Lukas Reschke
77c0adb520
Merge branch 'securityutils' of https://github.com/owncloud/core into securityutils
2014-09-03 11:04:49 +02:00
Lukas Reschke
50b430ee7c
Add char consts, hash the specified password for the HMAC
2014-09-03 11:03:27 +02:00
Lukas Reschke
ae3425d2da
Merge branch 'master' into securityutils
...
Conflicts:
lib/private/util.php
2014-08-31 15:21:09 +02:00
Lukas Reschke
a197ef0f6c
Merge pull request #10768 from owncloud/l10n-use-public
...
Use public api for getting l10n
2014-08-31 11:58:59 +02:00
Robin Appelman
d0266c0bf8
Use public api for getting l10n
2014-08-31 10:08:22 +02:00
Morris Jobke
06e6f10ce4
Add optional user ID parameter for getUseFolder
2014-08-31 09:49:19 +02:00
Robin Appelman
0b88355368
Merge pull request #10721 from owncloud/kill-rand
...
Kill insecure random number generation
2014-08-29 19:48:00 +02:00
Morris Jobke
3a4b71ffb4
Merge pull request #10734 from owncloud/fix-10268
...
retrieve local users, groups and group members in a sorted way
2014-08-29 19:35:32 +02:00
Lukas Reschke
35276def1c
Merge pull request #10614 from owncloud/remove-ee-hack
...
Remove different URL for EE
2014-08-29 18:23:15 +02:00
Jörn Friedrich Dreyer
10382ef2f0
allow empty hostname and dots in service name for oracle autosetup
2014-08-29 17:09:17 +02:00
Robin Appelman
3de69ff81b
Don't register the call when rendering error pages
2014-08-29 15:44:39 +02:00
Robin Appelman
dd7b8e4555
Remove insecure fallback random number generation
2014-08-29 15:44:09 +02:00
Arthur Schiwon
0bb460c9b5
retrieve local users, groups and group members in a sorted way
2014-08-29 15:17:37 +02:00
Jörn Friedrich Dreyer
f551917a3c
kill OC::$session
...
maintain deprecated \OC::$session when getting or setting the session via the server container or UserSession
restore order os OC::$session and OC::$CLI
remove unneded initialization of dummy session
write back session when $useCustomSession is true
log warning when deprecated app is used
2014-08-29 10:22:21 +02:00
Lukas Reschke
9ab62ad5b7
Escape error messages
2014-08-27 17:01:51 +02:00
Clark Tomlinson
cb0da1178b
Merge pull request #10653 from owncloud/x-forwarded-for
...
Add support for getting the real client IP behind proxies
2014-08-27 10:32:34 -04:00
Björn Schießle
c35d60f6d8
Merge pull request #9915 from suraia/unsharefromself-source
...
Allow specifying the item source in unshareFromSelf().
2014-08-27 10:31:35 +02:00
Lukas Reschke
3329e0f2b2
Use DI
2014-08-27 00:49:53 +02:00
Lukas Reschke
d26a9c3c58
Add some security utilities
...
This adds some security utilities to core including:
- A library for basic crypto operations (e.g. to encrypt passwords)
- A better library for cryptographic actions which allows you to specify the charset
- A library for secure string comparisions
Remove .htaccess
Remove .htaccess
Fix typo
Add public API
Use timing constant comparision
Remove CBC constant
Adjust code
Remove confusing $this
2014-08-27 00:18:04 +02:00
Lukas Reschke
7acdd018a1
Add support for getting the real client IP behind proxies
...
Fixes https://github.com/owncloud/core/issues/10624
Fix copy paste fail
Add unittest for comma separated headers
Revert 3rdparty
2014-08-27 00:05:04 +02:00
Thomas Müller
2e8026a7b5
Merge pull request #10619 from owncloud/issue/6722
...
Add a test to break the slugifyPath() with folder and file afterwards
2014-08-26 10:33:18 +02:00
Lukas Reschke
ca7e4c8c67
Add isAppstoreEnabled instead of hijacking the URL
2014-08-26 10:20:51 +02:00
Clark Tomlinson
6523c575f3
Merge pull request #10623 from owncloud/not-a-valid-resource-log-entries
...
Do not try to close the same resource multiple times
2014-08-25 12:52:06 -04:00
Vincent Petry
c86824fa09
Merge pull request #10023 from owncloud/tmp-file-created-status
...
Log unsuccessful temp file creation and return false
2014-08-25 17:24:46 +02:00
Joas Schilling
989da69cff
Do not try to close the same resource multiple times
2014-08-25 15:31:43 +02:00
Joas Schilling
1846aebfff
Use md5() of the original name instead of uniqid() for slugifying
...
Previously we used uniqid() here.
However this means that the behaviour is not reproducable, so
when uploading files into a "empty" folder, the folders name is
different.
If there would be a md5() hash collition, the deduplicate check
will spot this and append an index later, so this should not be
a problem.
Fix #6722
2014-08-25 15:06:12 +02:00
Joas Schilling
b861e1d696
Fix code layout before fixing the function
2014-08-25 15:06:10 +02:00
Jörn Friedrich Dreyer
ebf7758d10
Merge pull request #10595 from owncloud/swift-stream
...
Stream downloads from Swift object stores without downloading it first
2014-08-25 11:26:39 +02:00
Lukas Reschke
4bc72cc4e0
Remove different URL for EE
...
This can now be achieved by setting `appstoreenabled` to `false` in config.php
2014-08-24 20:22:15 +02:00
Clark Tomlinson
2ad0d3f1be
Throw exception if file cannot be accessed via http
...
Format file
Removing calls to deprecated classes and using internal method to get via http
Missed a character
Fix inverted logic
2014-08-22 19:41:30 -04:00
Thomas Müller
a77d468d35
Merge pull request #10584 from owncloud/simple-wizard-trusted-domains
...
Add a trusted domain wizard
2014-08-22 17:12:17 +02:00
Lukas Reschke
88c3a4a31a
Expose setSystemValue
2014-08-22 15:53:23 +02:00
Thomas Müller
0e8916b147
Merge pull request #7539 from owncloud/repair-legacystorageid
...
Added repair script to upgrade the legacy home storage ids
2014-08-22 14:22:39 +02:00
Robin Appelman
191a82e768
Stream downloads from Swift object stores without downloading it first
2014-08-22 14:11:36 +02:00
Thomas Müller
b8b2ef8748
no statement caching for Oracle
2014-08-22 12:06:36 +02:00
Robin Appelman
63570df75f
Add files as string to tar archives
2014-08-21 08:49:57 +02:00
Robin Appelman
88c32861bc
reformat
2014-08-21 08:49:57 +02:00
Vincent Petry
8f201c7383
Explicily close the statement cursors
...
Fixes the issue that makes SQLite freeze on later tests.
2014-08-20 23:49:15 +02:00
Lukas Reschke
92c80dd946
Merge pull request #10518 from owncloud/fix_storage_const_autoload
...
Fix storage const autoload
2014-08-20 23:23:42 +02:00
Vincent Petry
068f9d10f1
Added repair step for legacy storages
2014-08-20 23:14:05 +02:00
Vincent Petry
36c88e2830
Merge pull request #10422 from owncloud/dav-disablerangerequestwhennotsupported
...
Return whole file if range request cannot be granted due to encryption
2014-08-20 18:14:09 +02:00
Morris Jobke
9a5e745a64
fix typo
2014-08-19 16:45:22 +02:00
Morris Jobke
b3b3354809
move to public namespace
2014-08-19 14:05:08 +02:00
Stephan Peijnik
5d7deefd95
Use tabs for indentation.
...
Signed-off-by: Stephan Peijnik <speijnik@anexia-it.com>
2014-08-19 13:55:43 +02:00
Stephan Peijnik
2df52e54d7
Fix STORAGE_* constants usage by moving those constants into \OC\Files\Filesystem.
...
As constants not defined within a class cannot be automatically found by the
autoloader moving those constants into a class makes them accessible to
code which uses them.
Signed-off-by: Stephan Peijnik <speijnik@anexia-it.com>
2014-08-19 13:55:35 +02:00
Robin Appelman
fdfc5c67f8
Merge pull request #9866 from owncloud/app-upgrade
...
Don't do app upgrades in the background
2014-08-19 13:33:38 +02:00
Thomas Müller
1c23f54d42
Merge pull request #10341 from owncloud/issue/9928
...
[Issue/9928] Problems with filemtime in MappedLocal Storage
2014-08-19 10:10:09 +02:00
helix84
722a119e46
fix typo in util.php
2014-08-18 15:59:36 +02:00
Robin Appelman
ab590ce9a0
fix undefined variable
2014-08-18 15:30:46 +02:00
Thomas Müller
62e06cb0ba
Merge pull request #10472 from owncloud/fix_undefined_index_ocsid
...
check if array index ocsid is set before accessing it
2014-08-18 10:43:21 +02:00