Merge branch 'master' into 6.0

Author: sebastianfeldmann

README.md

@@ -63,6 +63,7 @@ If you are behind php 7.0 you can still use phpbu version [4.0.10](https://phar.
     + Text file
     + Json file
     + Mail
+    + Prometheus
     + Telegram
     + Webhook
 

src/Backup/Crypter/OpenSSL.php

@@ -4,6 +4,7 @@
 use phpbu\App\Backup\Restore\Plan;
 use phpbu\App\Backup\Target;
 use phpbu\App\Cli\Executable;
+use phpbu\App\Result;
 use phpbu\App\Util;
 
 /**
@@ -54,6 +55,79 @@ class OpenSSL extends Abstraction implements Simulator, Restorable
      */
     private $keepUncrypted;
 
+    private $weakAlgorithms = [
+        'rc2'          => true,
+        'rc2-40'       => true,
+        'rc2-64'       => true,
+        'rc2-128'      => true,
+        'rc2-40-cbc'   => true,
+        'rc2-64-cbc'   => true,
+        'rc2-cbc'      => true,
+        'rc2-cfb'      => true,
+        'rc2-ecb'      => true,
+        'rc2-ofb'      => true,
+        'rc4'          => true,
+        'rc4-40'       => true,
+        'des'          => true,
+        'des-cbc'      => true,
+        'des-cfb'      => true,
+        'des-ecb'      => true,
+        'des-ede'      => true,
+        'des-ede-cbc'  => true,
+        'des-ede-cfb'  => true,
+        'des-ede-ofb'  => true,
+        'des-ede3'     => true,
+        'des-ede3-cbc' => true,
+        'des-ede3-cfb' => true,
+        'des-ede3-ofb' => true,
+        'des-ofb'      => true,
+        'des3'         => true,
+        'desx'         => true,
+        'seed'         => true,
+        'seed-cbc'     => true,
+        'seed-cfb'     => true,
+        'seed-ecb'     => true,
+        'seed-ofb'     => true,
+    ];
+
+    /**
+     * @inheritDoc
+     */
+    public function crypt(Target $target, Result $result)
+    {
+        if ($this->isUsingWeakAlgorithm()) {
+            $name = strtolower(get_class($this));
+
+            $result->warn($name . ': The ' . $this->algorithm . ' algorithm is considered weak');
+        }
+
+        return parent::crypt($target, $result);
+    }
+
+
+    /**
+     * @inheritDoc
+     */
+    public function simulate(Target $target, Result $result)
+    {
+        if ($this->isUsingWeakAlgorithm()) {
+            $name = strtolower(get_class($this));
+
+            $result->warn($name . ': The ' . $this->algorithm . ' algorithm is considered weak');
+        }
+
+        return parent::simulate($target, $result);
+    }
+
+    public function isUsingWeakAlgorithm(): bool
+    {
+        if (null === $this->algorithm) {
+            throw new Exception('algorithm is not set');
+        }
+
+        return isset($this->weakAlgorithms[$this->algorithm]);
+    }
+
     /**
      * Setup
      *

src/Event/Warning.php

@@ -0,0 +1,47 @@
+<?php
+namespace phpbu\App\Event;
+
+/**
+ * Debug Event
+ *
+ * @package    phpbu
+ * @subpackage Event
+ * @author     MoeBrowne <moebrowne@users.noreply.github.com>
+ * @license    https://opensource.org/licenses/MIT The MIT License (MIT)
+ * @link       http://phpbu.de/
+ * @since      Class available since Release 6.0.0
+ */
+class Warning
+{
+    /**
+     * Event name
+     */
+    const NAME = 'phpbu.warning';
+
+    /**
+     * Warning message
+     *
+     * @var string
+     */
+    protected $message;
+
+    /**
+     * Constructor.
+     *
+     * @param string $message
+     */
+    public function __construct(string $message)
+    {
+        $this->message = $message;
+    }
+
+    /**
+     * Message getter.
+     *
+     * @return string
+     */
+    public function getMessage() : string
+    {
+        return $this->message;
+    }
+}

src/Log/Webhook.php

@@ -128,6 +128,16 @@ public function setup(array $options)
         if (empty($options['uri'])) {
             throw new Exception('no uri given');
         }
+
+        // PHP >7.2 deprecated the filter options and enabled them by default
+        $filterOptions = version_compare(PHP_VERSION, '7.2.0', '<')
+                       ? FILTER_FLAG_SCHEME_REQUIRED | FILTER_FLAG_HOST_REQUIRED
+                       : null;
+
+        if (!filter_var($options['uri'], FILTER_VALIDATE_URL, $filterOptions)) {
+            throw new Exception('webhook URI is invalid');
+        }
+
         $this->uri             = $options['uri'];
         $this->method          = Arr::getValue($options, 'method', 'GET');
         $this->username        = Arr::getValue($options, 'username', '');

src/Result.php

@@ -572,4 +572,15 @@ public function debug($msg) : void
         $event = new Event\Debug($msg);
         $this->eventDispatcher->dispatch(Event\Debug::NAME, $event);
     }
+
+    /**
+     * Warning
+     *
+     * @param string $msg
+     */
+    public function warn($msg) : void
+    {
+        $event = new Event\Warning($msg);
+        $this->eventDispatcher->dispatch(Event\Warning::NAME, $event);
+    }
 }

src/Result/PrinterCli.php

@@ -110,6 +110,7 @@ public static function getSubscribedEvents(): array
     {
         return [
             'phpbu.debug'           => 'onDebug',
+            'phpbu.warning'         => 'onWarning',
             'phpbu.app_start'       => 'onPhpbuStart',
             'phpbu.backup_start'    => 'onBackupStart',
             'phpbu.backup_failed'   => 'onBackupFailed',
@@ -406,6 +407,16 @@ public function onDebug(Event\Debug $event)
         }
     }
 
+    /**
+     * Warnings.
+     *
+     * @param \phpbu\App\Event\Warning $event
+     */
+    public function onWarning(Event\Warning $event)
+    {
+        $this->writeWithColor('fg-black, bg-yellow', $event->getMessage() . PHP_EOL);
+    }
+
     /**
      * phpbu end event.
      *

tests/phpbu/Backup/Crypter/OpenSSLTest.php

@@ -171,4 +171,23 @@ public function testGetSuffix()
         $suffix  = $openSSL->getSuffix();
         $this->assertEquals('enc', $suffix);
     }
+
+    /**
+     * Tests that a warning is emitted for weak algorithms
+     */
+    public function testWeakAlgorithmsCauseWarnings()
+    {
+        $runner = $this->getRunnerMock();
+        $runner->expects($this->once())
+            ->method('run')
+            ->willReturn($this->getRunnerResultMock(0, 'openssl'));
+
+        $target    = $this->createTargetMock(__FILE__);
+        $appResult = $this->getAppResultMock();
+        $appResult->expects($this->once())->method('warn');
+
+        $openSSL = new OpenSSL($runner);
+        $openSSL->setup(['pathToOpenSSL' => PHPBU_TEST_BIN, 'password' => 'fooBarBaz', 'algorithm' => 'des']);
+        $openSSL->crypt($target, $appResult);
+    }
 }

tests/phpbu/Log/WebhookTest.php

@@ -33,6 +33,16 @@ public function testSetupNoTarget()
         $json->setup([]);
     }
 
+    /**
+     * Tests Webhook::setup
+     */
+    public function testUriMustBeValid()
+    {
+        $this->expectException('phpbu\App\Exception');
+        $json = new Webhook();
+        $json->setup(['uri' => 'not a URI']);
+    }
+
     /**
      * Tests Webhook::onPhpbuEnd
      */
@@ -46,7 +56,7 @@ public function testGet()
         $phpbuEndEvent = $this->createMock(\phpbu\App\Event\App\End::class);
         $phpbuEndEvent->method('getResult')->willReturn($result);
 
-        $uri  = PHPBU_TEST_FILES . '/misc/webhook.fail.uri';
+        $uri  = 'https://webhook.fail.uri/hook';
         $json = new Webhook();
         $json->setup(['uri' => $uri]);
 
@@ -66,7 +76,7 @@ public function testBasicAuth()
         $phpbuEndEvent = $this->createMock(\phpbu\App\Event\App\End::class);
         $phpbuEndEvent->method('getResult')->willReturn($result);
 
-        $uri  = PHPBU_TEST_FILES . '/misc/webhook.fail.uri';
+        $uri  = 'https://webhook.fail.uri/hook';
         $json = new Webhook();
         $json->setup(['uri' => $uri, 'username' => 'foo', 'password' => 'bar']);
 
@@ -85,7 +95,7 @@ public function testPostDefaultJsonSuccess()
         $phpbuEndEvent = $this->createMock(\phpbu\App\Event\App\End::class);
         $phpbuEndEvent->method('getResult')->willReturn($result);
 
-        $uri  = PHPBU_TEST_FILES . '/misc/webhook.fake.uri';
+        $uri  = 'file://' . PHPBU_TEST_FILES . '/misc/webhook.fake.uri';
         $json = new Webhook();
         $json->setup(['uri' => $uri, 'contentType' => 'application/json', 'method' => 'post']);
 
@@ -106,7 +116,7 @@ public function testPostDefaultJson()
         $phpbuEndEvent = $this->createMock(\phpbu\App\Event\App\End::class);
         $phpbuEndEvent->method('getResult')->willReturn($result);
 
-        $uri  = PHPBU_TEST_FILES . '/misc/webhook.fail.uri';
+        $uri  = 'https://webhook.fail.uri/hook';
         $json = new Webhook();
         $json->setup(['uri' => $uri, 'contentType' => 'application/json', 'method' => 'post']);
 
@@ -127,7 +137,7 @@ public function testPostXmlTemplate()
         $phpbuEndEvent = $this->createMock(\phpbu\App\Event\App\End::class);
         $phpbuEndEvent->method('getResult')->willReturn($result);
 
-        $uri  = PHPBU_TEST_FILES . '/misc/webhook.fail.uri';
+        $uri  = 'https://webhook.fail.uri/hook';
         $path = PHPBU_TEST_FILES . '/misc/webhook.tpl';
         $json = new Webhook();
         $json->setup(['uri' => $uri, 'contentType' => 'application/xml', 'method' => 'post', 'template' => $path]);
@@ -151,7 +161,7 @@ public function testPostNoFormatter()
         $phpbuEndEvent = $this->createMock(\phpbu\App\Event\App\End::class);
         $phpbuEndEvent->method('getResult')->willReturn($result);
 
-        $uri  = PHPBU_TEST_FILES . '/misc/webhook.fail.uri';
+        $uri  = 'https://webhook.fail.uri/hook';
         $json = new Webhook();
         $json->setup(['uri' => $uri, 'contentType' => 'application/html', 'method' => 'post']);