/** * check an app's integrity * @param array $data * @param string $extractDir * @param bool $isShipped * @return array * @throws \Exception */ public static function checkAppsIntegrity($data = array(), $extractDir, $path, $isShipped = false) { $l = \OC::$server->getL10N('lib'); //load the info.xml file of the app if (!is_file($extractDir . '/appinfo/info.xml')) { //try to find it in a subdir $dh = opendir($extractDir); if (is_resource($dh)) { while (($folder = readdir($dh)) !== false) { if ($folder[0] != '.' and is_dir($extractDir . '/' . $folder)) { if (is_file($extractDir . '/' . $folder . '/appinfo/info.xml')) { $extractDir .= '/' . $folder; } } } } } if (!is_file($extractDir . '/appinfo/info.xml')) { OC_Helper::rmdirr($extractDir); if ($data['source'] == 'http') { unlink($path); } throw new \Exception($l->t("App does not provide an info.xml file")); } $info = OC_App::getAppInfo($extractDir . '/appinfo/info.xml', true); // check the code for not allowed calls if (!$isShipped && !OC_Installer::checkCode($info['id'], $extractDir)) { OC_Helper::rmdirr($extractDir); throw new \Exception($l->t("App can't be installed because of not allowed code in the App")); } // check if the app is compatible with this version of ownCloud if (!OC_App::isAppCompatible(OC_Util::getVersion(), $info)) { OC_Helper::rmdirr($extractDir); throw new \Exception($l->t("App can't be installed because it is not compatible with this version of ownCloud")); } // check if shipped tag is set which is only allowed for apps that are shipped with ownCloud if (!$isShipped && isset($info['shipped']) && $info['shipped'] == 'true') { OC_Helper::rmdirr($extractDir); throw new \Exception($l->t("App can't be installed because it contains the <shipped>true</shipped> tag which is not allowed for non shipped apps")); } // check if the ocs version is the same as the version in info.xml/version $versionFile = $extractDir . '/appinfo/version'; if (is_file($versionFile)) { $version = trim(file_get_contents($versionFile)); } else { $version = trim($info['version']); } if (isset($data['appdata']['version']) && $version != trim($data['appdata']['version'])) { OC_Helper::rmdirr($extractDir); throw new \Exception($l->t("App can't be installed because the version in info.xml/version is not the same as the version reported from the app store")); } return $info; }
/** * @brief Installs an app * @param $data array with all information * @returns integer * * This function installs an app. All information needed are passed in the * associative array $data. * The following keys are required: * - source: string, can be "path" or "http" * * One of the following keys is required: * - path: path to the file containing the app * - href: link to the downloadable file containing the app * * The following keys are optional: * - pretend: boolean, if set true the system won't do anything * - noinstall: boolean, if true appinfo/install.php won't be loaded * - inactive: boolean, if set true the appconfig/app.sample.php won't be * renamed * * This function works as follows * -# fetching the file * -# unzipping it * -# check the code * -# installing the database at appinfo/database.xml * -# including appinfo/install.php * -# setting the installed version * * It is the task of oc_app_install to create the tables and do whatever is * needed to get the app working. */ public static function installApp($data = array()) { if (!isset($data['source'])) { OC_Log::write('core', 'No source specified when installing app', OC_Log::ERROR); return false; } //download the file if necesary if ($data['source'] == 'http') { $path = OC_Helper::tmpFile(); if (!isset($data['href'])) { OC_Log::write('core', 'No href specified when installing app from http', OC_Log::ERROR); return false; } copy($data['href'], $path); } else { if (!isset($data['path'])) { OC_Log::write('core', 'No path specified when installing app from local file', OC_Log::ERROR); return false; } $path = $data['path']; } //detect the archive type $mime = OC_Helper::getMimeType($path); if ($mime == 'application/zip') { rename($path, $path . '.zip'); $path .= '.zip'; } elseif ($mime == 'application/x-gzip') { rename($path, $path . '.tgz'); $path .= '.tgz'; } else { OC_Log::write('core', 'Archives of type ' . $mime . ' are not supported', OC_Log::ERROR); return false; } //extract the archive in a temporary folder $extractDir = OC_Helper::tmpFolder(); OC_Helper::rmdirr($extractDir); mkdir($extractDir); if ($archive = OC_Archive::open($path)) { $archive->extract($extractDir); } else { OC_Log::write('core', 'Failed to open archive when installing app', OC_Log::ERROR); OC_Helper::rmdirr($extractDir); if ($data['source'] == 'http') { unlink($path); } return false; } //load the info.xml file of the app if (!is_file($extractDir . '/appinfo/info.xml')) { //try to find it in a subdir $dh = opendir($extractDir); while ($folder = readdir($dh)) { if (substr($folder, 0, 1) != '.' and is_dir($extractDir . '/' . $folder)) { if (is_file($extractDir . '/' . $folder . '/appinfo/info.xml')) { $extractDir .= '/' . $folder; } } } } if (!is_file($extractDir . '/appinfo/info.xml')) { OC_Log::write('core', 'App does not provide an info.xml file', OC_Log::ERROR); OC_Helper::rmdirr($extractDir); if ($data['source'] == 'http') { unlink($path); } return false; } $info = OC_App::getAppInfo($extractDir . '/appinfo/info.xml', true); $basedir = OC::$APPSROOT . '/apps/' . $info['id']; // check the code for not allowed calls if (!OC_Installer::checkCode($info['id'], $extractDir)) { OC_Log::write('core', 'App can\'t be installed because of not allowed code in the App', OC_Log::ERROR); OC_Helper::rmdirr($extractDir); return false; } // check if the app is compatible with this version of ownCloud $version = OC_Util::getVersion(); if (!isset($info['require']) or $version[0] > $info['require']) { OC_Log::write('core', 'App can\'t be installed because it is not compatible with this version of ownCloud', OC_Log::ERROR); OC_Helper::rmdirr($extractDir); return false; } //check if an app with the same id is already installed if (self::isInstalled($info['id'])) { OC_Log::write('core', 'App already installed', OC_Log::WARN); OC_Helper::rmdirr($extractDir); if ($data['source'] == 'http') { unlink($path); } return false; } //check if the destination directory already exists if (is_dir($basedir)) { OC_Log::write('core', 'App directory already exists', OC_Log::WARN); OC_Helper::rmdirr($extractDir); if ($data['source'] == 'http') { unlink($path); } return false; } if (isset($data['pretent']) and $data['pretent'] == true) { return false; } //copy the app to the correct place if (@(!mkdir($basedir))) { OC_Log::write('core', 'Can\'t create app folder. Please fix permissions. (' . $basedir . ')', OC_Log::ERROR); OC_Helper::rmdirr($extractDir); if ($data['source'] == 'http') { unlink($path); } return false; } OC_Helper::copyr($extractDir, $basedir); //remove temporary files OC_Helper::rmdirr($extractDir); //install the database if (is_file($basedir . '/appinfo/database.xml')) { OC_DB::createDbFromStructure($basedir . '/appinfo/database.xml'); } //run appinfo/install.php if ((!isset($data['noinstall']) or $data['noinstall'] == false) and file_exists($basedir . '/appinfo/install.php')) { include $basedir . '/appinfo/install.php'; } //set the installed version OC_Appconfig::setValue($info['id'], 'installed_version', OC_App::getAppVersion($info['id'])); OC_Appconfig::setValue($info['id'], 'enabled', 'no'); //set remote/public handelers foreach ($info['remote'] as $name => $path) { OCP\CONFIG::setAppValue('core', 'remote_' . $name, '/apps/' . $info['id'] . '/' . $path); } foreach ($info['public'] as $name => $path) { OCP\CONFIG::setAppValue('core', 'public_' . $name, '/apps/' . $info['id'] . '/' . $path); } OC_App::setAppTypes($info['id']); return $info['id']; }
/** * check an app's integrity * @param array $data * @param string $extractDir * @param string $path * @param bool $isShipped * @return array * @throws \Exception */ public static function checkAppsIntegrity($data, $extractDir, $path, $isShipped = false) { $l = \OC::$server->getL10N('lib'); //load the info.xml file of the app if (!is_file($extractDir . '/appinfo/info.xml')) { //try to find it in a subdir $dh = opendir($extractDir); if (is_resource($dh)) { while (($folder = readdir($dh)) !== false) { if ($folder[0] != '.' and is_dir($extractDir . '/' . $folder)) { if (is_file($extractDir . '/' . $folder . '/appinfo/info.xml')) { $extractDir .= '/' . $folder; } } } } } if (!is_file($extractDir . '/appinfo/info.xml')) { OC_Helper::rmdirr($extractDir); if ($data['source'] === 'http') { unlink($path); } throw new \Exception($l->t("App does not provide an info.xml file")); } $info = OC_App::getAppInfo($extractDir . '/appinfo/info.xml', true); // We can't trust the parsed info.xml file as it may have been tampered // with by an attacker and thus we need to use the local data to check // whether the application needs to be signed. $appId = OC_App::cleanAppId($data['appdata']['id']); $appBelongingToId = OC_App::getInternalAppIdByOcs($appId); if (is_string($appBelongingToId)) { $previouslySigned = \OC::$server->getConfig()->getAppValue($appBelongingToId, 'signed', 'false'); } else { $appBelongingToId = $info['id']; $previouslySigned = 'false'; } if ($data['appdata']['level'] === OC_App::officialApp || $previouslySigned === 'true') { \OC::$server->getConfig()->setAppValue($appBelongingToId, 'signed', 'true'); $integrityResult = \OC::$server->getIntegrityCodeChecker()->verifyAppSignature($appBelongingToId, $extractDir); if ($integrityResult !== []) { $e = new \Exception($l->t('Signature could not get checked. Please contact the app developer and check your admin screen.')); throw $e; } } // check the code for not allowed calls if (!$isShipped && !OC_Installer::checkCode($extractDir)) { OC_Helper::rmdirr($extractDir); throw new \Exception($l->t("App can't be installed because of not allowed code in the App")); } // check if the app is compatible with this version of ownCloud if (!OC_App::isAppCompatible(\OCP\Util::getVersion(), $info)) { OC_Helper::rmdirr($extractDir); throw new \Exception($l->t("App can't be installed because it is not compatible with this version of ownCloud")); } // check if shipped tag is set which is only allowed for apps that are shipped with ownCloud if (!$isShipped && isset($info['shipped']) && $info['shipped'] == 'true') { OC_Helper::rmdirr($extractDir); throw new \Exception($l->t("App can't be installed because it contains the <shipped>true</shipped> tag which is not allowed for non shipped apps")); } // check if the ocs version is the same as the version in info.xml/version $version = trim($info['version']); if (isset($data['appdata']['version']) && $version != trim($data['appdata']['version'])) { OC_Helper::rmdirr($extractDir); throw new \Exception($l->t("App can't be installed because the version in info.xml is not the same as the version reported from the app store")); } return $info; }
/** * @brief Installs an app * @param $data array with all information * @throws \Exception * @returns integer * * This function installs an app. All information needed are passed in the * associative array $data. * The following keys are required: * - source: string, can be "path" or "http" * * One of the following keys is required: * - path: path to the file containing the app * - href: link to the downloadable file containing the app * * The following keys are optional: * - pretend: boolean, if set true the system won't do anything * - noinstall: boolean, if true appinfo/install.php won't be loaded * - inactive: boolean, if set true the appconfig/app.sample.php won't be * renamed * * This function works as follows * -# fetching the file * -# unzipping it * -# check the code * -# installing the database at appinfo/database.xml * -# including appinfo/install.php * -# setting the installed version * * It is the task of oc_app_install to create the tables and do whatever is * needed to get the app working. */ public static function installApp($data = array()) { $l = \OC_L10N::get('lib'); if (!isset($data['source'])) { throw new \Exception($l->t("No source specified when installing app")); } //download the file if necessary if ($data['source'] == 'http') { $pathInfo = pathinfo($data['href']); $path = OC_Helper::tmpFile('.' . $pathInfo['extension']); if (!isset($data['href'])) { throw new \Exception($l->t("No href specified when installing app from http")); } copy($data['href'], $path); } else { if (!isset($data['path'])) { throw new \Exception($l->t("No path specified when installing app from local file")); } $path = $data['path']; } //detect the archive type $mime = OC_Helper::getMimeType($path); if ($mime !== 'application/zip' && $mime !== 'application/x-gzip') { throw new \Exception($l->t("Archives of type %s are not supported", array($mime))); } //extract the archive in a temporary folder $extractDir = OC_Helper::tmpFolder(); OC_Helper::rmdirr($extractDir); mkdir($extractDir); if ($archive = OC_Archive::open($path)) { $archive->extract($extractDir); } else { OC_Helper::rmdirr($extractDir); if ($data['source'] == 'http') { unlink($path); } throw new \Exception($l->t("Failed to open archive when installing app")); } //load the info.xml file of the app if (!is_file($extractDir . '/appinfo/info.xml')) { //try to find it in a subdir $dh = opendir($extractDir); if (is_resource($dh)) { while (($folder = readdir($dh)) !== false) { if ($folder[0] != '.' and is_dir($extractDir . '/' . $folder)) { if (is_file($extractDir . '/' . $folder . '/appinfo/info.xml')) { $extractDir .= '/' . $folder; } } } } } if (!is_file($extractDir . '/appinfo/info.xml')) { OC_Helper::rmdirr($extractDir); if ($data['source'] == 'http') { unlink($path); } throw new \Exception($l->t("App does not provide an info.xml file")); } $info = OC_App::getAppInfo($extractDir . '/appinfo/info.xml', true); // check the code for not allowed calls if (!OC_Installer::checkCode($info['id'], $extractDir)) { OC_Helper::rmdirr($extractDir); throw new \Exception($l->t("App can't be installed because of not allowed code in the App")); } // check if the app is compatible with this version of ownCloud if (!isset($info['require']) or !OC_App::isAppVersionCompatible(OC_Util::getVersion(), $info['require'])) { OC_Helper::rmdirr($extractDir); throw new \Exception($l->t("App can't be installed because it is not compatible with this version of ownCloud")); } // check if shipped tag is set which is only allowed for apps that are shipped with ownCloud if (isset($info['shipped']) and $info['shipped'] == 'true') { OC_Helper::rmdirr($extractDir); throw new \Exception($l->t("App can't be installed because it contains the <shipped>true</shipped> tag which is not allowed for non shipped apps")); } // check if the ocs version is the same as the version in info.xml/version $versionFile = $extractDir . '/appinfo/version'; if (is_file($versionFile)) { $version = trim(file_get_contents($versionFile)); } else { $version = trim($info['version']); } if ($version != trim($data['appdata']['version'])) { OC_Helper::rmdirr($extractDir); throw new \Exception($l->t("App can't be installed because the version in info.xml/version is not the same as the version reported from the app store")); } $basedir = OC_App::getInstallPath() . '/' . $info['id']; //check if the destination directory already exists if (is_dir($basedir)) { OC_Helper::rmdirr($extractDir); if ($data['source'] == 'http') { unlink($path); } throw new \Exception($l->t("App directory already exists")); } if (isset($data['pretent']) and $data['pretent'] == true) { return false; } //copy the app to the correct place if (@(!mkdir($basedir))) { OC_Helper::rmdirr($extractDir); if ($data['source'] == 'http') { unlink($path); } throw new \Exception($l->t("Can't create app folder. Please fix permissions. %s", array($basedir))); } OC_Helper::copyr($extractDir, $basedir); //remove temporary files OC_Helper::rmdirr($extractDir); //install the database if (is_file($basedir . '/appinfo/database.xml')) { if (OC_Appconfig::getValue($info['id'], 'installed_version') === null) { OC_DB::createDbFromStructure($basedir . '/appinfo/database.xml'); } else { OC_DB::updateDbFromStructure($basedir . '/appinfo/database.xml'); } } //run appinfo/install.php if ((!isset($data['noinstall']) or $data['noinstall'] == false) and file_exists($basedir . '/appinfo/install.php')) { include $basedir . '/appinfo/install.php'; } //set the installed version OC_Appconfig::setValue($info['id'], 'installed_version', OC_App::getAppVersion($info['id'])); OC_Appconfig::setValue($info['id'], 'enabled', 'no'); //set remote/public handelers foreach ($info['remote'] as $name => $path) { OCP\CONFIG::setAppValue('core', 'remote_' . $name, $info['id'] . '/' . $path); } foreach ($info['public'] as $name => $path) { OCP\CONFIG::setAppValue('core', 'public_' . $name, $info['id'] . '/' . $path); } OC_App::setAppTypes($info['id']); return $info['id']; }