sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
82,343 Commits
629 Branches
1167 Tags
9.1 GiB
Commit Graph

261 Commits (9f3da00aacba89f525678395f2cd8302ff7d4e69)

Author SHA1 Message Date
Andrew Summers f9ce6bfdff Refactor `OC\Server::getHasher` 
Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>
 2024-03-15 13:04:27 +07:00
Julius Härtl 02d6d3f5b1
fix: Add edge as supported user agent for CSPv3 nonces 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-03-08 12:11:46 +07:00
Joas Schilling 33e1c8b236
fix(security): Handle idn_to_utf8 returning false 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-12-04 10:38:46 +07:00
Joas Schilling aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +07:00
Ferdinand Thiessen 7df9eb3351 feat(ContentSecurityPolicy): Allow to set `strict-dynamic` on `script-src-elem` only 
This adds the possibility to set `strict-dynamic` on `script-src-elem` only while keep the default rules for `script-src`.
The idea is to allow loading module js which imports other files and thus does not allow nonces on import but on the initial script tag.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2023-11-17 11:12:57 +07:00
Benjamin Gaussorgues f04035caa0
Simplify IP address normalizer with IP masks 
Remove dead code

Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-08 11:55:07 +07:00
Faraz Samapoor f313ca92e7 Refactors lib/private/Security. 
Mainly using PHP8's constructor property promotion.

Signed-off-by: Faraz Samapoor <fsa@adlas.at>
 2023-09-27 09:03:15 +07:00
Robin Appelman 6b767e060a
Merge pull request #39013 from fsamapoor/refactor_lib_private_security_part3 
[3/3] Refactors lib/private/Security
 2023-09-22 11:13:44 +07:00
Faraz Samapoor 1c023e6666 Update lib/private/Security/Certificate.php 
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-09-21 11:20:12 +07:00
Faraz Samapoor f9596edb00 Updates the typed properties. 
Based on: https://github.com/nextcloud/server/pull/39013#discussion_r1242340826

Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Faraz Samapoor <fsa@adlas.at>
 2023-09-21 11:20:12 +07:00
Faraz Samapoor 4f46656d39 Refactors lib/private/Security. 
Mainly using PHP8's constructor property promotion.

Signed-off-by: Faraz Samapoor <fsa@adlas.at>
 2023-09-21 11:20:12 +07:00
Christoph Wurst e477bb7eaf
feat(appframework): Expose programmatic rate limiter 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-09-20 20:25:27 +07:00
Andrew Summers 1395a53602
Refactor `OC\Server::getSecureRandom` 
Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>
 2023-08-29 21:32:40 +07:00
Joas Schilling 124588d4a6
fix: Make bypass function public API 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-21 16:40:24 +07:00
Joas Schilling fd9b2d488e
feat: Expose if the own IP is allowed to bypass bruteforce protection 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-21 16:36:04 +07:00
Joas Schilling abc98d343c
feat(security): Add a "testing mode" for bruteforce protection that doesn't sleep 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-21 16:36:03 +07:00
Joas Schilling a95800c647
feat(security): Add a bruteforce protection backend base on memcache 
Similar to the ratelimit backend

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-21 16:36:03 +07:00
Daniel Calviño Sánchez 41f2d912d2 Allow "wasm-unsafe-eval" in CSP 
If a page has a Content Security Policy header and the `script-src` (or
`default-src`) directive does not contain neither `wasm-unsafe-eval` nor
`unsafe-eval` loading and executing WebAssembly is blocked in the page
(although it is still possible to load and execute WebAssembly in a
worker thread).

Although the Nextcloud classes to manage the CSP already supported
allowing `unsafe-eval` this affects not only WebAssembly, but also the
`eval` operation in JavaScript.

To make possible to allow WebAssembly execution without allowing
JavaScript `eval` this commit adds support for allowing
`wasm-unsafe-eval`.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
 2023-08-10 02:38:41 +07:00
Faraz Samapoor e73757b4a5 Refactors lib/private/Security. 
Mainly using PHP8's constructor property promotion.

Signed-off-by: Faraz Samapoor <fsa@adlas.at>
 2023-06-26 15:03:13 +07:00
Robin Appelman 9f1d497a0b
Merge pull request #38261 from fsamapoor/replace_strpos_calls_in_lib_private 
Refactors "strpos" calls in  lib/private to improve code readability.
 2023-06-01 23:10:00 +07:00
Robin Appelman 223612b15a
log failures to read certificates during listing 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-05-31 14:40:45 +07:00
Faraz Samapoor e7cc7653b8 Refactors "strpos" calls in lib/private to improve code readability. 
Signed-off-by: Faraz Samapoor <fsamapoor@gmail.com>
 2023-05-15 15:17:19 +07:00
John Molakvoæ 46459ae93f
Merge pull request #35092 from Messj1/bugfix/type-error-cert-manager-cache-path 2023-05-04 21:53:49 +07:00
Jan Messer 647c65a640 [BUGFIX] throw exception instead of error if unable to create file handler (only exceptions are catch) 
Signed-off-by: Jan Messer <jan@mtec-studios.ch>
 2023-04-06 23:03:49 +07:00
Jan Messer 7a443863fe [BUGFIX] check return value and improve error handling 
With S3 primary storage there was a problem with getting the CA bundle from the storage without having the CA bundle for the connection which causes that the CertificateManager was throwing an Error.
This commit improves the handling in CertificateManager and log unexpected behaviors.

Signed-off-by: Jan Messer <jan@mtec-studios.ch>
 2023-04-06 23:03:33 +07:00
Côme Chilliet 426c0341ff
Use typed version of IConfig::getSystemValue as much as possible 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-04-05 12:50:08 +07:00
Côme Chilliet 8f550398c4
Merge pull request #36836 from nextcloud/fix/view-type-cleanup 
Tidy up typing in OC\Files\View
 2023-04-05 10:14:55 +07:00
Côme Chilliet ea05544213
Fix return type of methods returning false on error 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-04-03 10:52:34 +07:00
Joas Schilling 454281af03
feat(security): Allow to opt-out of ratelimit protection, e.g. for testing on CI 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-04-03 09:06:45 +07:00
Côme Chilliet f5c361cf44
composer run cs:fix 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-01-20 11:45:08 +07:00
Christoph Wurst 8aea25b5b9
Add remote host validation API 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2022-10-31 16:13:28 +07:00
Côme Chilliet 71ee292650 Add rate limiting on lost password emails 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-10-18 14:49:02 +07:00
Carl Schwan 9919116716
Merge pull request #31499 from nextcloud/bugfix/empty-secret 
Add fallback routines for empty secret cases
 2022-10-17 16:02:58 +07:00
Carl Schwan ef31396727
Mark method as deprecated 
Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-09-13 13:06:54 +07:00
Carl Schwan 48d9c4d2b0
Port existing server code to new interface 
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-08-08 17:03:19 +07:00
Joas Schilling c0f47af2d0
Add a public interface for the bruteforce throttler and register for injection 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-07-28 10:57:10 +07:00
luz paz 368f83095d Fix typos in lib/private subdirectory 
Found via `codespell -q 3 -S l10n -L jus ./lib/private`

Signed-off-by: luz paz <luzpaz@github.com>
 2022-07-27 08:52:17 +07:00
Joas Schilling 8274c05e19
Only ignore attempts of the same action 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-07-07 09:35:14 +07:00
Carl Schwan ca3cd5a625 Fix detection of firefox in ContentSecurityPolicyNonceManager 
Reuse Request::USER_AGENT_FIREFOX, and also update the safari detection
since safari < 12 is not supported anymore and we can remove a bit of
code duplication

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-06-29 17:05:48 +07:00
Vincent Petry 01dbd22c9c
Validate requested length is random string generator 
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2022-05-12 13:58:18 +07:00
Vincent Petry 7718c9776c
Merge pull request #32113 from nextcloud/bugfix/noid/fix-csp-merging-bools 
Add CSP policy merge priority for booleans
 2022-05-05 17:26:48 +07:00
Carl Schwan 69b36fc2c5 Don't inject Bruteforce capability info in the webui 
This capability do DB access and as far I know is not used by the webui.
This remove one DB query for each page load.

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-04-07 17:33:29 +07:00
Vincent Petry 18c013d8fc
Add CSP policy merge priority for booleans 
When two booleans conflict when merging CSP policies, true will win.

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2022-04-01 13:56:34 +07:00
Côme Chilliet 6be7aa112f
Migrate from ILogger to LoggerInterface in lib/private 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-03-24 16:21:25 +07:00
Robin Appelman 4f594dbf53
cache the path of the certificate bundle 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2022-03-17 14:58:56 +07:00
Robin Appelman a887553ddb
return default bundle when there is an error getting the bundle 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2022-03-14 18:34:09 +07:00
Julius Härtl a6796b4247
Fix decryption fallback after adding a secret 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-03-10 14:01:21 +07:00
Julius Härtl 81f8719cc0
Add fallback routines for empty secret cases 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-03-10 14:01:21 +07:00
Julius Härtl bd03dd37be
Allow to set a strict-dynamic CSP through the API 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-03-09 15:10:27 +07:00
Joas Schilling b8e0a3dbdd
Use the new option to signaling insensitivity 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-02-07 13:54:54 +07:00
Joas Schilling b59df35426
Make the DB query simpler (as we just deleted all other entries) 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-01-28 16:55:17 +07:00
Joas Schilling c6d000f87f
Log bruteforce throttle and blocking 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-01-18 10:10:19 +07:00
Carl Schwan 6312c0df69
Check style update 
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-01-13 00:19:07 +07:00
Joas Schilling 1d550ab95e
Don't query the bruteforce attempts when we just deleted them 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-12-01 18:01:22 +07:00
Vincent Petry 19f41a60a0
Type hint in IpAddress 
Signed-off-by: Vincent Petry <vincent@nextcloud.com>

Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
 2021-11-22 17:36:26 +07:00
Vincent Petry f01ad7b8d8
Improve normalizer detecting IPv4 inside of IPv6 
The subnet for an IPv4 address inside of IPv6 is now returned in its
IPv4 form.

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2021-11-22 16:46:25 +07:00
Vincent Petry 7e08a4ab15
Fix getting subnet of ipv4 mapped ipv6 addresses 
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2021-11-22 14:10:11 +07:00
Joas Schilling c42f5bc5f6
Add an OCP for trusted domain helper 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-10-28 10:24:16 +07:00
Daniel Kesselberg 240eb02585
Set associative = true for cleanup job 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2021-10-07 20:20:09 +07:00
Lukas Reschke 0dcc5c0e9f
Merge pull request #28728 from nextcloud/add-database-backend-limiter 
Add database ratelimiting backend
 2021-09-13 13:07:37 +07:00
Lukas Reschke 474a5b55d3 Implement review feedback 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-09-13 11:01:35 +07:00
Lukas Reschke 358eaba7dd
Apply suggestions from code review 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>
 2021-09-13 10:43:01 +07:00
Arthur Schiwon 0dee717c94
Confirm mails only per POST 
- this is to avoid automatic confirmation by certain softwares that open
  links

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-09-09 19:23:04 +07:00
Arthur Schiwon a20de15b43
add a job to clean up expired verification tokens 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-09-09 14:03:35 +07:00
Arthur Schiwon 19cc757531
move verification token logic out of lost password controller 
- to make it reusable
- needed for local email verification

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-09-09 14:03:29 +07:00
Lukas Reschke 471167019c Implement PR review feedback 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-09-07 18:03:34 +07:00
Lukas Reschke a915372c56 phpcs 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-09-06 17:50:23 +07:00
Lukas Reschke 378cc922c4 Adjust logic to store period instead of current timestamp 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-09-06 17:31:36 +07:00
Lukas Reschke d4f97affc1 Add database ratelimiting backend 
In case no distributed memory cache is specified this adds
a database backend for ratelimit purposes.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-09-06 16:31:01 +07:00
Daniel Kesselberg 0a15043f69
Throw exception if encrypting the data failed. 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2021-07-05 10:23:16 +07:00
John Molakvoæ (skjnldsv) 215aef3cbd
Update php licenses 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2021-06-04 22:02:41 +07:00
Roeland Jago Douma ee3dc57cbd
Merge pull request #26626 from J0WI/strict-security 
Make Security module strict
 2021-05-18 08:43:13 +07:00
Morris Jobke 393309b98f
Merge pull request #25714 from nextcloud/fix/23197/explicitly_check_hex2bin_input 
Explicitly check hex2bin input
 2021-04-22 13:23:39 +07:00
J0WI ca7b37ce5a Make Security module strict 
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
 2021-04-19 17:31:12 +07:00
Lukas Reschke e5a4236e68 Increase subnet matcher 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-04-07 12:28:59 +07:00
Roeland Jago Douma 16652ac6c6 Explicitly check hex2bin input 
For #23197

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2021-02-18 20:12:20 +07:00
dependabot-preview[bot] eb502c02ff
Bump nextcloud/coding-standard from 0.3.0 to 0.5.0 
Bumps [nextcloud/coding-standard](https://github.com/nextcloud/coding-standard) from 0.3.0 to 0.5.0.
- [Release notes](https://github.com/nextcloud/coding-standard/releases)
- [Changelog](https://github.com/nextcloud/coding-standard/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nextcloud/coding-standard/compare/v0.3.0...v0.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2021-02-18 13:31:24 +07:00
Morris Jobke 24d436cb60
Remove unneeded casts that were found by Psalm 
In preparation of the update of Psalm from 4.2.1 to 4.3.1+ (see https://github.com/nextcloud/server/pull/24521)

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2021-01-11 13:14:41 +07:00
Christoph Wurst d89a75be0b
Update all license headers for Nextcloud 21 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-12-16 18:48:22 +07:00
Julius Härtl f5501ca276
Avoid checking for brute force protection capabilities when upgrading 
This might happen a releases that doesn't have this table yet

Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2020-12-09 12:13:33 +07:00
Joas Schilling 5b5aebbf66
Replace the credentials table with one that can have empty user 
Primary key columns on Oracle can not have empty strings

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-11-10 15:36:27 +07:00
Joas Schilling 1aa9c9164d
Fix comparing the empty string for global credentials 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-11-10 15:36:26 +07:00
Joas Schilling 8027dcbc6f
Don't leave cursors open when tests fail 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-11-09 12:28:17 +07:00
Roeland Jago Douma 54b9f639a6
Always return the default path if we can 
Just check in the certifcate manager. So every part of the system that
request the certificatebundle gets the defaullt one (the 99% case) if we
can.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2020-11-03 00:13:01 +07:00
Morris Jobke dc479aae2d
Improve CertificateManager to not be user context dependent 
* removes the ability for users to import their own certificates (for external storage)
* reliably returns the same certificate bundles system wide (and not depending on the user context and available sessions)

The user specific certificates were broken in some cases anyways, as they are only loaded if the specific user is logged in and thus causing unexpected behavior for background jobs and other non-user triggered code paths.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2020-11-03 00:13:01 +07:00
lynn-stephenson 648b60fa0e
Derive encryption key & MAC key from a single key. 
Signed-off-by: lynn-stephenson <lynn.stephenson@protonmail.com>
 2020-10-15 21:23:24 +07:00
Roeland Jago Douma 8fae2beece
Limit throttler to 48 hours 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2020-10-08 19:51:13 +07:00
Roeland Jago Douma 6c1b542def
Add cleanup job for old brutefoce attempts 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2020-10-08 19:51:13 +07:00
Christoph Wurst d9015a8c94
Format code to a single space around binary operators 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-10-05 20:25:24 +07:00
Morris Jobke 99c9423766
Remove @suppress SqlInjectionChecker 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2020-09-16 15:53:56 +07:00
Joas Schilling c25063dc07
Don't break when the IP is empty 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-09-10 14:20:27 +07:00
Christoph Wurst 2a054e6c04
Update the license headers for Nextcloud 20 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-08-24 14:54:25 +07:00
Joas Schilling 35a8519591
Fix CS 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-08-19 11:20:36 +07:00
Joas Schilling 770381c0c6
Correctly return ms delay when at max 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-08-19 11:20:36 +07:00
Joas Schilling 931aca2fee
Add missing default 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-08-19 11:20:36 +07:00
Joas Schilling d9c4c9eb99
Simplify array filter 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-08-19 11:20:36 +07:00
Joas Schilling dfeee3b850
Fix wrong doc + type hint 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-08-19 11:20:36 +07:00
Joas Schilling 8376c4891f
Only throw when also the last 30 mins were attacking 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-08-19 11:20:36 +07:00
Joas Schilling 6f751d01db
Make the throttling O(2^n) instead of O(n^n) 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-08-19 11:20:36 +07:00
Joas Schilling 64539a6ee1
Make Throttler strict 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-08-19 11:20:36 +07:00