upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-02-11 14:54:02 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 11
68045 commits 694 branches 1182 tags 8.3 GiB
Commit graph

190 commits

Author SHA1 Message Date
Robin Appelman
6d881c10e8 log failures to read certificates during listing 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-07-10 18:27:38 +02:00
John Molakvoæ
46459ae93f
Merge pull request #35092 from Messj1/bugfix/type-error-cert-manager-cache-path 2023-05-04 21:53:49 +02:00
Jan Messer
647c65a640 [BUGFIX] throw exception instead of error if unable to create file handler (only exceptions are catch) 
Signed-off-by: Jan Messer <jan@mtec-studios.ch>
 2023-04-06 23:03:49 +02:00
Jan Messer
7a443863fe [BUGFIX] check return value and improve error handling 
With S3 primary storage there was a problem with getting the CA bundle from the storage without having the CA bundle for the connection which causes that the CertificateManager was throwing an Error.
This commit improves the handling in CertificateManager and log unexpected behaviors.

Signed-off-by: Jan Messer <jan@mtec-studios.ch>
 2023-04-06 23:03:33 +02:00
Côme Chilliet
426c0341ff
Use typed version of IConfig::getSystemValue as much as possible 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-04-05 12:50:08 +02:00
Côme Chilliet
8f550398c4
Merge pull request #36836 from nextcloud/fix/view-type-cleanup 
Tidy up typing in OC\Files\View
 2023-04-05 10:14:55 +02:00
Côme Chilliet
ea05544213
Fix return type of methods returning false on error 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-04-03 10:52:34 +02:00
Joas Schilling
454281af03
feat(security): Allow to opt-out of ratelimit protection, e.g. for testing on CI 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-04-03 09:06:45 +02:00
Côme Chilliet
f5c361cf44
composer run cs:fix 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-01-20 11:45:08 +01:00
Christoph Wurst
8aea25b5b9
Add remote host validation API 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2022-10-31 16:13:28 +01:00
Côme Chilliet
71ee292650 Add rate limiting on lost password emails 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-10-18 14:49:02 +00:00
Carl Schwan
9919116716
Merge pull request #31499 from nextcloud/bugfix/empty-secret 
Add fallback routines for empty secret cases
 2022-10-17 16:02:58 +02:00
Carl Schwan
ef31396727
Mark method as deprecated 
Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-09-13 13:06:54 +02:00
Carl Schwan
48d9c4d2b0
Port existing server code to new interface 
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-08-08 17:03:19 +02:00
Joas Schilling
c0f47af2d0
Add a public interface for the bruteforce throttler and register for injection 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-07-28 10:57:10 +02:00
luz paz
368f83095d Fix typos in lib/private subdirectory 
Found via `codespell -q 3 -S l10n -L jus ./lib/private`

Signed-off-by: luz paz <luzpaz@github.com>
 2022-07-27 08:52:17 -04:00
Joas Schilling
8274c05e19
Only ignore attempts of the same action 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-07-07 09:35:14 +02:00
Carl Schwan
ca3cd5a625 Fix detection of firefox in ContentSecurityPolicyNonceManager 
Reuse Request::USER_AGENT_FIREFOX, and also update the safari detection
since safari < 12 is not supported anymore and we can remove a bit of
code duplication

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-06-29 17:05:48 +02:00
Vincent Petry
01dbd22c9c
Validate requested length is random string generator 
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2022-05-12 13:58:18 +02:00
Vincent Petry
7718c9776c
Merge pull request #32113 from nextcloud/bugfix/noid/fix-csp-merging-bools 
Add CSP policy merge priority for booleans
 2022-05-05 17:26:48 +02:00
Carl Schwan
69b36fc2c5 Don't inject Bruteforce capability info in the webui 
This capability do DB access and as far I know is not used by the webui.
This remove one DB query for each page load.

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-04-07 17:33:29 +02:00
Vincent Petry
18c013d8fc
Add CSP policy merge priority for booleans 
When two booleans conflict when merging CSP policies, true will win.

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2022-04-01 13:56:34 +02:00
Côme Chilliet
6be7aa112f
Migrate from ILogger to LoggerInterface in lib/private 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-03-24 16:21:25 +01:00
Robin Appelman
4f594dbf53
cache the path of the certificate bundle 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2022-03-17 14:58:56 +01:00
Robin Appelman
a887553ddb
return default bundle when there is an error getting the bundle 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2022-03-14 18:34:09 +01:00
Julius Härtl
a6796b4247
Fix decryption fallback after adding a secret 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-03-10 14:01:21 +01:00
Julius Härtl
81f8719cc0
Add fallback routines for empty secret cases 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-03-10 14:01:21 +01:00
Julius Härtl
bd03dd37be
Allow to set a strict-dynamic CSP through the API 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-03-09 15:10:27 +01:00
Joas Schilling
b8e0a3dbdd
Use the new option to signaling insensitivity 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-02-07 13:54:54 +01:00
Joas Schilling
b59df35426
Make the DB query simpler (as we just deleted all other entries) 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-01-28 16:55:17 +01:00
Joas Schilling
c6d000f87f
Log bruteforce throttle and blocking 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-01-18 10:10:19 +01:00
Carl Schwan
6312c0df69
Check style update 
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-01-13 00:19:07 +01:00
Joas Schilling
1d550ab95e
Don't query the bruteforce attempts when we just deleted them 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-12-01 18:01:22 +01:00
Vincent Petry
19f41a60a0
Type hint in IpAddress 
Signed-off-by: Vincent Petry <vincent@nextcloud.com>

Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
 2021-11-22 17:36:26 +01:00
Vincent Petry
f01ad7b8d8
Improve normalizer detecting IPv4 inside of IPv6 
The subnet for an IPv4 address inside of IPv6 is now returned in its
IPv4 form.

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2021-11-22 16:46:25 +01:00
Vincent Petry
7e08a4ab15
Fix getting subnet of ipv4 mapped ipv6 addresses 
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2021-11-22 14:10:11 +01:00
Joas Schilling
c42f5bc5f6
Add an OCP for trusted domain helper 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-10-28 10:24:16 +02:00
Daniel Kesselberg
240eb02585
Set associative = true for cleanup job 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2021-10-07 20:20:09 +02:00
Lukas Reschke
0dcc5c0e9f
Merge pull request #28728 from nextcloud/add-database-backend-limiter 
Add database ratelimiting backend
 2021-09-13 13:07:37 +02:00
Lukas Reschke
474a5b55d3 Implement review feedback 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-09-13 11:01:35 +02:00
Lukas Reschke
358eaba7dd
Apply suggestions from code review 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>
 2021-09-13 10:43:01 +02:00
Arthur Schiwon
0dee717c94
Confirm mails only per POST 
- this is to avoid automatic confirmation by certain softwares that open
  links

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-09-09 19:23:04 +02:00
Arthur Schiwon
a20de15b43
add a job to clean up expired verification tokens 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-09-09 14:03:35 +02:00
Arthur Schiwon
19cc757531
move verification token logic out of lost password controller 
- to make it reusable
- needed for local email verification

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-09-09 14:03:29 +02:00
Lukas Reschke
471167019c Implement PR review feedback 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-09-07 18:03:34 +02:00
Lukas Reschke
a915372c56 phpcs 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-09-06 17:50:23 +02:00
Lukas Reschke
378cc922c4 Adjust logic to store period instead of current timestamp 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-09-06 17:31:36 +02:00
Lukas Reschke
d4f97affc1 Add database ratelimiting backend 
In case no distributed memory cache is specified this adds
a database backend for ratelimit purposes.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-09-06 16:31:01 +02:00
Daniel Kesselberg
0a15043f69
Throw exception if encrypting the data failed. 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2021-07-05 10:23:16 +02:00
John Molakvoæ (skjnldsv)
215aef3cbd
Update php licenses 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2021-06-04 22:02:41 +02:00