nextcloud
/
desktop
mirror of https://github.com/nextcloud/desktop
0
0
Fork 0
Code Issues Releases Wiki Activity
19,630 Commits 418 Branches 237 Tags 361 MiB
Commit Graph

245 Commits

Author SHA1 Message Date
Dimitri Papadopoulos 9d830e94f9 Fix typos found by codespell 
Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>
 2023-06-21 08:47:13 +02:00
alex-z 90e3a37a20 E2EE. Fix freeze on metadata checksum validation. 
Signed-off-by: alex-z <blackslayer4@gmail.com>
 2023-05-08 11:29:16 +02:00
Matthieu Gallien a852eda937 in case server has no private key, let e2ee init fail 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-04-07 16:08:23 +02:00
alex-z 31c3aee447 Fix unit tests SecureFileDrop 
Signed-off-by: alex-z <blackslayer4@gmail.com>
 2023-04-05 12:21:28 +02:00
Matthieu Gallien c9cf248e5d
fix compilation 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-04-04 18:01:26 +02:00
Matthieu Gallien b0c69481f2
try different permutation to try to recover the broken checksum 
will only accept a checksum that can be computed from proper data

should still be safe

Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-04-04 17:41:17 +02:00
Matthieu Gallien a76d9fe46d sort encrypted files by their id to compute checksum 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-04-04 15:06:05 +02:00
Matthieu Gallien 5b1238ddb1
compilation fixes for windows 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-03-31 18:06:10 +02:00
Matthieu Gallien 6bf4570b99
compatibility with final file drop implementation 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-03-31 17:18:29 +02:00
Matthieu Gallien 8659df2266
prevent downgrading e2ee metadata format after initial migration 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-03-31 17:18:29 +02:00
Matthieu Gallien 6fb16ce5f4
when uplaoding e2ee metadata add an empty filedrop entry 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-03-31 17:18:29 +02:00
Matthieu Gallien 8b10b3a926
optimize the computation of checksum for metadata 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-03-31 17:18:29 +02:00
Matthieu Gallien 8ec5518d8d
checksum has to be computer from the encrypted metadataKey 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-03-31 17:18:29 +02:00
Matthieu Gallien 1e018d1e56
display some logs when checksum verification is failed 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-03-31 17:18:28 +02:00
Matthieu Gallien ee3c18f9f2
put sane order over #include 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-03-31 17:18:28 +02:00
Matthieu Gallien f181b91875
when migrating older metadata, do not check missing checksum 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-03-31 17:18:28 +02:00
Matthieu Gallien d1c18ecf2a
when uploading new e2e metadata, adds a checksum 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-03-31 17:18:28 +02:00
Matthieu Gallien 1b14c127a4
check checksum when getting e2ee metadata 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-03-31 17:18:28 +02:00
alex-z 1b0a93eabc
Migrate E2EE from v1 to v1.1 
Signed-off-by: alex-z <blackslayer4@gmail.com>
 2023-03-31 17:18:28 +02:00
Matthieu Gallien 6a4028564e
fix indentation style 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-03-31 17:18:28 +02:00
alex-z 09f316dcfc E2EE cut extra zeroes from derypted byte array. 
Signed-off-by: alex-z <blackslayer4@gmail.com>
 2023-03-17 16:04:43 +01:00
alex-z b6ba1fe0d6 Implement Secure filedrop link share. Move data from 'filedrop' to 'files' when syncing E2EE folders. 
Signed-off-by: alex-z <blackslayer4@gmail.com>
 2023-03-02 19:29:11 +01:00
Matthieu Gallien a8a5dfe6c6 skip e2e encrypted files with empty filename in metadata 
we cannot decrypt a file without a name

for now we will ignore them

we should probably do much more for the user but I fail to see how to
generate errors from e2ee module

Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2023-02-20 09:50:34 +01:00
Claudio Cambra 446bb29155 Avoid trying to delete keychain encryption data if there is no encryption data configured 
Signed-off-by: Claudio Cambra <claudio.cambra@nextcloud.com>
 2023-02-14 20:22:51 +01:00
Claudio Cambra 2c17305864 Add sensitiveDataRemaining convenience method to clientsideencryption 
Signed-off-by: Claudio Cambra <claudio.cambra@nextcloud.com>
 2023-02-14 20:22:51 +01:00
Claudio Cambra e7c978551d Make sure to return in checkAllSensitiveDataDeleted 
Signed-off-by: Claudio Cambra <claudio.cambra@nextcloud.com>
 2023-02-14 20:22:51 +01:00
Claudio Cambra 4ded5e1b38 Don't early return in sensitive data deletion for clientsideencryption if the entries were never stored in keychain 
Signed-off-by: Claudio Cambra <claudio.cambra@nextcloud.com>
 2023-02-14 20:22:51 +01:00
alex-z bd9eb0c89f Always unlock E2EE folders, even when network failure or crash. 
Signed-off-by: alex-z <blackslayer4@gmail.com>
 2023-01-30 16:01:19 +01:00
Claudio Cambra cc6bdc9bd5
Add ability to remove local encryption keys through settings 
Signed-off-by: Claudio Cambra <claudio.cambra@nextcloud.com>
 2023-01-24 17:00:14 +01:00
Claudio Cambra 689dee6a16
Properly handle sensitive data deletion in ClientSideEncryption 
Signed-off-by: Claudio Cambra <claudio.cambra@nextcloud.com>
 2023-01-24 17:00:14 +01:00
alex-z 260ba0be46 Fix security vulnerability when receiving empty metadataKeys from the server. 
Signed-off-by: alex-z <blackslayer4@gmail.com>
 2023-01-18 11:41:55 +01:00
Claudio Cambra 31876926ac Only request mnemonic when user explicitly wants to enable E2EE 
Signed-off-by: Claudio Cambra <claudio.cambra@nextcloud.com>
 2022-12-09 12:12:37 +01:00
Valdnet e2ff8715f4 l10n: Correct spelling 
Signed-off-by: Valdnet <47037905+Valdnet@users.noreply.github.com>
 2022-12-01 15:33:15 +01:00
allexzander 9ab89daedd E2EE. Do not generate keypair without user request. 
Signed-off-by: allexzander <blackslayer4@gmail.com>
 2022-11-01 09:18:28 +01:00
Matthieu Gallien b9d4e7045e fix review comments from @allexzander 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2022-10-24 10:25:41 +02:00
Matthieu Gallien 7ffbd95636 fix more sonarcloud issues 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2022-10-24 10:25:41 +02:00
Matthieu Gallien 5e81ab821e fix more issues reported by sonarcloud 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2022-10-24 10:25:41 +02:00
Matthieu Gallien cd30d3645e fix review comments from sonarcloud static analyzis 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2022-10-24 10:25:41 +02:00
Matthieu Gallien 8ea75f4967 address review comments from @allexzander 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2022-10-24 10:25:41 +02:00
Matthieu Gallien 1ec7774e2f validate certificate for E2EE against private key 
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2022-10-24 10:25:41 +02:00
Matthieu Gallien ecc588c27a avoid possibly crashing static_cast 
ran
run-clang-tidy-14.py -header-filter='.*' -checks='-*,cppcoreguidelines-pro-type-static-cast-downcast' -fix

this can prevent casting to a type that is unrelated to the real type
and later cause a crash because you go into undefined behavior domain

Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2022-10-03 10:23:24 +02:00
Valdnet 5117b05ef8
i18n: Spelling unification 
Spelling unification in Transifex.

Signed-off-by: Valdnet <47037905+Valdnet@users.noreply.github.com>
 2022-08-05 11:30:33 +02:00
Matthieu Gallien fe7a62bc77 remove variables set but never read 
will fix a clang compilation error

Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
 2022-08-02 16:28:50 +02:00
Valdnet 5ad0dc004a i18n: Fix for "end-to-end" 
Signed-off-by: Valdnet <47037905+Valdnet@users.noreply.github.com>
 2022-06-28 08:55:54 +02:00
Claudio Cambra b7c2e16aa9 Make client language gender-neutral and more clear 
Signed-off-by: Claudio Cambra <claudio.cambra@gmail.com>
 2022-06-24 14:36:36 +02:00
Felix Weilbach d6e60cd8d4 Don't log encryption data in release mode 
We deliver our builds to users with debug logging enabled to have an
easier time finding problems. However, logging all the encryption data
in this loop is too much and should not be done in release mode.

Signed-off-by: Felix Weilbach <felix.weilbach@nextcloud.com>
 2021-09-27 19:50:38 +00:00
Felix Weilbach fb1b3481d1 Fix warnings 
Signed-off-by: Felix Weilbach <felix.weilbach@nextcloud.com>
 2021-09-17 13:32:26 +00:00
Dmytro Korchynskyi 608fc5fb3a Fixed warnings by using static_cast 
Signed-off-by: Dmytro Korchynskyi <kdl.dima@gmail.com>
 2021-09-13 13:05:41 +03:00
Felix Weilbach 8a8d488454 Add dialog to set user status 
Signed-off-by: Felix Weilbach <felix.weilbach@nextcloud.com>
 2021-09-09 11:18:22 +02:00
allexzander ba73b6d914 VFS + E2EE. Improved data alignment and unit tests for StreamingDecryptor. Refactoring and renaming for readability. 
Signed-off-by: allexzander <blackslayer4@gmail.com>
 2021-08-20 12:57:22 +00:00