Commit Graph

12634 Commits

Author SHA1 Message Date
Vincent Petry f79fafcf06 Revert back to non-webdav download link for public URLs
Fixes issues with browsers not happy with the token.
Fixes activities which were not sent.
2016-02-10 19:09:52 +01:00
Thomas Müller 6b836325cf Merge pull request #22276 from owncloud/harden-updater-auth
Harden updater authentication
2016-02-10 17:31:38 +01:00
Thomas Müller 6ffb83ae19 Merge pull request #22269 from owncloud/issue-22243-avoid-deadlock-with-lots-of-entries-to-cleanup
Chunk the cleanup queries to make sure they don't time out
2016-02-10 17:26:11 +01:00
Thomas Müller 10613f7265 Merge pull request #22273 from owncloud/versions-fixpathasrecipient
Fix versions path as share recipient when different than owner path
2016-02-10 17:25:14 +01:00
Lukas Reschke 5680743c2b Harden updater authentication
- Reset tokens after 2 hours as discussed at https://github.com/owncloud/updater/issues/220#issuecomment-182033453
- Used BCrypt for storing the password in the config.php. This makes it substantially harder in case of a leakage of the token to bruteforce it. In the future we can evaluate also an HMAC including the IP. That's a bit tricker though at the moment considering that we support reverse proxies. Didn't feel brave enough to touch that dragon now as well ;)
2016-02-10 16:31:11 +01:00
Thomas Müller 5c89cf9565 Merge pull request #22267 from owncloud/fix_encryption2
calculate and update the version of the encryption signature correctly
2016-02-10 15:14:52 +01:00
Thomas Müller 159a0eb597 Merge pull request #20073 from owncloud/files-should-add-download-disposition
Serve files with an attachment disposition for new DAV endpoint
2016-02-10 14:35:50 +01:00
Thomas Müller c4d2f6bb25 Merge pull request #22270 from owncloud/use-cache-directly
Use cache directly instead of QueryBuilder
2016-02-10 14:23:04 +01:00
Thomas Müller c1d21cf873 Merge pull request #22263 from owncloud/fix-group-principals
Fix group principal
2016-02-10 14:22:18 +01:00
Vincent Petry 1b9e291913 Use full path of known file when handling versions
Instead of relying on the versions API response, use the known file path
when populating version models.
2016-02-10 13:39:25 +01:00
Vincent Petry a6f997ddae Remove path from versions response
The path attribute contains the path relative to the owner's home
folder, not the one from the recipient, which is useless for the client
and needlessly discloses the owner's original path.

The requested already has access to the full path of the file, so no
need to add it to the response.
2016-02-10 13:38:38 +01:00
Bjoern Schiessle 9dc759b4dc remember signature version and only set it on update to make sure that other
apps like files_versions still get the old signature version
2016-02-10 13:27:32 +01:00
Joas Schilling 0ebb205010 Chunk the queries to make sure they don't time out 2016-02-10 13:04:37 +01:00
Lukas Reschke 762636efcd Use cache directly instead of QB
In case somebody does not use oc_filecache
2016-02-10 12:30:39 +01:00
Bjoern Schiessle 43ed86313c use the version of the original file if we write the part file to have a proper version if we move the file over to the original location 2016-02-10 11:08:03 +01:00
Thomas Müller 2e94d34dfd Fix group principal 2016-02-10 10:43:32 +01:00
Joas Schilling fa893762a2 Fix oracle by using less quotes 2016-02-10 08:40:45 +01:00
Joas Schilling 75d552b29e Listen to the notification event to reload the file list 2016-02-10 08:40:45 +01:00
Joas Schilling 65e1e4a202 Mark the accept button as primary 2016-02-10 08:40:45 +01:00
Joas Schilling c769f5775d Create the actions with the correct ID 2016-02-10 08:40:45 +01:00
Joas Schilling 31cf3b8288 Make sure the share ID is an integer 2016-02-10 08:40:45 +01:00
Joas Schilling cb8024ca14 Fix action paths 2016-02-10 08:40:45 +01:00
Joas Schilling 49dd693d8f Bring the messages inline 2016-02-10 08:40:45 +01:00
Joas Schilling a4a7cf40a1 Fix the notification API usage 2016-02-10 08:40:45 +01:00
Joas Schilling 3ff88c8c84 Revert "Disable the remote sharing notifications until they work properly"
This reverts commit 6bc93c7401.

Conflicts:
	apps/files_sharing/lib/external/manager.php
2016-02-10 08:40:44 +01:00
Jenkins for ownCloud 9ebcc4ce31 [tx-robot] updated from transifex 2016-02-10 01:56:05 -05:00
Lukas Reschke ca350294a6 Add tests for setVersion 2016-02-09 23:43:28 +01:00
Vincent Petry 45c78476f5 Use cache update instead of put for encryption version
Saves a call to fetch the file id which didn't even work for a reason.

This fix properly sets the version in the database.
2016-02-09 23:43:28 +01:00
Lukas Reschke 6724f76573 Use cache and add tests 2016-02-09 23:43:27 +01:00
Bjoern Schiessle 377d7fb8a8 don't decrease ->version for part files but only a local variable, otherwise it can happen that we decrease it twice and end up with the wrong value 2016-02-09 23:43:27 +01:00
Bjoern Schiessle 966eb4b084 realPath should contain the path to the file we want to read, e.g. the version and not the original file 2016-02-09 23:43:27 +01:00
Lukas Reschke 5ccb9dfa7e Use database for keeping track of the version 2016-02-09 23:43:27 +01:00
Lukas Reschke 3badf5caf5 Use number of chunk for HMAC as well
Prevents switching single blocks within the encrypted file.
2016-02-09 23:43:26 +01:00
Lukas Reschke b5824f024a Keep track of file version
This way it is not possible anymore for an external storage admin to put up old versions of the file.
2016-02-09 23:43:26 +01:00
Lukas Reschke d5c1596887 Clarify documentation 2016-02-09 23:43:26 +01:00
Lukas Reschke 3b62459c41 Use hash with appended "a" of the original password for the authentication 2016-02-09 23:43:26 +01:00
Björn Schießle 9bb97c714b fixing unit tests 2016-02-09 23:43:26 +01:00
Lukas Reschke b9ff16498b Use random_bytes instead OpenSSL 2016-02-09 23:43:26 +01:00
Björn Schießle 61dd191253 meta data are at the end of the file 2016-02-09 23:43:25 +01:00
Björn Schießle e7ff84df5c always use default cipher for write operations, no matter how the file was encrypted before 2016-02-09 23:43:25 +01:00
Björn Schießle cf3a8f274f make it backward compatible to work with signed and un-signed files 2016-02-09 23:43:25 +01:00
Björn Schießle 40a5ba72fc sign all encrypted blocks and check signature on decrypt 2016-02-09 23:43:25 +01:00
Lukas Reschke db8f267647 Add note about the addPadding function 2016-02-09 23:43:25 +01:00
Lukas Reschke 59ebad0b53 Use an actual 16 byte long IV
The previous IV was actually 12 byte extended to 16 byte using base64. As the encrypted file should be fine with containing binary data as well we can simply remove the encoding like that here.
2016-02-09 23:43:24 +01:00
Lukas Reschke d25b8dacb3 Use AES-256-CTR as default
CTR is recommended over CFB mode.
2016-02-09 23:43:24 +01:00
Thomas Müller 4cfb7ca7dd Merge pull request #22255 from owncloud/add-sso-for-updatechecker
Add SSO for updater application
2016-02-09 23:37:32 +01:00
Thomas Müller 57ef23dadf Merge pull request #22251 from owncloud/smb-105
update icewind/smb to 1.0.5
2016-02-09 23:37:09 +01:00
C. Montero Luque f64dbc67c6 Merge pull request #20928 from owncloud/publicdav-check-permissions
Check that the owner of a link share still has share permissions on access
2016-02-09 22:01:08 +01:00
C. Montero Luque 962d0c3290 Merge pull request #22252 from owncloud/consolidate-user-set-quota
Consolidate getQuota and setQuota methods in User instance
2016-02-09 22:00:24 +01:00
Lukas Reschke b9e3ed1468 Add SSO for updater application
Allows logging-in into the updater application by visiting the admin panel and pressing "Open updater".
2016-02-09 20:28:30 +01:00