Vincent Petry
f79fafcf06
Revert back to non-webdav download link for public URLs
...
Fixes issues with browsers not happy with the token.
Fixes activities which were not sent.
2016-02-10 19:09:52 +01:00
Thomas Müller
6b836325cf
Merge pull request #22276 from owncloud/harden-updater-auth
...
Harden updater authentication
2016-02-10 17:31:38 +01:00
Thomas Müller
6ffb83ae19
Merge pull request #22269 from owncloud/issue-22243-avoid-deadlock-with-lots-of-entries-to-cleanup
...
Chunk the cleanup queries to make sure they don't time out
2016-02-10 17:26:11 +01:00
Thomas Müller
10613f7265
Merge pull request #22273 from owncloud/versions-fixpathasrecipient
...
Fix versions path as share recipient when different than owner path
2016-02-10 17:25:14 +01:00
Lukas Reschke
5680743c2b
Harden updater authentication
...
- Reset tokens after 2 hours as discussed at https://github.com/owncloud/updater/issues/220#issuecomment-182033453
- Used BCrypt for storing the password in the config.php. This makes it substantially harder in case of a leakage of the token to bruteforce it. In the future we can evaluate also an HMAC including the IP. That's a bit tricker though at the moment considering that we support reverse proxies. Didn't feel brave enough to touch that dragon now as well ;)
2016-02-10 16:31:11 +01:00
Thomas Müller
5c89cf9565
Merge pull request #22267 from owncloud/fix_encryption2
...
calculate and update the version of the encryption signature correctly
2016-02-10 15:14:52 +01:00
Thomas Müller
159a0eb597
Merge pull request #20073 from owncloud/files-should-add-download-disposition
...
Serve files with an attachment disposition for new DAV endpoint
2016-02-10 14:35:50 +01:00
Thomas Müller
c4d2f6bb25
Merge pull request #22270 from owncloud/use-cache-directly
...
Use cache directly instead of QueryBuilder
2016-02-10 14:23:04 +01:00
Thomas Müller
c1d21cf873
Merge pull request #22263 from owncloud/fix-group-principals
...
Fix group principal
2016-02-10 14:22:18 +01:00
Vincent Petry
1b9e291913
Use full path of known file when handling versions
...
Instead of relying on the versions API response, use the known file path
when populating version models.
2016-02-10 13:39:25 +01:00
Vincent Petry
a6f997ddae
Remove path from versions response
...
The path attribute contains the path relative to the owner's home
folder, not the one from the recipient, which is useless for the client
and needlessly discloses the owner's original path.
The requested already has access to the full path of the file, so no
need to add it to the response.
2016-02-10 13:38:38 +01:00
Bjoern Schiessle
9dc759b4dc
remember signature version and only set it on update to make sure that other
...
apps like files_versions still get the old signature version
2016-02-10 13:27:32 +01:00
Joas Schilling
0ebb205010
Chunk the queries to make sure they don't time out
2016-02-10 13:04:37 +01:00
Lukas Reschke
762636efcd
Use cache directly instead of QB
...
In case somebody does not use oc_filecache
2016-02-10 12:30:39 +01:00
Bjoern Schiessle
43ed86313c
use the version of the original file if we write the part file to have a proper version if we move the file over to the original location
2016-02-10 11:08:03 +01:00
Thomas Müller
2e94d34dfd
Fix group principal
2016-02-10 10:43:32 +01:00
Joas Schilling
fa893762a2
Fix oracle by using less quotes
2016-02-10 08:40:45 +01:00
Joas Schilling
75d552b29e
Listen to the notification event to reload the file list
2016-02-10 08:40:45 +01:00
Joas Schilling
65e1e4a202
Mark the accept button as primary
2016-02-10 08:40:45 +01:00
Joas Schilling
c769f5775d
Create the actions with the correct ID
2016-02-10 08:40:45 +01:00
Joas Schilling
31cf3b8288
Make sure the share ID is an integer
2016-02-10 08:40:45 +01:00
Joas Schilling
cb8024ca14
Fix action paths
2016-02-10 08:40:45 +01:00
Joas Schilling
49dd693d8f
Bring the messages inline
2016-02-10 08:40:45 +01:00
Joas Schilling
a4a7cf40a1
Fix the notification API usage
2016-02-10 08:40:45 +01:00
Joas Schilling
3ff88c8c84
Revert "Disable the remote sharing notifications until they work properly"
...
This reverts commit 6bc93c7401
.
Conflicts:
apps/files_sharing/lib/external/manager.php
2016-02-10 08:40:44 +01:00
Jenkins for ownCloud
9ebcc4ce31
[tx-robot] updated from transifex
2016-02-10 01:56:05 -05:00
Lukas Reschke
ca350294a6
Add tests for setVersion
2016-02-09 23:43:28 +01:00
Vincent Petry
45c78476f5
Use cache update instead of put for encryption version
...
Saves a call to fetch the file id which didn't even work for a reason.
This fix properly sets the version in the database.
2016-02-09 23:43:28 +01:00
Lukas Reschke
6724f76573
Use cache and add tests
2016-02-09 23:43:27 +01:00
Bjoern Schiessle
377d7fb8a8
don't decrease ->version for part files but only a local variable, otherwise it can happen that we decrease it twice and end up with the wrong value
2016-02-09 23:43:27 +01:00
Bjoern Schiessle
966eb4b084
realPath should contain the path to the file we want to read, e.g. the version and not the original file
2016-02-09 23:43:27 +01:00
Lukas Reschke
5ccb9dfa7e
Use database for keeping track of the version
2016-02-09 23:43:27 +01:00
Lukas Reschke
3badf5caf5
Use number of chunk for HMAC as well
...
Prevents switching single blocks within the encrypted file.
2016-02-09 23:43:26 +01:00
Lukas Reschke
b5824f024a
Keep track of file version
...
This way it is not possible anymore for an external storage admin to put up old versions of the file.
2016-02-09 23:43:26 +01:00
Lukas Reschke
d5c1596887
Clarify documentation
2016-02-09 23:43:26 +01:00
Lukas Reschke
3b62459c41
Use hash with appended "a" of the original password for the authentication
2016-02-09 23:43:26 +01:00
Björn Schießle
9bb97c714b
fixing unit tests
2016-02-09 23:43:26 +01:00
Lukas Reschke
b9ff16498b
Use random_bytes instead OpenSSL
2016-02-09 23:43:26 +01:00
Björn Schießle
61dd191253
meta data are at the end of the file
2016-02-09 23:43:25 +01:00
Björn Schießle
e7ff84df5c
always use default cipher for write operations, no matter how the file was encrypted before
2016-02-09 23:43:25 +01:00
Björn Schießle
cf3a8f274f
make it backward compatible to work with signed and un-signed files
2016-02-09 23:43:25 +01:00
Björn Schießle
40a5ba72fc
sign all encrypted blocks and check signature on decrypt
2016-02-09 23:43:25 +01:00
Lukas Reschke
db8f267647
Add note about the addPadding function
2016-02-09 23:43:25 +01:00
Lukas Reschke
59ebad0b53
Use an actual 16 byte long IV
...
The previous IV was actually 12 byte extended to 16 byte using base64. As the encrypted file should be fine with containing binary data as well we can simply remove the encoding like that here.
2016-02-09 23:43:24 +01:00
Lukas Reschke
d25b8dacb3
Use AES-256-CTR as default
...
CTR is recommended over CFB mode.
2016-02-09 23:43:24 +01:00
Thomas Müller
4cfb7ca7dd
Merge pull request #22255 from owncloud/add-sso-for-updatechecker
...
Add SSO for updater application
2016-02-09 23:37:32 +01:00
Thomas Müller
57ef23dadf
Merge pull request #22251 from owncloud/smb-105
...
update icewind/smb to 1.0.5
2016-02-09 23:37:09 +01:00
C. Montero Luque
f64dbc67c6
Merge pull request #20928 from owncloud/publicdav-check-permissions
...
Check that the owner of a link share still has share permissions on access
2016-02-09 22:01:08 +01:00
C. Montero Luque
962d0c3290
Merge pull request #22252 from owncloud/consolidate-user-set-quota
...
Consolidate getQuota and setQuota methods in User instance
2016-02-09 22:00:24 +01:00
Lukas Reschke
b9e3ed1468
Add SSO for updater application
...
Allows logging-in into the updater application by visiting the admin panel and pressing "Open updater".
2016-02-09 20:28:30 +01:00