From: Roeland Jago Douma Date: Mon, 17 Aug 2020 19:00:37 +0000 (+0200) Subject: Add legacy scanning command X-Git-Tag: v20.0.0beta1~37^2 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=refs%2Fpull%2F22218%2Fhead;p=nextcloud-server.git Add legacy scanning command Signed-off-by: Roeland Jago Douma --- diff --git a/apps/encryption/appinfo/info.xml b/apps/encryption/appinfo/info.xml index 27f83e371c8..9603f9d16cd 100644 --- a/apps/encryption/appinfo/info.xml +++ b/apps/encryption/appinfo/info.xml @@ -14,7 +14,7 @@ Please read the documentation to know all implications before you decide to enable server-side encryption. - 2.8.0 + 2.8.1 agpl Bjoern Schiessle Clark Tomlinson @@ -44,6 +44,7 @@ OCA\Encryption\Command\EnableMasterKey OCA\Encryption\Command\DisableMasterKey OCA\Encryption\Command\RecoverUser + OCA\Encryption\Command\ScanLegacyFormat diff --git a/apps/encryption/composer/composer/autoload_classmap.php b/apps/encryption/composer/composer/autoload_classmap.php index a071387a392..b8226a2793f 100644 --- a/apps/encryption/composer/composer/autoload_classmap.php +++ b/apps/encryption/composer/composer/autoload_classmap.php @@ -10,6 +10,7 @@ return array( 'OCA\\Encryption\\Command\\DisableMasterKey' => $baseDir . '/../lib/Command/DisableMasterKey.php', 'OCA\\Encryption\\Command\\EnableMasterKey' => $baseDir . '/../lib/Command/EnableMasterKey.php', 'OCA\\Encryption\\Command\\RecoverUser' => $baseDir . '/../lib/Command/RecoverUser.php', + 'OCA\\Encryption\\Command\\ScanLegacyFormat' => $baseDir . '/../lib/Command/ScanLegacyFormat.php', 'OCA\\Encryption\\Controller\\RecoveryController' => $baseDir . '/../lib/Controller/RecoveryController.php', 'OCA\\Encryption\\Controller\\SettingsController' => $baseDir . '/../lib/Controller/SettingsController.php', 'OCA\\Encryption\\Controller\\StatusController' => $baseDir . '/../lib/Controller/StatusController.php', diff --git a/apps/encryption/composer/composer/autoload_static.php b/apps/encryption/composer/composer/autoload_static.php index 6ed6e72a87a..95c3c8d0223 100644 --- a/apps/encryption/composer/composer/autoload_static.php +++ b/apps/encryption/composer/composer/autoload_static.php @@ -25,6 +25,7 @@ class ComposerStaticInitEncryption 'OCA\\Encryption\\Command\\DisableMasterKey' => __DIR__ . '/..' . '/../lib/Command/DisableMasterKey.php', 'OCA\\Encryption\\Command\\EnableMasterKey' => __DIR__ . '/..' . '/../lib/Command/EnableMasterKey.php', 'OCA\\Encryption\\Command\\RecoverUser' => __DIR__ . '/..' . '/../lib/Command/RecoverUser.php', + 'OCA\\Encryption\\Command\\ScanLegacyFormat' => __DIR__ . '/..' . '/../lib/Command/ScanLegacyFormat.php', 'OCA\\Encryption\\Controller\\RecoveryController' => __DIR__ . '/..' . '/../lib/Controller/RecoveryController.php', 'OCA\\Encryption\\Controller\\SettingsController' => __DIR__ . '/..' . '/../lib/Controller/SettingsController.php', 'OCA\\Encryption\\Controller\\StatusController' => __DIR__ . '/..' . '/../lib/Controller/StatusController.php', diff --git a/apps/encryption/lib/Command/ScanLegacyFormat.php b/apps/encryption/lib/Command/ScanLegacyFormat.php new file mode 100644 index 00000000000..3d13485af3f --- /dev/null +++ b/apps/encryption/lib/Command/ScanLegacyFormat.php @@ -0,0 +1,140 @@ + + * + * @author Roeland Jago Douma + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OCA\Encryption\Command; + +use OC\Files\View; +use OCA\Encryption\Util; +use OCP\IConfig; +use OCP\IUserManager; +use Symfony\Component\Console\Command\Command; +use Symfony\Component\Console\Helper\QuestionHelper; +use Symfony\Component\Console\Input\InputInterface; +use Symfony\Component\Console\Output\OutputInterface; + +class ScanLegacyFormat extends Command { + + /** @var Util */ + protected $util; + + /** @var IConfig */ + protected $config; + + /** @var QuestionHelper */ + protected $questionHelper; + + /** @var IUserManager */ + private $userManager; + + /** @var View */ + private $rootView; + + /** + * @param Util $util + * @param IConfig $config + * @param QuestionHelper $questionHelper + */ + public function __construct(Util $util, + IConfig $config, + QuestionHelper $questionHelper, + IUserManager $userManager) { + parent::__construct(); + + $this->util = $util; + $this->config = $config; + $this->questionHelper = $questionHelper; + $this->userManager = $userManager; + $this->rootView = new View(); + } + + protected function configure() { + $this + ->setName('encryption:scan:legacy-format') + ->setDescription('Scan the files for the legacy format'); + } + + protected function execute(InputInterface $input, OutputInterface $output): int { + $result = true; + + $output->writeln('Scanning all files for legacy encryption'); + + foreach ($this->userManager->getBackends() as $backend) { + $limit = 500; + $offset = 0; + do { + $users = $backend->getUsers('', $limit, $offset); + foreach ($users as $user) { + $output->writeln('Scanning all files for ' . $user); + $this->setupUserFS($user); + $result &= $this->scanFolder($output, '/' . $user); + } + $offset += $limit; + } while (count($users) >= $limit); + } + + if ($result) { + $output->writeln('All scanned files are propperly encrypted. You can disable the legacy compatibility mode.'); + return 0; + } + + return 1; + } + + private function scanFolder(OutputInterface $output, string $folder): bool { + $clean = true; + + foreach ($this->rootView->getDirectoryContent($folder) as $item) { + $path = $folder . '/' . $item['name']; + if ($this->rootView->is_dir($path)) { + if ($this->scanFolder($output, $path) === false) { + $clean = false; + } + } else { + if (!$item->isEncrypted()) { + // ignore + continue; + } + + $stats = $this->rootView->stat($path); + if (!isset($stats['hasHeader']) || $stats['hasHeader'] === false) { + $clean = false; + $output->writeln($path . ' does not have a proper header'); + } + } + } + + return $clean; + } + + /** + * setup user file system + * + * @param string $uid + */ + protected function setupUserFS($uid) { + \OC_Util::tearDownFS(); + \OC_Util::setupFS($uid); + } +} diff --git a/lib/private/Files/Storage/Wrapper/Encryption.php b/lib/private/Files/Storage/Wrapper/Encryption.php index 897624ff6ae..c58387bbc2c 100644 --- a/lib/private/Files/Storage/Wrapper/Encryption.php +++ b/lib/private/Files/Storage/Wrapper/Encryption.php @@ -818,6 +818,7 @@ class Encryption extends Wrapper { $fileSize = $this->filesize($path); $stat['size'] = $fileSize; $stat[7] = $fileSize; + $stat['hasHeader'] = $this->getHeaderSize($path) > 0; return $stat; }