diff options
Diffstat (limited to 'lib/private/Config.php')
| -rw-r--r-- | lib/private/Config.php | 173 |
1 files changed, 114 insertions, 59 deletions
diff --git a/lib/private/Config.php b/lib/private/Config.php index a6c4acb7d96..a9eb58a1866 100644 --- a/lib/private/Config.php +++ b/lib/private/Config.php @@ -1,44 +1,14 @@ <?php + /** - * @copyright Copyright (c) 2016, ownCloud, Inc. - * - * @author Adam Williamson <awilliam@redhat.com> - * @author Aldo "xoen" Giambelluca <xoen@xoen.org> - * @author Bart Visscher <bartv@thisnet.nl> - * @author Brice Maron <brice@bmaron.net> - * @author Christoph Wurst <christoph@winzerhof-wurst.at> - * @author Daniel Kesselberg <mail@danielkesselberg.de> - * @author Frank Karlitschek <frank@karlitschek.de> - * @author Jakob Sack <mail@jakobsack.de> - * @author Jan-Christoph Borchardt <hey@jancborchardt.net> - * @author Joas Schilling <coding@schilljs.com> - * @author John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com> - * @author Lukas Reschke <lukas@statuscode.ch> - * @author Michael Gapczynski <GapczynskiM@gmail.com> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Philipp Schaffrath <github@philipp.schaffrath.email> - * @author Robin Appelman <robin@icewind.nl> - * @author Robin McCorkell <robin@mccorkell.me.uk> - * @author Roeland Jago Douma <roeland@famdouma.nl> - * - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * + * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors + * SPDX-FileCopyrightText: 2016 ownCloud, Inc. + * SPDX-License-Identifier: AGPL-3.0-only */ - namespace OC; +use OCP\HintException; + /** * This class is responsible for reading and writing config.php, the very basic * configuration file of Nextcloud. @@ -56,6 +26,8 @@ class Config { protected $configFilePath; /** @var string */ protected $configFileName; + /** @var bool */ + protected $isReadOnly; /** * @param string $configDir Path to the config dir, needs to end with '/' @@ -63,9 +35,10 @@ class Config { */ public function __construct($configDir, $fileName = 'config.php') { $this->configDir = $configDir; - $this->configFilePath = $this->configDir.$fileName; + $this->configFilePath = $this->configDir . $fileName; $this->configFileName = $fileName; $this->readData(); + $this->isReadOnly = $this->getValue('config_is_read_only', false); } /** @@ -76,7 +49,7 @@ class Config { * @return array an array of key names */ public function getKeys() { - return array_keys($this->cache); + return array_merge(array_keys($this->cache), array_keys($this->envCache)); } /** @@ -91,23 +64,43 @@ class Config { * @return mixed the value or $default */ public function getValue($key, $default = null) { - $envKey = self::ENV_PREFIX . $key; - if (isset($this->envCache[$envKey])) { - return $this->envCache[$envKey]; + if (isset($this->envCache[$key])) { + return self::trustSystemConfig($this->envCache[$key]); } if (isset($this->cache[$key])) { - return $this->cache[$key]; + return self::trustSystemConfig($this->cache[$key]); } return $default; } /** + * Since system config is admin controlled, we can tell psalm to ignore any taint + * + * @psalm-taint-escape callable + * @psalm-taint-escape cookie + * @psalm-taint-escape file + * @psalm-taint-escape has_quotes + * @psalm-taint-escape header + * @psalm-taint-escape html + * @psalm-taint-escape include + * @psalm-taint-escape ldap + * @psalm-taint-escape shell + * @psalm-taint-escape sql + * @psalm-taint-escape unserialize + * @psalm-pure + */ + public static function trustSystemConfig(mixed $value): mixed { + return $value; + } + + /** * Sets and deletes values and writes the config.php * * @param array $configs Associative array with `key => value` pairs * If value is null, the config key will be deleted + * @throws HintException */ public function setValues(array $configs) { $needsUpdate = false; @@ -130,6 +123,7 @@ class Config { * * @param string $key key * @param mixed $value value + * @throws HintException */ public function setValue($key, $value) { if ($this->set($key, $value)) { @@ -144,6 +138,7 @@ class Config { * @param string $key key * @param mixed $value value * @return bool True if the file needs to be updated, false otherwise + * @throws HintException */ protected function set($key, $value) { if (!isset($this->cache[$key]) || $this->cache[$key] !== $value) { @@ -157,7 +152,9 @@ class Config { /** * Removes a key from the config and removes it from config.php if required + * * @param string $key + * @throws HintException */ public function deleteKey($key) { if ($this->delete($key)) { @@ -171,6 +168,7 @@ class Config { * * @param string $key * @return bool True if the file needs to be updated, false otherwise + * @throws HintException */ protected function delete($key) { if (isset($this->cache[$key])) { @@ -193,7 +191,7 @@ class Config { $configFiles = [$this->configFilePath]; // Add all files in the config dir ending with the same file name - $extra = glob($this->configDir.'*.'.$this->configFileName); + $extra = glob($this->configDir . '*.' . $this->configFileName); if (is_array($extra)) { natsort($extra); $configFiles = array_merge($configFiles, $extra); @@ -201,13 +199,25 @@ class Config { // Include file and merge config foreach ($configFiles as $file) { - $fileExistsAndIsReadable = file_exists($file) && is_readable($file); - $filePointer = $fileExistsAndIsReadable ? fopen($file, 'r') : false; - if ($file === $this->configFilePath && - $filePointer === false) { - // Opening the main config might not be possible, e.g. if the wrong - // permissions are set (likely on a new installation) - continue; + unset($CONFIG); + + // Invalidate opcache (only if the timestamp changed) + if (function_exists('opcache_invalidate')) { + @opcache_invalidate($file, false); + } + + // suppressor doesn't work here at boot time since it'll go via our onError custom error handler + $filePointer = file_exists($file) ? @fopen($file, 'r') : false; + if ($filePointer === false) { + // e.g. wrong permissions are set + if ($file === $this->configFilePath) { + // opening the main config file might not be possible + // (likely on a new installation) + continue; + } + + http_response_code(500); + die(sprintf('FATAL: Could not open the config file %s', $file)); } // Try to acquire a file lock @@ -215,18 +225,37 @@ class Config { throw new \Exception(sprintf('Could not acquire a shared lock on the config file %s', $file)); } - unset($CONFIG); - include $file; + try { + include $file; + } finally { + // Close the file pointer and release the lock + flock($filePointer, LOCK_UN); + fclose($filePointer); + } + + if (!defined('PHPUNIT_RUN') && headers_sent()) { + // syntax issues in the config file like leading spaces causing PHP to send output + $errorMessage = sprintf('Config file has leading content, please remove everything before "<?php" in %s', basename($file)); + if (!defined('OC_CONSOLE')) { + print(\OCP\Util::sanitizeHTML($errorMessage)); + } + throw new \Exception($errorMessage); + } if (isset($CONFIG) && is_array($CONFIG)) { $this->cache = array_merge($this->cache, $CONFIG); } - - // Close the file pointer and release the lock - flock($filePointer, LOCK_UN); - fclose($filePointer); } - $this->envCache = getenv(); + // grab any "NC_" environment variables + $envRaw = getenv(); + // only save environment variables prefixed with "NC_" in the cache + $envPrefixLen = strlen(self::ENV_PREFIX); + foreach ($envRaw as $rawEnvKey => $rawEnvValue) { + if (str_starts_with($rawEnvKey, self::ENV_PREFIX)) { + $realKey = substr($rawEnvKey, $envPrefixLen); + $this->envCache[$realKey] = $rawEnvValue; + } + } } /** @@ -237,11 +266,17 @@ class Config { * @throws HintException If the config file cannot be written to * @throws \Exception If no file lock can be acquired */ - private function writeData() { + private function writeData(): void { + $this->checkReadOnly(); + + if (!is_file(\OC::$configDir . '/CAN_INSTALL') && !isset($this->cache['version'])) { + throw new HintException(sprintf('Configuration was not read or initialized correctly, not overwriting %s', $this->configFilePath)); + } + // Create a php file ... $content = "<?php\n"; $content .= '$CONFIG = '; - $content .= var_export($this->cache, true); + $content .= var_export(self::trustSystemConfig($this->cache), true); $content .= ";\n"; touch($this->configFilePath); @@ -257,6 +292,15 @@ class Config { 'This can usually be fixed by giving the webserver write access to the config directory.'); } + // Never write file back if disk space should be too low + if (function_exists('disk_free_space')) { + $df = disk_free_space($this->configDir); + $size = strlen($content) + 10240; + if ($df !== false && $df < (float)$size) { + throw new \Exception($this->configDir . ' does not have enough space for writing the config file! Not writing it back!'); + } + } + // Try to acquire a file lock if (!flock($filePointer, LOCK_EX)) { throw new \Exception(sprintf('Could not acquire an exclusive lock on the config file %s', $this->configFilePath)); @@ -273,4 +317,15 @@ class Config { @opcache_invalidate($this->configFilePath, true); } } + + /** + * @throws HintException + */ + private function checkReadOnly(): void { + if ($this->isReadOnly) { + throw new HintException( + 'Config is set to be read-only via option "config_is_read_only".', + 'Unset "config_is_read_only" to allow changes to the config file.'); + } + } } |