/** * Encrypts a value and adds an HMAC (Encrypt-Then-MAC) * @param string $plaintext * @param string $password Password to encrypt, if not specified the secret from config.php will be taken * @return string Authenticated ciphertext */ public function encrypt($plaintext, $password = '') { if ($password === '') { $password = $this->config->getSystemValue('secret'); } $this->cipher->setPassword($password); $iv = $this->random->getLowStrengthGenerator()->generate($this->ivLength); $this->cipher->setIV($iv); $ciphertext = bin2hex($this->cipher->encrypt($plaintext)); $hmac = bin2hex($this->calculateHMAC($ciphertext . $iv, $password)); return $ciphertext . '|' . $iv . '|' . $hmac; }
/** * Returns an ID for the request, value is not guaranteed to be unique and is mostly meant for logging * If `mod_unique_id` is installed this value will be taken. * @return string */ public function getId() { if (isset($this->server['UNIQUE_ID'])) { return $this->server['UNIQUE_ID']; } if (empty($this->requestId)) { $this->requestId = $this->secureRandom->getLowStrengthGenerator()->generate(20); } return $this->requestId; }
/** * @param $options * @return array */ public function install($options) { $l = $this->l10n; $error = array(); $dbType = $options['dbtype']; if (empty($options['adminlogin'])) { $error[] = $l->t('Set an admin username.'); } if (empty($options['adminpass'])) { $error[] = $l->t('Set an admin password.'); } if (empty($options['directory'])) { $options['directory'] = \OC::$SERVERROOT . "/data"; } if (!isset(self::$dbSetupClasses[$dbType])) { $dbType = 'sqlite'; } $username = htmlspecialchars_decode($options['adminlogin']); $password = htmlspecialchars_decode($options['adminpass']); $dataDir = htmlspecialchars_decode($options['directory']); $class = self::$dbSetupClasses[$dbType]; /** @var \OC\Setup\AbstractDatabase $dbSetup */ $dbSetup = new $class($l, 'db_structure.xml', $this->config, $this->logger, $this->random); $error = array_merge($error, $dbSetup->validate($options)); // validate the data directory if (!is_dir($dataDir) and !mkdir($dataDir) or !is_writable($dataDir)) { $error[] = $l->t("Can't create or write into the data directory %s", array($dataDir)); } if (count($error) != 0) { return $error; } $request = \OC::$server->getRequest(); //no errors, good if (isset($options['trusted_domains']) && is_array($options['trusted_domains'])) { $trustedDomains = $options['trusted_domains']; } else { $trustedDomains = [$request->getInsecureServerHost()]; } if (\OC_Util::runningOnWindows()) { $dataDir = rtrim(realpath($dataDir), '\\'); } //use sqlite3 when available, otherwise sqlite2 will be used. if ($dbType == 'sqlite' and class_exists('SQLite3')) { $dbType = 'sqlite3'; } //generate a random salt that is used to salt the local user passwords $salt = $this->random->getLowStrengthGenerator()->generate(30); // generate a secret $secret = $this->random->getMediumStrengthGenerator()->generate(48); //write the config file $this->config->setSystemValues(['passwordsalt' => $salt, 'secret' => $secret, 'trusted_domains' => $trustedDomains, 'datadirectory' => $dataDir, 'overwrite.cli.url' => $request->getServerProtocol() . '://' . $request->getInsecureServerHost() . \OC::$WEBROOT, 'dbtype' => $dbType, 'version' => implode('.', \OC_Util::getVersion())]); try { $dbSetup->initialize($options); $dbSetup->setupDatabase($username); } catch (\OC\DatabaseSetupException $e) { $error[] = array('error' => $e->getMessage(), 'hint' => $e->getHint()); return $error; } catch (Exception $e) { $error[] = array('error' => 'Error while trying to create admin user: '******'hint' => ''); return $error; } //create the user and group $user = null; try { $user = \OC::$server->getUserManager()->createUser($username, $password); if (!$user) { $error[] = "User <{$username}> could not be created."; } } catch (Exception $exception) { $error[] = $exception->getMessage(); } if (count($error) == 0) { $config = \OC::$server->getConfig(); $config->setAppValue('core', 'installedat', microtime(true)); $config->setAppValue('core', 'lastupdatedat', microtime(true)); $group = \OC::$server->getGroupManager()->createGroup('admin'); $group->addUser($user); \OC_User::login($username, $password); //guess what this does \OC_Installer::installShippedApps(); // create empty file in data dir, so we can later find // out that this is indeed an ownCloud data directory file_put_contents($config->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data') . '/.ocdata', ''); // Update .htaccess files Setup::updateHtaccess(); Setup::protectDataDirectory(); //try to write logtimezone if (date_default_timezone_get()) { $config->setSystemValue('logtimezone', date_default_timezone_get()); } //and we are done $config->setSystemValue('installed', true); } return $error; }