From b0050813b005b39c0cfc9eb1e592e70e9bdd95a7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20D?= Date: Sat, 16 Jan 2021 11:46:58 +0100 Subject: [PATCH 1/5] * [FIX] Fix ADS search behavior by unsseting `ACCOUNTDISABLE` flag for `UserAccountControl` property, since it prevents to throw the proper status code when authenticating against LDAP. Thanks to @t0l0 for testing. Closes #1574 * [MOD] Update dependencies * [MOD] Bump version number MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Rubén D --- composer.json | 3 +- composer.lock | 225 ++++++----------------- lib/SP/Providers/Auth/Ldap/LdapMsAds.php | 2 +- lib/SP/Services/Install/Installer.php | 4 +- 4 files changed, 63 insertions(+), 171 deletions(-) diff --git a/composer.json b/composer.json index 27db44b2..a035d44c 100644 --- a/composer.json +++ b/composer.json @@ -45,8 +45,7 @@ "phpunit/dbunit": "^3", "fzaninotto/faker": "^v1.8", "fabpot/goutte": "^v3.2.3", - "syspass/extension-installer-plugin": "dev-master", - "syspass/plugin-authenticator": "^2.1-dev", + "syspass/extension-installer-plugin": "v2.0.0", "nikic/php-parser": "^v4.1", "php-mock/php-mock-phpunit": "^2.6" }, diff --git a/composer.lock b/composer.lock index 2bb3e5a0..b2f6f5b8 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "4588647d7b59c02b13bc52697f6c43f2", + "content-hash": "418af177bceeaf4378a454a5bd49645d", "packages": [ { "name": "ademarre/binary-to-text-php", @@ -1138,16 +1138,16 @@ }, { "name": "php-di/invoker", - "version": "2.2.0", + "version": "2.3.0", "source": { "type": "git", "url": "https://github.com/PHP-DI/Invoker.git", - "reference": "e08a7c87068daeaeef464b95d81643ea530bc535" + "reference": "992fec6c56f2d1ad1ad5fee28267867c85bfb8f9" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/PHP-DI/Invoker/zipball/e08a7c87068daeaeef464b95d81643ea530bc535", - "reference": "e08a7c87068daeaeef464b95d81643ea530bc535", + "url": "https://api.github.com/repos/PHP-DI/Invoker/zipball/992fec6c56f2d1ad1ad5fee28267867c85bfb8f9", + "reference": "992fec6c56f2d1ad1ad5fee28267867c85bfb8f9", "shasum": "" }, "require": { @@ -1181,7 +1181,7 @@ ], "support": { "issues": "https://github.com/PHP-DI/Invoker/issues", - "source": "https://github.com/PHP-DI/Invoker/tree/2.2.0" + "source": "https://github.com/PHP-DI/Invoker/tree/2.3.0" }, "funding": [ { @@ -1189,7 +1189,7 @@ "type": "github" } ], - "time": "2020-10-12T12:15:50+00:00" + "time": "2021-01-15T10:25:40+00:00" }, { "name": "php-di/php-di", @@ -1691,12 +1691,12 @@ "source": { "type": "git", "url": "https://github.com/Roave/SecurityAdvisories.git", - "reference": "d5961914bf7f90e81af509b81e51450bff419815" + "reference": "0f7a0af0970ff222b7c4212e2417580e0e05b257" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/Roave/SecurityAdvisories/zipball/d5961914bf7f90e81af509b81e51450bff419815", - "reference": "d5961914bf7f90e81af509b81e51450bff419815", + "url": "https://api.github.com/repos/Roave/SecurityAdvisories/zipball/0f7a0af0970ff222b7c4212e2417580e0e05b257", + "reference": "0f7a0af0970ff222b7c4212e2417580e0e05b257", "shasum": "" }, "conflict": { @@ -1789,7 +1789,7 @@ "kitodo/presentation": "<3.1.2", "kreait/firebase-php": ">=3.2,<3.8.1", "la-haute-societe/tcpdf": "<6.2.22", - "laravel/framework": ">=4,<4.0.99|>=4.1,<=4.1.99999|>=4.2,<=4.2.99999|>=5,<=5.0.99999|>=5.1,<=5.1.99999|>=5.2,<=5.2.99999|>=5.3,<=5.3.99999|>=5.4,<=5.4.99999|>=5.5,<=5.5.49|>=5.6,<=5.6.99999|>=5.7,<=5.7.99999|>=5.8,<=5.8.99999|>=6,<6.18.34|>=7,<7.23.2", + "laravel/framework": ">=4,<4.0.99|>=4.1,<=4.1.99999|>=4.2,<=4.2.99999|>=5,<=5.0.99999|>=5.1,<=5.1.99999|>=5.2,<=5.2.99999|>=5.3,<=5.3.99999|>=5.4,<=5.4.99999|>=5.5,<=5.5.49|>=5.6,<=5.6.99999|>=5.7,<=5.7.99999|>=5.8,<=5.8.99999|>=6,<6.20.11|>=7,<7.30.2|>=8,<8.22.1", "laravel/socialite": ">=1,<1.0.99|>=2,<2.0.10", "league/commonmark": "<0.18.3", "librenms/librenms": "<1.53", @@ -1830,7 +1830,7 @@ "phpmussel/phpmussel": ">=1,<1.6", "phpmyadmin/phpmyadmin": "<4.9.6|>=5,<5.0.3", "phpoffice/phpexcel": "<1.8.2", - "phpoffice/phpspreadsheet": "<1.8", + "phpoffice/phpspreadsheet": "<1.16", "phpunit/phpunit": ">=4.8.19,<4.8.28|>=5.0.10,<5.6.3", "phpwhois/phpwhois": "<=4.2.5", "phpxmlrpc/extras": "<0.6.1", @@ -1853,8 +1853,8 @@ "scheb/two-factor-bundle": ">=0,<3.26|>=4,<4.11", "sensiolabs/connect": "<4.2.3", "serluck/phpwhois": "<=4.2.6", - "shopware/core": "<=6.3.2", - "shopware/platform": "<=6.3.2", + "shopware/core": "<=6.3.4", + "shopware/platform": "<=6.3.4", "shopware/shopware": "<5.6.9", "silverstripe/admin": ">=1.0.3,<1.0.4|>=1.1,<1.1.1", "silverstripe/assets": ">=1,<1.4.7|>=1.5,<1.5.2", @@ -2004,7 +2004,7 @@ "type": "tidelift" } ], - "time": "2020-12-08T15:02:56+00:00" + "time": "2021-01-14T09:32:54+00:00" }, { "name": "symfony/debug", @@ -2076,16 +2076,16 @@ }, { "name": "symfony/polyfill-intl-idn", - "version": "v1.20.0", + "version": "v1.22.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-intl-idn.git", - "reference": "3b75acd829741c768bc8b1f84eb33265e7cc5117" + "reference": "0eb8293dbbcd6ef6bf81404c9ce7d95bcdf34f44" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-intl-idn/zipball/3b75acd829741c768bc8b1f84eb33265e7cc5117", - "reference": "3b75acd829741c768bc8b1f84eb33265e7cc5117", + "url": "https://api.github.com/repos/symfony/polyfill-intl-idn/zipball/0eb8293dbbcd6ef6bf81404c9ce7d95bcdf34f44", + "reference": "0eb8293dbbcd6ef6bf81404c9ce7d95bcdf34f44", "shasum": "" }, "require": { @@ -2099,7 +2099,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.20-dev" + "dev-main": "1.22-dev" }, "thanks": { "name": "symfony/polyfill", @@ -2143,7 +2143,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-intl-idn/tree/v1.20.0" + "source": "https://github.com/symfony/polyfill-intl-idn/tree/v1.22.0" }, "funding": [ { @@ -2159,20 +2159,20 @@ "type": "tidelift" } ], - "time": "2020-10-23T14:02:19+00:00" + "time": "2021-01-07T16:49:33+00:00" }, { "name": "symfony/polyfill-intl-normalizer", - "version": "v1.20.0", + "version": "v1.22.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-intl-normalizer.git", - "reference": "727d1096295d807c309fb01a851577302394c897" + "reference": "6e971c891537eb617a00bb07a43d182a6915faba" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-intl-normalizer/zipball/727d1096295d807c309fb01a851577302394c897", - "reference": "727d1096295d807c309fb01a851577302394c897", + "url": "https://api.github.com/repos/symfony/polyfill-intl-normalizer/zipball/6e971c891537eb617a00bb07a43d182a6915faba", + "reference": "6e971c891537eb617a00bb07a43d182a6915faba", "shasum": "" }, "require": { @@ -2184,7 +2184,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.20-dev" + "dev-main": "1.22-dev" }, "thanks": { "name": "symfony/polyfill", @@ -2227,7 +2227,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-intl-normalizer/tree/v1.20.0" + "source": "https://github.com/symfony/polyfill-intl-normalizer/tree/v1.22.0" }, "funding": [ { @@ -2243,7 +2243,7 @@ "type": "tidelift" } ], - "time": "2020-10-23T14:02:19+00:00" + "time": "2021-01-07T17:09:11+00:00" }, { "name": "symfony/polyfill-php56", @@ -2315,16 +2315,16 @@ }, { "name": "symfony/polyfill-php72", - "version": "v1.20.0", + "version": "v1.22.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-php72.git", - "reference": "cede45fcdfabdd6043b3592e83678e42ec69e930" + "reference": "cc6e6f9b39fe8075b3dabfbaf5b5f645ae1340c9" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php72/zipball/cede45fcdfabdd6043b3592e83678e42ec69e930", - "reference": "cede45fcdfabdd6043b3592e83678e42ec69e930", + "url": "https://api.github.com/repos/symfony/polyfill-php72/zipball/cc6e6f9b39fe8075b3dabfbaf5b5f645ae1340c9", + "reference": "cc6e6f9b39fe8075b3dabfbaf5b5f645ae1340c9", "shasum": "" }, "require": { @@ -2333,7 +2333,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.20-dev" + "dev-main": "1.22-dev" }, "thanks": { "name": "symfony/polyfill", @@ -2371,7 +2371,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-php72/tree/v1.20.0" + "source": "https://github.com/symfony/polyfill-php72/tree/v1.22.0" }, "funding": [ { @@ -2387,60 +2387,10 @@ "type": "tidelift" } ], - "time": "2020-10-23T14:02:19+00:00" + "time": "2021-01-07T16:49:33+00:00" } ], "packages-dev": [ - { - "name": "bacon/bacon-qr-code", - "version": "1.0.3", - "source": { - "type": "git", - "url": "https://github.com/Bacon/BaconQrCode.git", - "reference": "5a91b62b9d37cee635bbf8d553f4546057250bee" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/Bacon/BaconQrCode/zipball/5a91b62b9d37cee635bbf8d553f4546057250bee", - "reference": "5a91b62b9d37cee635bbf8d553f4546057250bee", - "shasum": "" - }, - "require": { - "ext-iconv": "*", - "php": "^5.4|^7.0" - }, - "require-dev": { - "phpunit/phpunit": "^4.8" - }, - "suggest": { - "ext-gd": "to generate QR code images" - }, - "type": "library", - "autoload": { - "psr-0": { - "BaconQrCode": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-2-Clause" - ], - "authors": [ - { - "name": "Ben Scholzen 'DASPRiD'", - "email": "mail@dasprids.de", - "homepage": "http://www.dasprids.de", - "role": "Developer" - } - ], - "description": "BaconQrCode is a QR code generator for PHP.", - "homepage": "https://github.com/Bacon/BaconQrCode", - "support": { - "issues": "https://github.com/Bacon/BaconQrCode/issues", - "source": "https://github.com/Bacon/BaconQrCode/tree/master" - }, - "time": "2017-10-17T09:59:25+00:00" - }, { "name": "doctrine/instantiator", "version": "1.4.0", @@ -4532,16 +4482,16 @@ }, { "name": "symfony/polyfill-ctype", - "version": "v1.20.0", + "version": "v1.22.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-ctype.git", - "reference": "f4ba089a5b6366e453971d3aad5fe8e897b37f41" + "reference": "c6c942b1ac76c82448322025e084cadc56048b4e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/f4ba089a5b6366e453971d3aad5fe8e897b37f41", - "reference": "f4ba089a5b6366e453971d3aad5fe8e897b37f41", + "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/c6c942b1ac76c82448322025e084cadc56048b4e", + "reference": "c6c942b1ac76c82448322025e084cadc56048b4e", "shasum": "" }, "require": { @@ -4553,7 +4503,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.20-dev" + "dev-main": "1.22-dev" }, "thanks": { "name": "symfony/polyfill", @@ -4591,7 +4541,7 @@ "portable" ], "support": { - "source": "https://github.com/symfony/polyfill-ctype/tree/v1.20.0" + "source": "https://github.com/symfony/polyfill-ctype/tree/v1.22.0" }, "funding": [ { @@ -4607,20 +4557,20 @@ "type": "tidelift" } ], - "time": "2020-10-23T14:02:19+00:00" + "time": "2021-01-07T16:49:33+00:00" }, { "name": "symfony/polyfill-mbstring", - "version": "v1.20.0", + "version": "v1.22.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-mbstring.git", - "reference": "39d483bdf39be819deabf04ec872eb0b2410b531" + "reference": "f377a3dd1fde44d37b9831d68dc8dea3ffd28e13" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/39d483bdf39be819deabf04ec872eb0b2410b531", - "reference": "39d483bdf39be819deabf04ec872eb0b2410b531", + "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/f377a3dd1fde44d37b9831d68dc8dea3ffd28e13", + "reference": "f377a3dd1fde44d37b9831d68dc8dea3ffd28e13", "shasum": "" }, "require": { @@ -4632,7 +4582,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.20-dev" + "dev-main": "1.22-dev" }, "thanks": { "name": "symfony/polyfill", @@ -4671,7 +4621,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.20.0" + "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.22.0" }, "funding": [ { @@ -4687,20 +4637,20 @@ "type": "tidelift" } ], - "time": "2020-10-23T14:02:19+00:00" + "time": "2021-01-07T16:49:33+00:00" }, { "name": "symfony/polyfill-php80", - "version": "v1.20.0", + "version": "v1.22.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-php80.git", - "reference": "e70aa8b064c5b72d3df2abd5ab1e90464ad009de" + "reference": "dc3063ba22c2a1fd2f45ed856374d79114998f91" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/e70aa8b064c5b72d3df2abd5ab1e90464ad009de", - "reference": "e70aa8b064c5b72d3df2abd5ab1e90464ad009de", + "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/dc3063ba22c2a1fd2f45ed856374d79114998f91", + "reference": "dc3063ba22c2a1fd2f45ed856374d79114998f91", "shasum": "" }, "require": { @@ -4709,7 +4659,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.20-dev" + "dev-main": "1.22-dev" }, "thanks": { "name": "symfony/polyfill", @@ -4754,7 +4704,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-php80/tree/v1.20.0" + "source": "https://github.com/symfony/polyfill-php80/tree/v1.22.0" }, "funding": [ { @@ -4770,7 +4720,7 @@ "type": "tidelift" } ], - "time": "2020-10-23T14:02:19+00:00" + "time": "2021-01-07T16:49:33+00:00" }, { "name": "symfony/yaml", @@ -4845,7 +4795,7 @@ }, { "name": "syspass/extension-installer-plugin", - "version": "dev-master", + "version": "v2.0.0", "source": { "type": "git", "url": "https://github.com/sysPass/composer-plugin-installer.git", @@ -4863,7 +4813,6 @@ "require-dev": { "composer/composer": "^2.0" }, - "default-branch": true, "type": "composer-plugin", "extra": { "class": "SP\\Composer\\ExtensionInstallerPlugin" @@ -4883,60 +4832,6 @@ }, "time": "2020-12-08T08:15:22+00:00" }, - { - "name": "syspass/plugin-authenticator", - "version": "v2.1.x-dev", - "source": { - "type": "git", - "url": "https://github.com/sysPass/plugin-Authenticator.git", - "reference": "a9a5c264fce13960267f0d87518456b671530c8b" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sysPass/plugin-Authenticator/zipball/a9a5c264fce13960267f0d87518456b671530c8b", - "reference": "a9a5c264fce13960267f0d87518456b671530c8b", - "shasum": "" - }, - "require": { - "bacon/bacon-qr-code": "^1.0", - "ext-gettext": "*", - "php": "~7.0 || ~7.1 || ~7.2", - "syspass/extension-installer-plugin": "*" - }, - "type": "syspass-plugin", - "extra": { - "type": "web" - }, - "autoload": { - "psr-4": { - "SP\\Modules\\Web\\Plugins\\Authenticator\\": "src/lib/" - }, - "classmap": [ - "src/lib/Controllers/AuthenticatorController.php", - "src/lib/Controllers/AuthenticatorLoginController.php" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "GPL-3.0" - ], - "authors": [ - { - "name": "Rubén Domínguez", - "email": "nuxsmin@syspass.org", - "homepage": "https://syspass.org/", - "role": "Author/Developer" - } - ], - "description": "2FA authentication plugin for sysPass based on TOTP algorithm (RFC 6238)", - "homepage": "https://syspass.org", - "support": { - "docs": "https://doc.syspass.org", - "issues": "https://github.com/nuxsmin/sysPass/issues", - "source": "https://github.com/nuxsmin/sysPass-Authenticator" - }, - "time": "2019-12-21T11:52:31+00:00" - }, { "name": "theseer/tokenizer", "version": "1.2.0", @@ -5045,9 +4940,7 @@ "minimum-stability": "stable", "stability-flags": { "roave/security-advisories": 20, - "ademarre/binary-to-text-php": 20, - "syspass/extension-installer-plugin": 20, - "syspass/plugin-authenticator": 20 + "ademarre/binary-to-text-php": 20 }, "prefer-stable": false, "prefer-lowest": false, diff --git a/lib/SP/Providers/Auth/Ldap/LdapMsAds.php b/lib/SP/Providers/Auth/Ldap/LdapMsAds.php index 2778055e..44f10ed5 100644 --- a/lib/SP/Providers/Auth/Ldap/LdapMsAds.php +++ b/lib/SP/Providers/Auth/Ldap/LdapMsAds.php @@ -38,7 +38,7 @@ use SP\Http\Address; */ final class LdapMsAds extends Ldap { - const FILTER_USER_OBJECT = '(&(!(UserAccountControl:1.2.840.113556.1.4.804:=34))(|(objectCategory=person)(objectClass=user)))'; + const FILTER_USER_OBJECT = '(&(!(UserAccountControl:1.2.840.113556.1.4.804:=30))(|(objectCategory=person)(objectClass=user)))'; const FILTER_GROUP_OBJECT = '(objectCategory=group)'; const FILTER_USER_ATTRIBUTES = ['samaccountname', 'cn', 'uid', 'userPrincipalName']; const FILTER_GROUP_ATTRIBUTES = ['memberOf', 'groupMembership', 'memberof:1.2.840.113556.1.4.1941:']; diff --git a/lib/SP/Services/Install/Installer.php b/lib/SP/Services/Install/Installer.php index 730eeb77..f0fd627d 100644 --- a/lib/SP/Services/Install/Installer.php +++ b/lib/SP/Services/Install/Installer.php @@ -60,9 +60,9 @@ final class Installer extends Service /** * sysPass' version and build number */ - const VERSION = [3, 2, 0]; + const VERSION = [3, 2, 1]; const VERSION_TEXT = '3.2'; - const BUILD = 20122001; + const BUILD = 21011601; /** * @var DatabaseSetupInterface From 728ec832f385a58768ac9fc473fb0c29dee381af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20D?= Date: Sat, 16 Jan 2021 12:13:25 +0100 Subject: [PATCH 2/5] * [FIX] Fix ADS search behavior by unsseting `ACCOUNTDISABLE` flag for `UserAccountControl` property, since it prevents to throw the proper status code when authenticating against LDAP. Thanks to @t0l0 for testing. Closes #1574 * [MOD] Update dependencies * [MOD] Bump version number MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Rubén D --- lib/SP/Providers/Auth/Ldap/LdapMsAds.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/SP/Providers/Auth/Ldap/LdapMsAds.php b/lib/SP/Providers/Auth/Ldap/LdapMsAds.php index 44f10ed5..c9c43b32 100644 --- a/lib/SP/Providers/Auth/Ldap/LdapMsAds.php +++ b/lib/SP/Providers/Auth/Ldap/LdapMsAds.php @@ -38,7 +38,7 @@ use SP\Http\Address; */ final class LdapMsAds extends Ldap { - const FILTER_USER_OBJECT = '(&(!(UserAccountControl:1.2.840.113556.1.4.804:=30))(|(objectCategory=person)(objectClass=user)))'; + const FILTER_USER_OBJECT = '(&(!(UserAccountControl:1.2.840.113556.1.4.804:=32))(|(objectCategory=person)(objectClass=user)))'; const FILTER_GROUP_OBJECT = '(objectCategory=group)'; const FILTER_USER_ATTRIBUTES = ['samaccountname', 'cn', 'uid', 'userPrincipalName']; const FILTER_GROUP_ATTRIBUTES = ['memberOf', 'groupMembership', 'memberof:1.2.840.113556.1.4.1941:']; From 3b189aa5e6eed633e899b0f06ed89a7b7d9fa8b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20D?= Date: Sat, 13 Mar 2021 10:37:41 +0100 Subject: [PATCH 3/5] * [FIX] HTTP_X_FORWARDED_FOR header wasn't parsed. Thanks to @jlegido for the feedback. Closes #1653 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Rubén D --- lib/SP/Http/Request.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/lib/SP/Http/Request.php b/lib/SP/Http/Request.php index 0be280c4..2ce3eea8 100644 --- a/lib/SP/Http/Request.php +++ b/lib/SP/Http/Request.php @@ -171,8 +171,10 @@ final class Request $forwarded = $this->headers->get('HTTP_FORWARDED'); if ($forwarded !== null && - preg_match_all('/(?:for=([\w.:]+))|(?:for="\[([\w.:]+)\]")/i', - $forwarded, $matches) + preg_match_all( + '/(?:for=([\w.:]+))|(?:for="\[([\w.:]+)\]")/i', + $forwarded, + $matches) ) { return array_filter(array_merge($matches[1], $matches[2]), function ($value) { return !empty($value); @@ -180,7 +182,7 @@ final class Request } // eg: X-Forwarded-For: 192.0.2.43, 2001:db8:cafe::17 - $xForwarded = $this->headers->exists('HTTP_X_FORWARDED_FOR'); + $xForwarded = $this->headers->get('HTTP_X_FORWARDED_FOR'); if ($xForwarded !== null) { $matches = preg_split('/(?<=[\w])+,\s?/i', From 6e72067b6b808c4a8e03dee1334d9695d806bc45 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20D?= Date: Sun, 17 Jan 2021 15:11:47 +0100 Subject: [PATCH 4/5] * [FIX] Prevent random password generator to crash when chars are skipped. Thanks to @blabllavita . Closes #1641 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Rubén D --- public/js/app-util.js | 4 +++- public/js/app-util.min.js | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/public/js/app-util.js b/public/js/app-util.js index 826458d4..da08c7ac 100644 --- a/public/js/app-util.js +++ b/public/js/app-util.js @@ -444,7 +444,9 @@ sysPass.Util = function (log) { } } - if (password.config.complexity.uppercase) { + if (password.config.complexity.chars + && password.config.complexity.uppercase + ) { const chars = password.config.charset.char.toUpperCase(); const res = inPassArray.some( function (el) { diff --git a/public/js/app-util.min.js b/public/js/app-util.min.js index 87ecd260..eb29418d 100644 --- a/public/js/app-util.min.js +++ b/public/js/app-util.min.js @@ -7,7 +7,7 @@ $jscomp.iteratorPrototype=function(a){$jscomp.initSymbolIterator();a={next:a};a[ $jscomp.polyfill("Array.prototype.keys",function(a){return a?a:function(){return $jscomp.iteratorFromArray(this,function(a){return a})}},"es6","es3"); sysPass.Util=function(a){var d={config:{passLength:0,minPasswordLength:12,complexity:{chars:!0,numbers:!0,symbols:!0,uppercase:!0,numlength:12},charset:{special:"!\"\\\u00b7@|#$~%&/()=?'\u00bf\u00a1^*[]\u00b7;,_-{}<>",number:"1234567890",char:"abcdefghijklmnopqrstuvwxyz"}},random:function(b){a.info("password:random");var c="";this.config.complexity.symbols&&(c+=this.config.charset.special);this.config.complexity.numbers&&(c+=this.config.charset.number);this.config.complexity.chars&&(c+=this.config.charset.char, this.config.complexity.uppercase&&(c+=this.config.charset.char.toUpperCase()));var f=function(){for(var a="",b=0;b++").html(a).text()},resizeImage:function(a){var b=.9*$(window).width(),d=.9*$(window).height(),e={width:a.width(),height:a.height()},g={calc:0,main:0,secondary:0,factor:.9,rel:e.width/e.height},h=function(a){a.main>a.secondary?a.calc=a.main/a.rel:a.maina.secondary&&(a.main*=a.factor,h(a));return a},k=function(){g.main=b;g.secondary=d;var c=h(g);a.css({width:c.main, From 861ce46e8a8269789ec7ee6e6628ca807bfc9c60 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20D?= Date: Sat, 13 Mar 2021 11:45:25 +0100 Subject: [PATCH 5/5] * [MOD] Bump version number MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Rubén D --- lib/SP/Services/Install/Installer.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/SP/Services/Install/Installer.php b/lib/SP/Services/Install/Installer.php index f0fd627d..4384b4a8 100644 --- a/lib/SP/Services/Install/Installer.php +++ b/lib/SP/Services/Install/Installer.php @@ -60,9 +60,9 @@ final class Installer extends Service /** * sysPass' version and build number */ - const VERSION = [3, 2, 1]; + const VERSION = [3, 2, 2]; const VERSION_TEXT = '3.2'; - const BUILD = 21011601; + const BUILD = 21031301; /** * @var DatabaseSetupInterface