mirror of
https://github.com/Findus23/matomo-DiagnosticsExtended.git
synced 2024-09-19 16:03:46 +02:00
111 lines
3.5 KiB
PHP
111 lines
3.5 KiB
PHP
<?php
|
|
/**
|
|
* Matomo - free/libre analytics platform
|
|
*
|
|
* @link https://matomo.org
|
|
* @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
|
|
*/
|
|
|
|
namespace Piwik\Plugins\DiagnosticsExtended\Diagnostic;
|
|
|
|
use Piwik\Http;
|
|
use Piwik\Piwik;
|
|
use Piwik\Plugins\Diagnostics\Diagnostic\Diagnostic;
|
|
use Piwik\Plugins\Diagnostics\Diagnostic\DiagnosticResult;
|
|
use Psr\Log\LoggerInterface;
|
|
|
|
class CurlVersionCheck implements Diagnostic
|
|
{
|
|
/**
|
|
* @var LoggerInterface
|
|
*/
|
|
private $logger;
|
|
/**
|
|
* @var string
|
|
*/
|
|
private $label;
|
|
|
|
const SOCKET_TIMEOUT = 2;
|
|
const CACHEID = "DiagnosticsExtended_CurlVulnerabilities";
|
|
|
|
/**
|
|
* @var \Matomo\Cache\Lazy
|
|
*/
|
|
private $lazyCache;
|
|
|
|
|
|
public function __construct(LoggerInterface $logger, \Matomo\Cache\Lazy $lazyCache)
|
|
{
|
|
$this->logger = $logger;
|
|
$this->label = "🧪 " . Piwik::translate("DiagnosticsExtended_CurlVersionCheckLabel");
|
|
$this->lazyCache = $lazyCache;
|
|
}
|
|
|
|
|
|
/**
|
|
* @return DiagnosticResult[]
|
|
*/
|
|
public function execute()
|
|
{
|
|
if (!extension_loaded('curl')) {
|
|
return [DiagnosticResult::singleResult(
|
|
$this->label,
|
|
DiagnosticResult::STATUS_INFORMATIONAL,
|
|
Piwik::translate("DiagnosticsExtended_CurlVersionCheckNoCurl")
|
|
)];
|
|
}
|
|
$version = curl_version()["version"];
|
|
|
|
$url = "https://curl.se/docs/vuln.pm";
|
|
$timeout = self::SOCKET_TIMEOUT;
|
|
try {
|
|
$response = $this->lazyCache->fetch(self::CACHEID);
|
|
if (!$response) {
|
|
$response = Http::sendHttpRequest($url, $timeout);
|
|
$this->lazyCache->save(self::CACHEID, $response, 60 * 60 * 24 * 7);
|
|
}
|
|
$vulns = [];
|
|
foreach (explode("\n", $response) as $line) {
|
|
$line = trim($line);
|
|
if (strpos($line, "#") === 0 || strpos($line, "@") === 0 || strpos($line, ")") === 0) {
|
|
continue;
|
|
}
|
|
$line = str_replace('"', "", $line);
|
|
$cols = explode("|", $line);
|
|
$startVersion = $cols[1];
|
|
$endVersion = $cols[2];
|
|
$URL = htmlspecialchars($cols[0], ENT_QUOTES, 'UTF-8');
|
|
$CVE = htmlspecialchars($cols[4], ENT_QUOTES, 'UTF-8');
|
|
if (
|
|
version_compare($version, $startVersion, ">=") &&
|
|
version_compare($version, $endVersion, "<=")
|
|
) {
|
|
$vulns[] = "<a target='_blank' rel='noopener' href='https://curl.se/docs/$URL'>$CVE</a>";
|
|
}
|
|
}
|
|
if (count($vulns) > 0) {
|
|
return [DiagnosticResult::singleResult(
|
|
$this->label,
|
|
DiagnosticResult::STATUS_ERROR,
|
|
Piwik::translate("DiagnosticsExtended_CurlVersionCheckVulnerable",[$version])
|
|
. " "
|
|
. join(", ", $vulns)
|
|
)];
|
|
} else {
|
|
return [DiagnosticResult::singleResult(
|
|
$this->label,
|
|
DiagnosticResult::STATUS_OK,
|
|
Piwik::translate("DiagnosticsExtended_CurlVersionCheckUpToDate", [$version])
|
|
)];
|
|
}
|
|
} catch (\Exception $e) {
|
|
return [DiagnosticResult::singleResult(
|
|
$this->label,
|
|
DiagnosticResult::STATUS_INFORMATIONAL,
|
|
Piwik::translate("DiagnosticsExtended_CurlVersionCheckFailed")
|
|
)];
|
|
}
|
|
|
|
|
|
}
|
|
}
|