sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #55977 from nextcloud/backport/55819/stable32 

[stable32] fix(federation): Allow outgoing and incoming federation with oCIS federated cloud ids
pull/56053/head
Joas Schilling 2025-10-28 08:42:27 +07:00 committed by GitHub
parent fcc36ab90c e880479aab
commit 7fbdcbc773
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 72 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/files_sharing/appinfo/info.xml
Unescape Escape View File

@ -14,7 +14,7 @@
Turning the feature off removes shared files and folders on the server for all share recipients, and also on the sync clients and mobile apps. More information is available in the Nextcloud Documentation.
</description>
<version>1.24.0</version>
<version>1.24.1</version>
<licence>agpl</licence>
<author>Michael Gapczynski</author>
<author>Bjoern Schiessle</author>

1
apps/files_sharing/composer/composer/autoload_classmap.php
Unescape Escape View File

@ -81,6 +81,7 @@ return array(
'OCA\\Files_Sharing\\Migration\\Version24000Date20220208195521' => $baseDir . '/../lib/Migration/Version24000Date20220208195521.php',
'OCA\\Files_Sharing\\Migration\\Version24000Date20220404142216' => $baseDir . '/../lib/Migration/Version24000Date20220404142216.php',
'OCA\\Files_Sharing\\Migration\\Version31000Date20240821142813' => $baseDir . '/../lib/Migration/Version31000Date20240821142813.php',
'OCA\\Files_Sharing\\Migration\\Version32000Date20251017081948' => $baseDir . '/../lib/Migration/Version32000Date20251017081948.php',
'OCA\\Files_Sharing\\MountProvider' => $baseDir . '/../lib/MountProvider.php',
'OCA\\Files_Sharing\\Notification\\Listener' => $baseDir . '/../lib/Notification/Listener.php',
'OCA\\Files_Sharing\\Notification\\Notifier' => $baseDir . '/../lib/Notification/Notifier.php',

1
apps/files_sharing/composer/composer/autoload_static.php
Unescape Escape View File

@ -96,6 +96,7 @@ class ComposerStaticInitFiles_Sharing
'OCA\\Files_Sharing\\Migration\\Version24000Date20220208195521' => __DIR__ . '/..' . '/../lib/Migration/Version24000Date20220208195521.php',
'OCA\\Files_Sharing\\Migration\\Version24000Date20220404142216' => __DIR__ . '/..' . '/../lib/Migration/Version24000Date20220404142216.php',
'OCA\\Files_Sharing\\Migration\\Version31000Date20240821142813' => __DIR__ . '/..' . '/../lib/Migration/Version31000Date20240821142813.php',
'OCA\\Files_Sharing\\Migration\\Version32000Date20251017081948' => __DIR__ . '/..' . '/../lib/Migration/Version32000Date20251017081948.php',
'OCA\\Files_Sharing\\MountProvider' => __DIR__ . '/..' . '/../lib/MountProvider.php',
'OCA\\Files_Sharing\\Notification\\Listener' => __DIR__ . '/..' . '/../lib/Notification/Listener.php',
'OCA\\Files_Sharing\\Notification\\Notifier' => __DIR__ . '/..' . '/../lib/Notification/Notifier.php',

38
apps/files_sharing/lib/Migration/Version32000Date20251017081948.php
Unescape Escape View File

@ -0,0 +1,38 @@
<?php
declare(strict_types=1);
/**
* SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later
*/
namespace OCA\Files_Sharing\Migration;
use Closure;
use OCP\DB\ISchemaWrapper;
use OCP\Migration\Attributes\ColumnType;
use OCP\Migration\Attributes\ModifyColumn;
use OCP\Migration\IOutput;
use OCP\Migration\SimpleMigrationStep;
use Override;
#[ModifyColumn(table: 'share_external', name: 'owner', type: ColumnType::STRING, description: 'Change length to 255 characters')]
class Version32000Date20251017081948 extends SimpleMigrationStep {
/**
* @param Closure $schemaClosure The `\Closure` returns a `ISchemaWrapper`
*/
#[Override]
public function changeSchema(IOutput $output, Closure $schemaClosure, array $options): ?ISchemaWrapper {
/** @var ISchemaWrapper $schema */
$schema = $schemaClosure();
$table = $schema->getTable('share_external');
$column = $table->getColumn('owner');
if ($column->getLength() < 255) {
$column->setLength(255);
return $schema;
}
return null;
}
}

32
lib/private/Federation/CloudIdManager.php
Unescape Escape View File

@ -108,7 +108,7 @@ class CloudIdManager implements ICloudIdManager {
// We accept slightly more chars when working with federationId than with a local userId.
// We remove those eventual chars from the UserId before using
// the IUserManager API to confirm its format.
$this->userManager->validateUserId(str_replace('=', '-', $user));
$this->validateUser($user, $remote);
if (!empty($user) && !empty($remote)) {
$remote = $this->ensureDefaultProtocol($remote);
@ -118,6 +118,36 @@ class CloudIdManager implements ICloudIdManager {
throw new \InvalidArgumentException('Invalid cloud id');
}
protected function validateUser(string $user, string $remote): void {
// Check the ID for bad characters
// Allowed are: "a-z", "A-Z", "0-9", spaces and "_.@-'" (Nextcloud)
// Additional: "=" (oCIS)
if (preg_match('/[^a-zA-Z0-9 _.@\-\'=]/', $user)) {
throw new \InvalidArgumentException('Invalid characters');
}
// No empty user ID
if (trim($user) === '') {
throw new \InvalidArgumentException('Empty user');
}
// No whitespace at the beginning or at the end
if (trim($user) !== $user) {
throw new \InvalidArgumentException('User contains whitespace at the beginning or at the end');
}
// User ID only consists of 1 or 2 dots (directory traversal)
if ($user === '.' || $user === '..') {
throw new \InvalidArgumentException('User must not consist of dots only');
}
// User ID is too long
if (strlen($user . '@' . $remote) > 255) {
// TRANSLATORS User ID is too long
throw new \InvalidArgumentException('Cloud id is too long');
}
}
public function getDisplayNameFromContact(string $cloudId): ?string {
$cachedName = $this->displayNameCache->get($cloudId);
if ($cachedName !== null) {