diff options
author | Lukas Reschke <lukas@owncloud.com> | 2016-03-02 20:37:13 +0100 |
---|---|---|
committer | Lukas Reschke <lukas@owncloud.com> | 2016-03-03 14:15:36 +0100 |
commit | 72c8187cbb24b460edf7d1c5c2cbfaee12c22fd6 (patch) | |
tree | 1b0787304c35c36afde7d7cc48992f948eeed025 /lib | |
parent | 4f25f341788b3edad1bf4baf739cd632785c9abb (diff) | |
download | nextcloud-server-72c8187cbb24b460edf7d1c5c2cbfaee12c22fd6.tar.gz nextcloud-server-72c8187cbb24b460edf7d1c5c2cbfaee12c22fd6.zip |
Keep "encryptedVersion" when calling `\OC\Files\View::copy`
When calling `\OC\Files\View::copy` we should also keep the version to ensure that the file will always have the correct version attached and can be successfully decrypted.
To test this the following steps are necessary (from https://github.com/owncloud/core/issues/22781#issuecomment-191328982):
1. setup a new ownCloud 9.0 beta2
2. enable encryption
2. upload a docx (5.7MB large)
3. upload the same file again and overwrite the existing file
4. I can download the original file and the first version
5. I restore the first version
6. restored version can no longer be downloaded with the error described above
The manual cache operation in `\OCA\Files_Versions\Storage` is unfortunately necessary since `\OCA\Files_Versions\Storage::copyFileContents` is not using `\OCP\Files\Storage::moveFromStorage` in the case when an object storage is used. Due to the workaround added in https://github.com/owncloud/core/commit/54cea05271b887f1c8062c034741df869bc0f055 the stream is directly copied and thus bypassing the FS.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/private/files/storage/wrapper/encryption.php | 37 |
1 files changed, 28 insertions, 9 deletions
diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index 7e9ada4174a..0b4816174bf 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -621,6 +621,32 @@ class Encryption extends Wrapper { } /** + * Update the encrypted cache version in the database + * + * @param Storage $sourceStorage + * @param string $sourceInternalPath + * @param string $targetInternalPath + * @param bool $isRename + */ + private function updateEncryptedVersion(Storage $sourceStorage, $sourceInternalPath, $targetInternalPath, $isRename) { + $isEncrypted = $this->encryptionManager->isEnabled() && $this->mount->getOption('encrypt', true) ? 1 : 0; + $cacheInformation = [ + 'encrypted' => (bool)$isEncrypted, + ]; + if($isEncrypted === 1) { + $cacheInformation['encryptedVersion'] = $sourceStorage->getCache()->get($sourceInternalPath)['encryptedVersion']; + } + + // in case of a rename we need to manipulate the source cache because + // this information will be kept for the new target + if ($isRename) { + $sourceStorage->getCache()->put($sourceInternalPath, $cacheInformation); + } else { + $this->getCache()->put($targetInternalPath, $cacheInformation); + } + } + + /** * copy file between two storages * * @param Storage $sourceStorage @@ -647,6 +673,7 @@ class Encryption extends Wrapper { $info['size'] ); } + $this->updateEncryptedVersion($sourceStorage, $sourceInternalPath, $targetInternalPath, $isRename); } return $result; } @@ -689,15 +716,7 @@ class Encryption extends Wrapper { if ($preserveMtime) { $this->touch($targetInternalPath, $sourceStorage->filemtime($sourceInternalPath)); } - $isEncrypted = $this->encryptionManager->isEnabled() && $this->mount->getOption('encrypt', true) ? 1 : 0; - - // in case of a rename we need to manipulate the source cache because - // this information will be kept for the new target - if ($isRename) { - $sourceStorage->getCache()->put($sourceInternalPath, ['encrypted' => $isEncrypted]); - } else { - $this->getCache()->put($targetInternalPath, ['encrypted' => $isEncrypted]); - } + $this->updateEncryptedVersion($sourceStorage, $sourceInternalPath, $targetInternalPath, $isRename); } else { // delete partially written target file $this->unlink($targetInternalPath); |