCase {
$this->config,
$this->cacheFactory,
$this->appManager,
- \OC::$server->getTempManager(),
$this->mimeTypeDetector
);
}
@@ -1279,7 +1278,6 @@ class CheckerTest extends TestCase {
$this->config,
$this->cacheFactory,
$this->appManager,
- \OC::$server->getTempManager(),
$this->mimeTypeDetector,
])
->setMethods([