nextcloud

mirror of https://github.com/nextcloud/server.git synced 2024-08-30 05:55:15 +02:00

Author	SHA1	Message	Date
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2023-11-23 10:36:13 +01:00
Daniel Kesselberg	f8f985602b	test: add tests for dns pin middleware Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2023-09-12 14:04:23 +02:00
Daniel Kesselberg	03f1f1ed2e	enh: skip processing for empty response Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2023-09-04 15:28:02 +02:00
Daniel Kesselberg	eab46bdfe6	feat: add switch to disable dns pinning Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2023-08-29 18:03:54 +02:00
Joas Schilling	ec6728d710	feat(HTTPClient): Provide wrapped access to Guzzle's asyncRequest() Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-06-27 15:53:57 +02:00
Robin Appelman	e7ab30f5d8	log performance events for http requests Signed-off-by: Robin Appelman <robin@icewind.nl>	2023-04-28 15:37:57 +02:00
Côme Chilliet	426c0341ff	Use typed version of IConfig::getSystemValue as much as possible Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-04-05 12:50:08 +02:00
Côme Chilliet	f5c361cf44	composer run cs:fix Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-01-20 11:45:08 +01:00
Christoph Wurst	ce259435c2	Fix DNS Pin Middleware throwing for public IPs Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2022-11-08 14:18:05 +01:00
Christoph Wurst	8aea25b5b9	Add remote host validation API Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2022-10-31 16:13:28 +01:00
Christoph Wurst	d4b9b010b0	Rename LocalAddressChecker methods to lower case Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2022-10-27 13:24:28 +02:00
Simon L	11108e8032	Revert "fix external storages access" Signed-off-by: szaimen <szaimen@e.mail.de>	2022-10-23 22:36:34 +02:00
John Molakvoæ	304c1b9b61	Merge pull request #33087 from nextcloud/fix/30282/external-storages fix external storages access	2022-10-23 10:42:46 +02:00
Côme Chilliet	31117fa7c7	Fix tests for nested v4 in v6 Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-09-20 12:46:22 +02:00
Côme Chilliet	7ac688a2e5	Use new dependency to normalize IPs Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-09-20 12:34:04 +02:00
Côme Chilliet	a907b74c2a	Add missing urldecode and idn_to_utf8 calls to local address checker The call to idn_to_utf8 call is actually to apply normalization Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-09-20 12:20:35 +02:00
luz paz	368f83095d	Fix typos in lib/private subdirectory Found via `codespell -q 3 -S l10n -L jus ./lib/private` Signed-off-by: luz paz <luzpaz@github.com>	2022-07-27 08:52:17 -04:00
Côme Chilliet	c5ffd7ce32	Use Symfony IpUtils to check for local IP ranges Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-07-12 12:09:05 +02:00
Côme Chilliet	707b46bb01	Check for local IPs nested in IPv6 as well Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-07-12 09:49:27 +00:00
Côme Chilliet	d0830432a7	Refactor local IP if and set strict to true for in_array Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-07-12 09:49:27 +00:00
Côme Chilliet	bd9aff47b6	Improve local IP detection Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-07-12 09:49:27 +00:00
szaimen	2ad53742f2	fix external storages access Signed-off-by: szaimen <szaimen@e.mail.de>	2022-07-01 22:52:10 +02:00
Côme Chilliet	d23c7d245c	Improve local domain detection Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-06-23 11:45:16 +02:00
Côme Chilliet	6be7aa112f	Migrate from ILogger to LoggerInterface in lib/private Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-03-24 16:21:25 +01:00
Vincent Petry	9b6a1cc8ae	Send images to imaginary docker to generate previews Signed-off-by: Carl Schwan <carl@carlschwan.eu> Co-Authored-by: Vincent Petry <vincent@nextcloud.com>	2022-03-17 08:24:07 +01:00
Lukas Reschke	84d9b17dc7	Check for !== false instead Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-07-12 15:06:30 +02:00
Lukas Reschke	b0cef8827d	Check if dns_get_record returns non-false `dns_get_record` can return false which results in exceptions such as the ones shown in https://github.com/nextcloud/server/issues/27870. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-07-12 13:15:20 +02:00
Sanpi	81c272a8a5	Fixes recursion count incrementation Signed-off-by: Sanpi <sanpi@homecomputing.fr>	2021-07-07 12:00:00 +00:00
kesselb	9f04a7c71e	Merge pull request #27801 from nextcloud/enh/noid/hardening-dns-pin-middleware Ignore subdomain for soa queries	2021-07-06 18:55:25 +02:00
Daniel Kesselberg	b6530e5e82	Ignore subdomain for soa queries Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2021-07-05 20:29:06 +02:00
Aaron Ball	484913dc31	Fix DnsPinMiddleware resolve pinning bug Libcurl expects the value of the CURLOPT_RESOLVE configurations to be an array of strings, those strings containing a comma delimited list of resolved IPs for each host:port combination. The original code here does create that array with the host:port:ip combination, but multiple ips for a single host:port result in additional array entries, rather than adding them to the end of the string with a comma. Per the libcurl docs, the `CURLOPT_RESOLVE` array entries should match the syntax `host:port:address[,address]`. This creates a function-scoped associative array which uses `host:port` as the key (which are supposed to be unique and this ensures that), and the value is an array containing IP strings (ipv4 or ipv6). Once the associative array is populated, it is then set to the CURLOPT_RESOLVE array, imploding the ip arrays using a comma delimiter so the array syntax matches the expected by libcurl. Note that this reorders the "foreach ip" and "foreach port" loops. Rather than looping over ips then ports, we now loop over ports then ips, since ports are part of the unique host:port map, and multiple ips can exist therein. Signed-off-by: Aaron Ball <nullspoon@oper.io>	2021-07-02 16:08:44 -06:00
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2021-06-04 22:02:41 +02:00
Arthur Schiwon	9f5480eef4	ensure redis returns bool for hasKey Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-04-13 23:07:54 +02:00
Lukas Reschke	5fe1f134f9	Strictify null check Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-04-06 11:39:24 +00:00
Lukas Reschke	5f3abffe6f	Improve networking checks Whilst we currently state that SSRF is generally outside of our threat model, this is something where we should invest to improve this. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-04-06 11:37:47 +00:00
Christoph Wurst	aabd73912e	Type the service registration Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-02-10 09:44:24 +01:00
Marco Ziech	4923c6be25	Use RFC-compliant URL encoding for cookies PHP 7.4.2 changed the way how cookies are decoded, applying RFC-compliant raw URL decoding. This leads to a conflict Nextcloud's own cookie encoding, breaking the remember-me function if the UID contains a space character. Fixes #24438 Signed-off-by: Marco Ziech <marco@ziech.net>	2021-01-24 14:18:28 +01:00
Roeland Jago Douma	41c80d6c19	Fix option in the client code itself as well Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2021-01-12 12:36:21 +01:00
Christoph Wurst	9ce3ea3368	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-12-30 14:07:05 +01:00
Christoph Wurst	f37e150d1c	Merge pull request #24702 from nextcloud/enhancement/well-known-handler-api Add well known handlers API	2020-12-18 13:34:04 +01:00
Christoph Wurst	d89a75be0b	Update all license headers for Nextcloud 21 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-12-16 18:48:22 +01:00
Christoph Wurst	6995223b1e	Add well known handlers API Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-12-16 13:13:05 +01:00
Carlos Ferreira	a42eb05a35	Simple typo in comments	2020-11-20 20:01:28 +01:00
Roeland Jago Douma	54b9f639a6	Always return the default path if we can Just check in the certifcate manager. So every part of the system that request the certificatebundle gets the defaullt one (the 99% case) if we can. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-11-03 00:13:01 +01:00
Christoph Wurst	2a054e6c04	Update the license headers for Nextcloud 20 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-08-24 14:54:25 +02:00
Joas Schilling	9127731c52	parse_url returns null in case a parameter is not found Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-07-29 08:32:20 +02:00
Morris Jobke	18b0d753f2	Do not read certificate bundle from data dir by default Before the resources/config/ca-bundle.crt was only used when the list of custom certificates was empty and the instance was not installed. But it should also be used when the list is empty and the instance is installed. This is inverting the logic to stop if the instance is not installed to use the default bundle. And it also does this when the list is empty. Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-05-25 16:57:56 +02:00
Morris Jobke	8bcd1c31da	Allow gzip encoded requests by default Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-05-20 13:37:28 +02:00
Christoph Wurst	cb057829f7	Update license headers for 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-29 11:57:22 +02:00
Joas Schilling	5e402f8aae	Check all remotes for local access Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-04-14 18:56:06 +02:00

1 2

72 Commits