nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-05-28 04:32:30 -04:00

Author	SHA1	Message	Date
Micke Nordin	cc9e0ba582	fix(http-sig): make setSignature public and skip third-party-dependent test Two CI failures introduced by the test additions in this PR: 1. testEd25519VerifyAcceptedWhenSodiumLoaded calls setSignature() to inject an externally-produced Ed25519 signature (since Algorithm::sign() rejects Ed25519 by design). setSignature was declared protected, so the test couldn't call it from outside the class hierarchy. Make it public — SignedRequest lives in the OC\ private namespace, so this widens internal-only visibility, not the public API surface. 2. testParseKeyRejectsContradictoryAlg expected firebase/php-jwt's JWK::parseKey() to throw on a kty=OKP/crv=Ed25519/alg=ES256 key. The current firebase/php-jwt version does not validate that coherence at parse time, so the test now fails to see any throwable. The actual security check happens at Algorithm::verify() time and is covered by testVerifyEd25519KeyAgainstES256Alg right above it. Skip the parse-time test with a comment pointing at the verify-time coverage. Signed-off-by: Micke Nordin <kano@sunet.se>	2026-05-27 11:03:55 +02:00
Micke Nordin	1bad4fe238	fix: Make sodium optional This commit switches the default signature algorithm to ecdsa-p256-sha256 instead of Ed25519. This allows us to make sodium optional again, and we only pull it in to use it for verifying incomming signatures. If sodium is not installed, we throw on Ed25519 signatures instead. At least it is easy for most people to make their Nextcloud install fully RFC compliant by installing sodium. I also renamed all the Ed25519 function names to be more precis, using Jwks for the JSON Web Keys, and RFC9421 for the http-signature code, where it is needed to distinguish from draft-cavage signatures. Signed-off-by: Micke Nordin <kano@sunet.se>	2026-05-27 11:03:55 +02:00
Micke Nordin	0eb927e617	feat(http-sig): RFC 9421 protocol primitives Add the RFC 9421 (HTTP Message Signatures) sign/verify path alongside the existing draft-cavage implementation: - Algorithm: sodium for Ed25519, JWT::sign for RSA / ECDSA, ecdsaRawToDer for the ECDSA wire format. JWK parsing via JWK::parseKey. - SignatureBase: RFC 9421 §2.5 base construction for the derived components OCM uses plus plain HTTP fields. - ContentDigest: RFC 9530 helpers used as a covered component. - Rfc9421IncomingSignedRequest / Rfc9421OutgoingSignedRequest: request models. Parsing of Signature-Input / Signature delegates to gapple\\StructuredFields\\Parser. - IJwkResolvingSignatoryManager: capability bit signatory managers advertise to participate in RFC 9421 verification. - OcmProfile: OCM-mandated dictionary label. - SignatureManager: dispatch to RFC 9421 inbound when Signature-Input is present, outbound when rfc9421.format is set. Plus tests for each primitive and a full round-trip across the model. Signed-off-by: Micke Nordin <kano@sunet.se>	2026-05-27 11:03:55 +02:00
Ferdinand Thiessen	e5b1799079	chore: add missing `Override` attribute to test files Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2026-04-28 21:29:28 +02:00
Côme Chilliet	78fd649e47	chore: Remove long deprecated methods from OCP These have been deprecated from before 20 Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2026-04-09 18:05:53 +02:00
Carl Schwan	5d0d0c17e5	chore(rector): Run rector on apps, core and tests directory Signed-off-by: Carl Schwan <carl.schwan@nextcloud.com>	2026-02-06 13:23:23 +01:00
provokateurin	0c3a872908	feat(CertificateManager): Add option to specify the default certificates bundle path Signed-off-by: provokateurin <kate@provokateurin.de>	2025-12-01 10:47:23 +01:00
Marcel Müller	234f183f8e	feat: Add option to update the public key of a user Signed-off-by: Marcel Müller <marcel-mueller@gmx.de>	2025-11-19 10:51:43 +01:00
Ferdinand Thiessen	d6d6747a73	refactor: apply rector rules for PHPUnit 10 Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-10-27 21:56:04 +01:00
Christoph Wurst	3e90ce89eb	test(net): include test for localhost by IP Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2025-10-14 10:33:35 +02:00
Joas Schilling	51f596e0c2	test: Fix double space Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-08-25 13:29:17 +02:00
Joas Schilling	894fda1a4d	ci: Update testing certificates that expired after 10 years Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-08-25 12:15:57 +02:00
Marcel Müller	520d8beaf5	feat: Cache user keys Signed-off-by: Marcel Müller <marcel-mueller@gmx.de>	2025-08-05 16:42:14 +02:00
Maxence Lange	484491e7cc	fix(bruteforce): limit appconfig lazy loading Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2025-07-20 00:49:11 -01:00
Robin Appelman	aa15f9d16d	chore: run rector Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-07-01 22:45:52 +02:00
Ferdinand Thiessen	5981b7eb51	chore: apply new CSFixer rules Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de> # Conflicts: # apps/settings/lib/SetupChecks/PhpOpcacheSetup.php	2025-07-01 16:26:50 +02:00
Robin Appelman	29e39c0a2e	chore: run rector on tests Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-06-12 18:31:58 +02:00
Joas Schilling	f474b5b3a9	test: Fix tests/lib/Security/ Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-05-15 08:24:59 +02:00
Daniel Kesselberg	a53e15c971	fix: log requests exceeding the rate limiting Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2025-05-14 12:23:40 +02:00
Joas Schilling	b77011a918	test: Prepare more tests for PHPUnit 10 Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-04-30 09:18:01 +02:00
Benjamin Gaussorgues	9f666c2b73	feat(ip): add configurable IPv6 subnet for BFP and throttling Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2025-04-17 08:12:03 +02:00
Benjamin Gaussorgues	c4021c8d38	feat(ip): use larger IPv6 range by default Some providers assign `/48` IPv6 blocks instead of `/64` so it sounds safer to use this mask by default. Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2025-04-08 10:08:28 +02:00
Joas Schilling	c1655bcde7	fix(ratelimit): Allow to bypass rate-limit from bruteforce allowlist Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-01-27 12:46:15 +01:00
Christoph Wurst	1323e5bcb1	fix(migration): Decrypt ownCloud secrets v2 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-11-28 09:00:33 +01:00
Josh	97421fb143	fix(tests): Add RemoteAddress v6 zone ID test Signed-off-by: Josh <josh.t.richards@gmail.com>	2024-11-04 09:30:21 -05:00
Côme Chilliet	280f6df66c	Merge pull request #32018 from nextcloud/cleanup/event/trashbin Port files trashbin events to IEventDispatcher/IEventListener	2024-09-24 17:15:39 +02:00
Richard Steinmetz	19ad13571c	fix: gracefully parse non-standard trusted certificates Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>	2024-09-24 12:36:09 +02:00
Côme Chilliet	af0b8fbd17	fix(tests): Fix tests now that trashbin listens to events properly Hooks are cleared in test bootstrap so switching to events activates them in tests. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-09-23 18:13:29 +02:00
provokateurin	9836e9b164	chore(deps): Update nextcloud/coding-standard to v1.3.1 Signed-off-by: provokateurin <kate@provokateurin.de>	2024-09-19 14:21:20 +02:00
Christoph Wurst	49dd79eabb	refactor: Add void return type to PHPUnit test methods Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-09-15 22:32:31 +02:00
Daniel Kesselberg	af6de04e9e	style: update codestyle for coding-standard 1.2.3 Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2024-08-25 19:34:58 +02:00
Ferdinand Thiessen	127cacdd19	feat(Security): Allow setting password context for validation and generation Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de> Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com> Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-08-22 19:16:50 +02:00
Ferdinand Thiessen	009761be58	test: Adjust tests for CSP nonce Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-08-13 10:06:32 +02:00
Stephan Orbaugh	9ed2d3e495	Merge pull request #46571 from nextcloud/chore/migrate-to-filenamevalidator refactor: Migrate some legacy and core functions to `IFilenameValidator`	2024-07-22 10:40:50 +02:00
Ferdinand Thiessen	9716b0d735	refactor: Migrate some legacy and core functions to `IFilenameValidator` Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-07-19 19:41:46 +02:00
Joas Schilling	047479ccf9	feat(security): Add public API to allow validating IP Ranges and checking for "in range" Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2024-07-19 16:28:03 +02:00
Benjamin Gaussorgues	202e5b1e95	feat(security): restrict admin actions to IP ranges Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2024-07-19 16:28:03 +02:00
Christopher Ng	48b69c53dc	test: Test hash validation Signed-off-by: Christopher Ng <chrng8@gmail.com>	2024-07-04 17:05:50 -07:00
Andy Scherzinger	1f7e2ba599	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-13 17:41:36 +02:00
Joas Schilling	33e1c8b236	fix(security): Handle idn_to_utf8 returning false Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-12-04 10:38:46 +01:00
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2023-11-23 10:36:13 +01:00
Ferdinand Thiessen	ecf9f0a872	fix(CSP): Only add `strict-dynamic` when using nonces Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2023-11-17 22:01:02 +01:00
Ferdinand Thiessen	e231abd9bf	fix!(ContentSecurityPolicy): Make `strict-dynamic` enabled by default on `script-src-elem` Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2023-11-17 14:42:36 +01:00
Joas Schilling	124588d4a6	fix: Make bypass function public API Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-08-21 16:40:24 +02:00
Joas Schilling	fd9b2d488e	feat: Expose if the own IP is allowed to bypass bruteforce protection Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-08-21 16:36:04 +02:00
Joas Schilling	a95800c647	feat(security): Add a bruteforce protection backend base on memcache Similar to the ratelimit backend Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-08-21 16:36:03 +02:00
Joas Schilling	030e8d8916	fix: Align doc type with creation Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-07-27 23:13:38 +02:00
Christoph Wurst	08a3f37695	chore(appframework)!: Drop \OCP\AppFramework\Http\EmptyContentSecurityPolicy::allowInlineScript Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-06-12 10:03:59 +02:00
Côme Chilliet	8d5165e8dc	Adapt tests to config value typing Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-04-05 17:42:14 +02:00
Joas Schilling	c5339fa336	Merge pull request #37542 from nextcloud/bugfix/noid/allow-to-opt-out-of-ratelimit-for-testing feat(security): Allow to opt-out of ratelimit protection, e.g. for te…	2023-04-03 14:19:41 +02:00

1 2 3 4

151 commits