2015-03-26 16:51:33 +03:00
< ? php
/**
2015-06-25 12:43:55 +03:00
* @ author Joas Schilling < nickvergessen @ owncloud . com >
2015-03-26 16:51:33 +03:00
* @ author Lukas Reschke < lukas @ owncloud . com >
2015-06-25 12:43:55 +03:00
* @ author Morris Jobke < hey @ morrisjobke . de >
2015-10-05 21:54:56 +03:00
* @ author Robin McCorkell < rmccorkell @ karoshi . org . uk >
* @ author Roeland Jago Douma < roeland @ famdouma . nl >
2015-03-26 16:51:33 +03:00
*
* @ copyright Copyright ( c ) 2015 , ownCloud , Inc .
* @ license AGPL - 3.0
*
* This code is free software : you can redistribute it and / or modify
* it under the terms of the GNU Affero General Public License , version 3 ,
* as published by the Free Software Foundation .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU Affero General Public License for more details .
*
* You should have received a copy of the GNU Affero General Public License , version 3 ,
* along with this program . If not , see < http :// www . gnu . org / licenses />
*
*/
namespace OC\Settings\Controller ;
2015-07-27 17:29:05 +03:00
use GuzzleHttp\Exception\ClientException ;
2015-03-26 16:51:33 +03:00
use OCP\AppFramework\Controller ;
use OCP\AppFramework\Http\DataResponse ;
use OCP\Http\Client\IClientService ;
use OCP\IConfig ;
2015-07-27 17:29:05 +03:00
use OCP\IL10N ;
2015-03-26 16:51:33 +03:00
use OCP\IRequest ;
use OC_Util ;
2015-04-07 12:11:31 +03:00
use OCP\IURLGenerator ;
2015-03-26 16:51:33 +03:00
/**
* @ package OC\Settings\Controller
*/
class CheckSetupController extends Controller {
/** @var IConfig */
private $config ;
/** @var IClientService */
private $clientService ;
/** @var \OC_Util */
private $util ;
2015-04-07 12:11:31 +03:00
/** @var IURLGenerator */
private $urlGenerator ;
2015-07-27 17:29:05 +03:00
/** @var IL10N */
private $l10n ;
2015-03-26 16:51:33 +03:00
/**
* @ param string $AppName
* @ param IRequest $request
* @ param IConfig $config
* @ param IClientService $clientService
2015-04-07 12:11:31 +03:00
* @ param IURLGenerator $urlGenerator
2015-03-26 16:51:33 +03:00
* @ param \OC_Util $util
2015-07-27 17:29:05 +03:00
* @ param IL10N $l10n
2015-03-26 16:51:33 +03:00
*/
public function __construct ( $AppName ,
IRequest $request ,
IConfig $config ,
IClientService $clientService ,
2015-04-07 12:11:31 +03:00
IURLGenerator $urlGenerator ,
2015-07-27 17:29:05 +03:00
\OC_Util $util ,
IL10N $l10n ) {
2015-03-26 16:51:33 +03:00
parent :: __construct ( $AppName , $request );
$this -> config = $config ;
$this -> clientService = $clientService ;
$this -> util = $util ;
2015-04-07 12:11:31 +03:00
$this -> urlGenerator = $urlGenerator ;
2015-07-27 17:29:05 +03:00
$this -> l10n = $l10n ;
2015-03-26 16:51:33 +03:00
}
/**
* Checks if the ownCloud server can connect to the internet using HTTPS and HTTP
* @ return bool
*/
private function isInternetConnectionWorking () {
if ( $this -> config -> getSystemValue ( 'has_internet_connection' , true ) === false ) {
return false ;
}
try {
$client = $this -> clientService -> newClient ();
$client -> get ( 'https://www.owncloud.org/' );
$client -> get ( 'http://www.owncloud.org/' );
return true ;
} catch ( \Exception $e ) {
return false ;
}
}
/**
* Checks whether a local memcache is installed or not
* @ return bool
*/
private function isMemcacheConfigured () {
return $this -> config -> getSystemValue ( 'memcache.local' , null ) !== null ;
}
2015-05-26 15:11:38 +03:00
/**
* Whether / dev / urandom is available to the PHP controller
*
* @ return bool
*/
private function isUrandomAvailable () {
if ( @ file_exists ( '/dev/urandom' )) {
$file = fopen ( '/dev/urandom' , 'rb' );
if ( $file ) {
fclose ( $file );
return true ;
}
}
return false ;
}
2015-07-27 17:29:05 +03:00
/**
* Public for the sake of unit - testing
*
* @ return array
*/
2015-10-08 19:23:20 +03:00
protected function getCurlVersion () {
2015-07-27 17:29:05 +03:00
return curl_version ();
}
/**
* Check if the used SSL lib is outdated . Older OpenSSL and NSS versions do
* have multiple bugs which likely lead to problems in combination with
2015-07-25 21:18:32 +03:00
* functionality required by ownCloud such as SNI .
2015-07-27 17:29:05 +03:00
*
* @ link https :// github . com / owncloud / core / issues / 17446 #issuecomment-122877546
* @ link https :// bugzilla . redhat . com / show_bug . cgi ? id = 1241172
* @ return string
*/
private function isUsedTlsLibOutdated () {
2015-10-08 19:23:20 +03:00
// Appstore is disabled by default in EE
$appStoreDefault = false ;
if ( \OC_Util :: getEditionString () === '' ) {
$appStoreDefault = true ;
}
// Don't run check when:
// 1. Server has `has_internet_connection` set to false
// 2. AppStore AND S2S is disabled
if ( ! $this -> config -> getSystemValue ( 'has_internet_connection' , true )) {
return '' ;
}
if ( ! $this -> config -> getSystemValue ( 'appstoreenabled' , $appStoreDefault )
&& $this -> config -> getAppValue ( 'files_sharing' , 'outgoing_server2server_share_enabled' , 'yes' ) === 'no'
&& $this -> config -> getAppValue ( 'files_sharing' , 'incoming_server2server_share_enabled' , 'yes' ) === 'no' ) {
return '' ;
}
2015-07-27 17:29:05 +03:00
$versionString = $this -> getCurlVersion ();
if ( isset ( $versionString [ 'ssl_version' ])) {
$versionString = $versionString [ 'ssl_version' ];
} else {
return '' ;
}
$features = ( string ) $this -> l10n -> t ( 'installing and updating apps via the app store or Federated Cloud Sharing' );
2015-10-08 19:23:20 +03:00
if ( ! $this -> config -> getSystemValue ( 'appstoreenabled' , $appStoreDefault )) {
2015-07-27 17:29:05 +03:00
$features = ( string ) $this -> l10n -> t ( 'Federated Cloud Sharing' );
}
// Check if at least OpenSSL after 1.01d or 1.0.2b
if ( strpos ( $versionString , 'OpenSSL/' ) === 0 ) {
$majorVersion = substr ( $versionString , 8 , 5 );
$patchRelease = substr ( $versionString , 13 , 6 );
if (( $majorVersion === '1.0.1' && ord ( $patchRelease ) < ord ( 'd' )) ||
( $majorVersion === '1.0.2' && ord ( $patchRelease ) < ord ( 'b' ))) {
return ( string ) $this -> l10n -> t ( 'cURL is using an outdated %s version (%s). Please update your operating system or features such as %s will not work reliably.' , [ 'OpenSSL' , $versionString , $features ]);
}
}
// Check if NSS and perform heuristic check
if ( strpos ( $versionString , 'NSS/' ) === 0 ) {
try {
$firstClient = $this -> clientService -> newClient ();
$firstClient -> get ( 'https://www.owncloud.org/' );
$secondClient = $this -> clientService -> newClient ();
$secondClient -> get ( 'https://owncloud.org/' );
} catch ( ClientException $e ) {
if ( $e -> getResponse () -> getStatusCode () === 400 ) {
return ( string ) $this -> l10n -> t ( 'cURL is using an outdated %s version (%s). Please update your operating system or features such as %s will not work reliably.' , [ 'NSS' , $versionString , $features ]);
}
}
}
return '' ;
}
2015-07-28 11:06:26 +03:00
2015-10-08 18:30:40 +03:00
/**
2015-07-28 11:06:26 +03:00
* Whether the php version is still supported ( at time of release )
* according to : https :// secure . php . net / supported - versions . php
*
* @ return array
*/
private function isPhpSupported () {
$eol = false ;
//PHP 5.4 is EOL on 14 Sep 2015
if ( version_compare ( PHP_VERSION , '5.5.0' ) === - 1 ) {
$eol = true ;
}
return [ 'eol' => $eol , 'version' => PHP_VERSION ];
}
2015-07-27 17:29:05 +03:00
2015-10-08 18:30:40 +03:00
/**
2015-07-25 21:18:32 +03:00
* Check if the reverse proxy configuration is working as expected
*
* @ return bool
*/
private function forwardedForHeadersWorking () {
$trustedProxies = $this -> config -> getSystemValue ( 'trusted_proxies' , []);
$remoteAddress = $this -> request -> getRemoteAddress ();
if ( is_array ( $trustedProxies ) && in_array ( $remoteAddress , $trustedProxies )) {
return false ;
}
// either not enabled or working correctly
return true ;
}
2015-10-02 17:17:56 +03:00
/**
* Checks if the correct memcache module for PHP is installed . Only
* fails if memcached is configured and the working module is not installed .
*
* @ return bool
*/
private function isCorrectMemcachedPHPModuleInstalled () {
if ( $this -> config -> getSystemValue ( 'memcache.distributed' , null ) !== '\OC\Memcache\Memcached' ) {
return true ;
}
// there are two different memcached modules for PHP
// we only support memcached and not memcache
// https://code.google.com/p/memcached/wiki/PHPClientComparison
return ! extension_loaded ( 'memcached' ) && extension_loaded ( 'memcache' );
}
2015-03-26 16:51:33 +03:00
/**
* @ return DataResponse
*/
public function check () {
return new DataResponse (
[
'serverHasInternetConnection' => $this -> isInternetConnectionWorking (),
'dataDirectoryProtected' => $this -> util -> isHtaccessWorking ( $this -> config ),
'isMemcacheConfigured' => $this -> isMemcacheConfigured (),
2015-04-07 12:11:31 +03:00
'memcacheDocs' => $this -> urlGenerator -> linkToDocs ( 'admin-performance' ),
2015-05-26 15:11:38 +03:00
'isUrandomAvailable' => $this -> isUrandomAvailable (),
'securityDocs' => $this -> urlGenerator -> linkToDocs ( 'admin-security' ),
2015-07-27 17:29:05 +03:00
'isUsedTlsLibOutdated' => $this -> isUsedTlsLibOutdated (),
2015-07-28 11:06:26 +03:00
'phpSupported' => $this -> isPhpSupported (),
2015-07-25 21:18:32 +03:00
'forwardedForHeadersWorking' => $this -> forwardedForHeadersWorking (),
'reverseProxyDocs' => $this -> urlGenerator -> linkToDocs ( 'admin-reverse-proxy' ),
2015-10-02 17:17:56 +03:00
'isCorrectMemcachedPHPModuleInstalled' => $this -> isCorrectMemcachedPHPModuleInstalled ()
2015-03-26 16:51:33 +03:00
]
);
}
}