diff --git a/apps/oauth2/appinfo/info.xml b/apps/oauth2/appinfo/info.xml
index c9a2d46045004..a9247099988a0 100644
--- a/apps/oauth2/appinfo/info.xml
+++ b/apps/oauth2/appinfo/info.xml
@@ -5,7 +5,7 @@
OAuth 2.0
Allows OAuth2 compatible authentication from other web applications.
The OAuth2 app allows administrators to configure the built-in authentication workflow to also allow OAuth2 compatible authentication from other web applications.
- 1.14.0
+ 1.14.1
agpl
Lukas Reschke
OAuth2
diff --git a/apps/oauth2/composer/composer/LICENSE b/apps/oauth2/composer/composer/LICENSE
index f27399a042d95..62ecfd8d0046b 100644
--- a/apps/oauth2/composer/composer/LICENSE
+++ b/apps/oauth2/composer/composer/LICENSE
@@ -1,4 +1,3 @@
-
Copyright (c) Nils Adermann, Jordi Boggiano
Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -18,4 +17,3 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
-
diff --git a/apps/oauth2/composer/composer/autoload_classmap.php b/apps/oauth2/composer/composer/autoload_classmap.php
index d760d7cd57929..09cacb20335f9 100644
--- a/apps/oauth2/composer/composer/autoload_classmap.php
+++ b/apps/oauth2/composer/composer/autoload_classmap.php
@@ -19,5 +19,6 @@
'OCA\\OAuth2\\Migration\\SetTokenExpiration' => $baseDir . '/../lib/Migration/SetTokenExpiration.php',
'OCA\\OAuth2\\Migration\\Version010401Date20181207190718' => $baseDir . '/../lib/Migration/Version010401Date20181207190718.php',
'OCA\\OAuth2\\Migration\\Version010402Date20190107124745' => $baseDir . '/../lib/Migration/Version010402Date20190107124745.php',
+ 'OCA\\OAuth2\\Migration\\Version011601Date20230522143227' => $baseDir . '/../lib/Migration/Version011601Date20230522143227.php',
'OCA\\OAuth2\\Settings\\Admin' => $baseDir . '/../lib/Settings/Admin.php',
);
diff --git a/apps/oauth2/composer/composer/autoload_static.php b/apps/oauth2/composer/composer/autoload_static.php
index c8f3a388c786f..1442093e32fb9 100644
--- a/apps/oauth2/composer/composer/autoload_static.php
+++ b/apps/oauth2/composer/composer/autoload_static.php
@@ -34,6 +34,7 @@ class ComposerStaticInitOAuth2
'OCA\\OAuth2\\Migration\\SetTokenExpiration' => __DIR__ . '/..' . '/../lib/Migration/SetTokenExpiration.php',
'OCA\\OAuth2\\Migration\\Version010401Date20181207190718' => __DIR__ . '/..' . '/../lib/Migration/Version010401Date20181207190718.php',
'OCA\\OAuth2\\Migration\\Version010402Date20190107124745' => __DIR__ . '/..' . '/../lib/Migration/Version010402Date20190107124745.php',
+ 'OCA\\OAuth2\\Migration\\Version011601Date20230522143227' => __DIR__ . '/..' . '/../lib/Migration/Version011601Date20230522143227.php',
'OCA\\OAuth2\\Settings\\Admin' => __DIR__ . '/..' . '/../lib/Settings/Admin.php',
);
diff --git a/apps/oauth2/lib/Controller/OauthApiController.php b/apps/oauth2/lib/Controller/OauthApiController.php
index 910fdc9943230..0dcc2a2cf712a 100644
--- a/apps/oauth2/lib/Controller/OauthApiController.php
+++ b/apps/oauth2/lib/Controller/OauthApiController.php
@@ -42,6 +42,7 @@
use OCP\IRequest;
use OCP\Security\ICrypto;
use OCP\Security\ISecureRandom;
+use Psr\Log\LoggerInterface;
class OauthApiController extends Controller {
/** @var AccessTokenMapper */
@@ -58,6 +59,8 @@ class OauthApiController extends Controller {
private $time;
/** @var Throttler */
private $throttler;
+ /** @var LoggerInterface */
+ private $logger;
public function __construct(string $appName,
IRequest $request,
@@ -67,6 +70,7 @@ public function __construct(string $appName,
TokenProvider $tokenProvider,
ISecureRandom $secureRandom,
ITimeFactory $time,
+ LoggerInterface $logger,
Throttler $throttler) {
parent::__construct($appName, $request);
$this->crypto = $crypto;
@@ -76,6 +80,7 @@ public function __construct(string $appName,
$this->secureRandom = $secureRandom;
$this->time = $time;
$this->throttler = $throttler;
+ $this->logger = $logger;
}
/**
@@ -124,8 +129,16 @@ public function getToken($grant_type, $code, $refresh_token, $client_id, $client
$client_secret = $this->request->server['PHP_AUTH_PW'];
}
+ try {
+ $storedClientSecret = $this->crypto->decrypt($client->getSecret());
+ } catch (\Exception $e) {
+ $this->logger->error('OAuth client secret decryption error', ['exception' => $e]);
+ return new JSONResponse([
+ 'error' => 'invalid_client',
+ ], Http::STATUS_BAD_REQUEST);
+ }
// The client id and secret must match. Else we don't provide an access token!
- if ($client->getClientIdentifier() !== $client_id || $client->getSecret() !== $client_secret) {
+ if ($client->getClientIdentifier() !== $client_id || $storedClientSecret !== $client_secret) {
return new JSONResponse([
'error' => 'invalid_client',
], Http::STATUS_BAD_REQUEST);
diff --git a/apps/oauth2/lib/Controller/SettingsController.php b/apps/oauth2/lib/Controller/SettingsController.php
index 04fc75a8f4a35..6c57a4b9a2b3a 100644
--- a/apps/oauth2/lib/Controller/SettingsController.php
+++ b/apps/oauth2/lib/Controller/SettingsController.php
@@ -42,6 +42,7 @@
use OCP\IUser;
use OCP\IUserManager;
use OCP\Security\ISecureRandom;
+use OCP\Security\ICrypto;
class SettingsController extends Controller {
/** @var ClientMapper */
@@ -58,6 +59,9 @@ class SettingsController extends Controller {
* @var IUserManager
*/
private $userManager;
+ /** @var ICrypto */
+ private $crypto;
+
public const validChars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
public function __construct(string $appName,
@@ -67,7 +71,8 @@ public function __construct(string $appName,
AccessTokenMapper $accessTokenMapper,
IL10N $l,
IAuthTokenProvider $tokenProvider,
- IUserManager $userManager
+ IUserManager $userManager,
+ ICrypto $crypto
) {
parent::__construct($appName, $request);
$this->secureRandom = $secureRandom;
@@ -76,6 +81,7 @@ public function __construct(string $appName,
$this->l = $l;
$this->tokenProvider = $tokenProvider;
$this->userManager = $userManager;
+ $this->crypto = $crypto;
}
public function addClient(string $name,
@@ -87,7 +93,9 @@ public function addClient(string $name,
$client = new Client();
$client->setName($name);
$client->setRedirectUri($redirectUri);
- $client->setSecret($this->secureRandom->generate(64, self::validChars));
+ $secret = $this->secureRandom->generate(64, self::validChars);
+ $encryptedSecret = $this->crypto->encrypt($secret);
+ $client->setSecret($encryptedSecret);
$client->setClientIdentifier($this->secureRandom->generate(64, self::validChars));
$client = $this->clientMapper->insert($client);
@@ -96,7 +104,7 @@ public function addClient(string $name,
'name' => $client->getName(),
'redirectUri' => $client->getRedirectUri(),
'clientId' => $client->getClientIdentifier(),
- 'clientSecret' => $client->getSecret(),
+ 'clientSecret' => $secret,
];
return new JSONResponse($result);
diff --git a/apps/oauth2/lib/Migration/Version011601Date20230522143227.php b/apps/oauth2/lib/Migration/Version011601Date20230522143227.php
new file mode 100644
index 0000000000000..43e3a2e26e34e
--- /dev/null
+++ b/apps/oauth2/lib/Migration/Version011601Date20230522143227.php
@@ -0,0 +1,82 @@
+
+ *
+ * @author Julien Veyssier
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ *
+ */
+namespace OCA\OAuth2\Migration;
+
+use Closure;
+use OCP\DB\ISchemaWrapper;
+use OCP\DB\QueryBuilder\IQueryBuilder;
+use OCP\IDBConnection;
+use OCP\Migration\IOutput;
+use OCP\Migration\SimpleMigrationStep;
+use OCP\Security\ICrypto;
+
+class Version011601Date20230522143227 extends SimpleMigrationStep {
+
+ public function __construct(
+ private IDBConnection $connection,
+ private ICrypto $crypto,
+ ) {
+ }
+
+ public function changeSchema(IOutput $output, Closure $schemaClosure, array $options) {
+ /** @var ISchemaWrapper $schema */
+ $schema = $schemaClosure();
+
+ if ($schema->hasTable('oauth2_clients')) {
+ $table = $schema->getTable('oauth2_clients');
+ if ($table->hasColumn('secret')) {
+ $column = $table->getColumn('secret');
+ $column->setLength(512);
+ return $schema;
+ }
+ }
+
+ return null;
+ }
+
+ public function postSchemaChange(IOutput $output, Closure $schemaClosure, array $options) {
+ $qbUpdate = $this->connection->getQueryBuilder();
+ $qbUpdate->update('oauth2_clients')
+ ->set('secret', $qbUpdate->createParameter('updateSecret'))
+ ->where(
+ $qbUpdate->expr()->eq('id', $qbUpdate->createParameter('updateId'))
+ );
+
+ $qbSelect = $this->connection->getQueryBuilder();
+ $qbSelect->select('id', 'secret')
+ ->from('oauth2_clients');
+ $req = $qbSelect->executeQuery();
+ while ($row = $req->fetch()) {
+ $id = $row['id'];
+ $secret = $row['secret'];
+ $encryptedSecret = $this->crypto->encrypt($secret);
+ $qbUpdate->setParameter('updateSecret', $encryptedSecret, IQueryBuilder::PARAM_STR);
+ $qbUpdate->setParameter('updateId', $id, IQueryBuilder::PARAM_INT);
+ $qbUpdate->executeStatement();
+ }
+ $req->closeCursor();
+ }
+}
diff --git a/apps/oauth2/lib/Settings/Admin.php b/apps/oauth2/lib/Settings/Admin.php
index aa2bd6db0121f..eb809f27d6f72 100644
--- a/apps/oauth2/lib/Settings/Admin.php
+++ b/apps/oauth2/lib/Settings/Admin.php
@@ -29,22 +29,30 @@
use OCA\OAuth2\Db\ClientMapper;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\AppFramework\Services\IInitialState;
+use OCP\Security\ICrypto;
use OCP\Settings\ISettings;
use OCP\IURLGenerator;
+use Psr\Log\LoggerInterface;
class Admin implements ISettings {
private IInitialState $initialState;
private ClientMapper $clientMapper;
private IURLGenerator $urlGenerator;
+ private ICrypto $crypto;
+ private LoggerInterface $logger;
public function __construct(
IInitialState $initialState,
ClientMapper $clientMapper,
- IURLGenerator $urlGenerator
+ IURLGenerator $urlGenerator,
+ ICrypto $crypto,
+ LoggerInterface $logger
) {
$this->initialState = $initialState;
$this->clientMapper = $clientMapper;
$this->urlGenerator = $urlGenerator;
+ $this->crypto = $crypto;
+ $this->logger = $logger;
}
public function getForm(): TemplateResponse {
@@ -52,13 +60,18 @@ public function getForm(): TemplateResponse {
$result = [];
foreach ($clients as $client) {
- $result[] = [
- 'id' => $client->getId(),
- 'name' => $client->getName(),
- 'redirectUri' => $client->getRedirectUri(),
- 'clientId' => $client->getClientIdentifier(),
- 'clientSecret' => $client->getSecret(),
- ];
+ try {
+ $secret = $this->crypto->decrypt($client->getSecret());
+ $result[] = [
+ 'id' => $client->getId(),
+ 'name' => $client->getName(),
+ 'redirectUri' => $client->getRedirectUri(),
+ 'clientId' => $client->getClientIdentifier(),
+ 'clientSecret' => $secret,
+ ];
+ } catch (\Exception $e) {
+ $this->logger->error('[Settings] OAuth client secret decryption error', ['exception' => $e]);
+ }
}
$this->initialState->provideInitialState('clients', $result);
$this->initialState->provideInitialState('oauth2-doc-link', $this->urlGenerator->linkToDocs('admin-oauth2'));
diff --git a/apps/oauth2/tests/Controller/OauthApiControllerTest.php b/apps/oauth2/tests/Controller/OauthApiControllerTest.php
index 8977f6a2b6625..eb9311dbbc755 100644
--- a/apps/oauth2/tests/Controller/OauthApiControllerTest.php
+++ b/apps/oauth2/tests/Controller/OauthApiControllerTest.php
@@ -43,6 +43,7 @@
use OCP\IRequest;
use OCP\Security\ICrypto;
use OCP\Security\ISecureRandom;
+use Psr\Log\LoggerInterface;
use Test\TestCase;
/* We have to use this to add a property to the mocked request and avoid warnings about dynamic properties on PHP>=8.2 */
@@ -67,6 +68,8 @@ class OauthApiControllerTest extends TestCase {
private $time;
/** @var Throttler|\PHPUnit\Framework\MockObject\MockObject */
private $throttler;
+ /** @var LoggerInterface|\PHPUnit\Framework\MockObject\MockObject */
+ private $logger;
/** @var OauthApiController */
private $oauthApiController;
@@ -81,6 +84,7 @@ protected function setUp(): void {
$this->secureRandom = $this->createMock(ISecureRandom::class);
$this->time = $this->createMock(ITimeFactory::class);
$this->throttler = $this->createMock(Throttler::class);
+ $this->logger = $this->createMock(LoggerInterface::class);
$this->oauthApiController = new OauthApiController(
'oauth2',
@@ -91,6 +95,7 @@ protected function setUp(): void {
$this->tokenProvider,
$this->secureRandom,
$this->time,
+ $this->logger,
$this->throttler
);
}
@@ -198,16 +203,21 @@ public function testGetTokenInvalidAppToken() {
$client = new Client();
$client->setClientIdentifier('clientId');
- $client->setSecret('clientSecret');
+ $client->setSecret('encryptedClientSecret');
$this->clientMapper->method('getByUid')
->with(42)
->willReturn($client);
- $this->crypto->method('decrypt')
- ->with(
- 'encryptedToken',
- 'validrefresh'
- )->willReturn('decryptedToken');
+ $this->crypto
+ ->method('decrypt')
+ ->with($this->callback(function (string $text) {
+ return $text === 'encryptedClientSecret' || $text === 'encryptedToken';
+ }))
+ ->willReturnCallback(function (string $text) {
+ return $text === 'encryptedClientSecret'
+ ? 'clientSecret'
+ : ($text === 'encryptedToken' ? 'decryptedToken' : '');
+ });
$this->tokenProvider->method('getTokenById')
->with(1337)
@@ -232,16 +242,21 @@ public function testGetTokenValidAppToken() {
$client = new Client();
$client->setClientIdentifier('clientId');
- $client->setSecret('clientSecret');
+ $client->setSecret('encryptedClientSecret');
$this->clientMapper->method('getByUid')
->with(42)
->willReturn($client);
- $this->crypto->method('decrypt')
- ->with(
- 'encryptedToken',
- 'validrefresh'
- )->willReturn('decryptedToken');
+ $this->crypto
+ ->method('decrypt')
+ ->with($this->callback(function (string $text) {
+ return $text === 'encryptedClientSecret' || $text === 'encryptedToken';
+ }))
+ ->willReturnCallback(function (string $text) {
+ return $text === 'encryptedClientSecret'
+ ? 'clientSecret'
+ : ($text === 'encryptedToken' ? 'decryptedToken' : '');
+ });
$appToken = new PublicKeyToken();
$appToken->setUid('userId');
@@ -324,16 +339,21 @@ public function testGetTokenValidAppTokenBasicAuth() {
$client = new Client();
$client->setClientIdentifier('clientId');
- $client->setSecret('clientSecret');
+ $client->setSecret('encryptedClientSecret');
$this->clientMapper->method('getByUid')
->with(42)
->willReturn($client);
- $this->crypto->method('decrypt')
- ->with(
- 'encryptedToken',
- 'validrefresh'
- )->willReturn('decryptedToken');
+ $this->crypto
+ ->method('decrypt')
+ ->with($this->callback(function (string $text) {
+ return $text === 'encryptedClientSecret' || $text === 'encryptedToken';
+ }))
+ ->willReturnCallback(function (string $text) {
+ return $text === 'encryptedClientSecret'
+ ? 'clientSecret'
+ : ($text === 'encryptedToken' ? 'decryptedToken' : '');
+ });
$appToken = new PublicKeyToken();
$appToken->setUid('userId');
@@ -419,16 +439,21 @@ public function testGetTokenExpiredAppToken() {
$client = new Client();
$client->setClientIdentifier('clientId');
- $client->setSecret('clientSecret');
+ $client->setSecret('encryptedClientSecret');
$this->clientMapper->method('getByUid')
->with(42)
->willReturn($client);
- $this->crypto->method('decrypt')
- ->with(
- 'encryptedToken',
- 'validrefresh'
- )->willReturn('decryptedToken');
+ $this->crypto
+ ->method('decrypt')
+ ->with($this->callback(function (string $text) {
+ return $text === 'encryptedClientSecret' || $text === 'encryptedToken';
+ }))
+ ->willReturnCallback(function (string $text) {
+ return $text === 'encryptedClientSecret'
+ ? 'clientSecret'
+ : ($text === 'encryptedToken' ? 'decryptedToken' : '');
+ });
$appToken = new PublicKeyToken();
$appToken->setUid('userId');
diff --git a/apps/oauth2/tests/Controller/SettingsControllerTest.php b/apps/oauth2/tests/Controller/SettingsControllerTest.php
index fe26fb4607adc..739c9aaa0e57f 100644
--- a/apps/oauth2/tests/Controller/SettingsControllerTest.php
+++ b/apps/oauth2/tests/Controller/SettingsControllerTest.php
@@ -38,6 +38,7 @@
use OCP\IRequest;
use OCP\IUser;
use OCP\IUserManager;
+use OCP\Security\ICrypto;
use OCP\Security\ISecureRandom;
use Test\TestCase;
@@ -61,6 +62,8 @@ class SettingsControllerTest extends TestCase {
private $settingsController;
/** @var IL10N|\PHPUnit\Framework\MockObject\MockObject */
private $l;
+ /** @var ICrypto|\PHPUnit\Framework\MockObject\MockObject */
+ private $crypto;
protected function setUp(): void {
parent::setUp();
@@ -74,6 +77,8 @@ protected function setUp(): void {
$this->l = $this->createMock(IL10N::class);
$this->l->method('t')
->willReturnArgument(0);
+ $this->crypto = $this->createMock(ICrypto::class);
+
$this->settingsController = new SettingsController(
'oauth2',
$this->request,
@@ -82,7 +87,8 @@ protected function setUp(): void {
$this->accessTokenMapper,
$this->l,
$this->authTokenProvider,
- $this->userManager
+ $this->userManager,
+ $this->crypto
);
}
@@ -96,6 +102,11 @@ public function testAddClient() {
'MySecret',
'MyClientIdentifier');
+ $this->crypto
+ ->expects($this->once())
+ ->method('encrypt')
+ ->willReturn('MyEncryptedSecret');
+
$client = new Client();
$client->setName('My Client Name');
$client->setRedirectUri('https://example.com/');
@@ -108,7 +119,7 @@ public function testAddClient() {
->with($this->callback(function (Client $c) {
return $c->getName() === 'My Client Name' &&
$c->getRedirectUri() === 'https://example.com/' &&
- $c->getSecret() === 'MySecret' &&
+ $c->getSecret() === 'MyEncryptedSecret' &&
$c->getClientIdentifier() === 'MyClientIdentifier';
}))->willReturnCallback(function (Client $c) {
$c->setId(42);
@@ -178,7 +189,8 @@ public function testDeleteClient() {
$this->accessTokenMapper,
$this->l,
$tokenProviderMock,
- $userManager
+ $userManager,
+ $this->crypto
);
$result = $settingsController->deleteClient(123);
diff --git a/apps/oauth2/tests/Db/ClientMapperTest.php b/apps/oauth2/tests/Db/ClientMapperTest.php
index fdc458fa3019f..5da048d4b47e4 100644
--- a/apps/oauth2/tests/Db/ClientMapperTest.php
+++ b/apps/oauth2/tests/Db/ClientMapperTest.php
@@ -84,4 +84,14 @@ public function testGetByUidNotExisting() {
public function testGetClients() {
$this->assertSame('array', gettype($this->clientMapper->getClients()));
}
+
+ public function testInsertLongEncryptedSecret(): void {
+ $client = new Client();
+ $client->setClientIdentifier('MyNewClient');
+ $client->setName('Client Name');
+ $client->setRedirectUri('https://example.com/');
+ $client->setSecret('b81dc8e2dc178817bf28ca7b37265aa96559ca02e6dcdeb74b42221d096ed5ef63681e836ae0ba1077b5fb5e6c2fa7748c78463f66fe0110c8dcb8dd7eb0305b16d0cd993e2ae275879994a2abf88c68|e466d9befa6b0102341458e45ecd551a|013af9e277374483123437f180a3b0371a411ad4f34c451547909769181a7d7cc191f0f5c2de78376d124dd7751b8c9660aabdd913f5e071fc6b819ba2e3d919|3');
+ $this->clientMapper->insert($client);
+ $this->assertTrue(true);
+ }
}
diff --git a/apps/oauth2/tests/Settings/AdminTest.php b/apps/oauth2/tests/Settings/AdminTest.php
index fc5ebbb83651d..afbed91b07898 100644
--- a/apps/oauth2/tests/Settings/AdminTest.php
+++ b/apps/oauth2/tests/Settings/AdminTest.php
@@ -28,7 +28,9 @@
use OCP\AppFramework\Http\TemplateResponse;
use OCP\AppFramework\Services\IInitialState;
use OCP\IURLGenerator;
+use OCP\Security\ICrypto;
use PHPUnit\Framework\MockObject\MockObject;
+use Psr\Log\LoggerInterface;
use Test\TestCase;
class AdminTest extends TestCase {
@@ -36,7 +38,7 @@ class AdminTest extends TestCase {
/** @var Admin|MockObject */
private $admin;
- /** @var IInitialStateService|MockObject */
+ /** @var IInitialState|MockObject */
private $initialState;
/** @var ClientMapper|MockObject */
@@ -48,7 +50,13 @@ protected function setUp(): void {
$this->initialState = $this->createMock(IInitialState::class);
$this->clientMapper = $this->createMock(ClientMapper::class);
- $this->admin = new Admin($this->initialState, $this->clientMapper, $this->createMock(IURLGenerator::class));
+ $this->admin = new Admin(
+ $this->initialState,
+ $this->clientMapper,
+ $this->createMock(IURLGenerator::class),
+ $this->createMock(ICrypto::class),
+ $this->createMock(LoggerInterface::class)
+ );
}
public function testGetForm() {
diff --git a/lib/composer/composer/LICENSE b/lib/composer/composer/LICENSE
index f27399a042d95..62ecfd8d0046b 100644
--- a/lib/composer/composer/LICENSE
+++ b/lib/composer/composer/LICENSE
@@ -1,4 +1,3 @@
-
Copyright (c) Nils Adermann, Jordi Boggiano
Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -18,4 +17,3 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
-