From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports
---
bin/update.sh | 91 ++++++++++++++++++++++++++++++++++++++++++---
1 files changed, 85 insertions(+), 6 deletions(-)
diff --git a/bin/update.sh b/bin/update.sh
index 91af641..5bc01be 100755
--- a/bin/update.sh
+++ b/bin/update.sh
@@ -5,7 +5,7 @@
| bin/update.sh |
| |
| This file is part of the Roundcube Webmail client |
- | Copyright (C) 2010-2013, The Roundcube Dev Team |
+ | Copyright (C) 2010-2015, The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
@@ -19,7 +19,7 @@
+-----------------------------------------------------------------------+
*/
-define('INSTALL_PATH', realpath(dirname(__FILE__) . '/..') . '/' );
+define('INSTALL_PATH', realpath(__DIR__ . '/..') . '/' );
require_once INSTALL_PATH . 'program/include/clisetup.php';
@@ -156,15 +156,94 @@
// check database schema
if ($RCI->config['db_dsnw']) {
echo "Executing database schema update.\n";
- system("php " . INSTALL_PATH . "bin/updatedb.sh --package=roundcube --version=" . $opts['version']
- . " --dir=" . INSTALL_PATH . DIRECTORY_SEPARATOR . "SQL", $res);
+ $success = rcmail_utils::db_update(INSTALL_PATH . 'SQL', 'roundcube', $opts['version'],
+ array('errors' => true));
+ }
- $success = !$res;
+ // update composer dependencies
+ if (is_file(INSTALL_PATH . 'composer.json') && is_readable(INSTALL_PATH . 'composer.json-dist')) {
+ $composer_data = json_decode(file_get_contents(INSTALL_PATH . 'composer.json'), true);
+ $composer_template = json_decode(file_get_contents(INSTALL_PATH . 'composer.json-dist'), true);
+ $comsposer_json = null;
+
+ // update the require section with the new dependencies
+ if (is_array($composer_data['require']) && is_array($composer_template['require'])) {
+ $composer_data['require'] = array_merge($composer_data['require'], $composer_template['require']);
+ /* TO BE ADDED LATER
+ $old_packages = array();
+ for ($old_packages as $pkg) {
+ if (array_key_exists($composer_data['require'], $pkg)) {
+ unset($composer_data['require'][$pkg]);
+ }
+ }
+ */
+ }
+
+ // update the repositories section with the new dependencies
+ if (is_array($composer_template['repositories'])) {
+ if (!is_array($composer_data['repositories'])) {
+ $composer_data['repositories'] = array();
+ }
+
+ foreach ($composer_template['repositories'] as $repo) {
+ $rkey = $repo['type'] . preg_replace('/^https?:/', '', $repo['url']) . $repo['package']['name'];
+ $existing = false;
+ foreach ($composer_data['repositories'] as $k => $_repo) {
+ if ($rkey == $_repo['type'] . preg_replace('/^https?:/', '', $_repo['url']) . $_repo['package']['name']) {
+ $existing = true;
+ break;
+ }
+ // remove old repos
+ else if (strpos($_repo['url'], 'git://git.kolab.org') === 0) {
+ unset($composer_data['repositories'][$k]);
+ }
+ }
+ if (!$existing) {
+ $composer_data['repositories'][] = $repo;
+ }
+ }
+
+ $composer_data['repositories'] = array_values($composer_data['repositories']);
+ }
+
+ // use the JSON encoder from the Composer package
+ if (is_file('composer.phar')) {
+ include 'phar://composer.phar/src/Composer/Json/JsonFile.php';
+ $comsposer_json = \Composer\Json\JsonFile::encode($composer_data);
+ }
+ // PHP 5.4's json_encode() does the job, too
+ else if (defined('JSON_PRETTY_PRINT')) {
+ $comsposer_json = json_encode($composer_data, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES);
+ }
+ else {
+ $success = false;
+ $comsposer_json = null;
+ }
+
+ // write updated composer.json back to disk
+ if ($comsposer_json && is_writeable(INSTALL_PATH . 'composer.json')) {
+ $success &= (bool)file_put_contents(INSTALL_PATH . 'composer.json', $comsposer_json);
+ }
+ else {
+ echo "WARNING: unable to update composer.json!\n";
+ echo "Please replace the 'require' section in your composer.json with the following:\n";
+
+ $require_json = '';
+ foreach ($composer_data['require'] as $pkg => $ver) {
+ $require_json .= sprintf(' "%s": "%s",'."\n", $pkg, $ver);
+ }
+
+ echo ' "require": {'."\n";
+ echo rtrim($require_json, ",\n");
+ echo "\n }\n\n";
+ }
+
+ echo "NOTE: Update dependencies by running `php composer.phar update --no-dev`\n";
}
// index contacts for fulltext searching
if ($opts['version'] && version_compare(version_parse($opts['version']), '0.6.0', '<')) {
- system("php " . INSTALL_PATH . 'bin/indexcontacts.sh');
+ rcmail_utils::indexcontacts();
}
if ($success) {
--
Gitblit v1.9.1