Commit graph

23 commits

Author SHA1 Message Date
Morris Jobke
06aef4e8b1 Revert "Updating license headers"
This reverts commit 6a1a4880f0.
2015-02-26 11:37:37 +01:00
Jenkins for ownCloud
6a1a4880f0 Updating license headers 2015-02-23 12:13:59 +01:00
Lukas Reschke
9f91d64918 Make scrutinizer happy 2015-02-16 22:13:00 +01:00
Lukas Reschke
886bda5f81 Refactor OC_Request into TrustedDomainHelper and IRequest
This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed.

This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions.

Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though.

Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969
2015-02-16 22:13:00 +01:00
Lukas Reschke
025110821f URLEncode logout attribute
Otherwise logout can fail if the requesttoken contains a +
2015-02-13 12:08:23 +01:00
Bjoern Schiessle
5ba19ba7fc certificate manager should always use a \OC\Files\View otherwise we will get problems for different primary storages 2015-01-26 16:58:52 +01:00
Bjoern Schiessle
67da1f7e5a certificate manager only needs the user-id, no need to pass on the complete user object 2015-01-26 16:58:52 +01:00
Bjoern Schiessle
24993280ed Next step in server-to-server sharing next generation, see #12285
Beside some small improvements and bug fixes this will probably the final state for OC8.

To test this you need to set up two ownCloud instances. Let's say:

URL: myPC/firstOwnCloud user: user1
URL: myPC/secondOwnCloud user: user2
Now user1 can share a file with user2 by entering the username and the URL to the second ownCloud to the share-drop-down, in this case "user2@myPC/secondOwnCloud".

The next time user2 login he will get a notification that he received a server-to-server share with the option to accept/decline it. If he accept it the share will be mounted. In both cases a event will be send back to user1 and add a notification to the activity stream that the share was accepted/declined.

If user1 decides to unshare the file again from user2 the share will automatically be removed from the second ownCloud server and user2 will see a notification in his activity stream that user1@myPC/firstOwnCloud has unshared the file/folder from him.
2014-12-19 15:20:24 +01:00
Lukas Reschke
ee1f8b0242 Remove workaround for 5.3
Function is natively available with 5.4
2014-12-04 11:17:33 +01:00
Morris Jobke
146cb920c9 Merge pull request #12218 from owncloud/issue/10991-fixes
Issue/10991 Make unit tests pass on windows
2014-11-17 16:44:45 +01:00
Joas Schilling
39ae569c5c Correctly close handle of directory when listing certificates 2014-11-17 10:48:14 +01:00
Lukas Reschke
24ca2d858f Add OCP\Security\IHasher
Public interface for hashing which also works with legacy ownCloud hashes and supports updating the legacy hash via a passed reference.

Follow-up of https://github.com/owncloud/core/pull/10219#issuecomment-61624662
Requires https://github.com/owncloud/3rdparty/pull/136
2014-11-06 15:16:14 +01:00
Lukas Reschke
d07d5915c9 Remove unused and overflowing function
Resolves https://github.com/owncloud/core/issues/10991 failure 4
2014-09-18 10:21:28 +02:00
Lukas Reschke
5ff999d69d Return false in case one of the values is null 2014-09-12 13:34:45 +02:00
Lukas Reschke
1973275adc Add custom hex2bin implementation for 5.3
Fixes https://github.com/owncloud/core/issues/11004
2014-09-11 09:51:45 +02:00
Lukas Reschke
373d1c5e9f Merge pull request #10642 from owncloud/securityutils
Add some security utilities
2014-09-03 15:28:42 +02:00
Lukas Reschke
50b430ee7c Add char consts, hash the specified password for the HMAC 2014-09-03 11:03:27 +02:00
Robin Appelman
bfa0c4b78a Explicitly set the timezones 2014-08-31 11:06:18 +02:00
Lukas Reschke
4efe6f6240 Add unit tests and fix rootcerts creation bug 2014-08-31 10:47:50 +02:00
Robin Appelman
e64aa330fd check for blacklisted file certificate filenames 2014-08-31 10:47:50 +02:00
Robin Appelman
79d896e830 Rename namespace 2014-08-31 10:47:50 +02:00
Lukas Reschke
3329e0f2b2 Use DI 2014-08-27 00:49:53 +02:00
Lukas Reschke
d26a9c3c58 Add some security utilities
This adds some security utilities to core including:
- A library for basic crypto operations (e.g. to encrypt passwords)
- A better library for cryptographic actions which allows you to specify the charset
- A library for secure string comparisions

Remove .htaccess

Remove .htaccess

Fix typo

Add public API

Use timing constant comparision

Remove CBC constant

Adjust code

Remove confusing $this
2014-08-27 00:18:04 +02:00