Client SSL certificates and keys cannot be deleted at this time because there is
no UI for selecting them on re-login.
We introduce this dirty hack here, to allow deleting them upon Remote Wipe.
Signed-off-by: Michael Schuster <michael@schuster.ms>
WebFlowCredentials:
- Remove _clientSslCaKeyWriteQueue and simply use _clientSslKeyChunkBufferPEM
- Store key's sub-chunks in slots with "." (dot) suffix
- Implement deletion of the key chunks in WebFlowCredentials::deleteKeychainEntries
- Remove spaces in log messages
- Improve code readability
Signed-off-by: Michael Schuster <michael@schuster.ms>
With QtKeychain on Windows, storing larger keys in one keychain entry causes the
following error due to limits in the Windows APIs:
Error: "Credential size exceeds maximum size of 2560"
To avoid overhead on the other platforms and balance code duplication, this
approach puts some read- and write-parts into Windows-only defines.
For reference also see previous fixes:
- https://github.com/nextcloud/desktop/pull/1389
- https://github.com/nextcloud/desktop/pull/1394
This (again) fixes the re-opened issue:
- https://github.com/nextcloud/desktop/issues/863
Signed-off-by: Michael Schuster <michael@schuster.ms>
This commit ensures that the check also occurs on re-authorization in case
the user gets logged out.
See: https://github.com/nextcloud/desktop/pull/1644
Signed-off-by: Michael Schuster <michael@schuster.ms>
There is no need to call toMSecsSinceEpoch() as QDateTime implements an
comparison operator itself. This is more efficient, because the
QDateTime comparison operator doesn't call localtime() in all cases. Thus, we
don't read /etc/localtime for every comparison. This improves
performance in some cases.
Signed-off-by: David Kahles <david.kahles96@gmail.com>
The app password for the remote wipe was constantly being written in
WebFlowCredentials::slotFinished to the keychain, leading to unnecessary
write and log overhead on the system.
This fix introduces a check to only store the app password once in
a lifetime of the Account class. Also the method used to store the
password will be renamed from setAppPassword to writeAppPasswordOnce
to be more expressive.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Provide a download link to the new version instead of the confusing message that
users should use their "system's update tool to install it".
Signed-off-by: Michael Schuster <michael@schuster.ms>
- When the the users logs because of 401 or 403 errors, it checks if the
server requested the remote wipe. If yes, locally deletes account and folders
connected to the account and notify the server. If no, proceeds to ask the
user to login again.
- The app password is restored in the keychain.
- WIP: The change also includes a test class for RemoteWipe.
Signed-off-by: Camila San <hello@camila.codes>
The webserver lighttpd rejected POST requests without a Content-length
header with "411 Length Required".
See: https://github.com/nextcloud/desktop/issues/1473
Signed-off-by: Michael Schuster <michael@schuster.ms>
Sets the target version from "15" to "latest" and removes
"index.html" because this could get obsolete in the future too.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Instead of adding the "Apps" menu after the apps are fetched, add it
from the start (together with other actions) but in a disabled state,
and enable it after the apps data is ready.
Signed-off-by: Sergey Zolotarev <sryze@protonmail.com>
This reverts commit 8f616969ab.
Turns out that with the upgrade to the new released Qt 5.12.5 the issue
has been solved by the Qt developers, so this fix becomes obsolete.
Signed-off-by: Michael Schuster <michael@schuster.ms>
