mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Show a warning in the installer if no secure RNG is available

This commit is contained in:
Lukas Reschke 2012-10-14 17:17:06 +02:00
parent d6c4b83f13
commit 2c427f050e
3 changed files with 34 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
core/templates/installation.php
View File

@ -3,7 +3,6 @@
<input type='hidden' id='hasPostgreSQL' value='<?php echo $_['hasPostgreSQL'] ?>'></input> <input type='hidden' id='hasPostgreSQL' value='<?php echo $_['hasPostgreSQL'] ?>'></input>
<input type='hidden' id='hasOracle' value='<?php echo $_['hasOracle'] ?>'></input> <input type='hidden' id='hasOracle' value='<?php echo $_['hasOracle'] ?>'></input>
<form action="index.php" method="post"> <form action="index.php" method="post">
<input type="hidden" name="install" value="true" /> <input type="hidden" name="install" value="true" />
<?php if(count($_['errors']) > 0): ?> <?php if(count($_['errors']) > 0): ?>
<ul class="errors"> <ul class="errors">
@ -19,7 +18,14 @@
<?php endforeach; ?> <?php endforeach; ?>
</ul> </ul>
<?php endif; ?> <?php endif; ?>
<?php if(!$_['secureRNG']): ?>
<fieldset style="color: #B94A48; background-color: #F2DEDE; border-color: #EED3D7;">
<legend><strong><?php echo $l->t('Security Warning');?></strong></legend>
<span><?php echo $l->t('No secure random number generator is available, please enable the PHP OpenSSL extension.');?></span>
<br/>
<span><?php echo $l->t('Without a secure random number generator an attacker may be able to predict password reset tokens and take over your account.');?></span>
</fieldset>
<?php endif; ?>
<fieldset> <fieldset>
<legend><?php echo $l->t( 'Create an <strong>admin account</strong>' ); ?></legend> <legend><?php echo $l->t( 'Create an <strong>admin account</strong>' ); ?></legend>
<p class="infield"> <p class="infield">

2
lib/setup.php
View File

@ -5,12 +5,14 @@ $hasMySQL = is_callable('mysql_connect');
$hasPostgreSQL = is_callable('pg_connect'); $hasPostgreSQL = is_callable('pg_connect');
$hasOracle = is_callable('oci_connect'); $hasOracle = is_callable('oci_connect');
$datadir = OC_Config::getValue('datadirectory', OC::$SERVERROOT.'/data'); $datadir = OC_Config::getValue('datadirectory', OC::$SERVERROOT.'/data');
$opts = array( $opts = array(
'hasSQLite' => $hasSQLite, 'hasSQLite' => $hasSQLite,
'hasMySQL' => $hasMySQL, 'hasMySQL' => $hasMySQL,
'hasPostgreSQL' => $hasPostgreSQL, 'hasPostgreSQL' => $hasPostgreSQL,
'hasOracle' => $hasOracle, 'hasOracle' => $hasOracle,
'directory' => $datadir, 'directory' => $datadir,
'secureRNG' => OC_Util::secureRNG_available(),
'errors' => array(), 'errors' => array(),
); );

24
lib/util.php
View File

@ -559,6 +559,7 @@ class OC_Util {
* @brief Generates a cryptographical secure pseudorandom string * @brief Generates a cryptographical secure pseudorandom string
* @param Int with the length of the random string * @param Int with the length of the random string
* @return String * @return String
* Please also update secureRNG_available if you change something here
*/ */
public static function generate_random_bytes($length = 30) { public static function generate_random_bytes($length = 30) {
@ -589,4 +590,27 @@ class OC_Util {
} }
return $pseudo_byte; return $pseudo_byte;
} }
/*
* @brief Checks if a secure random number generator is available
* @return bool
*/
public static function secureRNG_available() {
// Check openssl_random_pseudo_bytes
if(function_exists('openssl_random_pseudo_bytes')) {
openssl_random_pseudo_bytes(1, $strong);
if($strong == TRUE) {
return true;
}
}
// Check /dev/random
$fp = @file_get_contents('/dev/random', false, null, 0, 1);
if ($fp !== FALSE) {
return true;
}
return false;
}
} }