Commit Graph

89 Commits

Author SHA1 Message Date
Robin McCorkell 2579999373 Add setup check for reverse proxy header configuration 2015-08-10 23:28:16 +01:00
Thomas Müller 9650f3ecbe Merge pull request #17919 from rullzer/php_supported_check
Display warning in security & setup warnings if php version is EOL
2015-08-10 23:03:35 +02:00
Bjoern Schiessle dc5e89e624 also block certificate management in the back-end if external storages are disabled for the user 2015-08-04 18:33:19 +02:00
Roeland Jago Douma 72ba67815e Display warning in security & setup warnings if php version is EOL 2015-07-29 10:07:01 +02:00
Robin McCorkell 6d54d2fad7 Merge pull request #17912 from owncloud/detect-old-openssl-versions
Detect old NSS and OpenSSL versions
2015-07-28 21:26:44 +01:00
Lukas Reschke 7f6c5e456b Add unit tests 2015-07-28 16:32:11 +02:00
Bjoern Schiessle 2c8fa54881 set logger in constructor 2015-07-28 16:32:11 +02:00
Lukas Reschke 0d515de13e Detect old NSS and OpenSSL versions
This will detect old NSS and OpenSSL versions and show appropriate errors in the admin interface.

Fixes https://github.com/owncloud/core/issues/17901
2015-07-28 15:32:19 +02:00
Bjoern Schiessle 3000f0125f don't move keys if the key where already moved in a previous migration run 2015-07-17 15:19:10 +02:00
Thomas Müller d6f02eb703 Merge pull request #17500 from owncloud/encryption_migration_improvements
Only clean up if migration finished succesfully
2015-07-16 14:03:21 +02:00
Morris Jobke 533a23611a Handle returned null value in app level code
* getApplication on OCSClient can also return null
  this is now handled properly
* fixes #17587
2015-07-13 15:34:00 +02:00
Bjoern Schiessle 85c3b9d5cf only cleanUp the remaining keys if the migration really finished succesfully 2015-07-08 18:23:18 +02:00
Lukas Reschke 1db047a336 Add missing version field 2015-06-29 15:09:57 +02:00
Lukas Reschke b56af26199 Merge pull request #17222 from owncloud/issue-17101-send-oc-version-to-app-store
Send OC version to appstore so it can reply with the right links
2015-06-29 15:07:00 +02:00
Lukas Reschke 5810e7ab87 Merge pull request #17050 from owncloud/request-status-from-ocs
Request approved state for disabled apps with ocsid
2015-06-29 13:41:11 +02:00
Joas Schilling ae3d402dbc Send OC version to appstore so it can reply with the right links 2015-06-29 12:14:07 +02:00
Lukas Reschke 30145c0b52 Also load enabled apps 2015-06-29 11:38:28 +02:00
Morris Jobke f63915d0c8 update license headers and authors 2015-06-25 14:13:49 +02:00
Lukas Reschke 00a65e30ce Request approved state for disabled apps with ocsid
In case an application gets disabled the level is set to "experimental" if it does not contain a `shipped` tag. This can for example be reproduced by installing the documents app from the appstore and then disabling it. Or cloning an app from git.

With this change the controller will now load the level of the application from the appstore if a valid OCSID has been provided.

Fixes https://github.com/owncloud/core/issues/17003
2015-06-19 19:04:54 +02:00
Joas Schilling 6adddb3095 Merge pull request #16889 from owncloud/group-sorting-fixes
Only sort by group name when LDAP is involved
2015-06-19 08:29:25 +02:00
Joas Schilling 171f86ca2e Only sort by group name when LDAP is involved 2015-06-16 11:10:00 +02:00
Joas Schilling 5ca6ec7ead Make "include update info" part of the cache key 2015-06-15 10:04:13 +02:00
Joas Schilling 580155abe7 Load the update information asyncroniously to fix the page load speed 2015-06-10 12:11:05 +02:00
Thomas Müller f051b7381b Merge pull request #16402 from owncloud/issue-15956-slow-group-usercount
Sort user groups by group name and hide the user count
2015-06-08 12:11:22 +02:00
Bjoern Schiessle 0de59acb49 only request encryption module for files which are not excluded 2015-05-27 15:47:40 +02:00
Lukas Reschke bc6d17ed74 Add check for availability of /dev/urandom
Without /dev/urandom being available to read the medium RNG will rely only on the following components on a Linux system:

1. MicroTime: microtime() . memory_get_usage() as seed and then a garbage collected microtime for loop
2. MTRand: chr((mt_rand() ^ mt_rand()) % 256)
3. Rand: chr((rand() ^ rand()) % 256)
4. UniqId: Plain uniqid()

An adversary with the possibility to predict the seed used by the PHP process may thus be able to predict future tokens which is an unwanted behaviour.

One should note that this behaviour is documented in our documentation to ensure that users get aware of this even without reading our documentation this will add a post setup check to the administrative interface.

Thanks to David Black from d1b.org for bringing this again to our attention.
2015-05-26 14:16:07 +02:00
Joas Schilling d683752b37 Sort user groups by group name and hide the user count 2015-05-18 12:55:19 +02:00
Thomas Müller 257ee205bb Merge pull request #15978 from owncloud/feature/fix-encryption-tooltips
[enc2]fixing recovery tooltip
2015-05-15 22:39:17 +02:00
Lukas Reschke a7a2579c89 Subadmin permissions are also not required 2015-05-12 18:08:10 +02:00
Lukas Reschke cdeb2052bb Add NoAdminRequired annotation
Stupid mistake in master, fixes https://github.com/owncloud/core/issues/16288
2015-05-12 17:49:34 +02:00
Morris Jobke 5fd849f545 Allow user to set an empty email address
* fixes #16057
2015-05-05 11:58:19 +02:00
Clark Tomlinson 3ef2e668ac fixing recovery tooltip 2015-05-04 09:40:59 +02:00
Lukas Reschke 9bc48451b9 Adjust tests and statuscode 2015-04-20 13:00:02 +02:00
Lukas Reschke 20a6073a9f Migrate personal certificate handling into AppFramework controllers
Also added unit-tests and better error-handling
2015-04-20 12:58:58 +02:00
Bjoern Schiessle d2ef73367c allow user to start migration in admin settings if no external user back-ends are enabled 2015-04-16 14:15:04 +02:00
Lukas Reschke ba52f6f8fc Merge pull request #15314 from owncloud/app-categories-15274
Add different trust levels to AppStore interface
2015-04-09 10:07:32 +02:00
Joas Schilling 81ec1c8a1a Remove hardcoded link to performance docs 2015-04-07 12:25:30 +02:00
Lukas Reschke 0816cf9142 Add experimental applications switch
Allows administrators to disable or enabled experimental applications as well as show the trust level.
2015-04-03 13:21:24 +02:00
Lukas Reschke 65202d2a18 Add check for activated local memcache
Also used the opportunity to refactor it into an AppFramework controller so that we can unit test it.

Fixes https://github.com/owncloud/core/issues/14956
2015-03-28 13:59:22 +01:00
Thomas Müller b5545932e7 use StreamResponse to download the log file - fixes #14268 2015-03-27 11:30:32 +01:00
Jenkins for ownCloud b585d87d9d Update license headers 2015-03-26 11:44:36 +01:00
Thomas Müller 79f012d262 remove unneeded status element from json response on /categories - fixes 15056 2015-03-23 15:20:06 +01:00
Robin Appelman da4ad1c0a2 show a better error message when trying to create a user that already exists 2015-03-20 04:24:50 +01:00
Lukas Reschke e32f1582c7 Show more detailed error message 2015-03-16 12:47:06 +01:00
Lukas Reschke f92f3a1a6e Incorporate review changes 2015-03-16 12:47:05 +01:00
Lukas Reschke 13486a5ada Migrate to SwiftMail
Replaces the OC_Mail and phpmailer with SwiftMail allowing us to mock it properly.

Fixes the unit test execution on master on local machines and https://github.com/owncloud/core/issues/12014

Conflicts:
	3rdparty
	lib/private/server.php
	lib/public/iservercontainer.php
	tests/lib/mail.php
	tests/settings/controller/mailsettingscontrollertest.php

Conflicts:
	3rdparty
	lib/private/mail.php
	lib/private/server.php
	lib/public/iservercontainer.php
	settings/ajax/lostpassword.php
	settings/application.php
2015-03-16 12:47:05 +01:00
Lukas Reschke bbd5f28415 Let users configure security headers in their Webserver
Doing this in the PHP code is not the right approach for multiple reasons:

1. A bug in the PHP code prevents them from being added to the response.
2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud)
3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations.

This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
2015-03-02 19:07:46 +01:00
Morris Jobke 06aef4e8b1 Revert "Updating license headers"
This reverts commit 6a1a4880f0.
2015-02-26 11:37:37 +01:00
Thomas Müller 39d8406933 don't allow installation of already installed apps - fixes #14004 2015-02-23 23:16:28 +01:00
Jenkins for ownCloud 6a1a4880f0 Updating license headers 2015-02-23 12:13:59 +01:00