mirror of
https://github.com/Findus23/matomo-DiagnosticsExtended.git
synced 2024-09-20 17:13:46 +02:00
89 lines
2.5 KiB
PHP
89 lines
2.5 KiB
PHP
|
<?php
|
||
|
/**
|
||
|
* Matomo - free/libre analytics platform
|
||
|
*
|
||
|
* @link https://matomo.org
|
||
|
* @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
|
||
|
*/
|
||
|
|
||
|
namespace Piwik\Plugins\DiagnosticsExtended\Diagnostic;
|
||
|
|
||
|
use Piwik\Plugins\Diagnostics\Diagnostic\Diagnostic;
|
||
|
use Piwik\Plugins\Diagnostics\Diagnostic\DiagnosticResult;
|
||
|
use Psr\Log\LoggerInterface;
|
||
|
|
||
|
class OpensslVersionCheck implements Diagnostic
|
||
|
{
|
||
|
/**
|
||
|
* @var LoggerInterface
|
||
|
*/
|
||
|
private $logger;
|
||
|
/**
|
||
|
* @var string
|
||
|
*/
|
||
|
private $label;
|
||
|
|
||
|
/**
|
||
|
* Use a rather old version as many security fixes are backported
|
||
|
*/
|
||
|
const MINIMUM_VERSION = "1.0.2";
|
||
|
const MINIMUM_VERSION_LETTER = "b";
|
||
|
|
||
|
|
||
|
public function __construct(LoggerInterface $logger)
|
||
|
{
|
||
|
$this->logger = $logger;
|
||
|
$this->label = "OpenSSL version check";
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* @return DiagnosticResult
|
||
|
*/
|
||
|
public function noOpenSSL()
|
||
|
{
|
||
|
return DiagnosticResult::singleResult(
|
||
|
$this->label,
|
||
|
DiagnosticResult::STATUS_INFORMATIONAL,
|
||
|
"Your PHP setup doesn't use OpenSSL or curl, so there is nothing to check"
|
||
|
);
|
||
|
}
|
||
|
|
||
|
|
||
|
/**
|
||
|
* @return DiagnosticResult[]
|
||
|
*/
|
||
|
public function execute()
|
||
|
{
|
||
|
if (!extension_loaded("curl") || !extension_loaded('openssl')) {
|
||
|
return [$this->noOpenSSL()];
|
||
|
}
|
||
|
$version = curl_version()["ssl_version"];
|
||
|
if (strpos($version, "OpenSSL/") !== 0) {
|
||
|
return [$this->noOpenSSL()];
|
||
|
}
|
||
|
$versionPart = substr($version, 8, 5);
|
||
|
$letterPart = substr($version, 13, 1);
|
||
|
if (
|
||
|
version_compare($versionPart, self::MINIMUM_VERSION, "<")
|
||
|
|| (
|
||
|
version_compare($versionPart, self::MINIMUM_VERSION, "=")
|
||
|
&& ord($letterPart) < ord(self::MINIMUM_VERSION_LETTER)
|
||
|
)
|
||
|
) {
|
||
|
return [DiagnosticResult::singleResult(
|
||
|
$this->label,
|
||
|
DiagnosticResult::STATUS_WARNING,
|
||
|
"Your OpenSSL version ($version) is pretty old.
|
||
|
Check if there are known vulnerabilities for it and update it if necessary."
|
||
|
)];
|
||
|
} else {
|
||
|
return [DiagnosticResult::singleResult(
|
||
|
$this->label,
|
||
|
DiagnosticResult::STATUS_INFORMATIONAL,
|
||
|
"Your OpenSSL version ($version) is not really old.
|
||
|
Nevertheless, check if there are known vulnerabilities for it and update it if necessary."
|
||
|
)];
|
||
|
}
|
||
|
}
|
||
|
}
|