/**
* Encrypts a value and adds an HMAC (Encrypt-Then-MAC)
* @param string $plaintext
* @param string $password Password to encrypt, if not specified the secret from config.php will be taken
* @return string Authenticated ciphertext
*/
public function encrypt($plaintext, $password = '')
{
if ($password === '') {
$password = $this->config->getSystemValue('secret');
}
$this->cipher->setPassword($password);
$iv = $this->random->getLowStrengthGenerator()->generate($this->ivLength);
$this->cipher->setIV($iv);
$ciphertext = bin2hex($this->cipher->encrypt($plaintext));
$hmac = bin2hex($this->calculateHMAC($ciphertext . $iv, $password));
return $ciphertext . '|' . $iv . '|' . $hmac;
}
/**
* Returns an ID for the request, value is not guaranteed to be unique and is mostly meant for logging
* If `mod_unique_id` is installed this value will be taken.
* @return string
*/
public function getId()
{
if (isset($this->server['UNIQUE_ID'])) {
return $this->server['UNIQUE_ID'];
}
if (empty($this->requestId)) {
$this->requestId = $this->secureRandom->getLowStrengthGenerator()->generate(20);
}
return $this->requestId;
}
/**
* @param $options
* @return array
*/
public function install($options)
{
$l = $this->l10n;
$error = array();
$dbType = $options['dbtype'];
if (empty($options['adminlogin'])) {
$error[] = $l->t('Set an admin username.');
}
if (empty($options['adminpass'])) {
$error[] = $l->t('Set an admin password.');
}
if (empty($options['directory'])) {
$options['directory'] = \OC::$SERVERROOT . "/data";
}
if (!isset(self::$dbSetupClasses[$dbType])) {
$dbType = 'sqlite';
}
$username = htmlspecialchars_decode($options['adminlogin']);
$password = htmlspecialchars_decode($options['adminpass']);
$dataDir = htmlspecialchars_decode($options['directory']);
$class = self::$dbSetupClasses[$dbType];
/** @var \OC\Setup\AbstractDatabase $dbSetup */
$dbSetup = new $class($l, 'db_structure.xml', $this->config, $this->logger, $this->random);
$error = array_merge($error, $dbSetup->validate($options));
// validate the data directory
if (!is_dir($dataDir) and !mkdir($dataDir) or !is_writable($dataDir)) {
$error[] = $l->t("Can't create or write into the data directory %s", array($dataDir));
}
if (count($error) != 0) {
return $error;
}
$request = \OC::$server->getRequest();
//no errors, good
if (isset($options['trusted_domains']) && is_array($options['trusted_domains'])) {
$trustedDomains = $options['trusted_domains'];
} else {
$trustedDomains = [$request->getInsecureServerHost()];
}
if (\OC_Util::runningOnWindows()) {
$dataDir = rtrim(realpath($dataDir), '\\');
}
//use sqlite3 when available, otherwise sqlite2 will be used.
if ($dbType == 'sqlite' and class_exists('SQLite3')) {
$dbType = 'sqlite3';
}
//generate a random salt that is used to salt the local user passwords
$salt = $this->random->getLowStrengthGenerator()->generate(30);
// generate a secret
$secret = $this->random->getMediumStrengthGenerator()->generate(48);
//write the config file
$this->config->setSystemValues(['passwordsalt' => $salt, 'secret' => $secret, 'trusted_domains' => $trustedDomains, 'datadirectory' => $dataDir, 'overwrite.cli.url' => $request->getServerProtocol() . '://' . $request->getInsecureServerHost() . \OC::$WEBROOT, 'dbtype' => $dbType, 'version' => implode('.', \OC_Util::getVersion())]);
try {
$dbSetup->initialize($options);
$dbSetup->setupDatabase($username);
} catch (\OC\DatabaseSetupException $e) {
$error[] = array('error' => $e->getMessage(), 'hint' => $e->getHint());
return $error;
} catch (Exception $e) {
$error[] = array('error' => 'Error while trying to create admin user: '******'hint' => '');
return $error;
}
//create the user and group
$user = null;
try {
$user = \OC::$server->getUserManager()->createUser($username, $password);
if (!$user) {
$error[] = "User <{$username}> could not be created.";
}
} catch (Exception $exception) {
$error[] = $exception->getMessage();
}
if (count($error) == 0) {
$config = \OC::$server->getConfig();
$config->setAppValue('core', 'installedat', microtime(true));
$config->setAppValue('core', 'lastupdatedat', microtime(true));
$group = \OC::$server->getGroupManager()->createGroup('admin');
$group->addUser($user);
\OC_User::login($username, $password);
//guess what this does
\OC_Installer::installShippedApps();
// create empty file in data dir, so we can later find
// out that this is indeed an ownCloud data directory
file_put_contents($config->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data') . '/.ocdata', '');
// Update .htaccess files
Setup::updateHtaccess();
Setup::protectDataDirectory();
//try to write logtimezone
if (date_default_timezone_get()) {
$config->setSystemValue('logtimezone', date_default_timezone_get());
}
//and we are done
$config->setSystemValue('installed', true);
}
return $error;
}
