aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private
diff options
context:
space:
mode:
Diffstat (limited to 'lib/private')
-rw-r--r--lib/private/AppFramework/Http/Request.php47
-rw-r--r--lib/private/Files/Cache/CacheQueryBuilder.php2
-rw-r--r--lib/private/Files/SetupManager.php12
-rw-r--r--lib/private/Files/Storage/DAV.php4
-rw-r--r--lib/private/Files/Utils/Scanner.php8
-rw-r--r--lib/private/Setup/AbstractDatabase.php1
6 files changed, 45 insertions, 29 deletions
diff --git a/lib/private/AppFramework/Http/Request.php b/lib/private/AppFramework/Http/Request.php
index e662cb8679a..7cc7467675c 100644
--- a/lib/private/AppFramework/Http/Request.php
+++ b/lib/private/AppFramework/Http/Request.php
@@ -14,6 +14,7 @@ use OC\Security\TrustedDomainHelper;
use OCP\IConfig;
use OCP\IRequest;
use OCP\IRequestId;
+use Psr\Log\LoggerInterface;
use Symfony\Component\HttpFoundation\IpUtils;
/**
@@ -627,36 +628,46 @@ class Request implements \ArrayAccess, \Countable, IRequest {
/**
* Returns the server protocol. It respects one or more reverse proxies servers
- * and load balancers
+ * and load balancers. Precedence:
+ * 1. `overwriteprotocol` config value
+ * 2. `X-Forwarded-Proto` header value
+ * 3. $_SERVER['HTTPS'] value
+ * If an invalid protocol is provided, defaults to http, continues, but logs as an error.
+ *
* @return string Server protocol (http or https)
*/
public function getServerProtocol(): string {
- if ($this->config->getSystemValueString('overwriteprotocol') !== ''
- && $this->isOverwriteCondition()) {
- return $this->config->getSystemValueString('overwriteprotocol');
- }
+ $proto = 'http';
- if ($this->fromTrustedProxy() && isset($this->server['HTTP_X_FORWARDED_PROTO'])) {
+ if ($this->config->getSystemValueString('overwriteprotocol') !== ''
+ && $this->isOverwriteCondition()
+ ) {
+ $proto = strtolower($this->config->getSystemValueString('overwriteprotocol'));
+ } elseif ($this->fromTrustedProxy()
+ && isset($this->server['HTTP_X_FORWARDED_PROTO'])
+ ) {
if (str_contains($this->server['HTTP_X_FORWARDED_PROTO'], ',')) {
$parts = explode(',', $this->server['HTTP_X_FORWARDED_PROTO']);
$proto = strtolower(trim($parts[0]));
} else {
$proto = strtolower($this->server['HTTP_X_FORWARDED_PROTO']);
}
-
- // Verify that the protocol is always HTTP or HTTPS
- // default to http if an invalid value is provided
- return $proto === 'https' ? 'https' : 'http';
+ } elseif (!empty($this->server['HTTPS'])
+ && $this->server['HTTPS'] !== 'off'
+ ) {
+ $proto = 'https';
}
- if (isset($this->server['HTTPS'])
- && $this->server['HTTPS'] !== null
- && $this->server['HTTPS'] !== 'off'
- && $this->server['HTTPS'] !== '') {
- return 'https';
+ if ($proto !== 'https' && $proto !== 'http') {
+ // log unrecognized value so admin has a chance to fix it
+ \OCP\Server::get(LoggerInterface::class)->critical(
+ 'Server protocol is malformed [falling back to http] (check overwriteprotocol and/or X-Forwarded-Proto to remedy): ' . $proto,
+ ['app' => 'core']
+ );
}
- return 'http';
+ // default to http if provided an invalid value
+ return $proto === 'https' ? 'https' : 'http';
}
/**
@@ -743,11 +754,11 @@ class Request implements \ArrayAccess, \Countable, IRequest {
}
/**
- * Get PathInfo from request
+ * Get PathInfo from request (rawurldecoded)
* @throws \Exception
* @return string|false Path info or false when not found
*/
- public function getPathInfo() {
+ public function getPathInfo(): string|false {
$pathInfo = $this->getRawPathInfo();
return \Sabre\HTTP\decodePath($pathInfo);
}
diff --git a/lib/private/Files/Cache/CacheQueryBuilder.php b/lib/private/Files/Cache/CacheQueryBuilder.php
index 5ae60ee80b6..5492452273b 100644
--- a/lib/private/Files/Cache/CacheQueryBuilder.php
+++ b/lib/private/Files/Cache/CacheQueryBuilder.php
@@ -28,7 +28,7 @@ class CacheQueryBuilder extends ExtendedQueryBuilder {
public function selectTagUsage(): self {
$this
- ->select('systemtag.name', 'systemtag.id', 'systemtag.visibility', 'systemtag.editable', 'systemtag.etag')
+ ->select('systemtag.name', 'systemtag.id', 'systemtag.visibility', 'systemtag.editable', 'systemtag.etag', 'systemtag.color')
->selectAlias($this->createFunction('COUNT(filecache.fileid)'), 'number_files')
->selectAlias($this->createFunction('MAX(filecache.fileid)'), 'ref_file_id')
->from('filecache', 'filecache')
diff --git a/lib/private/Files/SetupManager.php b/lib/private/Files/SetupManager.php
index 37ecd5779e6..b92c608a81d 100644
--- a/lib/private/Files/SetupManager.php
+++ b/lib/private/Files/SetupManager.php
@@ -292,7 +292,7 @@ class SetupManager {
$mounts = array_filter($mounts, function (IMountPoint $mount) use ($previouslySetupProviders) {
return !in_array($mount->getMountProvider(), $previouslySetupProviders);
});
- $this->userMountCache->registerMounts($user, $mounts, $newProviders);
+ $this->registerMounts($user, $mounts, $newProviders);
$cacheDuration = $this->config->getSystemValueInt('fs_mount_cache_duration', 5 * 60);
if ($cacheDuration > 0) {
@@ -457,7 +457,7 @@ class SetupManager {
}
if (count($mounts)) {
- $this->userMountCache->registerMounts($user, $mounts, $currentProviders);
+ $this->registerMounts($user, $mounts, $currentProviders);
$this->setupForUserWith($user, function () use ($mounts) {
array_walk($mounts, [$this->mountManager, 'addMount']);
});
@@ -528,7 +528,7 @@ class SetupManager {
$mounts = $this->mountProviderCollection->getUserMountsForProviderClasses($user, $providers);
}
- $this->userMountCache->registerMounts($user, $mounts, $providers);
+ $this->registerMounts($user, $mounts, $providers);
$this->setupForUserWith($user, function () use ($mounts) {
array_walk($mounts, [$this->mountManager, 'addMount']);
});
@@ -600,4 +600,10 @@ class SetupManager {
});
}
}
+
+ private function registerMounts(IUser $user, array $mounts, ?array $mountProviderClasses = null): void {
+ if ($this->lockdownManager->canAccessFilesystem()) {
+ $this->userMountCache->registerMounts($user, $mounts, $mountProviderClasses);
+ }
+ }
}
diff --git a/lib/private/Files/Storage/DAV.php b/lib/private/Files/Storage/DAV.php
index afd8f87e2de..2d166b5438d 100644
--- a/lib/private/Files/Storage/DAV.php
+++ b/lib/private/Files/Storage/DAV.php
@@ -116,7 +116,7 @@ class DAV extends Common {
// inject mock for testing
$this->certManager = \OC::$server->getCertificateManager();
}
- $this->root = $parameters['root'] ?? '/';
+ $this->root = rawurldecode($parameters['root'] ?? '/');
$this->root = '/' . ltrim($this->root, '/');
$this->root = rtrim($this->root, '/') . '/';
} else {
@@ -191,7 +191,7 @@ class DAV extends Common {
if ($this->secure) {
$baseUri .= 's';
}
- $baseUri .= '://' . $this->host . $this->root;
+ $baseUri .= '://' . $this->host . $this->encodePath($this->root);
return $baseUri;
}
diff --git a/lib/private/Files/Utils/Scanner.php b/lib/private/Files/Utils/Scanner.php
index e9ed351b27b..576cb66b3cf 100644
--- a/lib/private/Files/Utils/Scanner.php
+++ b/lib/private/Files/Utils/Scanner.php
@@ -205,7 +205,10 @@ class Scanner extends PublicEmitter {
foreach (['', 'files'] as $path) {
if (!$storage->isCreatable($path)) {
$fullPath = $storage->getSourcePath($path);
- if (!$storage->is_dir($path) && $storage->getCache()->inCache($path)) {
+ if (isset($mounts[$mount->getMountPoint() . $path . '/'])) {
+ // /<user>/files is overwritten by a mountpoint, so this check is irrelevant
+ break;
+ } elseif (!$storage->is_dir($path) && $storage->getCache()->inCache($path)) {
throw new NotFoundException("User folder $fullPath exists in cache but not on disk");
} elseif ($storage->is_dir($path)) {
$ownerUid = fileowner($fullPath);
@@ -213,9 +216,6 @@ class Scanner extends PublicEmitter {
$owner = $owner['name'] ?? $ownerUid;
$permissions = decoct(fileperms($fullPath));
throw new ForbiddenException("User folder $fullPath is not writable, folders is owned by $owner and has mode $permissions");
- } elseif (isset($mounts[$mount->getMountPoint() . $path . '/'])) {
- // /<user>/files is overwritten by a mountpoint, so this check is irrelevant
- break;
} else {
// if the root exists in neither the cache nor the storage the user isn't setup yet
break 2;
diff --git a/lib/private/Setup/AbstractDatabase.php b/lib/private/Setup/AbstractDatabase.php
index ec4ce040090..8f6294faa66 100644
--- a/lib/private/Setup/AbstractDatabase.php
+++ b/lib/private/Setup/AbstractDatabase.php
@@ -77,7 +77,6 @@ abstract class AbstractDatabase {
$this->config->setValues([
'dbname' => $dbName,
'dbhost' => $dbHost,
- 'dbport' => $dbPort,
'dbtableprefix' => $dbTablePrefix,
]);