Commit graph

41 commits

Author SHA1 Message Date
Kevin Ottens
2f8c29082a Enable the modernize-use-equals-default check on clang-tidy
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
2020-08-13 14:19:42 +02:00
Michael Schuster
f4d83d02f6
Cleanup auto pointers and qobject casts, refactor KeychainChunk
Signed-off-by: Michael Schuster <michael@schuster.ms>
2020-07-06 21:51:40 +02:00
Michael Schuster
8503226c44
Keychain: Use auto deletion in WebFlowCredentials and ConfigFile
- Also make use of the new KeychainChunk::DeleteJob

Signed-off-by: Michael Schuster <michael@schuster.ms>
2020-07-06 21:51:40 +02:00
Michael Schuster
81c644e702
ConfigFile security: Migrate Proxy password to keychain
When specified in the config file, the Proxy password will be migrated
to the keychain, for backward compatibility and to allow admins to
overwrite an existing password by rolling out updated config files.

Once migrated to the keychain, the password will be removed from the
config file.

Signed-off-by: Michael Schuster <michael@schuster.ms>
2020-07-06 21:51:39 +02:00
Michael Schuster
2a3ef044be
Move KeychainChunk class from gui to libsync
Signed-off-by: Michael Schuster <michael@schuster.ms>
2020-07-06 21:51:39 +02:00
Michael Schuster
203a2ce003
Move QKeychain::NoBackendAvailable error handling to KeychainChunk class
Originally this was in the WebFlowCredentials class. Since we've abstracted everything
from there already, let's also move this in case some other code may use
KeychainChunk::ReadJob prior to WebFlowCredentials.

Signed-off-by: Michael Schuster <michael@schuster.ms>
2020-07-06 21:51:36 +02:00
Kevin Ottens
53c31f5fed Make sure all our logging categories start with nextcloud.
Otherwise it was a bit confusing and annoying for filter rules:
e.g. "nextcloud.sync.*" vs "sync.*".

Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
2020-07-01 15:39:52 +02:00
Kevin Ottens
e3e262e42e Use default member init when applicable
This also fixes a couple of warnings at places (out of order init for
instance) and a potential bug in the webflow credentials / qtkeychain
integration.

Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
2020-06-03 16:10:39 +02:00
Kevin Ottens
712869db9a Use auto to avoiding repeating type names
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
2020-05-20 03:54:41 +02:00
Michael Schuster
ab1099f13e
WebFlowCredentials: Make username comparison case-insensitive (fix #1741)
Fixes issue #1741

Signed-off-by: Michael Schuster <michael@schuster.ms>
2020-03-03 06:01:27 +01:00
Michael Schuster
9b034a2eb0 Heavy refactoring: Windows workaround for >= 4k (4096 bit) client-cert SSL keys and large certs
With QtKeychain on Windows, storing larger keys or certs in one keychain entry causes the
following error due to limits in the Windows APIs:
    Error: "Credential size exceeds maximum size of 2560"

This fix implements the new wrapper class KeychainChunk with wrapper jobs ReadJob and WriteJob
to encapsulate the QKeychain handling of ReadPasswordJob and WritePasswordJob with binaryData
but split every supplied keychain entry's data into 2048 byte chunks, on Windows only.

The wrapper is used for all keychain operations in WebFlowCredentials, except for the server password.

All finished keychain jobs now get deleted properly, to avoid memory leaks.

For reference also see previous fixes:
- https://github.com/nextcloud/desktop/pull/1389
- https://github.com/nextcloud/desktop/pull/1394

This should finally fix the re-opened issue:
- https://github.com/nextcloud/desktop/issues/863

Signed-off-by: Michael Schuster <michael@schuster.ms>
2019-12-24 07:47:35 +01:00
Michael Schuster
0bcac1882a Make WebFlowCredentialsDialog cancellation- and deletion-safe
- Add new signal to let WebFlowCredentials know and emit asked() to also
  tell AccountState that the user won't authenticate, and triggering
  log-out state in the settings window.

- Use deleteLater() to safely delete WebFlowCredentialsDialog, so
  that Qt can free it at the right time and without crashes.
  Do the same with it's _webView and _flow2AuthWidget on closeEvent().

Signed-off-by: Michael Schuster <michael@schuster.ms>
2019-12-24 07:46:57 +01:00
Michael Schuster
5869b93acb Fix deleteKeychainEntries: Stay consistent with job->setInsecureFallback(false)
We never fall back to the insecure variant in the whole codebase, so don't do it here.

Signed-off-by: Michael Schuster <michael@schuster.ms>
2019-12-08 02:47:22 +01:00
Michael Schuster
b15eb27aa9 Fix Windows key-chunk deletion (too paranoid)
Clear the key chunk buffer, but don't set _clientSslKeyChunkCount to zero because we need it later for deleteKeychainEntries

Signed-off-by: Michael Schuster <michael@schuster.ms>
2019-12-08 02:47:22 +01:00
Michael Schuster
336b64a569 Fix member variable name from last refactoring (Windows code)
Signed-off-by: Michael Schuster <michael@schuster.ms>
2019-12-08 02:47:22 +01:00
Michael Schuster
0c5f4a1525 Remote Wipe: Implement hack to allow deleting all keychain entries (SSL certs & keys)
Client SSL certificates and keys cannot be deleted at this time because there is
no UI for selecting them on re-login.

We introduce this dirty hack here, to allow deleting them upon Remote Wipe.

Signed-off-by: Michael Schuster <michael@schuster.ms>
2019-12-08 02:47:22 +01:00
Michael Schuster
6ef9f3cc26 Refactoring: Windows workaround for >= 4k (4096 bit) client-cert SSL keys
WebFlowCredentials:
- Remove _clientSslCaKeyWriteQueue and simply use _clientSslKeyChunkBufferPEM
- Store key's sub-chunks in slots with "." (dot) suffix
- Implement deletion of the key chunks in WebFlowCredentials::deleteKeychainEntries
- Remove spaces in log messages
- Improve code readability

Signed-off-by: Michael Schuster <michael@schuster.ms>
2019-12-08 02:47:22 +01:00
Michael Schuster
72be80cbd9 Windows: Workaround for storing >= 4k (4096 bit) client-cert SSL keys
With QtKeychain on Windows, storing larger keys in one keychain entry causes the
following error due to limits in the Windows APIs:
  Error: "Credential size exceeds maximum size of 2560"

To avoid overhead on the other platforms and balance code duplication, this
approach puts some read- and write-parts into Windows-only defines.

For reference also see previous fixes:
- https://github.com/nextcloud/desktop/pull/1389
- https://github.com/nextcloud/desktop/pull/1394

This (again) fixes the re-opened issue:
- https://github.com/nextcloud/desktop/issues/863

Signed-off-by: Michael Schuster <michael@schuster.ms>
2019-12-08 02:47:22 +01:00
Michael Schuster
877fd7abb9 Fall back to old login flow on GS as this is not yet ready (#2: re-auth)
This commit ensures that the check also occurs on re-authorization in case
the user gets logged out.

See: https://github.com/nextcloud/desktop/pull/1644

Signed-off-by: Michael Schuster <michael@schuster.ms>
2019-12-06 21:03:01 +01:00
Michael Schuster
dcc84d3508 Fix remote wipe keychain storage (issue #1592)
The app password for the remote wipe was constantly being written in
WebFlowCredentials::slotFinished to the keychain, leading to unnecessary
write and log overhead on the system.

This fix introduces a check to only store the app password once in
a lifetime of the Account class. Also the method used to store the
password will be renamed from setAppPassword to writeAppPasswordOnce
to be more expressive.

Signed-off-by: Michael Schuster <michael@schuster.ms>
2019-11-29 13:53:52 +01:00
Camila San
19491ff85f
Once client gets 401/403 from the server, check if remote wipe was requested.
- When the the users logs because of 401 or 403 errors, it checks if the
server requested the remote wipe. If yes, locally deletes account and folders
connected to the account and notify the server. If no, proceeds to ask the
user to login again.
- The app password is restored in the keychain.
- WIP: The change also includes a test class for RemoteWipe.

Signed-off-by: Camila San <hello@camila.codes>
2019-10-17 20:11:31 +02:00
Dominique Fuchs
f08cc08eb2 Prevented warning regarding operator precedence - enhanced clarity by adding parentheses
Signed-off-by: Dominique Fuchs <32204802+DominiqueFuchs@users.noreply.github.com>
2019-09-09 19:23:36 +02:00
Dominique Fuchs
e3685b951c removed reduntant /* within a comment
Signed-off-by: Dominique Fuchs <32204802+DominiqueFuchs@users.noreply.github.com>
2019-09-09 19:23:35 +02:00
Michael Schuster
61884d1ada
fix indents, add comment
Signed-off-by: Michael Schuster <michael@schuster.ms>
2019-08-30 05:35:36 +02:00
Michael Schuster
b52292db92
Windows: Workaround for CredWriteW used by QtKeychain
Saving all client CA's within one credential may result in:
  Error: "Credential size exceeds maximum size of 2560"

Client CA certificates are now being stored in separate slots
within the keychain and are being processed by a queue mechanism.

IMPORTANT TODO:
forgetSensitiveData(): Invoked by "Log out" & "Remove account"

- Remove client CA certs and KEY!
  (uncomment "//deleteKeychainEntries();" )

  Disabled as long as selecting another cert is not supported by the UI.

Signed-off-by: Michael Schuster <michael@schuster.ms>
2019-08-30 04:56:01 +02:00
Roeland Jago Douma
d584bedcb6
Also store the CACertificates of the client side certificate
Else authentication will still fail in setups that have a chain of
certificates supplied.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-27 09:55:41 +02:00
Michael Schuster
dbde585049
Adds SSL client cert storage to webflow + Login Flow v2
The previous commit 50cd6af394 - Build a webflowcredentials
changed:

src/gui/wizard/flow2authcredspage.cpp in line 135 to use WebFlowCredentials
instead of HttpCredentials.
But the WebFlowCredentials class didn't include code to store and load SSL client
certificates and keys from the keychain.

This commit migrates the useful stuff from the old HttpCredentials class
into WebFlowCredentials.

Successfully tested on Windows. Please test on other systems and verify it's safe! :)

Signed-off-by: Michael Schuster <michael@schuster.ms>
2019-08-27 03:32:21 +02:00
Michael Schuster
fd8345ccbe
Login Flow V2: adds re-auth upon logout, improvements
- Implements re-auth upon logout -> login
- Improves UI and security

TODO:
- SSL: Client certificate login is possible at the first time only but missing after relaunch

Signed-off-by: Michael Schuster <michael@schuster.ms>
2019-08-26 20:03:15 +02:00
Michael Schuster
628bab92c4
fix comment typo in webflowcredentials.cpp
Signed-off-by: Michael Schuster <michael@schuster.ms>
2019-08-26 20:03:15 +02:00
Terence Eden
e64fa74899
Typo
There's no such thing as a "key*h*chain".
2019-04-28 10:03:38 +01:00
Roeland Jago Douma
bb2f179342
Be less verbose with logging
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-15 20:23:24 +01:00
J-P Nurmi
fff64e8aa5 GUI: search'n'replace remaining "Q_DECL_OVERRIDE" with "override" 2018-11-11 11:12:37 +01:00
J-P Nurmi
fb5ff96ed6 GUI: run clang-tidy modernize-use-nullptr 2018-11-11 10:56:22 +01:00
Roeland Jago Douma
045bba0161
Migrate http auth to webflow
This moves all the basic http auth over to the webflow mechanism.
This thus also makes sure that if the password changes a webflow page
pops up. And thus will directly move them over to apptokens then.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-03 12:37:53 +01:00
Roeland Jago Douma
9f1f99f4db
Add a WebFlowCredentialsAccessManager
Fixes #279

Some setups don't make Qt emit the right signals and the client would
end up in state where it could not do the initial authentications.
This is a similar hack that apparently already was is place for basic
http auth.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-04 20:59:25 +02:00
Roeland Jago Douma
08abc71acb
gui Q_UNUSED
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-07-02 13:02:15 +02:00
Roeland Jago Douma
ef2d113930
Mark credentials as valid if there is no error
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-02 22:50:48 +02:00
Roeland Jago Douma
35e8d0437d
Address comments
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-02 22:50:48 +02:00
Roeland Jago Douma
6809f12e68
Allow the user to sign in again
If the user is signed out (for whatever reason). Show a popup
with the loginflow again.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-02 22:50:48 +02:00
Roeland Jago Douma
ac1664b525
Actually use webflow credentails
* Detect invalid auth (if the users token is removed for example)
* Properly store and fetch from keychain

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-02 22:50:48 +02:00
Roeland Jago Douma
6b43d80c01
Start with persisting credentials
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-02 22:50:48 +02:00