Subversion Repositories vnag

Rev

Rev 32 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 32 Rev 33
Line 1... Line 1...
1 
<?php /* <ViaThinkSoftSignature>
 1 
<?php /* <ViaThinkSoftSignature>
2 
TAItYQDND8ibGUd1YC/f04SIIzeSm99JNg+mmSjefJjt841dZ7o9BCrAGDh2jiv+7
 2 
IvzBH2MGR7iuY8ypKdaWeNlTFUDviDbO7/OB8VBORbHEEsLkTdH/PYxpmlvrI5KWl
3 
akv0WmInOLOjoJPsglVIAEEBh/SfaxvzGfprA8vj54DZ11seUBF7jXUy+WCVapBke
 3 
NwVu87C8TziS10APkoVpPaMR/5UtGbU8dNEuBzMZOkH2sLSmjYqj8Eo+RswjNtFHc
4 
yAGvtEAIZ5gToiyzs0aE94svxZZfpC7clFRhqON5u1XMZhdSsVgEfzJcIJroq35NE
 4 
nmn6lEmHHXYDibl+8ante/SL15CBYBaFS5ZEt96tZHz1z6v31QVpmOmSfMoKFlnhJ
5 
2IRUebM4La1mBuopQWwx6FSFuxUjwcn7Q/zUP1rCwU8VAL/ycbG10FGNtYU14sOXl
 5 
G9mnmfJlplnUJuYk84LIgUe4rBrvU6bivOkkTNOg0MKQdcWDb6y1j20fojGbUWXkc
6 
ymQoh2A2ODFO2LYpMxh+7vHASw2Nnk6BhuvQAwM3C+SBW56SkWZK/JkRXLN9NoqKk
 6 
RzaKESzNS/cA8shEuaO4UwXifkuxwgzRpzGR19k83xLnzvboPmbqt9BWgtKrV09Is
7 
5uxSC6YUlsi1OPJULaVWOoBvjUIau809jeeW72COFRjZKkX266Rv7mm6wrcxoOIXh
 7 
UbEOEcczA6r0/phKLMl1svf6syhyPuEmmplyxzobiOgoclwUbTqNyJU06M78HkJZ0
8 
Cj+m2bP42thx+Df1i4/CFFsxg/sHvorkwS+6B+0kGl1+2Ghwx3L94F+ThJxWtGOhM
 8 
Apjh3M56pKAxfJE0PLusZT6Fj2F2Ww0Y85rtF41NfWb4LmHFBiys+SL5eYZ8vSQEF
9 
Jawl3weaWZuojsU79HRnqBK+Yy8Shuzq/k+FonrJE4FE4oogIf7pzXGKOqXvjtXxG
 9 
Dlot/K9qGb24UUWP0IiGrIL1b+0huGdb1L6msWVM4DMJDcA+L0afMfxKccQsAslfA
10 
DoWCa/hotEFcs+mCYeAAjpDf2V8qSFKT2odHjJwLklKpIov+Tlr/XtMrZtCIDjDh3
 10 
lOEq+PL3tbrcyWyxcmvnNopr0/8ZjLWr8Vc6B2oT7Y7SgqPeChsGAIR8k9tB26K9l
11 
KBH6/9+8Bw5S5nFGvNfThSihlWKloqvysKDiCxIaLCOszzWNgsUUbUgppv2NFFzso
 11 
eCSC87JnHnJY98wc7acgoLAIdTI4Djfsp47/Ke21FLRtW6PbV20wzFcxEiECKT6U0
12 
QkJ22yObljS6p47cYnNmd5Pp3q9+JCTn5epn+XP4RRN3Z+ax7tiusqqVnlik0pwb3
 12 
P2x8oWaRK1FD5UQpm0qoDV1G0R/GrkbjSgK5Or1OTeDF/cGL47LQy2Z9IUbmzc9o5
13 
+9Yrl4Pq4QkloolrEnsQtyy3xlrk53fVCWoA3aLNcYVHN8Nl4OjyIEImLbkNPddHz
 13 
S47WI4+4UxBTgEluO5REwg7lBBh3T8o6VdpjWSwuES+tgvhBCc0eGhHfDAlwDkxaA
14 
RUqGSNgoEZDKKbfi7i52VssHWzv/9HzHvNpoThbln8C3q8WFlgnuSStpwZSonZEPo
 14 
cKBdUyP0SPbc8OKQySmjmNCwFWsu6W/IbZDDWoyA1eZtJL5x5EY8sDGY3tEPPWZ6r
15 
9wvnVo8orJjLzflkjPtBLIS7EL+R66RqpP3PF1lTi4Xl6fh9BFxif9juBSsCaJAjV
 15 
BdK/F9OocrLiAyqP3ExjGg895KlxEzF1udxxtUL/sjZcz31/MAkYylqCl2eOdUa6l
16 
H0YECXyGiNPb1XcUXrDhWUrCViloHDq6sEQgW64s33SGqksFXG6IN/NV+54mW0hG4
 16 
4iFv6hWyNnxdkEvHB0MIxHE/1JKYqXTckGiBz758ATyFxwz7B+Ln5H4Cck6DHP1e9
17 
PUzIZ6Bgu9HggpfgFSAuzAW5xTMq/ng19pjo9y7cdeSnMF43BPhg3SSdvX2W8oRn1
 17 
5VT33ScKyh0D4CQSd/MNe/JxvyjQEDdbpJDZ/Nm/kxjhkLkYvz4sQGdS/oxYCmLXM
18 
Fv5BHbsvw5vvHJUf+kUA5YN0IRUtOmoDB2Z4kkzuP9VBLoqK9KWG9PXZ5sMWp6ib9
 18 
xO2ESmZI+thCSdLz4sFRvikCQIPlU6VuxmsKXMoa1irESaDqcYfcVOIL8chUvikwQ
19 
1KqMuFbx4y5NI9kjwhCQXuDAF2bJhtCHuPU+IyjhWqtFTWhD583AaHjt0gaVzkcuN
 19 
3GH8hNVV257SJN3MO8Nd2Fj/WpgIgV5TXRsfk/KujjnF62zkLc0eATo0vkwVlQ+9d
20 
umskt4IR5Yqvo6oDtWCP7YRWJnzAFB9zDItFk1OjjomaSkKQvhztITWO4N3jmtonG
 20 
gtTHL4R40c+jy1u0jDRxvtkgJ5dIETpkvzpu0/thWRXIv+sTtTQ/a60S4ZkHGM3za
21 
PkIUkR8DWEYLZUSP+zWV9UZ2yE5KYAwgXIstx2ovLSvV6f5kyz+z+x0sU7fo4m0qa
 21 
0GCX+lu83OpzrYkb0HTjrfA04k2SgvxtV1z0vqj5mPCSIEGx76LEApCHvPCl1QecK
22 
2HjjwaFSWf/yGHDkEch/5woquK4YWrrlFzCQZmhok6tSF8WS+eb6Ci4/wsCa1Znx4
 22 
ze+Jd6kZVOY/JFuU02o2iRx+7fYFxAHoXOmjZMfSlLAQ+/vvs7TA3hsbXMcihhLfg
23 
w==
 23 
w==
24 
</ViaThinkSoftSignature> */ ?>
 24 
</ViaThinkSoftSignature> */ ?>
25 
<?php
 25 
<?php
26 
 
 26 
 
27 
/*
 27 
/*
Line 58... Line 58...
58 
 
 58 
 
59 
                if (!file_exists($local_path . '/version.php')) {
 59 
                if (!file_exists($local_path . '/version.php')) {
60 
                        throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'".');
 60 
                        throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'".');
61 
                }
 61 
                }
62 
 
 62 
 
63 
                // TODO: this is a security vulnerability if an non-root user can control the input of version.php !
 63 
                // We don't include version.php because it would be a security vulnerability
64 
                $vendor = 'unknown';
 64 
                // code injection if somebody controls version.php
- 
 
 65 
                $cont = file_get_contents($local_path . '/version.php');
- 
 
 66 
                if (preg_match('@\\$(OC_Version)\\s*=\\s*array\\(\\s*(.+)\\s*,\\s*(.+)\\s*,\\s*(.+)\\s*,\\s*(.+)\\s*\\)\\s*;@ismU', $cont, $m)) {
65 
                $OC_Version = array(0,0,0,0);
 67 
                        $OC_Version = array($m[2],$m[3],$m[4],$m[5]);
- 
 
 68 
                } else {
- 
 
 69 
                        throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'". Missing "OC_Version".');
- 
 
 70 
                }
- 
 
 71 
                if (preg_match('@\\$(OC_VersionString)\\s*=\\s*([\'"])(.*)\\2\\s*;@ismU', $cont, $m)) {
66 
                $OC_VersionString = 'unknown';
 72 
                        $OC_VersionString = $m[3];
- 
 
 73 
                } else {
- 
 
 74 
                        throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'". Missing "OC_VersionString".');
- 
 
 75 
                }
- 
 
 76 
                if (preg_match('@\\$(OC_Edition)\\s*=\\s*([\'"])(.*)\\2\\s*;@ismU', $cont, $m)) {
67 
                $OC_Edition = 'unknown';
 77 
                        $OC_Edition = $m[3];
- 
 
 78 
                } else {
- 
 
 79 
                        throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'". Missing "OC_Edition".');
- 
 
 80 
                }
- 
 
 81 
                if (preg_match('@\\$(OC_Channel)\\s*=\\s*([\'"])(.*)\\2\\s*;@ismU', $cont, $m)) {
68 
                $OC_Channel = 'unknown';
 82 
                        $OC_Channel = $m[3];
- 
 
 83 
                } else {
- 
 
 84 
                        throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'". Missing "OC_Channel".');
- 
 
 85 
                }
- 
 
 86 
                if (preg_match('@\\$(OC_Build)\\s*=\\s*([\'"])(.*)\\2\\s*;@ismU', $cont, $m)) {
69 
                $OC_Build = 'unknown';
 87 
                        $OC_Build = $m[3];
- 
 
 88 
                } else {
70 
                include $local_path . '/version.php';
 89 
                        throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'". Missing "OC_Build".');
71 
 
 90 
                }
- 
 
 91 
                if (preg_match('@\\$(vendor)\\s*=\\s*([\'"])(.*)\\2\\s*;@ismU', $cont, $m)) {
- 
 
 92 
                        $vendor = $m[3];
72 
                if ($vendor != 'owncloud') {
 93 
                        if ($vendor != 'owncloud') {
73 
                        throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'". It is "$vendor".');
 94 
                                throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'". It is "'.$vendor.'".');
- 
 
 95 
                        }
- 
 
 96 
                } else {
- 
 
 97 
                        throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'". Missing "vendor".');
74 
                }
 98 
                }
75 
 
 99 
 
76 
                // Owncloud\Updater\Utils\Fetcher::DEFAULT_BASE_URL
 100 
                // Owncloud\Updater\Utils\Fetcher::DEFAULT_BASE_URL
77 
                $baseUrl = 'https://updates.owncloud.com/server/';
 101 
                $baseUrl = 'https://updates.owncloud.com/server/';
78 
 
 102