Commit Graph

114 Commits

Author SHA1 Message Date
Thomas Müller eebe2b9c23 User IUser::getEMailAddress() all over the place 2015-12-02 21:25:05 +01:00
Morris Jobke 0a6db3ada6 Remove OC_Config from app management template
* add unit test for this case
2015-12-02 14:35:38 +01:00
Lukas Reschke 4971015544 Add code integrity check
This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository.

Furthermore, there is a basic implementation to display problems with the code integrity on the update screen.

Code signing basically happens the following way:

- There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release 😉). This certificate is not intended to be used for signing directly and only is used to sign new certificates.
- Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`,  apps need to be signed with a certificate that either has a CN of `core` (shipped apps!)  or the AppID.
- The command generates a signature.json file of the following format:
```json
{
    "hashes": {
        "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d",
        "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9"
    },
    "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----",
    "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl"
}
```
`hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the  certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`.

Steps to do in other PRs, this is already a quite huge one:
- Add nag screen in case the code check fails to ensure that administrators are aware of this.
- Add code verification also to OCC upgrade and unify display code more.
- Add enforced code verification to apps shipped from the appstore with a level of "official"
- Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release
- Add some developer documentation on how devs can request their own certificate
- Check when installing ownCloud
- Add support for CRLs to allow revoking certificates

**Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature:

```
➜  master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt
Successfully signed "core"
```

Then increase the version and you should see something like the following:

![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png)

As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen.

For packaging stable releases this requires the following additional steps as a last action before zipping:
1. Run `./occ integrity:sign-core` once
2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
2015-12-01 11:55:20 +01:00
Roeland Jago Douma 0265bcfdae Moved changedisplayname to usercontroller
Killed the old static route to change a users display name and moved it
to a properly testable controller.
2015-11-20 16:05:43 +01:00
Morris Jobke 18f0bafd88 fix subadmin user count for empty groups 2015-11-04 09:39:51 +01:00
Vincent Petry 781bca2437 Fix everyone count for subadmins
Also moved the logic to the UsersController
2015-10-29 17:41:49 +01:00
Lukas Reschke c6f6a8758b Drop OC_SubAdmin and replace usages 2015-10-29 11:31:18 +01:00
Thomas Müller 0a9150b2da Merge pull request #19813 from owncloud/stay-on-apps-category-refresh
Improve settings/apps page
2015-10-26 23:07:06 +01:00
Joas Schilling e19c49295a Use speaking ids 2015-10-26 16:15:15 +01:00
Joas Schilling a9a6d4c182 Stay on the same category when refreshing the page on the apps list 2015-10-26 16:15:14 +01:00
Lukas Reschke 8f09d5b67c Update license headers 2015-10-26 14:04:01 +01:00
Roeland Jago Douma 02af4269f2 Fix unit test
Now that OC_SubAdmin is just a wrapper around OC\SubAdmin some unit
tests had to be fixed because they expected different behaviour.

Eventually they should move to properly mocked instances of OC\SubAdmin
of course
2015-10-21 11:41:25 +02:00
Robin McCorkell 03dd1386da Fix memcached/memcache module check 2015-10-20 21:45:27 +01:00
Vincent Petry 14591d9df7 Use injected request 2015-10-09 11:19:06 +02:00
Morris Jobke bf579a153f fix IE8 user agent detection 2015-10-09 11:19:06 +02:00
Vincent Petry c7aef6c368 Fix uploading avatar and root certs in IE8 2015-10-09 11:19:05 +02:00
Lukas Reschke 12181aa6de Don't perform checks for outdated TLS libs when no internet connection
This change makes the check return a positive result when:

- The instance has been configured to not use the internet
AND/OR
- S2S AND the appstore is disabled
2015-10-08 18:26:03 +02:00
Lukas Reschke 9b220d0576 Fix comment syntax 2015-10-08 17:35:31 +02:00
Lukas Reschke 384c6fd3ac Fix importing of certificates
Fixes https://github.com/owncloud/core/issues/19601
2015-10-06 14:00:55 +02:00
Thomas Müller 0385a62363 Merge pull request #19597 from owncloud/update-license-headers
update licence headers via script
2015-10-06 11:18:35 +02:00
Morris Jobke 8366ce2767 deduplicate @xenopathic 2015-10-06 09:52:19 +02:00
Morris Jobke b519965408 [admin] check for correct PHP memcached module 2015-10-06 08:51:47 +02:00
Morris Jobke b945d71384 update licence headers via script 2015-10-05 21:15:52 +02:00
Robin McCorkell 27bc781cba Update isCertificateImportAllowed() check to new API 2015-09-10 21:44:56 +01:00
Morris Jobke c86cac6a2b use config.php value instead of version string 2015-09-02 08:16:27 +02:00
Robin McCorkell 2579999373 Add setup check for reverse proxy header configuration 2015-08-10 23:28:16 +01:00
Thomas Müller 9650f3ecbe Merge pull request #17919 from rullzer/php_supported_check
Display warning in security & setup warnings if php version is EOL
2015-08-10 23:03:35 +02:00
Bjoern Schiessle dc5e89e624 also block certificate management in the back-end if external storages are disabled for the user 2015-08-04 18:33:19 +02:00
Roeland Jago Douma 72ba67815e Display warning in security & setup warnings if php version is EOL 2015-07-29 10:07:01 +02:00
Robin McCorkell 6d54d2fad7 Merge pull request #17912 from owncloud/detect-old-openssl-versions
Detect old NSS and OpenSSL versions
2015-07-28 21:26:44 +01:00
Lukas Reschke 7f6c5e456b Add unit tests 2015-07-28 16:32:11 +02:00
Bjoern Schiessle 2c8fa54881 set logger in constructor 2015-07-28 16:32:11 +02:00
Lukas Reschke 0d515de13e Detect old NSS and OpenSSL versions
This will detect old NSS and OpenSSL versions and show appropriate errors in the admin interface.

Fixes https://github.com/owncloud/core/issues/17901
2015-07-28 15:32:19 +02:00
Bjoern Schiessle 3000f0125f don't move keys if the key where already moved in a previous migration run 2015-07-17 15:19:10 +02:00
Thomas Müller d6f02eb703 Merge pull request #17500 from owncloud/encryption_migration_improvements
Only clean up if migration finished succesfully
2015-07-16 14:03:21 +02:00
Morris Jobke 533a23611a Handle returned null value in app level code
* getApplication on OCSClient can also return null
  this is now handled properly
* fixes #17587
2015-07-13 15:34:00 +02:00
Bjoern Schiessle 85c3b9d5cf only cleanUp the remaining keys if the migration really finished succesfully 2015-07-08 18:23:18 +02:00
Lukas Reschke 1db047a336 Add missing version field 2015-06-29 15:09:57 +02:00
Lukas Reschke b56af26199 Merge pull request #17222 from owncloud/issue-17101-send-oc-version-to-app-store
Send OC version to appstore so it can reply with the right links
2015-06-29 15:07:00 +02:00
Lukas Reschke 5810e7ab87 Merge pull request #17050 from owncloud/request-status-from-ocs
Request approved state for disabled apps with ocsid
2015-06-29 13:41:11 +02:00
Joas Schilling ae3d402dbc Send OC version to appstore so it can reply with the right links 2015-06-29 12:14:07 +02:00
Lukas Reschke 30145c0b52 Also load enabled apps 2015-06-29 11:38:28 +02:00
Morris Jobke f63915d0c8 update license headers and authors 2015-06-25 14:13:49 +02:00
Lukas Reschke 00a65e30ce Request approved state for disabled apps with ocsid
In case an application gets disabled the level is set to "experimental" if it does not contain a `shipped` tag. This can for example be reproduced by installing the documents app from the appstore and then disabling it. Or cloning an app from git.

With this change the controller will now load the level of the application from the appstore if a valid OCSID has been provided.

Fixes https://github.com/owncloud/core/issues/17003
2015-06-19 19:04:54 +02:00
Joas Schilling 6adddb3095 Merge pull request #16889 from owncloud/group-sorting-fixes
Only sort by group name when LDAP is involved
2015-06-19 08:29:25 +02:00
Joas Schilling 171f86ca2e Only sort by group name when LDAP is involved 2015-06-16 11:10:00 +02:00
Joas Schilling 5ca6ec7ead Make "include update info" part of the cache key 2015-06-15 10:04:13 +02:00
Joas Schilling 580155abe7 Load the update information asyncroniously to fix the page load speed 2015-06-10 12:11:05 +02:00
Thomas Müller f051b7381b Merge pull request #16402 from owncloud/issue-15956-slow-group-usercount
Sort user groups by group name and hide the user count
2015-06-08 12:11:22 +02:00
Bjoern Schiessle 0de59acb49 only request encryption module for files which are not excluded 2015-05-27 15:47:40 +02:00