From 7e1c807a0d6c255b151c07ba8f991b6aecc8ce00 Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Thu, 24 Jun 2021 09:31:52 +0200 Subject: [PATCH] Detect disabled signature check when reparing When running occ encryption:fix-encrypted-version, detect whether the setting 'encryption_skip_signature_check' is set and abort if it is, because the repair cannot detect version mismatch errors with it enabled. Signed-off-by: Vincent Petry --- .../encryption/lib/Command/FixEncryptedVersion.php | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/apps/encryption/lib/Command/FixEncryptedVersion.php b/apps/encryption/lib/Command/FixEncryptedVersion.php index 534ddc4c689..39239925850 100644 --- a/apps/encryption/lib/Command/FixEncryptedVersion.php +++ b/apps/encryption/lib/Command/FixEncryptedVersion.php @@ -25,6 +25,7 @@ namespace OCA\Encryption\Command; use OC\Files\View; use OC\HintException; use OCP\Files\IRootFolder; +use OCP\IConfig; use OCP\IUserManager; use Symfony\Component\Console\Command\Command; use Symfony\Component\Console\Input\InputArgument; @@ -32,6 +33,9 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; class FixEncryptedVersion extends Command { + /** @var IConfig */ + private $config; + /** @var IRootFolder */ private $rootFolder; @@ -41,7 +45,8 @@ class FixEncryptedVersion extends Command { /** @var View */ private $view; - public function __construct(IRootFolder $rootFolder, IUserManager $userManager, View $view) { + public function __construct(IConfig $config, IRootFolder $rootFolder, IUserManager $userManager, View $view) { + $this->config = $config; $this->rootFolder = $rootFolder; $this->userManager = $userManager; $this->view = $view; @@ -72,6 +77,13 @@ class FixEncryptedVersion extends Command { * @return int */ protected function execute(InputInterface $input, OutputInterface $output) { + $skipSignatureCheck = $this->config->getSystemValue('encryption_skip_signature_check', false); + + if ($skipSignatureCheck) { + $output->writeln("Repairing is not possible when \"encryption_skip_signature_check\" is set. Please disable this flag in the configuration.\n"); + return 1; + } + $user = $input->getArgument('user'); $pathToWalk = "/$user/files"; -- 2.39.5