[TASK] Remove suhosin checks 57/53857/5
authorChristian Kuhn <lolli@schwarzbu.ch>
Thu, 31 Aug 2017 19:12:27 +0000 (21:12 +0200)
committerChristian Kuhn <lolli@schwarzbu.ch>
Thu, 31 Aug 2017 21:00:07 +0000 (23:00 +0200)
The patch removes suhosin specific checks from ext:install
environment checks. Core v8 needs at least PHP 7.0 and the
suhosin project is still in a pre-alpha "don't use in production"
state and can be considered dead and is of little help in
our application in current state and likely not used anywhere.
For the sake of a cleaner check class, suhosin specific checks
are removed. This has been done in master already with the
related issue.

Change-Id: If003a8db37660662c65290a1e1bf25ef61375b80
Resolves: #82267
Related: #82257
Releases: master, 8.7
Reviewed-on: https://review.typo3.org/53857
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Susanne Moog <susanne.moog@typo3.org>
Tested-by: Susanne Moog <susanne.moog@typo3.org>
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
typo3/sysext/backend/Classes/Tree/ExtDirectNode.php
typo3/sysext/install/Classes/SystemEnvironment/Check.php
typo3/sysext/saltedpasswords/Documentation/Overview/Index.rst

index 808903b..fe1d513 100644 (file)
@@ -586,7 +586,7 @@ class ExtDirectNode extends \TYPO3\CMS\Backend\Tree\TreeNode
         if (!$this->isLeafNode()) {
             $arrayRepresentation['leaf'] = false;
         }
-        // Suhosin(?) or some other strange environment thingy prevents
+        // Some strange environment thingy prevents
         // the direct copy of an array into an index of the same array
         $copy = $arrayRepresentation;
         $arrayRepresentation['nodeData'] = $copy;
index 2f2d1ed..a42eef6 100644 (file)
@@ -86,18 +86,6 @@ class Check implements CheckInterface
         $status[] = $this->checkXdebugMaxNestingLevel();
         $status[] = $this->checkOpenSslInstalled();
 
-        if ($this->isSuhosinLoadedAndActive()) {
-            $status[] = $this->getSuhosinLoadedStatus();
-            $status[] = $this->checkSuhosinRequestMaxVars();
-            $status[] = $this->checkSuhosinRequestMaxVarnameLength();
-            $status[] = $this->checkSuhosinPostMaxNameLength();
-            $status[] = $this->checkSuhosinPostMaxVars();
-            $status[] = $this->checkSuhosinGetMaxNameLength();
-            $status[] = $this->checkSuhosinGetMaxValueLength();
-            $status[] = $this->checkSuhosinExecutorIncludeWhiteListContainsPhar();
-            $status[] = $this->checkSuhosinExecutorIncludeWhiteListContainsVfs();
-        }
-
         $status[] = $this->checkMaxInputVars();
         $status[] = $this->checkReflectionDocComment();
         $status[] = $this->checkWindowsApacheThreadStackSize();
@@ -597,306 +585,6 @@ class Check implements CheckInterface
     }
 
     /**
-     * Get suhosin loaded status
-     * Should be called only if suhosin extension is loaded
-     *
-     * @return Status\StatusInterface
-     * @throws \BadMethodCallException
-     */
-    protected function getSuhosinLoadedStatus()
-    {
-        if ($this->isSuhosinLoadedAndActive()) {
-            $status = new Status\OkStatus();
-            $status->setTitle('PHP suhosin extension loaded and active');
-            return $status;
-        }
-        throw new \BadMethodCallException('Should be called only if suhosin extension is loaded', 1422634778);
-    }
-
-    /**
-     * Check suhosin.request.max_vars
-     *
-     * @return Status\StatusInterface
-     */
-    protected function checkSuhosinRequestMaxVars()
-    {
-        $recommendedRequestMaxVars = 400;
-        if ($this->isSuhosinLoadedAndActive()) {
-            $currentRequestMaxVars = ini_get('suhosin.request.max_vars');
-            if ($currentRequestMaxVars < $recommendedRequestMaxVars) {
-                $status = new Status\ErrorStatus();
-                $status->setTitle('PHP suhosin.request.max_vars too low');
-                $status->setMessage(
-                    'suhosin.request.max_vars=' . $currentRequestMaxVars . LF .
-                    'This setting can lead to lost information if submitting forms with lots of data in TYPO3 CMS' .
-                    ' (as the install tool does). It is highly recommended to raise this' .
-                    ' to at least ' . $recommendedRequestMaxVars . ':' . LF .
-                    'suhosin.request.max_vars=' . $recommendedRequestMaxVars
-                );
-            } else {
-                $status = new Status\OkStatus();
-                $status->setTitle('PHP suhosin.request.max_vars ok');
-            }
-        } else {
-            $status = new Status\InfoStatus();
-            $status->setTitle('Suhosin not loaded');
-            $status->setMessage(
-                'If enabling suhosin, suhosin.request.max_vars' .
-                ' should be set to at least ' . $recommendedRequestMaxVars . ':' . LF .
-                'suhosin.request.max_vars=' . $recommendedRequestMaxVars
-            );
-        }
-        return $status;
-    }
-
-    /**
-     * Check suhosin.request.max_varname_length
-     *
-     * @return Status\StatusInterface
-     */
-    protected function checkSuhosinRequestMaxVarnameLength()
-    {
-        $recommendedRequestMaxVarnameLength = 200;
-        if ($this->isSuhosinLoadedAndActive()) {
-            $currentRequestMaxVarnameLength = ini_get('suhosin.request.max_varname_length');
-            if ($currentRequestMaxVarnameLength < $recommendedRequestMaxVarnameLength) {
-                $status = new Status\ErrorStatus();
-                $status->setTitle('PHP suhosin.request.max_varname_length too low');
-                $status->setMessage(
-                    'suhosin.request.max_varname_length=' . $currentRequestMaxVarnameLength . LF .
-                    'This setting can lead to lost information if submitting forms with lots of data in TYPO3 CMS' .
-                    ' (as the install tool does). It is highly recommended to raise this' .
-                    ' to at least ' . $recommendedRequestMaxVarnameLength . ':' . LF .
-                    'suhosin.request.max_varname_length=' . $recommendedRequestMaxVarnameLength
-                );
-            } else {
-                $status = new Status\OkStatus();
-                $status->setTitle('PHP suhosin.request.max_varname_length ok');
-            }
-        } else {
-            $status = new Status\InfoStatus();
-            $status->setTitle('Suhosin not loaded');
-            $status->setMessage(
-                'If enabling suhosin, suhosin.request.max_varname_length' .
-                ' should be set to at least ' . $recommendedRequestMaxVarnameLength . ':' . LF .
-                'suhosin.request.max_varname_length=' . $recommendedRequestMaxVarnameLength
-            );
-        }
-        return $status;
-    }
-
-    /**
-     * Check suhosin.post.max_name_length
-     *
-     * @return Status\StatusInterface
-     */
-    protected function checkSuhosinPostMaxNameLength()
-    {
-        $recommendedPostMaxNameLength = 200;
-        if ($this->isSuhosinLoadedAndActive()) {
-            $currentPostMaxNameLength = ini_get('suhosin.post.max_name_length');
-            if ($currentPostMaxNameLength < $recommendedPostMaxNameLength) {
-                $status = new Status\ErrorStatus();
-                $status->setTitle('PHP suhosin.post.max_name_length too low');
-                $status->setMessage(
-                    'suhosin.post.max_name_length=' . $currentPostMaxNameLength . LF .
-                    'This setting can lead to lost information if submitting forms with lots of data in TYPO3 CMS' .
-                    ' (as the install tool does). It is highly recommended to raise this' .
-                    ' to at least ' . $recommendedPostMaxNameLength . ':' . LF .
-                    'suhosin.post.max_name_length=' . $recommendedPostMaxNameLength
-                );
-            } else {
-                $status = new Status\OkStatus();
-                $status->setTitle('PHP suhosin.post.max_name_length ok');
-            }
-        } else {
-            $status = new Status\InfoStatus();
-            $status->setTitle('Suhosin not loaded');
-            $status->setMessage(
-                'If enabling suhosin, suhosin.post.max_name_length' .
-                ' should be set to at least ' . $recommendedPostMaxNameLength . ':' . LF .
-                'suhosin.post.max_name_length=' . $recommendedPostMaxNameLength
-            );
-        }
-        return $status;
-    }
-
-    /**
-     * Check suhosin.post.max_vars
-     *
-     * @return Status\StatusInterface
-     */
-    protected function checkSuhosinPostMaxVars()
-    {
-        $recommendedPostMaxVars = 400;
-        if ($this->isSuhosinLoadedAndActive()) {
-            $currentPostMaxVars = ini_get('suhosin.post.max_vars');
-            if ($currentPostMaxVars < $recommendedPostMaxVars) {
-                $status = new Status\ErrorStatus();
-                $status->setTitle('PHP suhosin.post.max_vars too low');
-                $status->setMessage(
-                    'suhosin.post.max_vars=' . $currentPostMaxVars . LF .
-                    'This setting can lead to lost information if submitting forms with lots of data in TYPO3 CMS' .
-                    ' (as the install tool does). It is highly recommended to raise this' .
-                    ' to at least ' . $recommendedPostMaxVars . ':' . LF .
-                    'suhosin.post.max_vars=' . $recommendedPostMaxVars
-                );
-            } else {
-                $status = new Status\OkStatus();
-                $status->setTitle('PHP suhosin.post.max_vars ok');
-            }
-        } else {
-            $status = new Status\InfoStatus();
-            $status->setTitle('Suhosin not loaded');
-            $status->setMessage(
-                'If enabling suhosin, suhosin.post.max_vars' .
-                ' should be set to at least ' . $recommendedPostMaxVars . ':' . LF .
-                'suhosin.post.max_vars=' . $recommendedPostMaxVars
-            );
-        }
-        return $status;
-    }
-
-    /**
-     * Check suhosin.get.max_value_length
-     *
-     * @return Status\StatusInterface
-     */
-    protected function checkSuhosinGetMaxValueLength()
-    {
-        $recommendedGetMaxValueLength = 2000;
-        if ($this->isSuhosinLoadedAndActive()) {
-            $currentGetMaxValueLength = ini_get('suhosin.get.max_value_length');
-            if ($currentGetMaxValueLength < $recommendedGetMaxValueLength) {
-                $status = new Status\ErrorStatus();
-                $status->setTitle('PHP suhosin.get.max_value_length too low');
-                $status->setMessage(
-                    'suhosin.get.max_value_length=' . $currentGetMaxValueLength . LF .
-                    'This setting can lead to lost information if submitting forms with lots of data in TYPO3 CMS' .
-                    ' (as the install tool does). It is highly recommended to raise this' .
-                    ' to at least ' . $recommendedGetMaxValueLength . ':' . LF .
-                    'suhosin.get.max_value_length=' . $recommendedGetMaxValueLength
-                );
-            } else {
-                $status = new Status\OkStatus();
-                $status->setTitle('PHP suhosin.get.max_value_length ok');
-            }
-        } else {
-            $status = new Status\InfoStatus();
-            $status->setTitle('Suhosin not loaded');
-            $status->setMessage(
-                'If enabling suhosin, suhosin.get.max_value_length' .
-                ' should be set to at least ' . $recommendedGetMaxValueLength . ':' . LF .
-                'suhosin.get.max_value_length=' . $recommendedGetMaxValueLength
-            );
-        }
-        return $status;
-    }
-
-    /**
-     * Check suhosin.get.max_name_length
-     *
-     * @return Status\StatusInterface
-     */
-    protected function checkSuhosinGetMaxNameLength()
-    {
-        $recommendedGetMaxNameLength = 200;
-        if ($this->isSuhosinLoadedAndActive()) {
-            $currentGetMaxNameLength = ini_get('suhosin.get.max_name_length');
-            if ($currentGetMaxNameLength < $recommendedGetMaxNameLength) {
-                $status = new Status\ErrorStatus();
-                $status->setTitle('PHP suhosin.get.max_name_length too low');
-                $status->setMessage(
-                    'suhosin.get.max_name_length=' . $currentGetMaxNameLength . LF .
-                    'This setting can lead to lost information if submitting forms with lots of data in TYPO3 CMS' .
-                    ' (as the install tool does). It is highly recommended to raise this' .
-                    ' to at least ' . $recommendedGetMaxNameLength . ':' . LF .
-                    'suhosin.get.max_name_length=' . $recommendedGetMaxNameLength
-                );
-            } else {
-                $status = new Status\OkStatus();
-                $status->setTitle('PHP suhosin.get.max_name_length ok');
-            }
-        } else {
-            $status = new Status\InfoStatus();
-            $status->setTitle('Suhosin not loaded');
-            $status->setMessage(
-                'If enabling suhosin, suhosin.get.max_name_length' .
-                ' should be set to at least ' . $recommendedGetMaxNameLength . ':' . LF .
-                'suhosin.get.max_name_length=' . $recommendedGetMaxNameLength
-            );
-        }
-        return $status;
-    }
-
-    /**
-     * Check suhosin.executor.include.whitelist contains phar
-     *
-     * @return Status\StatusInterface
-     */
-    protected function checkSuhosinExecutorIncludeWhiteListContainsPhar()
-    {
-        if ($this->isSuhosinLoadedAndActive()) {
-            $whitelist = (string)ini_get('suhosin.executor.include.whitelist');
-            if (strpos($whitelist, 'phar') === false) {
-                $status = new Status\NoticeStatus();
-                $status->setTitle('PHP suhosin.executor.include.whitelist does not contain phar');
-                $status->setMessage(
-                    'suhosin.executor.include.whitelist= ' . $whitelist . LF .
-                    '"phar" is currently not a hard requirement of TYPO3 CMS but is nice to have and a possible' .
-                    ' requirement in future versions. A useful setting is:' . LF .
-                    'suhosin.executor.include.whitelist=phar,vfs'
-                );
-            } else {
-                $status = new Status\OkStatus();
-                $status->setTitle('PHP suhosin.executor.include.whitelist contains phar');
-            }
-        } else {
-            $status = new Status\InfoStatus();
-            $status->setTitle('Suhosin not loaded');
-            $status->setMessage(
-                'If enabling suhosin, a useful setting is:' . LF .
-                'suhosin.executor.include.whitelist=phar,vfs'
-            );
-        }
-        return $status;
-    }
-
-    /**
-     * Check suhosin.executor.include.whitelist contains vfs
-     *
-     * @return Status\StatusInterface
-     */
-    protected function checkSuhosinExecutorIncludeWhiteListContainsVfs()
-    {
-        if ($this->isSuhosinLoadedAndActive()) {
-            $whitelist = (string)ini_get('suhosin.executor.include.whitelist');
-            if (strpos($whitelist, 'vfs') === false) {
-                $status = new Status\WarningStatus();
-                $status->setTitle('PHP suhosin.executor.include.whitelist does not contain vfs');
-                $status->setMessage(
-                    'suhosin.executor.include.whitelist= ' . $whitelist . LF .
-                    '"vfs" is currently not a hard requirement of TYPO3 CMS but tons of unit tests rely on it.' .
-                    ' Furthermore, vfs will likely be a base for an additional compatibility layer in the future.' .
-                    ' A useful setting is:' . LF .
-                    'suhosin.executor.include.whitelist=phar,vfs'
-                );
-            } else {
-                $status = new Status\OkStatus();
-                $status->setTitle('PHP suhosin.executor.include.whitelist contains vfs');
-            }
-        } else {
-            $status = new Status\InfoStatus();
-            $status->setTitle('Suhosin not loaded');
-            $status->setMessage(
-                'If enabling suhosin, a useful setting is:' . LF .
-                'suhosin.executor.include.whitelist=phar,vfs'
-            );
-        }
-        return $status;
-    }
-
-    /**
      * Check doc comments can be fetched by reflection
      *
      * @return Status\StatusInterface
@@ -1167,27 +855,6 @@ class Check implements CheckInterface
     }
 
     /**
-     * Helper method to find out if suhosin extension is loaded
-     *
-     * @return bool TRUE if suhosin PHP extension is loaded
-     */
-    protected function isSuhosinLoadedAndActive()
-    {
-        $suhosinLoaded = false;
-        if (extension_loaded('suhosin')) {
-            $suhosinInSimulationMode = filter_var(
-                ini_get('suhosin.simulation'),
-                FILTER_VALIDATE_BOOLEAN,
-                [FILTER_REQUIRE_SCALAR, FILTER_NULL_ON_FAILURE]
-            );
-            if (!$suhosinInSimulationMode) {
-                $suhosinLoaded = true;
-            }
-        }
-        return $suhosinLoaded;
-    }
-
-    /**
      * Helper method to explode a string by delimiter and throw away empty values.
      * Removes empty values from result array.
      *
index d69ee57..3a4fc46 100644 (file)
@@ -55,8 +55,7 @@ The extension provides several types of hashing method:
 
 - **Blowfish salted hashing** This method provides increased security in
   comparison to MD5 salted hashing. Use this setting if you have higher
-  requirements on password security. This requires a PHP > 5.3.0, PHP
-  5.X.X with suhosin patch applied or PHP compiled with a recent glibc.
+  requirements on password security.
   You might want to execute the Unit Tests brought together with this
   extension; if tests in blowfish test suite fail, your server
   installation most probably does not support blowfish. Once you've