Commit graph

28700 commits

Author SHA1 Message Date
Lukas Reschke
6a067b1ec9 Set RewriteBase to / if OC::WEBROOT is not set 2015-12-01 22:03:25 +01:00
Lukas Reschke
a936107c5c Append PATH_INFO to ensure that file can be loaded on update 2015-12-01 20:15:45 +01:00
Lukas Reschke
f87dca95f1 Disable MultiView + DirectorySlash
Required for routes that might otherwise collide with existing folders on the system
2015-12-01 19:57:03 +01:00
Lukas Reschke
002e719789 Set "SetEnv" within base .htaccess file
mod_rewrite as used by the front controller may require a `RewriteBase` in case the installation is done using an alias. Since we cannot enforce a writable `.htaccess` file this will move the `front_controller_active` environment variable into the main .htaccess file. If administrators decide to have this one not writable they can still enable this feature by setting the `front_controller_active` environment variable within the Apache config.
2015-12-01 19:06:48 +01:00
Morris Jobke
3061e5d2fc Check the expiration date for null
* null is always less than any value -> expirationDate gets null
  which is "no date set"
* ref https://github.com/owncloud/core/issues/20590#issuecomment-158393075
2015-12-01 17:43:05 +01:00
Lukas Reschke
8931ba4a0d Merge pull request #14081 from owncloud/use-pretty-urls
Support pretty URLs
2015-12-01 17:17:48 +01:00
Robin Appelman
62cc316c6a remove old propagation logic 2015-12-01 16:50:20 +01:00
Joas Schilling
44852ce324 Allow DI for OCP\Files\IMimeTypeDetector 2015-12-01 16:49:20 +01:00
Lukas Reschke
2515cb17be Support pretty URLs
This changeset allows ownCloud to run with pretty URLs, they will be used if mod_rewrite and mod_env are available. This means basically that the `index.php` in the URL is not shown to the user anymore.

Also the not deprecated functions to generate URLs have been modified to support this behaviour, old functions such as `filePath` will still behave as before for compatibility reasons.

Examples:
http://localhost/owncloud/index.php/s/AIDyKbxiRZWAAjP => http://localhost/owncloud/s/AIDyKbxiRZWAAjP
http://localhost/owncloud/index.php/apps/files/ => http://localhost/owncloud/apps/files/

Due to the way our CSS and JS is structured the .htaccess uses some hacks for the final result but could be worse... And I was just annoyed by all that users crying for the removal of `index.php` ;-)
2015-12-01 16:46:07 +01:00
Thomas Müller
74e8c25a5b Merge pull request #20285 from owncloud/add-integrity-checker
Add code integrity checker foundation
2015-12-01 15:27:50 +01:00
Thomas Müller
27da63886f Merge pull request #20710 from owncloud/files_external_config_command
Add command to get and set config for external mounts
2015-12-01 15:27:32 +01:00
Morris Jobke
6baed0c998 fix code style 2015-12-01 14:51:33 +01:00
Morris Jobke
e86c847df5 add parameter to call single behat tests 2015-12-01 14:51:33 +01:00
Morris Jobke
83432b3c25 add behat tests for 0 quota upload failure 2015-12-01 14:51:32 +01:00
Thomas Müller
d5fe052838 Merge pull request #20868 from owncloud/revert-20842-fix-date-time-column
Revert "Fix column width of mtime column"
2015-12-01 14:30:44 +01:00
Thomas Müller
490e01e383 Merge pull request #20861 from owncloud/systemtags-better-exceptions-docs
Fix the docs of the exceptions and remove hardcoded language from the…
2015-12-01 14:23:00 +01:00
Robin Appelman
1347e3332b return non 0 status code in case of missing mount 2015-12-01 13:47:56 +01:00
Robin Appelman
2dd0066b0e Add command to set mount options for external storages 2015-12-01 13:47:32 +01:00
Robin Appelman
d5ffbc9401 Add command to get and set config for external mounts 2015-12-01 13:47:32 +01:00
Morris Jobke
0655f3d102 Revert "Fix column width of mtime column" 2015-12-01 13:45:30 +01:00
Robin Appelman
0d63e95a5d Add metadata to post delete hooks 2015-12-01 13:22:58 +01:00
Thomas Müller
cce053f7e9 Merge pull request #20859 from owncloud/autotest-coverage
Make autotest.sh able to output proper coverage again
2015-12-01 12:55:14 +01:00
Joas Schilling
1761fdd9ee Fix the docs of the exceptions and remove hardcoded language from the message 2015-12-01 12:32:50 +01:00
Roeland Jago Douma
b4302a49be Make autotest.sh able to output proper coverage again
The usage of single quotes make sure that a string is used verbatim in
bash. And no variables are subsituted.
2015-12-01 12:03:27 +01:00
Lukas Reschke
4971015544 Add code integrity check
This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository.

Furthermore, there is a basic implementation to display problems with the code integrity on the update screen.

Code signing basically happens the following way:

- There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release 😉). This certificate is not intended to be used for signing directly and only is used to sign new certificates.
- Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`,  apps need to be signed with a certificate that either has a CN of `core` (shipped apps!)  or the AppID.
- The command generates a signature.json file of the following format:
```json
{
    "hashes": {
        "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d",
        "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9"
    },
    "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----",
    "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl"
}
```
`hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the  certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`.

Steps to do in other PRs, this is already a quite huge one:
- Add nag screen in case the code check fails to ensure that administrators are aware of this.
- Add code verification also to OCC upgrade and unify display code more.
- Add enforced code verification to apps shipped from the appstore with a level of "official"
- Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release
- Add some developer documentation on how devs can request their own certificate
- Check when installing ownCloud
- Add support for CRLs to allow revoking certificates

**Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature:

```
➜  master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt
Successfully signed "core"
```

Then increase the version and you should see something like the following:

![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png)

As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen.

For packaging stable releases this requires the following additional steps as a last action before zipping:
1. Run `./occ integrity:sign-core` once
2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
2015-12-01 11:55:20 +01:00
Thomas Müller
36660734a6 Merge pull request #20855 from owncloud/output-log-integration-tests
tail the server log and exit with the exit code of behat
2015-12-01 10:21:25 +01:00
Thomas Müller
f48ea593eb Merge pull request #20850 from owncloud/use-text-instead-of-html
Use .text instead of .html
2015-12-01 10:18:29 +01:00
Thomas Müller
f1bbc9a962 Merge pull request #20853 from owncloud/php-parser-1.4.1
[3rdparty] Bump php-parser
2015-12-01 10:17:17 +01:00
Thomas Müller
21e063a9e7 tail the server log and exit with the exit code of behat 2015-12-01 10:16:46 +01:00
Thomas Müller
634859e6ed Merge pull request #20825 from owncloud/scrutinizer-patch-1
Scrutinizer Auto-Fixes
2015-12-01 09:26:22 +01:00
Roeland Jago Douma
c024ff3dff [3rdparty] Bump php-parser 2015-12-01 09:22:55 +01:00
Thomas Müller
8a1e6c0ad9 Merge pull request #20851 from owncloud/tests-for-kill-rebuild-parser
[3rdparty] Remove some unrequired files
2015-12-01 09:07:32 +01:00
Lukas Reschke
f664405621 Remove some unrequired files 2015-12-01 08:11:42 +01:00
Jenkins for ownCloud
8421a43df1 [tx-robot] updated from transifex 2015-12-01 01:55:07 -05:00
Lukas Reschke
3ea654d2d4 Use .text instead of .html
Makes some static source code analyzers happier.
2015-11-30 23:49:27 +01:00
Thomas Müller
b0491bf930 Merge pull request #20828 from owncloud/sharing_integration_test_20645_morris
Sharing integration test 20645, added sabre dav and propfind check.
2015-11-30 23:06:25 +01:00
Thomas Müller
d6da0396d0 Adjust patches 2015-11-30 23:00:51 +01:00
Scrutinizer Auto-Fixer
dcbd603514 Scrutinizer Auto-Fixes
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
2015-11-30 22:50:09 +01:00
Thomas Müller
802f226d8a Merge pull request #20842 from owncloud/fix-date-time-column
Fix column width of mtime column
2015-11-30 22:47:36 +01:00
Thomas Müller
e01f4be4d1 Merge pull request #20784 from owncloud/jeremeamia_superclosure_2.1.0
[3rdparty] bump jeremeamia/superclosure to 2.1.0
2015-11-30 22:45:29 +01:00
Thomas Müller
9e8c9ed9a5 Merge pull request #20829 from owncloud/dav-define-phpunit
Fix already defined warning from dav test bootstrap
2015-11-30 22:45:01 +01:00
Thomas Müller
54f0dec319 Merge pull request #20845 from owncloud/allow-di-in-apps
Allow DI the system tag stuff without Application class
2015-11-30 22:43:30 +01:00
Thomas Müller
060673a8b3 Merge pull request #20487 from owncloud/activity-oracle-sql-error-for-favorites
Activity oracle sql error for favorites
2015-11-30 22:43:06 +01:00
Thomas Müller
c57d0985dc Merge pull request #20832 from owncloud/update-js-dependencies
Update some JS dependencies
2015-11-30 22:42:23 +01:00
Thomas Müller
63a87c631b Merge pull request #20843 from owncloud/fix-share-with-input
Fix the width of the share with input
2015-11-30 17:38:27 +01:00
Thomas Müller
b6cc9f9d19 Merge pull request #20841 from owncloud/generate-response-using-xml-writer
Use XMLWriter to generate response
2015-11-30 17:32:32 +01:00
Joas Schilling
23046ca5b7 Inject the database connection 2015-11-30 17:14:47 +01:00
Joas Schilling
e9094b8a41 Only require the interface 2015-11-30 17:14:47 +01:00
Joas Schilling
6e0596432c Add a unit test that executes the query 2015-11-30 17:14:47 +01:00
Joas Schilling
2cdec74e8a Correctly escape the paths so we only display favorites instead of wildcards 2015-11-30 17:12:48 +01:00