diff options
author | Bjoern Schiessle <schiessle@owncloud.com> | 2016-02-10 12:34:55 +0100 |
---|---|---|
committer | Bjoern Schiessle <schiessle@owncloud.com> | 2016-02-10 13:27:32 +0100 |
commit | 9dc759b4dc02f565ff18bc14f13e0b00da0ee05c (patch) | |
tree | ef10a5d9219db8c58a63e7bf3d6bb8ac9dcc2a1d | |
parent | 43ed86313ca3e8f6820dc08c38c9d4a7c32ddf01 (diff) | |
download | nextcloud-server-9dc759b4dc02f565ff18bc14f13e0b00da0ee05c.tar.gz nextcloud-server-9dc759b4dc02f565ff18bc14f13e0b00da0ee05c.zip |
remember signature version and only set it on update to make sure that other
apps like files_versions still get the old signature version
-rw-r--r-- | apps/encryption/lib/crypto/encryption.php | 33 | ||||
-rw-r--r-- | apps/encryption/tests/lib/crypto/encryptionTest.php | 19 | ||||
-rw-r--r-- | lib/private/files/storage/wrapper/encryption.php | 4 |
3 files changed, 44 insertions, 12 deletions
diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index 498c59ffa21..620bdd6ca9a 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -58,9 +58,6 @@ class Encryption implements IEncryptionModule { private $path; /** @var string */ - private $realPath; - - /** @var string */ private $user; /** @var string */ @@ -108,6 +105,9 @@ class Encryption implements IEncryptionModule { /** @var int Current version of the file */ private $version = 0; + /** @var array remember encryption signature version */ + private static $rememberVersion = []; + /** * @@ -172,7 +172,6 @@ class Encryption implements IEncryptionModule { */ public function begin($path, $user, $mode, array $header, array $accessList) { $this->path = $this->getPathToRealFile($path); - $this->realPath = $path; $this->accessList = $accessList; $this->user = $user; $this->isWriteOperation = false; @@ -191,7 +190,7 @@ class Encryption implements IEncryptionModule { // always use the version from the original file, also part files // need to have a correct version number if they get moved over to the // final location - $this->version = (int)$this->keyManager->getVersion($this->stripPartFileExtension($this->realPath), new View()); + $this->version = (int)$this->keyManager->getVersion($this->stripPartFileExtension($path), new View()); if ( $mode === 'w' @@ -241,7 +240,14 @@ class Encryption implements IEncryptionModule { public function end($path, $position = 0) { $result = ''; if ($this->isWriteOperation) { - $this->keyManager->setVersion($this->path, $this->version+1, new View()); + $this->keyManager->setVersion($path, $this->version + 1, new View()); + // in case of a part file we remember the new signature versions + // the version will be set later on update. + // This way we make sure that other apps listening to the pre-hooks + // still get the old version which should be the correct value for them + if (Scanner::isPartialFile($path)) { + self::$rememberVersion[$this->stripPartFileExtension($path)] = $this->version + 1; + } if (!empty($this->writeCache)) { $result = $this->crypt->symmetricEncryptFileContent($this->writeCache, $this->fileKey, $this->version + 1, $position); $this->writeCache = ''; @@ -367,11 +373,16 @@ class Encryption implements IEncryptionModule { * @return boolean */ public function update($path, $uid, array $accessList) { - $fileKey = $this->keyManager->getFileKey($path, $uid); - if(empty($this->realPath)) { - $this->realPath = $path; + + if (empty($accessList)) { + if (isset(self::$rememberVersion[$path])) { + $this->keyManager->setVersion($path, self::$rememberVersion[$path], new View()); + unset(self::$rememberVersion[$path]); + } + return; } - $version = $this->keyManager->getVersion($this->realPath, new View()); + + $fileKey = $this->keyManager->getFileKey($path, $uid); if (!empty($fileKey)) { @@ -392,8 +403,6 @@ class Encryption implements IEncryptionModule { $this->keyManager->setAllFileKeys($path, $encryptedFileKey); - $this->keyManager->setVersion($path, $version, new View()); - } else { $this->logger->debug('no file key found, we assume that the file "{file}" is not encrypted', array('file' => $path, 'app' => 'encryption')); diff --git a/apps/encryption/tests/lib/crypto/encryptionTest.php b/apps/encryption/tests/lib/crypto/encryptionTest.php index ad943ab6e49..0ce1a2cb76a 100644 --- a/apps/encryption/tests/lib/crypto/encryptionTest.php +++ b/apps/encryption/tests/lib/crypto/encryptionTest.php @@ -298,6 +298,9 @@ class EncryptionTest extends TestCase { return $publicKeys; }); + $this->keyManagerMock->expects($this->never())->method('getVersion'); + $this->keyManagerMock->expects($this->never())->method('setVersion'); + $this->assertSame($expected, $this->instance->update('path', 'user1', ['users' => ['user1']]) ); @@ -311,6 +314,22 @@ class EncryptionTest extends TestCase { ); } + public function testUpdateNoUsers() { + + $this->invokePrivate($this->instance, 'rememberVersion', [['path' => 2]]); + + $this->keyManagerMock->expects($this->never())->method('getFileKey'); + $this->keyManagerMock->expects($this->never())->method('getPublicKey'); + $this->keyManagerMock->expects($this->never())->method('addSystemKeys'); + $this->keyManagerMock->expects($this->once())->method('setVersion') + ->willReturnCallback(function($path, $version, $view) { + $this->assertSame('path', $path); + $this->assertSame(2, $version); + $this->assertTrue($view instanceof \OC\Files\View); + }); + $this->instance->update('path', 'user1', []); + } + /** * by default the encryption module should encrypt regular files, files in * files_versions and files in files_trashbin diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index 14d3b15bbae..26905dfb388 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -260,6 +260,10 @@ class Encryption extends Wrapper { $this->unencryptedSize[$target] = $this->unencryptedSize[$source]; } $this->keyStorage->renameKeys($source, $target); + $module = $this->getEncryptionModule($path2); + if ($module) { + $module->update($target, $this->uid, []); + } } } |