From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports
---
bin/update.sh | 122 ++++++++++++++++++++++++++++++++++------
1 files changed, 104 insertions(+), 18 deletions(-)
diff --git a/bin/update.sh b/bin/update.sh
index b5000bb..5bc01be 100755
--- a/bin/update.sh
+++ b/bin/update.sh
@@ -5,7 +5,7 @@
| bin/update.sh |
| |
| This file is part of the Roundcube Webmail client |
- | Copyright (C) 2010-2011, The Roundcube Dev Team |
+ | Copyright (C) 2010-2015, The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
@@ -19,13 +19,12 @@
+-----------------------------------------------------------------------+
*/
-define('INSTALL_PATH', realpath(dirname(__FILE__) . '/..') . '/' );
+define('INSTALL_PATH', realpath(__DIR__ . '/..') . '/' );
require_once INSTALL_PATH . 'program/include/clisetup.php';
-require_once INSTALL_PATH . 'installer/rcube_install.php';
// get arguments
-$opts = rcube_utils::get_opt(array('v' => 'version'));
+$opts = rcube_utils::get_opt(array('v' => 'version', 'y' => 'accept'));
// ask user if no version is specified
if (!$opts['version']) {
@@ -36,12 +35,8 @@
$opts['version'] = RCMAIL_VERSION;
}
-$RCI = rcube_install::get_instance();
+$RCI = rcmail_install::get_instance();
$RCI->load_config();
-
-if ($opts['version'] && version_compare(version_parse($opts['version']), version_parse(RCMAIL_VERSION), '>=') && !$RCI->legacy_config)
- die("Nothing to be done here. Bye!\n");
-
if ($RCI->configured) {
$success = true;
@@ -82,11 +77,13 @@
// ask user to update config files
if ($err) {
- echo "Do you want me to fix your local configuration? (y/N)\n";
- $input = trim(fgets(STDIN));
+ if (!$opts['accept']) {
+ echo "Do you want me to fix your local configuration? (y/N)\n";
+ $input = trim(fgets(STDIN));
+ }
// positive: let's merge the local config with the defaults
- if (strtolower($input) == 'y') {
+ if ($opts['accept'] || strtolower($input) == 'y') {
$error = $written = false;
// backup current config
@@ -103,7 +100,7 @@
if (!$error) {
$RCI->merge_config();
echo ". writing " . RCMAIL_CONFIG_DIR . "/config.inc.php...\n";
- $written = file_put_contents(RCMAIL_CONFIG_DIR . '/config.inc.php', $RCI->create_config());
+ $written = $RCI->save_configfile($RCI->create_config());
}
// Success!
@@ -146,18 +143,107 @@
}
}
+ // check file type detection
+ if ($RCI->check_mime_detection()) {
+ echo "WARNING: File type detection doesn't work properly!\n";
+ echo "Please check the 'mime_magic' config option or the finfo functions of PHP and run this script again.\n";
+ }
+ if ($RCI->check_mime_extensions()) {
+ echo "WARNING: Mimetype to file extension mapping doesn't work properly!\n";
+ echo "Please check the 'mime_types' config option and run this script again.\n";
+ }
+
// check database schema
if ($RCI->config['db_dsnw']) {
echo "Executing database schema update.\n";
- system(INSTALL_PATH . "bin/updatedb.sh --package=roundcube --version=" . $opts['version']
- . " --dir=" . INSTALL_PATH . DIRECTORY_SEPARATOR . "SQL", $res);
+ $success = rcmail_utils::db_update(INSTALL_PATH . 'SQL', 'roundcube', $opts['version'],
+ array('errors' => true));
+ }
- $success = !$res;
+ // update composer dependencies
+ if (is_file(INSTALL_PATH . 'composer.json') && is_readable(INSTALL_PATH . 'composer.json-dist')) {
+ $composer_data = json_decode(file_get_contents(INSTALL_PATH . 'composer.json'), true);
+ $composer_template = json_decode(file_get_contents(INSTALL_PATH . 'composer.json-dist'), true);
+ $comsposer_json = null;
+
+ // update the require section with the new dependencies
+ if (is_array($composer_data['require']) && is_array($composer_template['require'])) {
+ $composer_data['require'] = array_merge($composer_data['require'], $composer_template['require']);
+ /* TO BE ADDED LATER
+ $old_packages = array();
+ for ($old_packages as $pkg) {
+ if (array_key_exists($composer_data['require'], $pkg)) {
+ unset($composer_data['require'][$pkg]);
+ }
+ }
+ */
+ }
+
+ // update the repositories section with the new dependencies
+ if (is_array($composer_template['repositories'])) {
+ if (!is_array($composer_data['repositories'])) {
+ $composer_data['repositories'] = array();
+ }
+
+ foreach ($composer_template['repositories'] as $repo) {
+ $rkey = $repo['type'] . preg_replace('/^https?:/', '', $repo['url']) . $repo['package']['name'];
+ $existing = false;
+ foreach ($composer_data['repositories'] as $k => $_repo) {
+ if ($rkey == $_repo['type'] . preg_replace('/^https?:/', '', $_repo['url']) . $_repo['package']['name']) {
+ $existing = true;
+ break;
+ }
+ // remove old repos
+ else if (strpos($_repo['url'], 'git://git.kolab.org') === 0) {
+ unset($composer_data['repositories'][$k]);
+ }
+ }
+ if (!$existing) {
+ $composer_data['repositories'][] = $repo;
+ }
+ }
+
+ $composer_data['repositories'] = array_values($composer_data['repositories']);
+ }
+
+ // use the JSON encoder from the Composer package
+ if (is_file('composer.phar')) {
+ include 'phar://composer.phar/src/Composer/Json/JsonFile.php';
+ $comsposer_json = \Composer\Json\JsonFile::encode($composer_data);
+ }
+ // PHP 5.4's json_encode() does the job, too
+ else if (defined('JSON_PRETTY_PRINT')) {
+ $comsposer_json = json_encode($composer_data, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES);
+ }
+ else {
+ $success = false;
+ $comsposer_json = null;
+ }
+
+ // write updated composer.json back to disk
+ if ($comsposer_json && is_writeable(INSTALL_PATH . 'composer.json')) {
+ $success &= (bool)file_put_contents(INSTALL_PATH . 'composer.json', $comsposer_json);
+ }
+ else {
+ echo "WARNING: unable to update composer.json!\n";
+ echo "Please replace the 'require' section in your composer.json with the following:\n";
+
+ $require_json = '';
+ foreach ($composer_data['require'] as $pkg => $ver) {
+ $require_json .= sprintf(' "%s": "%s",'."\n", $pkg, $ver);
+ }
+
+ echo ' "require": {'."\n";
+ echo rtrim($require_json, ",\n");
+ echo "\n }\n\n";
+ }
+
+ echo "NOTE: Update dependencies by running `php composer.phar update --no-dev`\n";
}
// index contacts for fulltext searching
- if (version_compare(version_parse($opts['version']), '0.6.0', '<')) {
- system(INSTALL_PATH . 'bin/indexcontacts.sh');
+ if ($opts['version'] && version_compare(version_parse($opts['version']), '0.6.0', '<')) {
+ rcmail_utils::indexcontacts();
}
if ($success) {
--
Gitblit v1.9.1