summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--lib/private/files/storage/wrapper/encryption.php114
-rw-r--r--settings/controller/encryptioncontroller.php7
2 files changed, 63 insertions, 58 deletions
diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php
index 624b332f363..a3d84f3650a 100644
--- a/lib/private/files/storage/wrapper/encryption.php
+++ b/lib/private/files/storage/wrapper/encryption.php
@@ -340,71 +340,75 @@ class Encryption extends Wrapper {
$fullPath = $this->getFullPath($path);
$encryptionModuleId = $this->util->getEncryptionModuleId($header);
- $size = $unencryptedSize = 0;
- $targetExists = $this->file_exists($path);
- $targetIsEncrypted = false;
- if ($targetExists) {
- // in case the file exists we require the explicit module as
- // specified in the file header - otherwise we need to fail hard to
- // prevent data loss on client side
- if (!empty($encryptionModuleId)) {
- $targetIsEncrypted = true;
- $encryptionModule = $this->encryptionManager->getEncryptionModule($encryptionModuleId);
- }
+ if ($this->util->isExcluded($fullPath) === false) {
+
+ $size = $unencryptedSize = 0;
+ $targetExists = $this->file_exists($path);
+ $targetIsEncrypted = false;
+ if ($targetExists) {
+ // in case the file exists we require the explicit module as
+ // specified in the file header - otherwise we need to fail hard to
+ // prevent data loss on client side
+ if (!empty($encryptionModuleId)) {
+ $targetIsEncrypted = true;
+ $encryptionModule = $this->encryptionManager->getEncryptionModule($encryptionModuleId);
+ }
- $size = $this->storage->filesize($path);
- $unencryptedSize = $this->filesize($path);
- }
+ $size = $this->storage->filesize($path);
+ $unencryptedSize = $this->filesize($path);
+ }
- try {
+ try {
- if (
- $mode === 'w'
- || $mode === 'w+'
- || $mode === 'wb'
- || $mode === 'wb+'
- ) {
- if ($encryptionEnabled) {
- // if $encryptionModuleId is empty, the default module will be used
- $encryptionModule = $this->encryptionManager->getEncryptionModule($encryptionModuleId);
- $shouldEncrypt = $encryptionModule->shouldEncrypt($fullPath);
+ if (
+ $mode === 'w'
+ || $mode === 'w+'
+ || $mode === 'wb'
+ || $mode === 'wb+'
+ ) {
+ if ($encryptionEnabled) {
+ // if $encryptionModuleId is empty, the default module will be used
+ $encryptionModule = $this->encryptionManager->getEncryptionModule($encryptionModuleId);
+ $shouldEncrypt = $encryptionModule->shouldEncrypt($fullPath);
+ }
+ } else {
+ $info = $this->getCache()->get($path);
+ // only get encryption module if we found one in the header
+ // or if file should be encrypted according to the file cache
+ if (!empty($encryptionModuleId)) {
+ $encryptionModule = $this->encryptionManager->getEncryptionModule($encryptionModuleId);
+ $shouldEncrypt = true;
+ } else if (empty($encryptionModuleId) && $info['encrypted'] === true) {
+ // we come from a old installation. No header and/or no module defined
+ // but the file is encrypted. In this case we need to use the
+ // OC_DEFAULT_MODULE to read the file
+ $encryptionModule = $this->encryptionManager->getEncryptionModule('OC_DEFAULT_MODULE');
+ $shouldEncrypt = true;
+ }
}
- } else {
- $info = $this->getCache()->get($path);
- // only get encryption module if we found one in the header
- // or if file should be encrypted according to the file cache
- if (!empty($encryptionModuleId)) {
- $encryptionModule = $this->encryptionManager->getEncryptionModule($encryptionModuleId);
- $shouldEncrypt = true;
- } else if(empty($encryptionModuleId) && $info['encrypted'] === true) {
- // we come from a old installation. No header and/or no module defined
- // but the file is encrypted. In this case we need to use the
- // OC_DEFAULT_MODULE to read the file
- $encryptionModule = $this->encryptionManager->getEncryptionModule('OC_DEFAULT_MODULE');
- $shouldEncrypt = true;
+ } catch (ModuleDoesNotExistsException $e) {
+ $this->logger->warning('Encryption module "' . $encryptionModuleId .
+ '" not found, file will be stored unencrypted (' . $e->getMessage() . ')');
+ }
+
+ // encryption disabled on write of new file and write to existing unencrypted file -> don't encrypt
+ if (!$encryptionEnabled || !$this->mount->getOption('encrypt', true)) {
+ if (!$targetExists || !$targetIsEncrypted) {
+ $shouldEncrypt = false;
}
}
- } catch (ModuleDoesNotExistsException $e) {
- $this->logger->warning('Encryption module "' . $encryptionModuleId .
- '" not found, file will be stored unencrypted (' . $e->getMessage() . ')');
- }
- // encryption disabled on write of new file and write to existing unencrypted file -> don't encrypt
- if (!$encryptionEnabled || !$this->mount->getOption('encrypt', true)) {
- if (!$targetExists || !$targetIsEncrypted) {
- $shouldEncrypt = false;
+ if ($shouldEncrypt === true && $encryptionModule !== null) {
+ $source = $this->storage->fopen($path, $mode);
+ $handle = \OC\Files\Stream\Encryption::wrap($source, $path, $fullPath, $header,
+ $this->uid, $encryptionModule, $this->storage, $this, $this->util, $this->fileHelper, $mode,
+ $size, $unencryptedSize, strlen($rawHeader));
+ return $handle;
}
- }
- if($shouldEncrypt === true && !$this->util->isExcluded($fullPath) && $encryptionModule !== null) {
- $source = $this->storage->fopen($path, $mode);
- $handle = \OC\Files\Stream\Encryption::wrap($source, $path, $fullPath, $header,
- $this->uid, $encryptionModule, $this->storage, $this, $this->util, $this->fileHelper, $mode,
- $size, $unencryptedSize, strlen($rawHeader));
- return $handle;
- } else {
- return $this->storage->fopen($path, $mode);
}
+
+ return $this->storage->fopen($path, $mode);
}
/**
diff --git a/settings/controller/encryptioncontroller.php b/settings/controller/encryptioncontroller.php
index 800982d1f04..411b9e87cc1 100644
--- a/settings/controller/encryptioncontroller.php
+++ b/settings/controller/encryptioncontroller.php
@@ -82,12 +82,13 @@ class EncryptionController extends Controller {
public function startMigration() {
// allow as long execution on the web server as possible
set_time_limit(0);
- $migration = new Migration($this->config, $this->view, $this->connection);
- $migration->reorganizeSystemFolderStructure();
- $migration->updateDB();
try {
+ $migration = new Migration($this->config, $this->view, $this->connection);
+ $migration->reorganizeSystemFolderStructure();
+ $migration->updateDB();
+
foreach ($this->userManager->getBackends() as $backend) {
$limit = 500;