Commit Graph

10285 Commits

Author SHA1 Message Date
Joas Schilling fc0cdbb4a0 Use the correct root to determinate the webroot for the resource
Since all the compiled routes are based on the server webroot,
we have to use this, independent from which app this belongs to.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-04 07:01:26 +00:00
Roeland Jago Douma ebd2b0d3dd Fix app password updating out of bounds
When your password changes out of bounds your Nextcloud tokens will
become invalid. There is no real way around that. However we should make
sure that if you successfully log in again your passwords are all
updates

* Added event listener to the PostLoggedInEvent so that we can act on it
  - Only if it is not a token login
* Make sure that we actually reset the invalid state when we update a
  token. Else it keeps being marked invalid and thus not used.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-03 20:03:47 +00:00
Roeland Jago Douma 2b4bc5b6df Only disable zip64 if the size is known
Else we might run into the issue that for an external storage where the
size is not known yet we do not use zip64. Which then of course fails on
large zip files.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-01 13:42:49 +00:00
Julius Härtl 568f68856f
Merge pull request #22519 from nextcloud/backport/22517/stable19
[stable19] set the mount id before calling storage wrapper
2020-08-31 21:51:59 +02:00
Roeland Jago Douma 952ec3370e Only update the filecache entry once the file has been written to S3
If we already update before we have no way to revert if the upload
fails.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-31 17:08:27 +00:00
Roeland Jago Douma 704f515175 Don't lose filecache entry on s3 overwrite error
If the object store errors we should not always delete the filecache
entry. As this might lead to people losing access to their files.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-31 17:08:27 +00:00
Robin Appelman fc8c5965fa set the mount id before calling storage wrapper
this allows the storage wrapper to use the mount id for it's own logic

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-31 15:23:13 +00:00
Robin Appelman 4025b95e03 show better quota warning for group folders and external storage
instead of showing the generic 'Your storage is full' message, better explain that it's the group folder/external storage that is full

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-26 19:17:43 +00:00
Roeland Jago Douma d8c958907f
Make legacy cipher opt in
* Systems that upgrade have this enabled by default
* New systems disable it
* We'll have to add some wargning in the setup checks if this is enabled

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-24 11:50:04 +02:00
Roeland Jago Douma 556440471a Properly search for users when limittogroups is enabled
Searching just for the uid is not enough.
This makes sure this done properly again now.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-21 11:23:15 +00:00
Morris Jobke d7aa1c00ed
Merge pull request #21983 from nextcloud/backport/21628/stable19
[stable19] fix moving files from external storage to object store trashbin
2020-08-19 21:29:01 +02:00
Joas Schilling 16021c93ed
Allow to disable share emails
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:04:29 +02:00
Roeland Jago Douma a6760c2b1c Silence duplicate session warnings
Fixes #20490

Basically restroring the old behavior.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-14 07:24:53 +00:00
Roeland Jago Douma 10ee9791ff
Merge pull request #21975 from nextcloud/backport/21658/stable19
[stable19] allow admin to configure the max trashbin size
2020-08-14 05:58:57 +02:00
Roeland Jago Douma 92d0f5e7a3
Merge pull request #22121 from nextcloud/backport/22008/stable19
[stable19] Ensured large image is unloaded from memory when generating previews
2020-08-13 05:23:01 +02:00
Roeland Jago Douma fe8ea5390f
Merge pull request #22208 from nextcloud/backport/21676/stable19
[stable19] Fix chmod on file descriptor
2020-08-13 05:17:13 +02:00
J0WI be73fd90fc Only clear the realpath cache
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2020-08-12 01:26:33 +00:00
J0WI 6f72871ca5 clearstatcache() on rmdir
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2020-08-12 01:26:32 +00:00
J0WI 9b028a619a Fix chmod on file descriptor
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2020-08-12 01:26:10 +00:00
Morris Jobke 9aff51eb52 Use class that actually has the destroy() method in preview generator
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-05 20:41:25 +00:00
Elijah Martin-Merrill 66bb6fdbb0 fix memory leak caused by not destroying image in Preview/Generate.php
Signed-off-by: Elijah Martin-Merrill <elijah@nyp-itsours.com>
2020-08-05 20:41:25 +00:00
Morris Jobke 74e98940ef Search also the email and displayname in user mangement for groups
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-05 14:11:41 +00:00
Arthur Schiwon dc98aaa224 contactsmanager shall limit number of results early
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-08-03 13:18:14 +00:00
Robin Appelman 4e6719b28c
dont update mimetype when moving to trash
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-31 17:21:02 +02:00
Joas Schilling e2fa284bd9
Merge pull request #22053 from nextcloud/backport/22015/stable19
[stable19] Correctly remove usergroup shares on removing group members
2020-07-31 15:31:33 +02:00
Joas Schilling c69a709f21 Correctly remove usergroup shares on removing group members
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-30 07:51:10 +00:00
Joas Schilling cf0bdfd8c1 parse_url returns null in case a parameter is not found
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-29 16:13:32 +00:00
onehappycat 288ca45938 Ignore whitespace in sharing by mail
Signed-off-by: onehappycat <one.happy.cat@gmx.com>
2020-07-24 11:43:24 +00:00
Robin Appelman 142b6eb08f fix renameFromStorage messing with folder mimetype
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-23 21:01:23 +00:00
Robin Appelman 7ac4d57fd5 use exceptions for error signaling in writeStream
this remove the ambiguity when writing zero length files

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-23 21:01:23 +00:00
Robin Appelman c567b1d6b2 fix moving files from external storage to object store trashbin
having the "cache rename" after the "storage move" caused the target
to get the fileid from the source file, without taking care that the object
is stored under the original file id.

By doing the "cache rename" first, we trigger the "update existing file"
logic while moving the file to the object store and the object gets stored for the
correct file id

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-23 21:01:22 +00:00
Robin Appelman 38db847164 allow admin to configure the max trashbin size
this allows an admin to configure the max trashbin size instead of always relying on the users quota.

The trashbin size can be configured using the `occ trash:size` command and can be set both globally and per-user

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-23 14:30:07 +00:00
Roeland Jago Douma 45108b087e Discourage webauthn user interaction
Else people might have the feeling this is also doing 2FA. And since it
is only prefered it can be ignored and hacked around.

Once we have proper 2FA with webauthn in one go this probably needs to
be revisted.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-20 07:31:37 +00:00
Roeland Jago Douma b3c9b166a3
Merge pull request #21779 from nextcloud/backport/21499/stable19
[stable19] fix #21285 as oneliner
2020-07-09 19:27:21 +02:00
Lionel Elie Mamane 2f75ba1adb Return correct loginname in credentials,
even when token is invalid or has no password.

Returning the uid as loginname is wrong, and leads to problems when
these differ. E.g. the getapppassword API was creating app token with
the uid as loginname. In a scenario with external authentication (such
as LDAP), these tokens were then invalidated next time their underlying
password was checked, and systematically ceased to function.

Signed-off-by: Lionel Elie Mamane <lionel@mamane.lu>
2020-07-09 14:37:05 +00:00
Robin Appelman 157f619812 ensure home storage is initialized on first setup
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-09 12:33:20 +00:00
Roeland Jago Douma f174fb91e0 Use the correct mountpoint to calculate
If we use the owners mount point this results in null. And then the rest
of the checks get called with null. Which doesn't work.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-09 12:33:19 +00:00
Jaakko Salo 392df2eaf4 Fix releasing a shared lock multiple times
Signed-off-by: Jaakko Salo <jaakkos@gmail.com>
2020-07-06 12:11:46 +00:00
Roeland Jago Douma 4513342478
Merge pull request #21671 from nextcloud/revert-21095-backport/21090/stable19
Revert "[stable19] Do not read certificate bundle from data dir by default"
2020-07-06 10:39:02 +02:00
Roeland Jago Douma 905fab3356
Revert "[stable19] Do not read certificate bundle from data dir by default" 2020-07-03 14:21:38 +02:00
Christoph Wurst 3201e7674f Fix static method call for s3 bucket compat check
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-07-03 08:26:00 +00:00
Joas Schilling d203f8f985
Merge pull request #21387 from nextcloud/backport/21380/stable19
[stable19] Increase timeout of the appstore requests
2020-07-03 10:04:55 +02:00
Morris Jobke f70b2dba18
Merge pull request #21573 from nextcloud/backport/21558/stable19
[stable19] relax permissions mask check for detecting part file rename
2020-07-02 23:51:03 +02:00
Joas Schilling 9d541ccfd1
Increase timeout of the appstore requests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-02 23:36:24 +02:00
Joas Schilling a471dba6e1 Fix IPv6 remote addresses from X_FORWARDED_FOR headers before validating
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-02 10:09:45 +00:00
Roeland Jago Douma c88402db47
Log deprecated events as debug
Since this can spam the log quite agressively we should log it as debug
and not info.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-02 10:49:11 +02:00
Roeland Jago Douma 7fd34d5d64
Merge pull request #21638 from nextcloud/backport/21588/stable19
[stable19] Update presign method to match with interface again.
2020-07-02 09:06:53 +02:00
Joas Schilling 9e9e74736d
Merge pull request #21538 from nextcloud/backport/21452/stable19
[stable19] Fix autocomplete for LDAP with `shareapi_only_share_with_group_members` on
2020-07-01 10:13:19 +02:00
Daniel Kesselberg 4397e57201 Update presign method to match with interface again.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-06-30 18:39:08 +00:00
Robin Appelman 654f5a2109 relax permissions mask check for detecting part file rename
with files drop uploads the original file name isn't always used for the '.ocTransferId' source path

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-06-24 19:11:18 +00:00
Joas Schilling 407e3df585 Fix language in share notes email for users
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-23 21:29:49 +00:00
Roeland Jago Douma 6b5db20fc9
Merge pull request #21526 from nextcloud/backport/21479/stable19
[stable19] Allow to specify the cookie type for appframework responses
2020-06-23 14:04:53 +02:00
Joas Schilling d1df66f7af Fix unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-23 12:04:50 +00:00
Joas Schilling 9ce288163c Fix PHP CS
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-23 12:04:50 +00:00
Joas Schilling 7a36a4b99c Move back to IGroupManager::displayNamesInGroup()
The problem is that despite it's name IGroup::searchDisplayName()
only searches by userid and this is less fixable than changing back to this method here

Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-23 12:04:49 +00:00
Roeland Jago Douma 286f79c388
Merge pull request #21447 from nextcloud/backport/21406/stable19
[stable19] Disable Client-Side Monitoring on AWS storage
2020-06-22 16:29:05 +02:00
Roeland Jago Douma c21a976bc4 Allow to specify the cookie type for appframework responses
In general it is good to set them to Lax. But also to give devs more
control over them is not a bad thing.

Helps with #21474

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-06-22 11:02:50 +00:00
Roeland Jago Douma adb5a80674
Merge pull request #21485 from nextcloud/backport/21482/stable19
[stable19] Don't log Keys
2020-06-21 09:19:35 +02:00
Roeland Jago Douma 88e121d684 Give up after 10 seconds in SCSS timeout
Else we keep idling for ages which leads to bad UX

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-06-19 19:29:56 +00:00
Joas Schilling 0ebbabebe8 Don't log Keys
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-19 13:11:18 +00:00
Christoph Wurst 60a3bf8572 Disable Client-Side Monitoring on AWS storage
The S3 client enables this by default and then tries to read
`.aws/config`. This causes `open_basedir` restriction related error for
some setups. So this patch disables the CSM because it's most likely
unused anyway.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-17 09:00:28 +00:00
Christoph Wurst 1022db87db Clean up auth tokens when user is deleted
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-16 08:03:45 +00:00
Julius Härtl 21bc4b3cad Avoid duplicate matches in wide and exact results
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-06-15 17:52:59 +00:00
Florent 6280d09765 Upload part size as S3 parameter instead of constant value
Some S3 providers need a custom upload part size (500 MB static value in Nextcloud).
Here is a commit to change this value via S3 configuration, instead of using S3_UPLOAD_PART_SIZE constant.
A new parameter is added for an S3 connection : uploadPartSize

Signed-off-by: Florent <florent@coppint.com>
2020-06-15 08:40:02 +00:00
Joas Schilling 982f2fc21a Prevent harder to share your root
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-04 09:01:40 +00:00
Daniel Calviño Sánchez 6ca312eec9 Fix disabling send password by Talk without new password in mail shares
When "send password by Talk" was disabled in a mail share it was
possible to keep the same password as before, as it does not pose any
security issue (unlike keeping it when "send password by Talk" is
enabled, as in that case the password was already disclosed by mail).

However, if a mail share is updated but the password is not set again
only the hashed password will be available. In that case it would not
make sense to send the password by mail, so now the password must be
changed when disabling "send password by Talk".

Note that, even if explicitly setting the same password again along with
the "send password by Talk" property would work, this was also prevented
for simplicity.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 11:37:43 +00:00
Daniel Calviño Sánchez 8e5aa03834 Fix enabling send password by Talk with same password in mail shares
When "send password by Talk" is enabled in a mail share a new password
must be also set. However, when the passwords of the original and the
new share were compared it was not taken into account that the original
password is now hashed, while the new one is not (unless no new password
was sent, in which case the password of the original share was set in
the new share by the controller, but that was already prevented due to
both passwords being literally the same), so it was possible to set the
same password again.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 11:37:43 +00:00
Daniel Calviño Sánchez 9df3ea94b8 Fix enabling send password by Talk with empty password in link shares
When "send password by Talk" is enabled in a link share now a non empty
password is enforced.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 11:37:43 +00:00
Roeland Jago Douma 9d2d3c4809 Clear the statscache before fetching the metadata
Else if a lot of writes happen. It might happen that an old stat result
is used. Resulting in a wrong file size for the file. For example the
text app when a lot of people edit at the same time.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-28 10:30:35 +00:00
Roeland Jago Douma 24e97c1a7c
Merge pull request #21095 from nextcloud/backport/21090/stable19
[stable19] Do not read certificate bundle from data dir by default
2020-05-26 11:43:46 +02:00
Morris Jobke 3bf0285840
Merge pull request #21068 from nextcloud/backport/20776/stable19
[stable19] Improve group queries
2020-05-26 10:38:17 +02:00
Julius Härtl abecd5696b Update hub bundle and add proxy rule to htaccess
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-05-25 19:52:22 +00:00
Morris Jobke ebbdd2de33 Do not read certificate bundle from data dir by default
Before the resources/config/ca-bundle.crt was only used when the list of custom
certificates was empty and the instance was not installed. But it should also
be used when the list is empty and the instance is installed.

This is inverting the logic to stop if the instance is not installed to use the
default bundle. And it also does this when the list is empty.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-25 17:51:03 +00:00
Roeland Jago Douma 444b28adf6 Improve group queries
Before we'd also get the diplayname for each group in the backend. In a
separate query. This is of course not ideal as this information is
obtained on each and every query. Now this is queried once and properly
cached.

Also added more caching to the manager.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-22 12:22:03 +00:00
Morris Jobke 745667e426 Compress the appstore requests by default
In test it reduced the transfered data from 5 MB to 2 MB. This should reduce the load on the appstore significantly.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-20 09:07:35 +00:00
Morris Jobke 5c0f06b259 Cache appstore requests for 60 instead of 5 minutes
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-20 09:07:35 +00:00
Roeland Jago Douma 8e9433aee9 Remember the webauthn name of devices
Fixes #20289
we should not reset to default once we have logged in with the device.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-12 12:08:38 +00:00
Roeland Jago Douma c37bb7745b
Merge pull request #20923 from nextcloud/backport/20915/stable19
[stable19] Use random_bytes
2020-05-11 21:00:16 +02:00
Roeland Jago Douma 387af7eb60 Use random_bytes
Since we don't care if it is human readbale.
The code is backwards compatible with the old format.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-11 12:23:02 +00:00
GretaD adbdecb1d6 Fix languages empty array
Signed-off-by: GretaD <gretadoci@gmail.com>
2020-05-08 09:25:59 +00:00
Roeland Jago Douma d5850eb28f
Merge pull request #18955 from adrb/swift_upload_large_objects
Large Object support for OpenStack Swift
2020-05-06 13:03:24 +02:00
Roeland Jago Douma 0c35aaba29
Fix OC_Image new resize functions
Else the wrong mimetype might be set. Resulting in continious
regeneration of previews when browsing.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-02 21:57:34 +02:00
Roeland Jago Douma 8c023a6579
Merge pull request #20767 from nextcloud/enh/argon2id-options
Apply Argon2 options for Argon2id hashing as well
2020-05-01 15:39:13 +02:00
MichaIng 229570badf
Apply Argon2 options for Argon2id hashing as well
Signed-off-by: MichaIng <micha@dietpi.com>
2020-05-01 11:42:13 +02:00
Roeland Jago Douma a41ad78408
Update education bundle
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-01 09:52:58 +02:00
Roeland Jago Douma c724eb24d5
Merge pull request #20380 from nextcloud/design/notification-mails
Fix design and layout of notification mails
2020-05-01 08:53:39 +02:00
Jan-Christoph Borchardt e981669e89
Fix notification mail tests
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2020-05-01 03:00:42 +02:00
Robin Appelman 4e6d3d1880
Fix getDirectoryContent implementation for Jail wrapper
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-04-30 15:27:09 +02:00
Roeland Jago Douma 8d5404b750
Merge pull request #20710 from nextcloud/fix/argon2-options-checks
Fix Argon2 options checks
2020-04-30 14:42:33 +02:00
Roeland Jago Douma fa914f2e24
Merge pull request #20742 from nextcloud/fix/cs
Run the cs fixer for green ci
2020-04-30 14:41:50 +02:00
Joas Schilling 5b5550dbba
Merge pull request #20677 from nextcloud/followup/17718/scaling-user-provisioning
Scaling user provisioning for subadmins with many groups
2020-04-30 12:49:57 +02:00
Roeland Jago Douma f6b435d0d9
Run the cs fixer for green ci
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-04-30 10:28:44 +02:00
MichaIng ad60619655
Fix Argon2 options checks
The minimum for memory cost is 8 KiB per thread. Threads must be checked and set first to allow checking against the correct memory cost mimimum.
Options are now applied the following way:
- If config.php contains the setting with an integer higher or equal to the minimum, it is applied.
- If config.php contains the setting with an integer lower than the minimum, the minimum is applied.
- If config.php does not contain the setting or with no integer value, the PHP default is applied.

Signed-off-by: MichaIng <micha@dietpi.com>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-04-30 10:18:46 +02:00
Jan-Christoph Borchardt d582315c10
Notification mails: Fix some alignment details and remove shadow
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2020-04-30 10:15:19 +02:00
Jan-Christoph Borchardt fbef2708d0
Notification mails: Change font to native font stack
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2020-04-30 10:14:23 +02:00
Jan-Christoph Borchardt b38c3bfde3
Notification mails: Logo bar/box to circle so it stands nicely on its own
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2020-04-30 10:14:22 +02:00
Jan-Christoph Borchardt 43371c9f7c
Notification mails: Adjust vertical spacing
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2020-04-30 10:14:22 +02:00
Jan-Christoph Borchardt 1d5e7b3cee
Fix notification mails height issue in Nextcloud Mail
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2020-04-30 10:14:22 +02:00
Roeland Jago Douma a1c1b354fc
Merge pull request #18883 from adrb/optimize_swift_14116
Optimize Openstack Swift files download
2020-04-30 09:06:19 +02:00
Roeland Jago Douma 4472777769
Merge pull request #20717 from nextcloud/fix/getconfig-param-definitions
Define getSystemValueBool/Int/String function default parameter with correct type
2020-04-30 09:02:58 +02:00