nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Christoph Wurst	b80ebc9674	Use the short array syntax, everywhere Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	2ee65f177e	Use the shorter phpunit syntax for mocked return values Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	74936c49ea	Remove unused imports Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Roeland Jago Douma	12e1c469cf	Add Argon2id support When available we should use argon2id for hashing. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Roeland Jago Douma	0d651f106c	Allow selecting the hashing algorithm Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Julius Härtl	d05f131929	Move overwritehost check to isTrustedDomain Signed-off-by: Julius Härtl <jus@bitgrid.net>	6 years ago
Roeland Jago Douma	3a7cf40aaa	Mode to modern phpunit Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Roeland Jago Douma	c007ca624f	Make phpunit8 compatible Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Roeland Jago Douma	68748d4f85	Some php-cs fixes * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Johannes Koenig	2df8d646c1	make TrustedDomainHelper case insensitive Signed-off-by: Johannes Koenig <mail@jokoenig.de>	6 years ago
Roeland Jago Douma	2b98eea129	Harden identifyproof openssl code Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Roeland Jago Douma	7927aebdeb	Fix report of phpstan in Limiter * unneeded arguments to constructor * added return types * let automatic DI do its work Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Roeland Jago Douma	f81817b47d	Add tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	cf647451e5	Update CSP test cases to handle the new form-action Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Sam Bull	ea935f65fd	Add support for CSP_NONCE server variable Allow passing a nonce from the web server, allowing the possibility to enforce a strict CSP from the web server. Signed-off-by: Sam Bull <git@sambull.org> Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	5ac857bcdc	Add an event to edit the CSP This introduces and event that can be listend to when we actually use the CSP. This means that apps no longer have to always inject their CSP but only do so when it is required. Yay for being lazy. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	f1ea56b502	Fix the thorrtler whitelist bitmask Before we actually didn't check each bit of the bitmask. Now we do. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	ad676c0102	Set default frame-ancestors to 'self' For #13042 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	64244e1a4f	CSP: Allow fonts to be provided in data Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Thomas Citharel	c9b588774b	Allow bracket IPv6 address format inside IPAdress Normalizer When run with php's build-in server (for instance on localhost:8080), IP provided through $this->server['REMOTE_ADDR'] is [::1], which is not an acceptable format for \inet_pton. This removes the brackets if there's any. Signed-off-by: Thomas Citharel <tcit@tcit.fr>	7 years ago
Roeland Jago Douma	5b61ef9213	Disallow unsafe-eval by default Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	362e6b2903	Fix tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	84316aec66	Add ARGON2I support to the hasher When on php7.2 we can use the new and improved ARGON2I hashing. This adds support for that to the hasher. When verifying an old hash we'll update rehash to move all hashes eventually to the new hash function. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Joas Schilling	bf2be08c9f	Fix risky tests without assertions Signed-off-by: Joas Schilling <coding@schilljs.com>	8 years ago
Roeland Jago Douma	0e0db37658	Make OCP\Security stricter * Add typehints * Add return types * Opcode opts from phpstorm * Made strict * Fixed tests: No need to test bogus values anymore strict typing fixes this Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	cf0a339997	Make OC\Security\RateLimiting strict * Add return types * Add scalar argument types * Made strict * Cleaned up phpstorm inspections Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	094d41937a	Fix tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Morris Jobke	c733cdaa65	Use ::class in test mocks of encryption app Signed-off-by: Morris Jobke <hey@morrisjobke.de>	8 years ago
Morris Jobke	43e498844e	Use ::class in test mocks Signed-off-by: Morris Jobke <hey@morrisjobke.de>	8 years ago
Bjoern Schiessle	bae5be3dc1	add prefix to user and system keys to avoid name collisions Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>	9 years ago
Bjoern Schiessle	9524badccc	extend the identity proof manager to allow system wide key pairs Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>	9 years ago
Roeland Jago Douma	6a1f2ac076	Add bruteforce capabilities Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	9 years ago
Roeland Jago Douma	04f2090698	Write cert bundle to tmp file first Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	9 years ago
Joas Schilling	ca39940614	Automatic creation of Identity manager Signed-off-by: Joas Schilling <coding@schilljs.com>	9 years ago
Lukas Reschke	dd03fdebec	Add missing space Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago
Lukas Reschke	a5ccb31e85	Mark IP as whitelisted if brute force protection is disabled Currently, when disabling the brute force protection no new brute force attempts are logged. However, the ones logged within the last 24 hours will still be used for throttling. This is quite an unexpected behaviour and caused some support issues. With this change when the brute force protection is disabled also the existing attempts within the last 24 hours will be disregarded. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago
Lukas Reschke	e39e6d0605	Remove expired attempts Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago
Lukas Reschke	66835476b5	Add support for ratelimiting via annotations This allows adding rate limiting via annotations to controllers, as one example: ``` @UserRateThrottle(limit=5, period=100) @AnonRateThrottle(limit=1, period=100) ``` Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago
Roeland Jago Douma	be674c19a5	Respect bruteforce settings in the Throttler Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	9 years ago
Morris Jobke	f9bc53146d	Fix unit tests Signed-off-by: Morris Jobke <hey@morrisjobke.de>	9 years ago
Lukas Reschke	adfd1e63f6	Add base-uri to CSP policy As per https://twitter.com/we1x/status/842032709543333890 a nice security hardening Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago
Robin Appelman	817e974c5f	dont write a certificate bundle if the shipped ca bundle is empty Signed-off-by: Robin Appelman <robin@icewind.nl>	9 years ago
Roeland Jago Douma	72f9920a58	Add Identityproof tests * Add tests for Key * Add tests for Manager * Add tests for Signer * Removed URLGenerator from Signer Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	9 years ago
Lukas Reschke	fb91bf6a5b	Add a signer class for signing Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago
Lukas Reschke	a8b7df9cc1	Add tests Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago
Joas Schilling	2c4035e806	Inject config and logger Signed-off-by: Joas Schilling <coding@schilljs.com>	9 years ago
Leon Klingele	e5d78a3523	Fix CSRF token generation / validation Operate on raw bytes instead of base64-encoded strings. Issue was introduced in `a977465` Signed-off-by: Leon Klingele <git@leonklingele.de>	9 years ago
Roeland Jago Douma	e351ba56f1	Move browserSupportsCspV3 to CSPNonceManager Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	9 years ago
Lukas Reschke	38b3ac8213	Add ContentSecurityPolicyNonceManager Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago
Lukas Reschke	9e6634814e	Add support for CSP nonces CSP nonces are a feature available with CSP v2. Basically instead of saying "JS resources from the same domain are ok to be served" we now say "Ressources from everywhere are allowed as long as they add a `nonce` attribute to the script tag with the right nonce. At the moment the nonce is basically just a `<?php p(base64_encode($_['requesttoken'])) ?>`, we have to decode the requesttoken since `:` is not an allowed value in the nonce. So if somebody does on their own include JS files (instead of using the `addScript` public API, they now must also include that attribute.) IE does currently not implement CSP v2, thus there is a whitelist included that delivers the new CSP v2 policy to newer browsers. Check http://caniuse.com/#feat=contentsecuritypolicy2 for the current browser support list. An alternative approach would be to just add `'unsafe-inline'` as well as `'unsafe-inline'` is ignored by CSPv2 when a nonce is set. But this would make this security feature unusable at all in IE. Not worth it at the moment IMO. Implementing this offers the following advantages: 1. Security: As we host resources from the same domain by design we don't have to worry about 'self' anymore being in the whitelist 2. Performance: We can move oc.js again to inline JS. This makes the loading way quicker as we don't have to load on every load of a new web page a blocking dynamically non-cached JavaScript file. If you want to toy with CSP see also https://csp-evaluator.withgoogle.com/ Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago

1 2

59 Commits (bbba7bc45acdbfb7d69edf7998db2cd8871682bd)