Created attachment 199282 [details]
I've created n update to nextcloudclient to recently released 2.5.0.
Unluckily this version strictly requires OpenSSL 1.1.0. This means it can work only on 12.0 and up or 11.2 with openssl installed from ports.
Due to this I'm just proposing this patch but at present I will not commit it even in case of timeout, since I think the maintainer should choose how to deal with this.
While updating it I made a few minor changes to please portlint.
I also changed the way DEBUG is manged. It's preferred not to expose it as an option, but to conditionally enable required flags when WITH_DEBUG is enabled.
BTW there is no compatibility layer anymore between WITH_DEBUG and the DEBUG option, so to get proper debugging code (not stripped) it is required to have extra logic anyway.
Created attachment 199387 [details]
Patch including upstream fix
I've updated the patch to include this upstream commit:
It stops the client from flooding the server for "activity" request if the plugin is disabled and also in some other cases.
Created attachment 199486 [details]
Further upstream fix included
New patch including further upstream fix for a flood/CPU hog problem.
I'm currently trying to test the 2.5.0 version.
After upgrading my notebook to stable/12 I'm having troubles to use
Trying to conntect to https://<myserver>/ I get an error:
Error creating SSL Context ()...
Maybe its related that on the nextcloud server I'm using self-signed Cert's
but the RootCA ind the intermediadCA certs got added to the system-wide cert
How did you test?
I'm actually using it on my machines with my nextcloud server(which is a VM rented in the cloud). Although I have letencrypt provided certificates there.
In the past, when I was still using owncloud, I had certs created by a custom CA and I remember owncloud client asking me if I trusted the cert.
Since the client is leveraging gnome-keyring for authentication, maybe that's where it also offloads certificate verification? Otherwise I'd suspect there is a problem with functionality to accept untrusted certs.
I'm not completely sure the nextcloud desktop client checks the store in /usr/local/share/certs/ca-root-nss.crt.
BTW I'm keeping my store in /usr/local/etc/ssl/cert.pem, concatenating the ones from /usr/local/share/certs/ca-root-nss.crt and my own ones. I think that's the actual global storage, but I can't remember the details.
Created attachment 199969 [details]
Update to 2.5.1
Version 2.5.1 was released. It includes fixes I merged as patches.