$view = new \OC\Files\View('/');\r
\r
// ensure filesystem is loaded\r
- if(!\OC\Files\Filesystem::$loaded) {\r
+ if (!\OC\Files\Filesystem::$loaded) {\r
\OC_Util::setupFS($params['uid']);\r
}\r
\r
$privateKey = \OCA\Encryption\Keymanager::getPrivateKey($view, $params['uid']);\r
\r
// if no private key exists, check server configuration\r
- if(!$privateKey) {\r
+ if (!$privateKey) {\r
//check if all requirements are met\r
- if(!Helper::checkRequirements() || !Helper::checkConfiguration()) {\r
+ if (!Helper::checkRequirements() || !Helper::checkConfiguration()) {\r
$error_msg = $l->t("Missing requirements.");\r
$hint = $l->t('Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled.');\r
\OC_App::disable('files_encryption');\r
return false;\r
}\r
\r
+ $result = true;\r
+\r
// If migration not yet done\r
if ($ready) {\r
\r
\r
// Set legacy encryption key if it exists, to support\r
// depreciated encryption system\r
- if (\r
- $userView->file_exists('encryption.key')\r
- && $encLegacyKey = $userView->file_get_contents('encryption.key')\r
- ) {\r
+ $encLegacyKey = $userView->file_get_contents('encryption.key');\r
+ if ($encLegacyKey) {\r
\r
$plainLegacyKey = Crypt::legacyDecrypt($encLegacyKey, $params['password']);\r
\r
$session->setLegacyKey($plainLegacyKey);\r
-\r
}\r
\r
// Encrypt existing user files\r
$result = $util->encryptAll('/' . $params['uid'] . '/' . 'files', $session->getLegacyKey(), $params['password']);\r
} catch (\Exception $ex) {\r
\OCP\Util::writeLog('Encryption library', 'Initial encryption failed! Error: ' . $ex->getMessage(), \OCP\Util::FATAL);\r
- $util->resetMigrationStatus();\r
- \OCP\User::logout();\r
$result = false;\r
}\r
\r
if ($result) {\r
-\r
\OC_Log::write(\r
- 'Encryption library', 'Encryption of existing files belonging to "' . $params['uid'] . '" completed'\r
- , \OC_Log::INFO\r
- );\r
-\r
+ 'Encryption library', 'Encryption of existing files belonging to "' . $params['uid'] . '" completed'\r
+ , \OC_Log::INFO\r
+ );\r
// Register successful migration in DB\r
$util->finishMigration();\r
-\r
+ } else {\r
+ \OCP\Util::writeLog('Encryption library', 'Initial encryption failed!', \OCP\Util::FATAL);\r
+ $util->resetMigrationStatus();\r
+ \OCP\User::logout();\r
}\r
}\r
\r
- return true;\r
-\r
+ return $result;\r
}\r
\r
/**\r
* Find all files and their encryption status within a directory
* @param string $directory The path of the parent directory to search
* @param bool $found the founded files if called again
- * @return mixed false if 0 found, array on success. Keys: name, path
+ * @return array keys: plain, encrypted, legacy, broken
* @note $directory needs to be a path relative to OC data dir. e.g.
* /admin/files NOT /backup OR /home/www/oc/data/admin/files
*/
);
}
- if (
- $this->view->is_dir($directory)
- && $handle = $this->view->opendir($directory)
- ) {
- if(is_resource($handle)) {
+ if ($this->view->is_dir($directory) && $handle = $this->view->opendir($directory)){
+ if (is_resource($handle)) {
while (false !== ($file = readdir($handle))) {
if ($file !== "." && $file !== "..") {
'name' => $file,
'path' => $relPath
);
-
}
-
}
-
}
-
}
}
-
- \OC_FileProxy::$enabled = true;
-
- if (empty($found)) {
-
- return false;
-
- } else {
-
- return $found;
-
- }
-
}
\OC_FileProxy::$enabled = true;
- return false;
-
+ return $found;
}
/**
return $result;
}
-
- /**
- * @param string $path
- * @return bool
- */
- public function isSharedPath($path) {
-
- $trimmed = ltrim($path, '/');
- $split = explode('/', $trimmed);
-
- if (isset($split[2]) && $split[2] === 'Shared') {
-
- return true;
-
- } else {
-
- return false;
-
- }
-
- }
-
/**
* encrypt versions from given file
* @param array $filelist list of encrypted files, relative to data/user/files
*/
public function encryptAll($dirPath, $legacyPassphrase = null, $newPassphrase = null) {
+ $result = true;
+
$found = $this->findEncFiles($dirPath);
- if ($found) {
+ // Disable proxy to prevent file being encrypted twice
+ \OC_FileProxy::$enabled = false;
- // Disable proxy to prevent file being encrypted twice
- \OC_FileProxy::$enabled = false;
+ $versionStatus = \OCP\App::isEnabled('files_versions');
+ \OC_App::disable('files_versions');
- $versionStatus = \OCP\App::isEnabled('files_versions');
- \OC_App::disable('files_versions');
+ $encryptedFiles = array();
- $encryptedFiles = array();
+ // Encrypt unencrypted files
+ foreach ($found['plain'] as $plainFile) {
- // Encrypt unencrypted files
- foreach ($found['plain'] as $plainFile) {
+ //get file info
+ $fileInfo = \OC\Files\Filesystem::getFileInfo($plainFile['path']);
- //get file info
- $fileInfo = \OC\Files\Filesystem::getFileInfo($plainFile['path']);
+ //relative to data/<user>/file
+ $relPath = $plainFile['path'];
- //relative to data/<user>/file
- $relPath = $plainFile['path'];
+ //relative to /data
+ $rawPath = '/' . $this->userId . '/files/' . $plainFile['path'];
- //relative to /data
- $rawPath = '/' . $this->userId . '/files/' . $plainFile['path'];
-
- // keep timestamp
- $timestamp = $fileInfo['mtime'];
+ // keep timestamp
+ $timestamp = $fileInfo['mtime'];
- // Open plain file handle for binary reading
- $plainHandle = $this->view->fopen($rawPath, 'rb');
+ // Open plain file handle for binary reading
+ $plainHandle = $this->view->fopen($rawPath, 'rb');
- // Open enc file handle for binary writing, with same filename as original plain file
- $encHandle = fopen('crypt://' . $rawPath . '.part', 'wb');
+ // Open enc file handle for binary writing, with same filename as original plain file
+ $encHandle = fopen('crypt://' . $rawPath . '.part', 'wb');
- if (is_resource($encHandle)) {
- // Move plain file to a temporary location
- $size = stream_copy_to_stream($plainHandle, $encHandle);
+ if (is_resource($encHandle) && is_resource($plainHandle)) {
+ // Move plain file to a temporary location
+ $size = stream_copy_to_stream($plainHandle, $encHandle);
- fclose($encHandle);
- fclose($plainHandle);
+ fclose($encHandle);
+ fclose($plainHandle);
- $fakeRoot = $this->view->getRoot();
- $this->view->chroot('/' . $this->userId . '/files');
+ $fakeRoot = $this->view->getRoot();
+ $this->view->chroot('/' . $this->userId . '/files');
- $this->view->rename($relPath . '.part', $relPath);
+ $this->view->rename($relPath . '.part', $relPath);
- // set timestamp
- $this->view->touch($relPath, $timestamp);
+ // set timestamp
+ $this->view->touch($relPath, $timestamp);
- $encSize = $this->view->filesize($relPath);
+ $encSize = $this->view->filesize($relPath);
- $this->view->chroot($fakeRoot);
+ $this->view->chroot($fakeRoot);
- // Add the file to the cache
- \OC\Files\Filesystem::putFileInfo($relPath, array(
- 'encrypted' => true,
- 'size' => $encSize,
- 'unencrypted_size' => $size,
- 'etag' => $fileInfo['etag']
- ));
+ // Add the file to the cache
+ \OC\Files\Filesystem::putFileInfo($relPath, array(
+ 'encrypted' => true,
+ 'size' => $encSize,
+ 'unencrypted_size' => $size,
+ 'etag' => $fileInfo['etag']
+ ));
- $encryptedFiles[] = $relPath;
- }
+ $encryptedFiles[] = $relPath;
+ } else {
+ \OCP\Util::writeLog('files_encryption', 'initial encryption: could not encrypt ' . $rawPath, \OCP\Util::FATAL);
+ $result = false;
}
+ }
- // Encrypt legacy encrypted files
- if (
- !empty($legacyPassphrase)
- && !empty($newPassphrase)
- ) {
-
- foreach ($found['legacy'] as $legacyFile) {
+ // Encrypt legacy encrypted files
+ if (!empty($legacyPassphrase) && !empty($newPassphrase)) {
- // Fetch data from file
- $legacyData = $this->view->file_get_contents($legacyFile['path']);
+ foreach ($found['legacy'] as $legacyFile) {
- // decrypt data, generate catfile
- $decrypted = Crypt::legacyBlockDecrypt($legacyData, $legacyPassphrase);
+ // Fetch data from file
+ $legacyData = $this->view->file_get_contents($legacyFile['path']);
- $rawPath = $legacyFile['path'];
+ // decrypt data, generate catfile
+ $decrypted = Crypt::legacyBlockDecrypt($legacyData, $legacyPassphrase);
- // enable proxy the ensure encryption is handled
- \OC_FileProxy::$enabled = true;
+ $rawPath = $legacyFile['path'];
- // Open enc file handle for binary writing, with same filename as original plain file
- $encHandle = $this->view->fopen( $rawPath, 'wb' );
+ // enable proxy the ensure encryption is handled
+ \OC_FileProxy::$enabled = true;
- if (is_resource($encHandle)) {
+ // Open enc file handle for binary writing, with same filename as original plain file
+ $encHandle = $this->view->fopen($rawPath, 'wb');
- // write data to stream
- fwrite($encHandle, $decrypted);
+ if (is_resource($encHandle)) {
- // close stream
- fclose($encHandle);
- }
+ // write data to stream
+ fwrite($encHandle, $decrypted);
- // disable proxy to prevent file being encrypted twice
- \OC_FileProxy::$enabled = false;
+ // close stream
+ fclose($encHandle);
+ } else {
+ \OCP\Util::writeLog('files_encryption', 'initial encryption: could not encrypt legacy file ' . $rawPath, \OCP\Util::FATAL);
+ $result = false;
}
+
+ // disable proxy to prevent file being encrypted twice
+ \OC_FileProxy::$enabled = false;
}
+ }
- \OC_FileProxy::$enabled = true;
+ \OC_FileProxy::$enabled = true;
- if ($versionStatus) {
- \OC_App::enable('files_versions');
- }
+ if ($versionStatus) {
+ \OC_App::enable('files_versions');
+ }
- $this->encryptVersions($encryptedFiles);
+ $result = $result && $this->encryptVersions($encryptedFiles);
- // If files were found, return true
- return true;
- } else {
+ return $result;
- // If no files were found, return false
- return false;
- }
}
/**
projects / nextcloud-server.git / commitdiff