aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/private/Files/Type/Detection.php6
-rw-r--r--lib/private/IntegrityCheck/Checker.php59
-rw-r--r--lib/private/Server.php3
3 files changed, 45 insertions, 23 deletions
diff --git a/lib/private/Files/Type/Detection.php b/lib/private/Files/Type/Detection.php
index 32075627632..9bbbd0e07c7 100644
--- a/lib/private/Files/Type/Detection.php
+++ b/lib/private/Files/Type/Detection.php
@@ -133,6 +133,12 @@ class Detection implements IMimeTypeDetector {
return $this->mimeTypeAlias;
}
+ public function getOnlyDefaultAliases() {
+ $this->loadMappings();
+ $this->mimeTypeAlias = json_decode(file_get_contents($this->defaultConfigDir . '/mimetypealiases.dist.json'), true);
+ return $this->mimeTypeAlias;
+ }
+
/**
* Add mimetype mappings if they are not yet present
*/
diff --git a/lib/private/IntegrityCheck/Checker.php b/lib/private/IntegrityCheck/Checker.php
index 0a8876381f4..ac4f40b51ec 100644
--- a/lib/private/IntegrityCheck/Checker.php
+++ b/lib/private/IntegrityCheck/Checker.php
@@ -27,6 +27,7 @@ declare(strict_types=1);
namespace OC\IntegrityCheck;
+use OC\Core\Command\Maintenance\Mimetype\GenerateMimetypeFileBuilder;
use OC\IntegrityCheck\Exceptions\InvalidSignatureException;
use OC\IntegrityCheck\Helpers\AppLocator;
use OC\IntegrityCheck\Helpers\EnvironmentHelper;
@@ -34,6 +35,7 @@ use OC\IntegrityCheck\Helpers\FileAccessHelper;
use OC\IntegrityCheck\Iterator\ExcludeFileByNameFilterIterator;
use OC\IntegrityCheck\Iterator\ExcludeFoldersByPathFilterIterator;
use OCP\App\IAppManager;
+use OCP\Files\IMimeTypeDetector;
use OCP\ICache;
use OCP\ICacheFactory;
use OCP\IConfig;
@@ -67,6 +69,8 @@ class Checker {
private $appManager;
/** @var ITempManager */
private $tempManager;
+ /** @var IMimeTypeDetector */
+ private $mimeTypeDetector;
/**
* @param EnvironmentHelper $environmentHelper
@@ -76,6 +80,7 @@ class Checker {
* @param ICacheFactory $cacheFactory
* @param IAppManager $appManager
* @param ITempManager $tempManager
+ * @param IMimeTypeDetector $mimeTypeDetector
*/
public function __construct(EnvironmentHelper $environmentHelper,
FileAccessHelper $fileAccessHelper,
@@ -83,7 +88,8 @@ class Checker {
IConfig $config = null,
ICacheFactory $cacheFactory,
IAppManager $appManager = null,
- ITempManager $tempManager) {
+ ITempManager $tempManager,
+ IMimeTypeDetector $mimeTypeDetector) {
$this->environmentHelper = $environmentHelper;
$this->fileAccessHelper = $fileAccessHelper;
$this->appLocator = $appLocator;
@@ -91,6 +97,7 @@ class Checker {
$this->cache = $cacheFactory->createDistributed(self::CACHE_KEY);
$this->appManager = $appManager;
$this->tempManager = $tempManager;
+ $this->mimeTypeDetector = $mimeTypeDetector;
}
/**
@@ -193,6 +200,14 @@ class Checker {
continue;
}
}
+ if($filename === $this->environmentHelper->getServerRoot().'/core/js/mimetypelist.js') {
+ $oldMimetypeList = new GenerateMimetypeFileBuilder();
+ $newFile = $oldMimetypeList->generateFile($this->mimeTypeDetector->getAllAliases());
+ if($newFile === file_get_contents($filename)) {
+ $hashes[$relativeFileName] = hash('sha512', $oldMimetypeList->generateFile($this->mimeTypeDetector->getOnlyDefaultAliases()));
+ continue;
+ }
+ }
$hashes[$relativeFileName] = hash_file('sha512', $filename);
}
@@ -220,10 +235,10 @@ class Checker {
$signature = $privateKey->sign(json_encode($hashes));
return [
- 'hashes' => $hashes,
- 'signature' => base64_encode($signature),
- 'certificate' => $certificate->saveX509($certificate->currentCert),
- ];
+ 'hashes' => $hashes,
+ 'signature' => base64_encode($signature),
+ 'certificate' => $certificate->saveX509($certificate->currentCert),
+ ];
}
/**
@@ -244,8 +259,8 @@ class Checker {
$iterator = $this->getFolderIterator($path);
$hashes = $this->generateHashes($iterator, $path);
$signature = $this->createSignatureData($hashes, $certificate, $privateKey);
- $this->fileAccessHelper->file_put_contents(
- $appInfoDir . '/signature.json',
+ $this->fileAccessHelper->file_put_contents(
+ $appInfoDir . '/signature.json',
json_encode($signature, JSON_PRETTY_PRINT)
);
} catch (\Exception $e){
@@ -327,7 +342,7 @@ class Checker {
// Verify if certificate has proper CN. "core" CN is always trusted.
if($x509->getDN(X509::DN_OPENSSL)['CN'] !== $certificateCN && $x509->getDN(X509::DN_OPENSSL)['CN'] !== 'core') {
throw new InvalidSignatureException(
- sprintf('Certificate is not valid for required scope. (Requested: %s, current: CN=%s)', $certificateCN, $x509->getDN(true)['CN'])
+ sprintf('Certificate is not valid for required scope. (Requested: %s, current: CN=%s)', $certificateCN, $x509->getDN(true)['CN'])
);
}
@@ -484,16 +499,16 @@ class Checker {
$path = $this->appLocator->getAppPath($appId);
}
$result = $this->verify(
- $path . '/appinfo/signature.json',
- $path,
- $appId
+ $path . '/appinfo/signature.json',
+ $path,
+ $appId
);
} catch (\Exception $e) {
$result = [
- 'EXCEPTION' => [
- 'class' => \get_class($e),
- 'message' => $e->getMessage(),
- ],
+ 'EXCEPTION' => [
+ 'class' => \get_class($e),
+ 'message' => $e->getMessage(),
+ ],
];
}
$this->storeResults($appId, $result);
@@ -534,16 +549,16 @@ class Checker {
public function verifyCoreSignature(): array {
try {
$result = $this->verify(
- $this->environmentHelper->getServerRoot() . '/core/signature.json',
- $this->environmentHelper->getServerRoot(),
- 'core'
+ $this->environmentHelper->getServerRoot() . '/core/signature.json',
+ $this->environmentHelper->getServerRoot(),
+ 'core'
);
} catch (\Exception $e) {
$result = [
- 'EXCEPTION' => [
- 'class' => \get_class($e),
- 'message' => $e->getMessage(),
- ],
+ 'EXCEPTION' => [
+ 'class' => \get_class($e),
+ 'message' => $e->getMessage(),
+ ],
];
}
$this->storeResults('core', $result);
diff --git a/lib/private/Server.php b/lib/private/Server.php
index 408b457ec39..599e14f1cd3 100644
--- a/lib/private/Server.php
+++ b/lib/private/Server.php
@@ -791,7 +791,8 @@ class Server extends ServerContainer implements IServerContainer {
$config,
$c->getMemCacheFactory(),
$appManager,
- $c->getTempManager()
+ $c->getTempManager(),
+ $c->getMimeTypeDetector()
);
});
$this->registerService(\OCP\IRequest::class, function ($c) {