server icon indicating copy to clipboard operation
server copied to clipboard
verified publisher icon nextcloud

Add fallback routines for empty secret cases

Open juliusknorr opened this issue 3 years ago • 3 comments

Make sure to keep authentication working when an instance has been setup without a secret after adding the secret manually afterwards.

  • Password auth to webdav still works
  • App password auth to webdav still works
  • Browser session keeps being active
  • PublicKeyTokens get rotated if the fallback is hit so their private key is reencrypted with the secret now

Provides a possible migration path for https://github.com/nextcloud/server/pull/31492

ToDo

  • [ ] Add migration step to update the config if possible and set a secret before the upgrade
    • [ ] secret
    • [ ] paswordsalt

juliusknorr avatar Mar 09 '22 09:03 juliusknorr

Test results when having an instance without a secret and adding one afterwards:

  • Users get logged out of their sessions in the browser
  • Reauthentication with existing password works -> password salt change is confirmed to not be an issue
  • App passwords still fail

juliusknorr avatar Mar 10 '22 10:03 juliusknorr

Retested with follow up commits:

  • [x] Password auth to webdav still works
  • [x] App password auth to webdav still works
  • [x] Browser session keeps being active
  • [x] PublicKeyTokens get rotated if the fallback is hit so their private key is reencrypted with the secret now

juliusknorr avatar Mar 10 '22 10:03 juliusknorr

Should we merge it without the migration path and just add the warning from https://github.com/nextcloud/server/pull/31492 instead?

It's better than the current state

CarlSchwan avatar Sep 13 '22 11:09 CarlSchwan

/backport to stable25

CarlSchwan avatar Oct 17 '22 14:10 CarlSchwan

Manual backport https://github.com/nextcloud/server/pull/35605

CarlSchwan avatar Dec 05 '22 14:12 CarlSchwan