diff --git a/core/js/setupchecks.js b/core/js/setupchecks.js
index 9bb3face75..5d9f1863ef 100644
--- a/core/js/setupchecks.js
+++ b/core/js/setupchecks.js
@@ -64,6 +64,11 @@
t('core', 'No memory cache has been configured. To enhance your performance please configure a memcache if available. Further information can be found in our documentation.', {docLink: data.memcacheDocs})
);
}
+ if(!data.isUrandomAvailable) {
+ messages.push(
+ t('core', '/dev/urandom is not readable by PHP which is highly discouraged for security reasons. Further information can be found in our documentation.', {docLink: data.securityDocs})
+ );
+ }
} else {
messages.push(t('core', 'Error occurred while checking server setup'));
}
diff --git a/core/js/tests/specs/setupchecksSpec.js b/core/js/tests/specs/setupchecksSpec.js
index 3e6382603f..65de3d0321 100644
--- a/core/js/tests/specs/setupchecksSpec.js
+++ b/core/js/tests/specs/setupchecksSpec.js
@@ -66,7 +66,7 @@ describe('OC.SetupChecks tests', function() {
{
'Content-Type': 'application/json'
},
- JSON.stringify({serverHasInternetConnection: false, memcacheDocs: 'https://doc.owncloud.org/server/go.php?to=admin-performance'})
+ JSON.stringify({isUrandomAvailable: true, serverHasInternetConnection: false, memcacheDocs: 'https://doc.owncloud.org/server/go.php?to=admin-performance'})
);
async.done(function( data, s, x ){
@@ -83,7 +83,7 @@ describe('OC.SetupChecks tests', function() {
{
'Content-Type': 'application/json'
},
- JSON.stringify({serverHasInternetConnection: false, dataDirectoryProtected: false, memcacheDocs: 'https://doc.owncloud.org/server/go.php?to=admin-performance'})
+ JSON.stringify({isUrandomAvailable: true, serverHasInternetConnection: false, dataDirectoryProtected: false, memcacheDocs: 'https://doc.owncloud.org/server/go.php?to=admin-performance'})
);
async.done(function( data, s, x ){
@@ -100,7 +100,7 @@ describe('OC.SetupChecks tests', function() {
{
'Content-Type': 'application/json',
},
- JSON.stringify({serverHasInternetConnection: false, dataDirectoryProtected: false, isMemcacheConfigured: true})
+ JSON.stringify({isUrandomAvailable: true, serverHasInternetConnection: false, dataDirectoryProtected: false, isMemcacheConfigured: true})
);
async.done(function( data, s, x ){
@@ -109,6 +109,22 @@ describe('OC.SetupChecks tests', function() {
});
});
+ it('should return an error if /dev/urandom is not accessible', function(done) {
+ var async = OC.SetupChecks.checkSetup();
+
+ suite.server.requests[0].respond(
+ 200,
+ {
+ 'Content-Type': 'application/json',
+ },
+ JSON.stringify({isUrandomAvailable: false, securityDocs: 'https://docs.owncloud.org/myDocs.html', serverHasInternetConnection: true, dataDirectoryProtected: true, isMemcacheConfigured: true})
+ );
+
+ async.done(function( data, s, x ){
+ expect(data).toEqual(['/dev/urandom is not readable by PHP which is highly discouraged for security reasons. Further information can be found in our documentation.']);
+ done();
+ });
+ });
it('should return an error if the response has no statuscode 200', function(done) {
var async = OC.SetupChecks.checkSetup();
diff --git a/settings/controller/checksetupcontroller.php b/settings/controller/checksetupcontroller.php
index 15719ce215..3ced5af5a5 100644
--- a/settings/controller/checksetupcontroller.php
+++ b/settings/controller/checksetupcontroller.php
@@ -90,6 +90,23 @@ class CheckSetupController extends Controller {
return $this->config->getSystemValue('memcache.local', null) !== null;
}
+ /**
+ * Whether /dev/urandom is available to the PHP controller
+ *
+ * @return bool
+ */
+ private function isUrandomAvailable() {
+ if(@file_exists('/dev/urandom')) {
+ $file = fopen('/dev/urandom', 'rb');
+ if($file) {
+ fclose($file);
+ return true;
+ }
+ }
+
+ return false;
+ }
+
/**
* @return DataResponse
*/
@@ -100,6 +117,8 @@ class CheckSetupController extends Controller {
'dataDirectoryProtected' => $this->util->isHtaccessWorking($this->config),
'isMemcacheConfigured' => $this->isMemcacheConfigured(),
'memcacheDocs' => $this->urlGenerator->linkToDocs('admin-performance'),
+ 'isUrandomAvailable' => $this->isUrandomAvailable(),
+ 'securityDocs' => $this->urlGenerator->linkToDocs('admin-security'),
]
);
}
diff --git a/tests/settings/controller/CheckSetupControllerTest.php b/tests/settings/controller/CheckSetupControllerTest.php
index 26f9f4e945..b21e78c831 100644
--- a/tests/settings/controller/CheckSetupControllerTest.php
+++ b/tests/settings/controller/CheckSetupControllerTest.php
@@ -224,10 +224,14 @@ class CheckSetupControllerTest extends TestCase {
$this->util->expects($this->once())
->method('isHtaccessWorking')
->will($this->returnValue(true));
- $this->urlGenerator->expects($this->once())
+ $this->urlGenerator->expects($this->at(0))
->method('linkToDocs')
->with('admin-performance')
->willReturn('http://doc.owncloud.org/server/go.php?to=admin-performance');
+ $this->urlGenerator->expects($this->at(1))
+ ->method('linkToDocs')
+ ->with('admin-security')
+ ->willReturn('https://doc.owncloud.org/server/8.1/admin_manual/configuration_server/hardening.html');
$expected = new DataResponse(
[
@@ -235,6 +239,8 @@ class CheckSetupControllerTest extends TestCase {
'dataDirectoryProtected' => true,
'isMemcacheConfigured' => true,
'memcacheDocs' => 'http://doc.owncloud.org/server/go.php?to=admin-performance',
+ 'isUrandomAvailable' => \Test_Helper::invokePrivate($this->checkSetupController, 'isUrandomAvailable'),
+ 'securityDocs' => 'https://doc.owncloud.org/server/8.1/admin_manual/configuration_server/hardening.html',
]
);
$this->assertEquals($expected, $this->checkSetupController->check());