Commit Graph

126 Commits

Author SHA1 Message Date
Lukas Reschke 4b90429178 Add note if integrity check is disabled
Our issue template states that users should post the output of `/index.php/settings/integrity/failed`, at the moment it displays that all passes have been passed if the integrity checker has been disabled.

This is however a wrong approach considering that some distributions are gonna package Frankenstein releases and makes it harder for us to detect such issues. Thus if the integrity code checker is disabled (using the config switch)  it displays now: `Appcode checker has been disabled. Integrity cannot be verified.`

This is not displayed anywhere else in the UI except these URL used for us for debugging purposes.
2016-02-12 11:11:39 +01:00
Arthur Schiwon 3a796d1e15 Consolidate getQuota and setQuota methods in User instance 2016-02-09 17:16:43 +01:00
Vincent Chan faf48e42b7 Move data protection check to javascript
fixes #20199
2016-02-01 18:57:58 +01:00
Thomas Müller aeb89947a2 Introduce IUser::setEMailAddress and add hook mechanism 2016-01-20 14:57:20 +01:00
Thomas Müller c5a200c419 Merge pull request #21653 from owncloud/update-license-headers-2016
Update license headers 2016
2016-01-13 08:29:42 +01:00
Thomas Müller 682821c71e Happy new year! 2016-01-12 15:02:18 +01:00
Robin Appelman c15cab7ed6 Allow admins to add system wide root certificates 2016-01-12 12:50:59 +01:00
Joas Schilling 83855c073b Add a warning on the apps list when the version is missing 2016-01-07 15:03:55 +01:00
Lukas Reschke 88c7face07 Inject OCSClient
Fixes https://github.com/owncloud/core/issues/21451
2016-01-06 11:40:22 +01:00
Morris Jobke ed98cdf532 Use OCP\Util::getVersion instead of the internal private implementation 2015-12-18 15:26:54 +01:00
Scrutinizer Auto-Fixer 453e1bf66e Scrutinizer Auto-Fixes
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
2015-12-07 15:43:36 +00:00
Roeland Jago Douma a619629ac0 Only try to load avatars in the user list if there is any 2015-12-04 14:56:49 +01:00
Thomas Müller eebe2b9c23 User IUser::getEMailAddress() all over the place 2015-12-02 21:25:05 +01:00
Morris Jobke 0a6db3ada6 Remove OC_Config from app management template
* add unit test for this case
2015-12-02 14:35:38 +01:00
Lukas Reschke 4971015544 Add code integrity check
This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository.

Furthermore, there is a basic implementation to display problems with the code integrity on the update screen.

Code signing basically happens the following way:

- There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release 😉). This certificate is not intended to be used for signing directly and only is used to sign new certificates.
- Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`,  apps need to be signed with a certificate that either has a CN of `core` (shipped apps!)  or the AppID.
- The command generates a signature.json file of the following format:
```json
{
    "hashes": {
        "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d",
        "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9"
    },
    "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----",
    "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl"
}
```
`hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the  certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`.

Steps to do in other PRs, this is already a quite huge one:
- Add nag screen in case the code check fails to ensure that administrators are aware of this.
- Add code verification also to OCC upgrade and unify display code more.
- Add enforced code verification to apps shipped from the appstore with a level of "official"
- Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release
- Add some developer documentation on how devs can request their own certificate
- Check when installing ownCloud
- Add support for CRLs to allow revoking certificates

**Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature:

```
➜  master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt
Successfully signed "core"
```

Then increase the version and you should see something like the following:

![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png)

As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen.

For packaging stable releases this requires the following additional steps as a last action before zipping:
1. Run `./occ integrity:sign-core` once
2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
2015-12-01 11:55:20 +01:00
Roeland Jago Douma 0265bcfdae Moved changedisplayname to usercontroller
Killed the old static route to change a users display name and moved it
to a properly testable controller.
2015-11-20 16:05:43 +01:00
Morris Jobke 18f0bafd88 fix subadmin user count for empty groups 2015-11-04 09:39:51 +01:00
Vincent Petry 781bca2437 Fix everyone count for subadmins
Also moved the logic to the UsersController
2015-10-29 17:41:49 +01:00
Lukas Reschke c6f6a8758b Drop OC_SubAdmin and replace usages 2015-10-29 11:31:18 +01:00
Thomas Müller 0a9150b2da Merge pull request #19813 from owncloud/stay-on-apps-category-refresh
Improve settings/apps page
2015-10-26 23:07:06 +01:00
Joas Schilling e19c49295a Use speaking ids 2015-10-26 16:15:15 +01:00
Joas Schilling a9a6d4c182 Stay on the same category when refreshing the page on the apps list 2015-10-26 16:15:14 +01:00
Lukas Reschke 8f09d5b67c Update license headers 2015-10-26 14:04:01 +01:00
Roeland Jago Douma 02af4269f2 Fix unit test
Now that OC_SubAdmin is just a wrapper around OC\SubAdmin some unit
tests had to be fixed because they expected different behaviour.

Eventually they should move to properly mocked instances of OC\SubAdmin
of course
2015-10-21 11:41:25 +02:00
Robin McCorkell 03dd1386da Fix memcached/memcache module check 2015-10-20 21:45:27 +01:00
Vincent Petry 14591d9df7 Use injected request 2015-10-09 11:19:06 +02:00
Morris Jobke bf579a153f fix IE8 user agent detection 2015-10-09 11:19:06 +02:00
Vincent Petry c7aef6c368 Fix uploading avatar and root certs in IE8 2015-10-09 11:19:05 +02:00
Lukas Reschke 12181aa6de Don't perform checks for outdated TLS libs when no internet connection
This change makes the check return a positive result when:

- The instance has been configured to not use the internet
AND/OR
- S2S AND the appstore is disabled
2015-10-08 18:26:03 +02:00
Lukas Reschke 9b220d0576 Fix comment syntax 2015-10-08 17:35:31 +02:00
Lukas Reschke 384c6fd3ac Fix importing of certificates
Fixes https://github.com/owncloud/core/issues/19601
2015-10-06 14:00:55 +02:00
Thomas Müller 0385a62363 Merge pull request #19597 from owncloud/update-license-headers
update licence headers via script
2015-10-06 11:18:35 +02:00
Morris Jobke 8366ce2767 deduplicate @xenopathic 2015-10-06 09:52:19 +02:00
Morris Jobke b519965408 [admin] check for correct PHP memcached module 2015-10-06 08:51:47 +02:00
Morris Jobke b945d71384 update licence headers via script 2015-10-05 21:15:52 +02:00
Robin McCorkell 27bc781cba Update isCertificateImportAllowed() check to new API 2015-09-10 21:44:56 +01:00
Morris Jobke c86cac6a2b use config.php value instead of version string 2015-09-02 08:16:27 +02:00
Robin McCorkell 2579999373 Add setup check for reverse proxy header configuration 2015-08-10 23:28:16 +01:00
Thomas Müller 9650f3ecbe Merge pull request #17919 from rullzer/php_supported_check
Display warning in security & setup warnings if php version is EOL
2015-08-10 23:03:35 +02:00
Bjoern Schiessle dc5e89e624 also block certificate management in the back-end if external storages are disabled for the user 2015-08-04 18:33:19 +02:00
Roeland Jago Douma 72ba67815e Display warning in security & setup warnings if php version is EOL 2015-07-29 10:07:01 +02:00
Robin McCorkell 6d54d2fad7 Merge pull request #17912 from owncloud/detect-old-openssl-versions
Detect old NSS and OpenSSL versions
2015-07-28 21:26:44 +01:00
Lukas Reschke 7f6c5e456b Add unit tests 2015-07-28 16:32:11 +02:00
Bjoern Schiessle 2c8fa54881 set logger in constructor 2015-07-28 16:32:11 +02:00
Lukas Reschke 0d515de13e Detect old NSS and OpenSSL versions
This will detect old NSS and OpenSSL versions and show appropriate errors in the admin interface.

Fixes https://github.com/owncloud/core/issues/17901
2015-07-28 15:32:19 +02:00
Bjoern Schiessle 3000f0125f don't move keys if the key where already moved in a previous migration run 2015-07-17 15:19:10 +02:00
Thomas Müller d6f02eb703 Merge pull request #17500 from owncloud/encryption_migration_improvements
Only clean up if migration finished succesfully
2015-07-16 14:03:21 +02:00
Morris Jobke 533a23611a Handle returned null value in app level code
* getApplication on OCSClient can also return null
  this is now handled properly
* fixes #17587
2015-07-13 15:34:00 +02:00
Bjoern Schiessle 85c3b9d5cf only cleanUp the remaining keys if the migration really finished succesfully 2015-07-08 18:23:18 +02:00
Lukas Reschke 1db047a336 Add missing version field 2015-06-29 15:09:57 +02:00