From 96cb844befc77c4451faa1c691b42de0dd38060f Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Mon, 10 Mar 2025 06:50:41 +0100 Subject: [PATCH] fix(base.php): Correct order for booting \OC\Server A recent change had broken authentication with an older FastCGI Apache2 module, because the IRequest object got initialised before the fix from self::handleAuthHeaders() copied the authentication headers into the correct $_SERVER variables. Since this part is completely independent from any Nextcloud code it is now done as a first thing within the init() call. Additionally similar issues could happen when another class would boot too early and read other global PHP settings like ini values and default timezone, so those are now also moved to the beginning. Signed-off-by: Joas Schilling --- lib/base.php | 60 ++++++++++++++++++++++++++++------------------------ 1 file changed, 32 insertions(+), 28 deletions(-) diff --git a/lib/base.php b/lib/base.php index 44b78ff713ead..9db6996025609 100644 --- a/lib/base.php +++ b/lib/base.php @@ -456,6 +456,28 @@ public static function hasSessionRelaxedExpiry(): bool { * Try to set some values to the required Nextcloud default */ public static function setRequiredIniValues(): void { + // Don't display errors and log them + @ini_set('display_errors', '0'); + @ini_set('log_errors', '1'); + + + // Try to configure php to enable big file uploads. + // This doesn't work always depending on the webserver and php configuration. + // Let's try to overwrite some defaults if they are smaller than 1 hour + + if (intval(@ini_get('max_execution_time') ?: 0) < 3600) { + @ini_set('max_execution_time', strval(3600)); + } + + if (intval(@ini_get('max_input_time') ?: 0) < 3600) { + @ini_set('max_input_time', strval(3600)); + } + + // Try to set the maximum execution time to the largest time limit we have + if (strpos(@ini_get('disable_functions'), 'set_time_limit') === false) { + @set_time_limit(max(intval(@ini_get('max_execution_time')), intval(@ini_get('max_input_time')))); + } + @ini_set('default_charset', 'UTF-8'); @ini_set('gd.jpeg_ignore_warning', '1'); } @@ -554,11 +576,21 @@ private static function performSameSiteCookieProtection(\OCP\IConfig $config): v } public static function init(): void { + // First handle PHP configuration and copy auth headers to the expected + // $_SERVER variable before doing anything Server object related + self::setRequiredIniValues(); + self::handleAuthHeaders(); + // prevent any XML processing from loading external entities libxml_set_external_entity_loader(static function () { return null; }); + // Set default timezone before the Server object is booted + if (!date_default_timezone_set('UTC')) { + throw new \RuntimeException('Could not set timezone to UTC'); + } + // calculate the root directories OC::$SERVERROOT = str_replace('\\', '/', substr(__DIR__, 0, -4)); @@ -616,34 +648,6 @@ public static function init(): void { error_reporting(E_ALL); } - // Don't display errors and log them - @ini_set('display_errors', '0'); - @ini_set('log_errors', '1'); - - if (!date_default_timezone_set('UTC')) { - throw new \RuntimeException('Could not set timezone to UTC'); - } - - - //try to configure php to enable big file uploads. - //this doesn´t work always depending on the webserver and php configuration. - //Let´s try to overwrite some defaults if they are smaller than 1 hour - - if (intval(@ini_get('max_execution_time') ?: 0) < 3600) { - @ini_set('max_execution_time', strval(3600)); - } - - if (intval(@ini_get('max_input_time') ?: 0) < 3600) { - @ini_set('max_input_time', strval(3600)); - } - - //try to set the maximum execution time to the largest time limit we have - if (strpos(@ini_get('disable_functions'), 'set_time_limit') === false) { - @set_time_limit(max(intval(@ini_get('max_execution_time')), intval(@ini_get('max_input_time')))); - } - - self::setRequiredIniValues(); - self::handleAuthHeaders(); $systemConfig = Server::get(\OC\SystemConfig::class); self::registerAutoloaderCache($systemConfig);