mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #1099 from herbrechtsmeier/ssl-proxy 

add multiple domains reverse SSL proxy support
This commit is contained in:
Thomas Müller 2013-01-31 14:01:32 -08:00
parent 206c6c1e1e 7747f49263
commit 317261d6df
10 changed files with 130 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/files/appinfo/remote.php
View File

@ -32,12 +32,14 @@ OC_Util::obEnd();
// Backends // Backends
$authBackend = new OC_Connector_Sabre_Auth(); $authBackend = new OC_Connector_Sabre_Auth();
$lockBackend = new OC_Connector_Sabre_Locks(); $lockBackend = new OC_Connector_Sabre_Locks();
$requestBackend = new OC_Connector_Sabre_Request();
// Create ownCloud Dir // Create ownCloud Dir
$publicDir = new OC_Connector_Sabre_Directory(''); $publicDir = new OC_Connector_Sabre_Directory('');
// Fire up server // Fire up server
$server = new Sabre_DAV_Server($publicDir); $server = new Sabre_DAV_Server($publicDir);
$server->httpRequest = $requestBackend;
$server->setBaseUri($baseuri); $server->setBaseUri($baseuri);
// Load plugins // Load plugins

2
apps/files/index.php
View File

@ -36,7 +36,7 @@ OCP\App::setActiveNavigationEntry('files_index');
$dir = isset($_GET['dir']) ? stripslashes($_GET['dir']) : ''; $dir = isset($_GET['dir']) ? stripslashes($_GET['dir']) : '';
// Redirect if directory does not exist // Redirect if directory does not exist
if (!\OC\Files\Filesystem::is_dir($dir . '/')) { if (!\OC\Files\Filesystem::is_dir($dir . '/')) {
header('Location: ' . $_SERVER['SCRIPT_NAME'] . ''); header('Location: ' . OCP\Util::getScriptName() . '');
exit(); exit();
} }

6
config/config.sample.php
View File

@ -38,6 +38,12 @@ $CONFIG = array(
/* The automatic protocol detection of ownCloud can fail in certain reverse proxy situations. This option allows to manually override the protocol detection. For example "https" */ /* The automatic protocol detection of ownCloud can fail in certain reverse proxy situations. This option allows to manually override the protocol detection. For example "https" */
"overwriteprotocol" => "", "overwriteprotocol" => "",
/* The automatic webroot detection of ownCloud can fail in certain reverse proxy situations. This option allows to manually override the automatic detection. For example "/domain.tld/ownCloud" */
"overwritewebroot" => "",
/* The automatic detection of ownCloud can fail in certain reverse proxy situations. This option allows to define a manually override condition as regular expression for the remote ip address. For example "^10\.0\.0\.[1-3]$" */
"overwritecondaddr" => "",
/* A proxy to use to connect to the internet. For example "myproxy.org:88" */ /* A proxy to use to connect to the internet. For example "myproxy.org:88" */
"proxy" => "", "proxy" => "",

2
lib/app.php
View File

@ -506,7 +506,7 @@ class OC_App{
* @return string * @return string
*/ */
public static function getCurrentApp() { public static function getCurrentApp() {
$script=substr($_SERVER["SCRIPT_NAME"], strlen(OC::$WEBROOT)+1); $script=substr(OC_Request::scriptName(), strlen(OC::$WEBROOT)+1);
$topFolder=substr($script, 0, strpos($script, '/')); $topFolder=substr($script, 0, strpos($script, '/'));
if (empty($topFolder)) { if (empty($topFolder)) {
$path_info = OC_Request::getPathInfo(); $path_info = OC_Request::getPathInfo();

6
lib/base.php
View File

@ -129,7 +129,7 @@ class OC
// calculate the root directories // calculate the root directories
OC::$SERVERROOT = str_replace("\\", '/', substr(__DIR__, 0, -4)); OC::$SERVERROOT = str_replace("\\", '/', substr(__DIR__, 0, -4));
OC::$SUBURI = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT))); OC::$SUBURI = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT)));
$scriptName = $_SERVER["SCRIPT_NAME"]; $scriptName = OC_Request::scriptName();
if (substr($scriptName, -1) == '/') { if (substr($scriptName, -1) == '/') {
$scriptName .= 'index.php'; $scriptName .= 'index.php';
//make sure suburi follows the same rules as scriptName //make sure suburi follows the same rules as scriptName
@ -230,7 +230,7 @@ class OC
header('Strict-Transport-Security: max-age=31536000'); header('Strict-Transport-Security: max-age=31536000');
ini_set("session.cookie_secure", "on"); ini_set("session.cookie_secure", "on");
if (OC_Request::serverProtocol() <> 'https' and !OC::$CLI) { if (OC_Request::serverProtocol() <> 'https' and !OC::$CLI) {
$url = "https://" . OC_Request::serverHost() . $_SERVER['REQUEST_URI']; $url = "https://" . OC_Request::serverHost() . OC_Request::requestUri();
header("Location: $url"); header("Location: $url");
exit(); exit();
} }
@ -764,7 +764,7 @@ class OC
if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) { if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) {
//OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG); //OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG);
OC_User::unsetMagicInCookie(); OC_User::unsetMagicInCookie();
$_REQUEST['redirect_url'] = (isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : ''); $_REQUEST['redirect_url'] = OC_Request::requestUri();
OC_Util::redirectToDefaultPage(); OC_Util::redirectToDefaultPage();
} }
return true; return true;

50
lib/connector/sabre/request.php Normal file
View File

@ -0,0 +1,50 @@
<?php
/**
* ownCloud
*
* @author Stefan Herbrechtsmeier
* @copyright 2012 Stefan Herbrechtsmeier <stefan@herbrechtsmeier.net>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
class OC_Connector_Sabre_Request extends Sabre_HTTP_Request {
/**
* Returns the requested uri
*
* @return string
*/
public function getUri() {
return OC_Request::requestUri();
}
/**
* Returns a specific item from the _SERVER array.
*
* Do not rely on this feature, it is for internal use only.
*
* @param string $field
* @return string
*/
public function getRawServerValue($field) {
if($field == 'REQUEST_URI'){
return $this->getUri();
}
else{
return isset($this->_SERVER[$field])?$this->_SERVER[$field]:null;
}
}
}

22
lib/public/util.php
View File

@ -218,6 +218,28 @@ class Util {
return(\OC_Request::serverProtocol()); return(\OC_Request::serverProtocol());
} }
/**
* @brief Returns the request uri
* @returns the request uri
*
* Returns the request uri, even if the website uses one or more
* reverse proxies
*/
public static function getRequestUri() {
return(\OC_Request::requestUri());
}
/**
* @brief Returns the script name
* @returns the script name
*
* Returns the script name, even if the website uses one or more
* reverse proxies
*/
public static function getScriptName() {
return(\OC_Request::scriptName());
}
/** /**
* @brief Creates path to an image * @brief Creates path to an image
* @param string $app app * @param string $app app

45
lib/request.php
View File

@ -7,6 +7,15 @@
*/ */
class OC_Request { class OC_Request {
/**
* @brief Check overwrite condition
* @returns true/false
*/
private static function isOverwriteCondition() {
$regex = '/' . OC_Config::getValue('overwritecondaddr', '') . '/';
return $regex === '//' or preg_match($regex, $_SERVER['REMOTE_ADDR']) === 1;
}
/** /**
* @brief Returns the server host * @brief Returns the server host
* @returns the server host * @returns the server host
@ -18,7 +27,7 @@ class OC_Request {
if(OC::$CLI) { if(OC::$CLI) {
return 'localhost'; return 'localhost';
} }
if(OC_Config::getValue('overwritehost', '')<>'') { if(OC_Config::getValue('overwritehost', '')<>'' and self::isOverwriteCondition()) {
return OC_Config::getValue('overwritehost'); return OC_Config::getValue('overwritehost');
} }
if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) { if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
@ -43,7 +52,7 @@ class OC_Request {
* Returns the server protocol. It respects reverse proxy servers and load balancers * Returns the server protocol. It respects reverse proxy servers and load balancers
*/ */
public static function serverProtocol() { public static function serverProtocol() {
if(OC_Config::getValue('overwriteprotocol', '')<>'') { if(OC_Config::getValue('overwriteprotocol', '')<>'' and self::isOverwriteCondition()) {
return OC_Config::getValue('overwriteprotocol'); return OC_Config::getValue('overwriteprotocol');
} }
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) { if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
@ -58,6 +67,38 @@ class OC_Request {
return $proto; return $proto;
} }
/**
* @brief Returns the request uri
* @returns the request uri
*
* Returns the request uri, even if the website uses one or more
* reverse proxies
*/
public static function requestUri() {
$uri = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '';
if (OC_Config::getValue('overwritewebroot', '') <> '' and self::isOverwriteCondition()) {
$uri = self::scriptName() . substr($uri, strlen($_SERVER['SCRIPT_NAME']));
}
return $uri;
}
/**
* @brief Returns the script name
* @returns the script name
*
* Returns the script name, even if the website uses one or more
* reverse proxies
*/
public static function scriptName() {
$name = $_SERVER['SCRIPT_NAME'];
if (OC_Config::getValue('overwritewebroot', '') <> '' and self::isOverwriteCondition()) {
$serverroot = str_replace("\\", '/', substr(__DIR__, 0, -4));
$suburi = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen($serverroot)));
$name = OC_Config::getValue('overwritewebroot', '') . $suburi;
}
return $name;
}
/** /**
* @brief get Path info from request * @brief get Path info from request
* @returns string Path info or false when not found * @returns string Path info or false when not found

2
lib/util.php
View File

@ -312,7 +312,7 @@ class OC_Util {
public static function checkLoggedIn() { public static function checkLoggedIn() {
// Check if we are a user // Check if we are a user
if( !OC_User::isLoggedIn()) { if( !OC_User::isLoggedIn()) {
header( 'Location: '.OC_Helper::linkToAbsolute( '', 'index.php', array('redirect_url' => $_SERVER["REQUEST_URI"]))); header( 'Location: '.OC_Helper::linkToAbsolute( '', 'index.php', array('redirect_url' => OC_Request::requestUri())));
exit(); exit();
} }
} }

2
ocs/providers.php
View File

@ -23,7 +23,7 @@
require_once '../lib/base.php'; require_once '../lib/base.php';
$url=OCP\Util::getServerProtocol().'://'.substr(OCP\Util::getServerHost().$_SERVER['REQUEST_URI'], 0, -17).'ocs/v1.php/'; $url=OCP\Util::getServerProtocol().'://'.substr(OCP\Util::getServerHost().OCP\Util::getRequestUri(), 0, -17).'ocs/v1.php/';
echo(' echo('
<providers> <providers>