sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
71,870 Commits
635 Branches
1167 Tags
8.7 GiB
Commit Graph

72 Commits (296096e06996aee1a06d901b99adde5f04688f58)

Author SHA1 Message Date
Joas Schilling aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +07:00
Daniel Kesselberg f8f985602b
test: add tests for dns pin middleware 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2023-09-12 14:04:23 +07:00
Daniel Kesselberg 03f1f1ed2e
enh: skip processing for empty response 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2023-09-04 15:28:02 +07:00
Daniel Kesselberg eab46bdfe6
feat: add switch to disable dns pinning 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2023-08-29 18:03:54 +07:00
Joas Schilling ec6728d710
feat(HTTPClient): Provide wrapped access to Guzzle's asyncRequest() 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-06-27 15:53:57 +07:00
Robin Appelman e7ab30f5d8
log performance events for http requests 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-04-28 15:37:57 +07:00
Côme Chilliet 426c0341ff
Use typed version of IConfig::getSystemValue as much as possible 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-04-05 12:50:08 +07:00
Côme Chilliet f5c361cf44
composer run cs:fix 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-01-20 11:45:08 +07:00
Christoph Wurst ce259435c2
Fix DNS Pin Middleware throwing for public IPs 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2022-11-08 14:18:05 +07:00
Christoph Wurst 8aea25b5b9
Add remote host validation API 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2022-10-31 16:13:28 +07:00
Christoph Wurst d4b9b010b0
Rename LocalAddressChecker methods to lower case 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2022-10-27 13:24:28 +07:00
Simon L 11108e8032 Revert "fix external storages access" 
Signed-off-by: szaimen <szaimen@e.mail.de>
 2022-10-23 22:36:34 +07:00
John Molakvoæ 304c1b9b61
Merge pull request #33087 from nextcloud/fix/30282/external-storages 
fix external storages access
 2022-10-23 10:42:46 +07:00
Côme Chilliet 31117fa7c7
Fix tests for nested v4 in v6 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-09-20 12:46:22 +07:00
Côme Chilliet 7ac688a2e5
Use new dependency to normalize IPs 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-09-20 12:34:04 +07:00
Côme Chilliet a907b74c2a
Add missing urldecode and idn_to_utf8 calls to local address checker 
The call to idn_to_utf8 call is actually to apply normalization

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-09-20 12:20:35 +07:00
luz paz 368f83095d Fix typos in lib/private subdirectory 
Found via `codespell -q 3 -S l10n -L jus ./lib/private`

Signed-off-by: luz paz <luzpaz@github.com>
 2022-07-27 08:52:17 +07:00
Côme Chilliet c5ffd7ce32
Use Symfony IpUtils to check for local IP ranges 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-07-12 12:09:05 +07:00
Côme Chilliet 707b46bb01 Check for local IPs nested in IPv6 as well 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-07-12 09:49:27 +07:00
Côme Chilliet d0830432a7 Refactor local IP if and set strict to true for in_array 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-07-12 09:49:27 +07:00
Côme Chilliet bd9aff47b6 Improve local IP detection 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-07-12 09:49:27 +07:00
szaimen 2ad53742f2 fix external storages access 
Signed-off-by: szaimen <szaimen@e.mail.de>
 2022-07-01 22:52:10 +07:00
Côme Chilliet d23c7d245c
Improve local domain detection 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-06-23 11:45:16 +07:00
Côme Chilliet 6be7aa112f
Migrate from ILogger to LoggerInterface in lib/private 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-03-24 16:21:25 +07:00
Vincent Petry 9b6a1cc8ae
Send images to imaginary docker to generate previews 
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
Co-Authored-by: Vincent Petry <vincent@nextcloud.com>
 2022-03-17 08:24:07 +07:00
Lukas Reschke 84d9b17dc7
Check for !== false instead 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-07-12 15:06:30 +07:00
Lukas Reschke b0cef8827d Check if dns_get_record returns non-false 
`dns_get_record` can return false which results in exceptions such as
the ones shown in https://github.com/nextcloud/server/issues/27870.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-07-12 13:15:20 +07:00
Sanpi 81c272a8a5 Fixes recursion count incrementation 
Signed-off-by: Sanpi <sanpi@homecomputing.fr>
 2021-07-07 12:00:00 +07:00
kesselb 9f04a7c71e
Merge pull request #27801 from nextcloud/enh/noid/hardening-dns-pin-middleware 
Ignore subdomain for soa queries
 2021-07-06 18:55:25 +07:00
Daniel Kesselberg b6530e5e82
Ignore subdomain for soa queries 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2021-07-05 20:29:06 +07:00
Aaron Ball 484913dc31
Fix DnsPinMiddleware resolve pinning bug 
Libcurl expects the value of the CURLOPT_RESOLVE configurations to be an
array of strings, those strings containing a comma delimited list of
resolved IPs for each host:port combination.

The original code here does create that array with the host:port:ip
combination, but multiple ips for a single host:port result in
additional array entries, rather than adding them to the end of the
string with a comma. Per the libcurl docs, the `CURLOPT_RESOLVE` array
entries should match the syntax `host:port:address[,address]`.

This creates a function-scoped associative array which uses `host:port`
as the key (which are supposed to be unique and this ensures that), and
the value is an array containing IP strings (ipv4 or ipv6). Once the
associative array is populated, it is then set to the CURLOPT_RESOLVE
array, imploding the ip arrays using a comma delimiter so the array
syntax matches the expected by libcurl.

Note that this reorders the "foreach ip" and "foreach port" loops.
Rather than looping over ips then ports, we now loop over ports then
ips, since ports are part of the unique host:port map, and multiple ips
can exist therein.

Signed-off-by: Aaron Ball <nullspoon@oper.io>
 2021-07-02 16:08:44 +07:00
John Molakvoæ (skjnldsv) 215aef3cbd
Update php licenses 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2021-06-04 22:02:41 +07:00
Arthur Schiwon 9f5480eef4
ensure redis returns bool for hasKey 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-04-13 23:07:54 +07:00
Lukas Reschke 5fe1f134f9 Strictify null check 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-04-06 11:39:24 +07:00
Lukas Reschke 5f3abffe6f Improve networking checks 
Whilst we currently state that SSRF is generally outside of our threat model, this is something where we should invest to improve this.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-04-06 11:37:47 +07:00
Christoph Wurst aabd73912e
Type the service registration 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2021-02-10 09:44:24 +07:00
Marco Ziech 4923c6be25
Use RFC-compliant URL encoding for cookies 
PHP 7.4.2 changed the way how cookies are decoded, applying RFC-compliant raw URL decoding. This leads to a conflict Nextcloud's own cookie encoding, breaking the remember-me function if the UID contains a space character.

Fixes #24438

Signed-off-by: Marco Ziech <marco@ziech.net>
 2021-01-24 14:18:28 +07:00
Roeland Jago Douma 41c80d6c19
Fix option in the client code itself as well 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2021-01-12 12:36:21 +07:00
Christoph Wurst 9ce3ea3368
Update license headers 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-12-30 14:07:05 +07:00
Christoph Wurst f37e150d1c
Merge pull request #24702 from nextcloud/enhancement/well-known-handler-api 
Add well known handlers API
 2020-12-18 13:34:04 +07:00
Christoph Wurst d89a75be0b
Update all license headers for Nextcloud 21 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-12-16 18:48:22 +07:00
Christoph Wurst 6995223b1e
Add well known handlers API 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-12-16 13:13:05 +07:00
Carlos Ferreira a42eb05a35
Simple typo in comments 2020-11-20 20:01:28 +07:00
Roeland Jago Douma 54b9f639a6
Always return the default path if we can 
Just check in the certifcate manager. So every part of the system that
request the certificatebundle gets the defaullt one (the 99% case) if we
can.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2020-11-03 00:13:01 +07:00
Christoph Wurst 2a054e6c04
Update the license headers for Nextcloud 20 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-08-24 14:54:25 +07:00
Joas Schilling 9127731c52
parse_url returns null in case a parameter is not found 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-07-29 08:32:20 +07:00
Morris Jobke 18b0d753f2
Do not read certificate bundle from data dir by default 
Before the resources/config/ca-bundle.crt was only used when the list of custom
certificates was empty and the instance was not installed. But it should also
be used when the list is empty and the instance is installed.

This is inverting the logic to stop if the instance is not installed to use the
default bundle. And it also does this when the list is empty.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2020-05-25 16:57:56 +07:00
Morris Jobke 8bcd1c31da
Allow gzip encoded requests by default 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2020-05-20 13:37:28 +07:00
Christoph Wurst cb057829f7
Update license headers for 19 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-29 11:57:22 +07:00
Joas Schilling 5e402f8aae
Check all remotes for local access 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-04-14 18:56:06 +07:00