Differential D15745 Diff 37944 src/applications/config/check/PhabricatorBinariesSetupCheck.php

Changeset View

Standalone View

src/applications/config/check/PhabricatorBinariesSetupCheck.php

Show First 20 Lines • Show All 96 Lines • ▼ Show 20 Lines	foreach ($vcses as $vcs) {
'version control system. It will not work without the VCS binary.');		'version control system. It will not work without the VCS binary.');
$this->raiseWarning($binary, $message);		$this->raiseWarning($binary, $message);
continue;		continue;
}		}

$version = null;		$version = null;
switch ($vcs['versionControlSystem']) {		switch ($vcs['versionControlSystem']) {
case PhabricatorRepositoryType::REPOSITORY_TYPE_GIT:		case PhabricatorRepositoryType::REPOSITORY_TYPE_GIT:
$minimum_version = null;		$bad_versions = array(
$bad_versions = array();		'< 2.7.4' => pht(
		'Prior to 2.7.4, Git contains two remote code execution '.
		'vulnerabilities which allow an attacker to take control of a '.
		'system by crafting a commit which affects very long paths, '.
		'then pushing it or tricking a victim into fetching it. This '.
		'is a severe security vulnerability.'),
		);
list($err, $stdout, $stderr) = exec_manual('git --version');		list($err, $stdout, $stderr) = exec_manual('git --version');
$version = trim(substr($stdout, strlen('git version ')));		$version = trim(substr($stdout, strlen('git version ')));
break;		break;
case PhabricatorRepositoryType::REPOSITORY_TYPE_SVN:		case PhabricatorRepositoryType::REPOSITORY_TYPE_SVN:
$minimum_version = '1.5';
$bad_versions = array(		$bad_versions = array(
'1.7.1' => pht(		// We need 1.5 for "--depth", see T7228.
		'< 1.5' => pht(
		'The minimum supported version of Subversion is 1.5, which '.
		'was released in 2008.'),
		'= 1.7.1' => pht(
'This version of Subversion has a bug where `%s` does not work '.		'This version of Subversion has a bug where `%s` does not work '.
'for files added in rN (Subversion issue #2873), fixed in 1.7.2.',		'for files added in rN (Subversion issue #2873), fixed in 1.7.2.',
'svn diff -c N'),		'svn diff -c N'),
);		);
list($err, $stdout, $stderr) = exec_manual('svn --version --quiet');		list($err, $stdout, $stderr) = exec_manual('svn --version --quiet');
$version = trim($stdout);		$version = trim($stdout);
break;		break;
case PhabricatorRepositoryType::REPOSITORY_TYPE_MERCURIAL:		case PhabricatorRepositoryType::REPOSITORY_TYPE_MERCURIAL:
$minimum_version = '1.9';
$bad_versions = array(		$bad_versions = array(
'2.1' => pht(		// We need 1.9 for HTTP cloning, see T3046.
		'< 1.9' => pht(
		'The minimum supported version of Mercurial is 1.9, which was '.
		'released in 2011.'),
		'= 2.1' => pht(
'This version of Mercurial returns a bad exit code '.		'This version of Mercurial returns a bad exit code '.
'after a successful pull.'),		'after a successful pull.'),
'2.2' => pht(		'= 2.2' => pht(
'This version of Mercurial has a significant memory leak, fixed '.		'This version of Mercurial has a significant memory leak, fixed '.
'in 2.2.1. Pushing fails with this version as well; see %s.',		'in 2.2.1. Pushing fails with this version as well; see %s.',
'T3046#54922'),		'T3046#54922'),
);		);
$version = PhabricatorRepositoryVersion::getMercurialVersion();		$version = PhabricatorRepositoryVersion::getMercurialVersion();
break;		break;
}		}

if ($version === null) {		if ($version === null) {
$this->raiseUnknownVersionWarning($binary);		$this->raiseUnknownVersionWarning($binary);
} else {		} else {
if ($minimum_version &&		$version_details = array();
version_compare($version, $minimum_version, '<')) {
$this->raiseMinimumVersionWarning(		foreach ($bad_versions as $spec => $details) {
$binary,		list($operator, $bad_version) = explode(' ', $spec, 2);
$minimum_version,		$is_bad = version_compare($version, $bad_version, $operator);
$version);		if ($is_bad) {
		$version_details[] = pht(
		'(%s%s) %s',
		$operator,
		$bad_version,
		$details);
		}
}		}

foreach ($bad_versions as $bad_version => $details) {		if ($version_details) {
if ($bad_version === $version) {
$this->raiseBadVersionWarning(		$this->raiseBadVersionWarning(
$binary,		$binary,
$bad_version);		$version,
}		$version_details);
}		}
}		}
}		}

}		}

private function raiseWarning($bin, $message) {		private function raiseWarning($bin, $message) {
if (phutil_is_windows()) {		if (phutil_is_windows()) {
▲ Show 20 Lines • Show All 57 Lines • ▼ Show 20 Lines	$this->newIssue('bin.'.$binary.'.unknown-version')
->setName(pht("Unknown '%s' Version", $binary))		->setName(pht("Unknown '%s' Version", $binary))
->setSummary($summary)		->setSummary($summary)
->setMessage($message)		->setMessage($message)
->addLink(		->addLink(
PhabricatorEnv::getDoclink('Contributing Bug Reports'),		PhabricatorEnv::getDoclink('Contributing Bug Reports'),
pht('Report this Issue to the Upstream'));		pht('Report this Issue to the Upstream'));
}		}

private function raiseMinimumVersionWarning(		private function raiseBadVersionWarning($binary, $version, array $problems) {
$binary,
$minimum_version,
$version) {

switch ($binary) {
case PhabricatorRepositoryType::REPOSITORY_TYPE_GIT:
break;
case PhabricatorRepositoryType::REPOSITORY_TYPE_SVN:
case PhabricatorRepositoryType::REPOSITORY_TYPE_MERCURIAL:
$summary = pht(		$summary = pht(
"The '%s' binary is version %s and Phabricator requires version ".		'This server has a known bad version of "%s".',
"%s or higher.",
$binary,
$version,
$minimum_version);
$message = pht(
"Please upgrade the '%s' binary to a more modern version.",
$binary);		$binary);
$this->newIssue('bin.'.$binary)
->setShortName(pht("Unsupported '%s' Version", $binary))
->setName(pht("Unsupported '%s' Version", $binary))
->setSummary($summary)
->setMessage($summary.' '.$message);
break;
}
}

private function raiseBadVersionWarning($binary, $bad_version) {		$message = array();
switch ($binary) {
case PhabricatorRepositoryType::REPOSITORY_TYPE_GIT:		$message[] = pht(
break;		'This server has a known bad version of "%s" installed ("%s"). This '.
case PhabricatorRepositoryType::REPOSITORY_TYPE_SVN:		'version is not supported, or contains important bugs or security '.
case PhabricatorRepositoryType::REPOSITORY_TYPE_MERCURIAL:		'vulnerabilities which are fixed in a newer version.',
$summary = pht(
"The '%s' binary is version %s which has bugs that break ".
"Phabricator.",
$binary,		$binary,
$bad_version);		$version);
$message = pht(
"Please upgrade the '%s' binary to a more modern version.",		$message[] = pht('You should upgrade this software.');
$binary);
$this->newIssue('bin.'.$binary)		$message[] = pht('The known issues with this old version are:');
->setShortName(pht("Unsupported '%s' Version", $binary))
->setName(pht("Unsupported '%s' Version", $binary))		foreach ($problems as $problem) {
->setSummary($summary)		$message[] = $problem;
->setMessage($summary.' '.$message);
break;
}		}

		$message = implode("\n\n", $message);

		$this->newIssue("bin.{$binary}.bad-version")
		->setName(pht('Unsupported/Insecure "%s" Version', $binary))
		->setSummary($summary)
		->setMessage($message);
}		}

}		}