With QtKeychain on Windows, storing larger keys or certs in one keychain entry causes the
following error due to limits in the Windows APIs:
Error: "Credential size exceeds maximum size of 2560"
This fix implements the new wrapper class KeychainChunk with wrapper jobs ReadJob and WriteJob
to encapsulate the QKeychain handling of ReadPasswordJob and WritePasswordJob with binaryData
but split every supplied keychain entry's data into 2048 byte chunks, on Windows only.
The wrapper is used for all keychain operations in WebFlowCredentials, except for the server password.
All finished keychain jobs now get deleted properly, to avoid memory leaks.
For reference also see previous fixes:
- https://github.com/nextcloud/desktop/pull/1389
- https://github.com/nextcloud/desktop/pull/1394
This should finally fix the re-opened issue:
- https://github.com/nextcloud/desktop/issues/863
Signed-off-by: Michael Schuster <michael@schuster.ms>
- Flow2AuthCredsPage:
- Remove .ui file and embed Flow2AuthWidget into layout
- Flow2AuthWidget:
- Make use generic for Flow2AuthCredsPage and WebFlowCredentialsDialog
- Fix _errorLabel to render HTML tags instead of dumping them as plain text
- Flow2Auth:
- Explicitly start auth with startAuth(account) instead of using constructor
- Take control of copying the auth link to clipboard
- Request a new auth link on copying, to avoid expiry invalidation
- Use signals statusChanged() and result() to be more verbose (status, errors)
- Change timer invocation and add safety bool's to avoid weird behaviour when
the user triggers multiple link-copy calls (fetchNewToken)
Signed-off-by: Michael Schuster <michael@schuster.ms>
New widget on top of the layout, based on Qt's own modern wizard header banner.
This should improve the user's perception of the dialog.
Encapsulate the existing layout into a container layout to allow the banner taking
the full width of the dialog.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Reverts back to the SettingsDialog class because of bugs and glitches with
more recent Qt versions (Qt 5.12) and with the macOS Dark Mode.
See upstream: https://github.com/owncloud/client/pull/7492
Signed-off-by: Michael Schuster <michael@schuster.ms>
- When the the users logs because of 401 or 403 errors, it checks if the
server requested the remote wipe. If yes, locally deletes account and folders
connected to the account and notify the server. If no, proceeds to ask the
user to login again.
- The app password is restored in the keychain.
- WIP: The change also includes a test class for RemoteWipe.
Signed-off-by: Camila San <hello@camila.codes>
- Implements re-auth upon logout -> login
- Improves UI and security
TODO:
- SSL: Client certificate login is possible at the first time only but missing after relaunch
Signed-off-by: Michael Schuster <michael@schuster.ms>
Instead of immediately popping up the mnemonic dialogue,
only show a notification bar on the account setup page.
For the cases where the user does not want to use E2E,
this is significantly less intrusive than the old approach.
cmake/modules/ECMAddAppIcon.cmake is heavily patched to support sidebar icons, OUTFILE_BASE parameter and to not include 64 and 64@2x icons on macOS which are not supported. All changes are made in a way that we can upstream this.
Mainly uses target_include_directories instead of include_directories
so libraries public include directory get automatically added when adding
the target in target_link_library
This commit integrates support for libcloudproviders
desktop integration API. If build with the library it
will check on startup if the DBus interface is available
and then use it instead of the legacy status icon.
Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Drop AvatarJob2
* Allow AvatarJob to retrieve different sizes and users
* Make creating a circular avatar into a function
(maybe all avatars should be made into that shape in the first place)
[Sharing] Show placeholders for avatars
Just like on the web show placeholders for avatars in the sharing dialog
[Sharing] Show avatars!
[Sharing] Show same avatar placeholder for group/federated shares as on
web
* SocketAPI has COPL_LOCAL_LINK / EMAIL_LOCAL_LINK commands
* The nautilus and dolphing shell integrations show a submenu from which
one can share as well as access the private link.
* The SocketAPI provides a new GET_STRINGS command to access localized
strings.
* The private link can also be accessed from the user/group sharing
dialog.
* The numeric file id is extracted from the full id to create the
private link url.
* Add a more functional error view #5516
* Allow filtering of ignores and warnings to see only important bits.
* Navigate from the folder view to the error view by clicking on the
error list with the red background.
* Move the error list into its own ui file to allow easier extension.
* Fix issue around tab id handling in ActivitySettings.
* Rename "Action" column to "Issue".
* Change mouse cursor to hand over button and new error list area
Several OSX fixes provided by guruz.
All our crypto code is handled by qt nodaways.
No need to carry this dependency.
Especially since it causes warnings on system where there are
twp openssl version installed:
/usr/bin/ld: warning: libcrypto.so.1.0.0, needed by /usr/lib/libQt5Network.so.5.9.0, may conflict with libcrypto.so.1.1
Shrinks owncloud binary by 24 KB and libowncloudsync by 14 KB.
I don't know if it has influence on memory usage or runtime speed though.
Was worth a try.
The re-enables the UI, uses Qt API for importing and
stores the certificate/key in the system keychain.
People who had set up client certs need to re-setup the account. This is ok
since it was an undocumented feature anyway.
- Replace functions that are provided by MinGW with a Win32-based
implementation
- Explicitly export needed symbols from ocsync.dll
- Rename share.h to sharemanager.h since the name clashes with one
of the Windows headers and get included from there
- Remove the timestamp from the fallback csync stderr logging, it's
not used since we always provide a log callback
When a conflict-rename or a temporary-rename fails, notify the
LockWatcher. It'll regularly check whether the file has become
accesible again. When it has, another sync is triggered.
owncloud/enterprise#1288
As interaction is required, the notifications are displayed in a
separate widget above the server activity list.
Note that design and also where we display the notifications can
still be discussed and changed.
Now we have 1 simple dialog that includes 2 widgets.
* ShareLinkWidget (for link shares)
* ShareUserGroupWidget (for user/group shares)
The ShareUserGroupWidget is only included if the server version is >=
8.2.0
For <8.2.0 the old behavior is preserved
