nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Marcel Müller	520d8beaf5	feat: Cache user keys Signed-off-by: Marcel Müller <marcel-mueller@gmx.de>	2025-08-05 16:42:14 +07:00
Maxence Lange	484491e7cc	fix(bruteforce): limit appconfig lazy loading Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2025-07-20 00:49:11 +07:00
Ferdinand Thiessen	5981b7eb51	chore: apply new CSFixer rules Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de> # Conflicts: # apps/settings/lib/SetupChecks/PhpOpcacheSetup.php	2025-07-01 16:26:50 +07:00
Joas Schilling	1d8556ecc3	fix(throttler): Don't query bruteforce attempts twice Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-05-20 08:37:23 +07:00
Daniel Kesselberg	a53e15c971	fix: log requests exceeding the rate limiting Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2025-05-14 12:23:40 +07:00
Joas Schilling	7964f338dc	fix(throttler): Remove the sleep from the throttler that throws The sleep is not adding benefit when it's being aborted with 429 in other cases anyway. Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-05-02 11:27:29 +07:00
Ferdinand Thiessen	a22171507a	fix(32bit): use `PHP_INT_MAX` where needed * Typo from https://github.com/nextcloud/server/pull/52392 `0xFFFF` is only 2 bytes, but we need either `0xFFFFFFFF` or maybe a bit easier to read `PHP_INT_MAX`. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-04-28 12:33:58 +07:00
Ferdinand Thiessen	9bfea21520	fix(32bit): make `pack` compatible with 32bit PHP The `P` formatter is 64bit only - we need to manually pack the 64bit. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-04-23 23:28:14 +07:00
Benjamin Gaussorgues	9f666c2b73	feat(ip): add configurable IPv6 subnet for BFP and throttling Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2025-04-17 08:12:03 +07:00
Benjamin Gaussorgues	c4021c8d38	feat(ip): use larger IPv6 range by default Some providers assign `/48` IPv6 blocks instead of `/64` so it sounds safer to use this mask by default. Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2025-04-08 10:08:28 +07:00
Joas Schilling	c1655bcde7	fix(ratelimit): Allow to bypass rate-limit from bruteforce allowlist Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-01-27 12:46:15 +07:00
Benjamin Gaussorgues	9f0c113135	Merge pull request #49599 from nextcloud/feat/bruteforce-max-attempts	2024-12-06 11:20:58 +07:00
Maxence Lange	a6e8d41c25	fix(signed-request): trigger metadata insert with default value manually Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2024-12-05 13:18:34 +07:00
Maxence Lange	15b72281df	fix(signatory): details on interfaces Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2024-12-04 09:30:55 +07:00
Maxence Lange	4df3155523	fix(signed-request): removing unstable from public Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2024-12-04 09:30:55 +07:00
Maxence Lange	948547bd5d	fix(ocm): signatory mapper Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2024-12-04 09:30:55 +07:00
Maxence Lange	4b06620055	feat(signatory): switch to qbmapper Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2024-12-04 09:30:55 +07:00
Maxence Lange	862a411118	fix(ocm): simpler code Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2024-12-04 09:30:55 +07:00
Maxence Lange	f08d053290	fix(ocm): switching to IdentityProof Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2024-12-04 09:30:55 +07:00
Maxence Lange	4591430c9c	feat(ocm): signing ocm requests Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2024-12-04 09:30:55 +07:00
Benjamin Gaussorgues	1fd19685f1	chore(bruteforce): allows to configure max attempts before request abort Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2024-12-03 10:48:10 +07:00
Christoph Wurst	1323e5bcb1	fix(migration): Decrypt ownCloud secrets v2 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-11-28 09:00:33 +07:00
Josh	077eea18b5	fix(security): Handle IPv6 zone IDs used in link-local addresses Signed-off-by: Josh <josh.t.richards@gmail.com>	2024-10-31 17:01:34 +07:00
Josh	4873dcbf1e	fix(security): Handle IPv6 zone IDs used in link-local addresses Signed-off-by: Josh <josh.t.richards@gmail.com>	2024-10-31 16:59:27 +07:00
dependabot[bot]	bb598c8451	chore(deps): Bump nextcloud/coding-standard in /vendor-bin/cs-fixer Bumps [nextcloud/coding-standard](https://github.com/nextcloud/coding-standard) from 1.3.1 to 1.3.2. - [Release notes](https://github.com/nextcloud/coding-standard/releases) - [Changelog](https://github.com/nextcloud/coding-standard/blob/master/CHANGELOG.md) - [Commits](https://github.com/nextcloud/coding-standard/compare/v1.3.1...v1.3.2) --- updated-dependencies: - dependency-name: nextcloud/coding-standard dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: provokateurin <kate@provokateurin.de>	2024-10-19 07:57:35 +07:00
Ferdinand Thiessen	2ef74b9860	Merge pull request #47329 from nextcloud/feat/add-datetime-qbmapper-support feat(AppFramework): Add full support for date / time / datetime columns	2024-10-18 19:05:08 +07:00
Git'Fellow	a1681b0756	chore(db): Apply query prepared statements Fix: psalm fix: bad file fix: bug chore: add batch chore: add batch chore: add batch fix: psalm	2024-10-17 20:30:47 +07:00
Ferdinand Thiessen	db94e10af0	fix: Prevent breaking change in IQueryBuilder Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-10-17 18:31:44 +07:00
Ferdinand Thiessen	e314d52118	fix: Adjust parameter type usage and add SQLite support Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-10-17 18:31:44 +07:00
Git'Fellow	c254855222	chore(db): Correctly apply query types fix: psalm fix: error fix: add batch fix: fatal error fix: add batch chore: add batch chore: add batch fix: psalm fix: typo fix: psalm fix: return bool fix: revert Manager	2024-10-17 09:21:07 +07:00
provokateurin	54ec472d9a	fix(BackgroundJobs): Adjust intervals and time sensitivities Signed-off-by: provokateurin <kate@provokateurin.de>	2024-10-08 11:26:53 +07:00
Richard Steinmetz	19ad13571c	fix: gracefully parse non-standard trusted certificates Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>	2024-09-24 12:36:09 +07:00
provokateurin	9836e9b164	chore(deps): Update nextcloud/coding-standard to v1.3.1 Signed-off-by: provokateurin <kate@provokateurin.de>	2024-09-19 14:21:20 +07:00
Christoph Wurst	1ee833efab	refactor: Replace __CLASS__ with ::class references Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-09-15 21:40:55 +07:00
Anna Larch	8af7ecb257	chore: adjust code to adhere to coding standard Signed-off-by: Anna Larch <anna@nextcloud.com>	2024-09-05 21:23:38 +07:00
Daniel Kesselberg	af6de04e9e	style: update codestyle for coding-standard 1.2.3 Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2024-08-25 19:34:58 +07:00
Ferdinand Thiessen	2916e5df7e	feat: Provide CSP nonce as `<meta>` element This way we use the CSP nonce for dynamically loaded scripts. Important to notice: The CSP nonce must NOT be injected in `content` as this can lead to value exfiltration using e.g. side-channel attacts (CSS selectors). Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-08-13 10:32:44 +07:00
Ferdinand Thiessen	86f01a3358	fix: Make sure CSP nonce is not double base64 encoded Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-08-13 09:52:33 +07:00
Stephan Orbaugh	9ed2d3e495	Merge pull request #46571 from nextcloud/chore/migrate-to-filenamevalidator refactor: Migrate some legacy and core functions to `IFilenameValidator`	2024-07-22 10:40:50 +07:00
Ferdinand Thiessen	9716b0d735	refactor: Migrate some legacy and core functions to `IFilenameValidator` Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-07-19 19:41:46 +07:00
Benjamin Gaussorgues	f1d97a3188	feat(Security): add Factory for IP addresses and ranges Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2024-07-19 16:28:03 +07:00
Joas Schilling	047479ccf9	feat(security): Add public API to allow validating IP Ranges and checking for "in range" Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2024-07-19 16:28:03 +07:00
Benjamin Gaussorgues	202e5b1e95	feat(security): restrict admin actions to IP ranges Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2024-07-19 16:28:03 +07:00
Christopher Ng	415edcac9b	chore: More explicit splitHash typing Signed-off-by: Christopher Ng <chrng8@gmail.com>	2024-07-04 17:05:45 +07:00
Christopher Ng	d9bf6c432e	feat: Add method to validate an IHasher hash Signed-off-by: Christopher Ng <chrng8@gmail.com>	2024-07-04 17:05:45 +07:00
Robin Appelman	e140907123	fix: don't use custom certificate bundle if no customer certificates are configured Signed-off-by: Robin Appelman <robin@icewind.nl>	2024-06-14 16:27:41 +07:00
John Molakvoæ	258bb03cf5	Merge branch 'master' into refactor/OC-Server-getSecureRandom Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>	2024-05-30 14:24:22 +07:00
Andy Scherzinger	dae7c159f7	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-24 13:11:22 +07:00
Joas Schilling	b627e6efe4	fix: Correctly check result of function Signed-off-by: Joas Schilling <coding@schilljs.com>	2024-05-15 12:24:25 +07:00
Ferdinand Thiessen	5a513c924f	fix(CSP): Add CSP nonce by default and convert `browserSupportsCspV3` to blocklist Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-03-26 17:08:22 +07:00

1 2 3 4 5 ...

261 Commits (46ced9df22af2be4fddcc5fc57789a7bd2e38faa)