Skip to content

Z
z-push
Commit b52c9d9c authored by Bart Vullings's avatar Bart Vullings
Browse files
Options

ZP-1273 Fixed review comment. Released under the Affero GNU General Public... 

ZP-1273 Fixed review comment. Released under the Affero GNU General Public License (AGPL) version 3.
parent fbf3c5e1
Hide whitespace changes
Inline Side-by-side
Showing with 6 additions and 11 deletions
src/autodiscover/autodiscover.php
View file @ b52c9d9c
...@@ -28,7 +28,6 @@ require_once 'config.php'; ...@@ -28,7 +28,6 @@ require_once 'config.php';
class ZPushAutodiscover { class ZPushAutodiscover {
const ACCEPTABLERESPONSESCHEMAMOBILESYNC = 'http://schemas.microsoft.com/exchange/autodiscover/mobilesync/responseschema/2006'; const ACCEPTABLERESPONSESCHEMAMOBILESYNC = 'http://schemas.microsoft.com/exchange/autodiscover/mobilesync/responseschema/2006';
const ACCEPTABLERESPONSESCHEMAOUTLOOK = 'http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a';
const MAXINPUTSIZE = 8192; // Bytes, the autodiscover request shouldn't exceed that value const MAXINPUTSIZE = 8192; // Bytes, the autodiscover request shouldn't exceed that value
private static $instance; private static $instance;
...@@ -133,16 +132,16 @@ class ZPushAutodiscover { ...@@ -133,16 +132,16 @@ class ZPushAutodiscover {
*/ */
private function getIncomingXml() { private function getIncomingXml() {
if (isset($_SERVER['CONTENT_LENGTH']) && $_SERVER['CONTENT_LENGTH'] > ZPushAutodiscover::MAXINPUTSIZE) { if (isset($_SERVER['CONTENT_LENGTH']) && $_SERVER['CONTENT_LENGTH'] > ZPushAutodiscover::MAXINPUTSIZE) {
throw new ZPushException('The request input size exceeds 8kb.'); throw new ZPushException('The request will not be processed as the input exceeds our maximum expected input size.');
} }
if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) { if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
throw new AuthenticationRequiredException(); throw new AuthenticationRequiredException();
} }
$input = @file_get_contents('php://input', NULL, NULL, NULL, ZPushAutodiscover::MAXINPUTSIZE); $input = @file_get_contents('php://input', NULL, NULL, 0, ZPushAutodiscover::MAXINPUTSIZE);
if (strlen($input) >= ZPushAutodiscover::MAXINPUTSIZE) { if (strlen($input) == ZPushAutodiscover::MAXINPUTSIZE) {
throw new ZPushException('The request input size exceeds 8kb.'); throw new ZPushException('The request will not be processed as the input exceeds our maximum expected input size.');
} }
$xml = simplexml_load_string($input); $xml = simplexml_load_string($input);
...@@ -164,12 +163,8 @@ class ZPushAutodiscover { ...@@ -164,12 +163,8 @@ class ZPushAutodiscover {
throw new FatalException('Invalid input XML: no AcceptableResponseSchema.'); throw new FatalException('Invalid input XML: no AcceptableResponseSchema.');
} }
if ($xml->Request->AcceptableResponseSchema == ZPushAutodiscover::ACCEPTABLERESPONSESCHEMAOUTLOOK) { if (strcasecmp($xml->Request->AcceptableResponseSchema, ZPushAutodiscover::ACCEPTABLERESPONSESCHEMAMOBILESYNC) != 0) {
throw new FatalException('Request for outlook response schema, this is not supported.'); throw new FatalException(sprintf('Request for a responseschema that is not supported (only mobilesync is supported): %s', $xml->Request->AcceptableResponseSchema));
}
if ($xml->Request->AcceptableResponseSchema != ZPushAutodiscover::ACCEPTABLERESPONSESCHEMAMOBILESYNC) {
throw new FatalException('Invalid input XML: not a mobilesync responseschema.');
} }
return $xml; return $xml;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment