projects / civicrm-core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0d57e90)
CRM-16173 - extern/cxn.php - Respect the "Force SSL" option
authorTim Otten <totten@civicrm.org>
Sat, 11 Apr 2015 22:58:58 +0000 (15:58 -0700)
committerTim Otten <totten@civicrm.org>
Tue, 14 Jul 2015 04:00:08 +0000 (21:00 -0700)
CRM/Cxn/BAO/Cxn.php patch | blob | blame | history
CRM/Utils/System.php patch | blob | blame | history
extern/cxn.php patch | blob | blame | history

diff --git a/CRM/Cxn/BAO/Cxn.php b/CRM/Cxn/BAO/Cxn.php
index 8d9e90c7b9e214088f68c35eb9183cfd989363bb..d65b42c3a0f79d991182341ca8446cfd80f2cffc 100644 (file)
--- a/CRM/Cxn/BAO/Cxn.php
+++ b/CRM/Cxn/BAO/Cxn.php
@@ -48,12 +48,20 @@ class CRM_Cxn_BAO_Cxn extends CRM_Cxn_DAO_Cxn {
    */
   public static function getSiteCallbackUrl() {
     $config = CRM_Core_Config::singleton();
+
     if (preg_match('/^(http|https):/', $config->resourceBase)) {
       $civiUrl = $config->resourceBase;
     }
     else {
       $civiUrl = rtrim(CRM_Utils_System::baseURL(), '/') . '/' . ltrim($config->resourceBase, '/');
     }
+
+    // In practice, this may not be necessary, but we want to prevent
+    // edge-cases that downgrade security-level below system policy.
+    if (CRM_Core_BAO_Setting::getItem(CRM_Core_BAO_Setting::SYSTEM_PREFERENCES_NAME, 'enableSSL')) {
+      $civiUrl = preg_replace('/^http:/', 'https:', $civiUrl);
+    }
+
     return rtrim($civiUrl, '/') . '/extern/cxn.php';
   }
 
diff --git a/CRM/Utils/System.php b/CRM/Utils/System.php
index 2c64ef560bd39b3535412a6b64cf0678ce3dd395..8272c125e2a5c38b728ce3cd6d48c8181b4615e4 100644 (file)
--- a/CRM/Utils/System.php
+++ b/CRM/Utils/System.php
@@ -1157,6 +1157,7 @@ class CRM_Utils_System {
   public static function redirectToSSL($abort = FALSE) {
     $config = CRM_Core_Config::singleton();
     $req_headers = self::getRequestHeaders();
+    // FIXME: Shouldn't the X-Forwarded-Proto check be part of CRM_Utils_System::isSSL()?
     if (CRM_Core_BAO_Setting::getItem(CRM_Core_BAO_Setting::SYSTEM_PREFERENCES_NAME, 'enableSSL') &&
       !self::isSSL() &&
       strtolower(CRM_Utils_Array::value('X_FORWARDED_PROTO', $req_headers)) != 'https'
diff --git a/extern/cxn.php b/extern/cxn.php
index 407bc32ec1b25a0650d68fb18efe5ae93280db28..543e385e3a71ccb770ddfcdd990f5bd3f6dd8f12 100644 (file)
--- a/extern/cxn.php
+++ b/extern/cxn.php
@@ -37,6 +37,14 @@ $apiServer->setRouter(function ($cxn, $entity, $action, $params) {
 
   require_once 'api/v3/utils.php';
 
+  // FIXME: Shouldn't the X-Forwarded-Proto check be part of CRM_Utils_System::isSSL()?
+  if (CRM_Core_BAO_Setting::getItem(CRM_Core_BAO_Setting::SYSTEM_PREFERENCES_NAME, 'enableSSL') &&
+    !CRM_Utils_System::isSSL() &&
+    strtolower(CRM_Utils_Array::value('X_FORWARDED_PROTO', CRM_Utils_System::getRequestHeaders())) != 'https'
+  ) {
+    return civicrm_api3_create_error('System policy requires HTTPS.');
+  }
+
   // Note: $cxn and cxnId are authenticated before router is called.
   $dao = new CRM_Cxn_DAO_Cxn();
   $dao->cxn_id = $cxn['cxnId'];
@@ -44,7 +52,7 @@ $apiServer->setRouter(function ($cxn, $entity, $action, $params) {
     return civicrm_api3_create_error('Failed to lookup connection authorizations.');
   }
   if (!$dao->is_active) {
-    return civicrm_api3_create_error('Connection is inactive');
+    return civicrm_api3_create_error('Connection is inactive.');
   }
   if (!is_string($entity) || !is_string($action) || !is_array($params)) {
     return civicrm_api3_create_error('API parameters are malformed.');