From 986e9dd362809cedec783f55f161d6b3bce7d680 Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Fri, 31 May 2013 01:35:48 +0200 Subject: use legacyDecrypt to decrypt key file like the previous files_encryption --- apps/files_encryption/hooks/hooks.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'apps/files_encryption/hooks') diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index 955425595ba..4e0e5c4b958 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -76,7 +76,7 @@ class Hooks { && $encLegacyKey = $userView->file_get_contents('encryption.key') ) { - $plainLegacyKey = Crypt::legacyBlockDecrypt($encLegacyKey, $params['password']); + $plainLegacyKey = Crypt::legacyDecrypt($encLegacyKey, $params['password']); $session->setLegacyKey($plainLegacyKey); -- cgit v1.2.3 From 5fafd55108d1ecd13befaa589902a84a23276af8 Mon Sep 17 00:00:00 2001 From: Björn Schießle Date: Tue, 11 Jun 2013 12:03:50 +0200 Subject: make sure that only one process can enter the migration mode --- apps/files_encryption/hooks/hooks.php | 6 +-- apps/files_encryption/lib/util.php | 83 +++++++++++++++++++++++++++++++---- 2 files changed, 77 insertions(+), 12 deletions(-) (limited to 'apps/files_encryption/hooks') diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index c4b247da1ed..9f36393d591 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -67,10 +67,10 @@ class Hooks { $session->setPrivateKey($privateKey, $params['uid']); // Check if first-run file migration has already been performed - $migrationCompleted = $util->getMigrationStatus(); + $ready = $util->beginMigration(); // If migration not yet done - if (!$migrationCompleted) { + if ($ready) { $userView = new \OC_FilesystemView('/' . $params['uid']); @@ -102,7 +102,7 @@ class Hooks { } // Register successful migration in DB - $util->setMigrationStatus(1); + $util->finishMigration(); } diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index a6711880c20..82b6ca2f321 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -1058,7 +1058,7 @@ class Util { * @param $status * @return bool */ - public function setMigrationStatus($status) { + private function setMigrationStatus($status) { $sql = 'UPDATE `*PREFIX*encryption` SET `migration_status` = ? WHERE `uid` = ?'; @@ -1074,7 +1074,7 @@ class Util { return true; } else { - + \OCP\Util::writeLog('Encryption library', "Could not set migration status for " . $this->userId, \OCP\Util::ERROR); return false; } @@ -1082,12 +1082,80 @@ class Util { } /** - * @brief Check whether pwd recovery is enabled for a given user - * @return bool 1 = yes, 0 = no, false = no record + * @brief start migration mode to initially encrypt users data + * @return boolean + */ + public function beginMigration() { + + $return = false; + + $transaction = \OC_DB::beginTransaction(); + + if ($transaction === false) { + \OCP\Util::writeLog('Encryption library', "Your database migration doesn't support transactions", \OCP\Util::WARN); + } + + $migrationStatus = $this->getMigrationStatus(); + + if ($migrationStatus === '0') { + + $return = $this->setMigrationStatus(-1); + + if ($return === true) { + \OCP\Util::writeLog('Encryption library', "Enter migration mode for initial encryption for user " . $this->userId, \OCP\Util::INFO); + } else { + \OCP\Util::writeLog('Encryption library', "Could not activate migration mode for " . $this->userId . ", encryption aborted", \OCP\Util::ERROR); + } + } else { + \OCP\Util::writeLog('Encryption library', "Another process already performs the migration for user " . $this->userId, \OCP\Util::INFO); + } + + \OC_DB::commit(); + + return $return; + } + + /** + * @brief close migration mode after users data has been encrypted successfully + * @return boolean + */ + public function finishMigration() { + + $return = false; + + $transaction = \OC_DB::beginTransaction(); + + if ($transaction === false) { + \OCP\Util::writeLog('Encryption library', "Your database migration doesn't support transactions", \OCP\Util::WARN); + } + + $migrationStatus = $this->getMigrationStatus(); + + if ($migrationStatus === '-1') { + + $return = $this->setMigrationStatus(1); + + if ($return === true) { + \OCP\Util::writeLog('Encryption library', "Leave migration mode for: " . $this->userId . " successfully.", \OCP\Util::INFO); + } else { + \OCP\Util::writeLog('Encryption library', "Could not deactivate migration mode for " . $this->userId, \OCP\Util::ERROR); + } + } else { + \OCP\Util::writeLog('Encryption library', "Someone else finished the migration mode to early for user " . $this->userId, \OCP\Util::ERROR); + } + + \OC_DB::commit(); + + return $return; + } + + /** + * @brief check if files are already migrated to the encryption system + * @return '1' = yes, '0' = no, '-1' = migration in progress, false = no record * @note If records are not being returned, check for a hidden space * at the start of the uid in db */ - public function getMigrationStatus() { + private function getMigrationStatus() { $sql = 'SELECT `migration_status` FROM `*PREFIX*encryption` WHERE `uid` = ?'; @@ -1112,14 +1180,11 @@ class Util { // If no record is found if (empty($migrationStatus)) { - + \OCP\Util::writeLog('Encryption library', "Could not get migration status for " . $this->userId . ", no record found", \OCP\Util::ERROR); return false; - // If a record is found } else { - return $migrationStatus[0]; - } } -- cgit v1.2.3 From c78a90fd54c790a21c9ba4d8dcf86a68ebef0edd Mon Sep 17 00:00:00 2001 From: Björn Schießle Date: Wed, 12 Jun 2013 12:21:11 +0200 Subject: use number of manipulated rows as idicator if it was possible to enter the migration mode --- apps/files_encryption/hooks/hooks.php | 5 +- apps/files_encryption/lib/util.php | 88 ++++++++--------------------------- 2 files changed, 24 insertions(+), 69 deletions(-) (limited to 'apps/files_encryption/hooks') diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index 9f36393d591..7e68f476a7f 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -67,7 +67,10 @@ class Hooks { $session->setPrivateKey($privateKey, $params['uid']); // Check if first-run file migration has already been performed - $ready = $util->beginMigration(); + $ready = false; + if ($util->getMigrationStatus() === Util::MIGRATION_OPEN) { + $ready = $util->beginMigration(); + } // If migration not yet done if ($ready) { diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index a5aa121f930..f6da417c6f9 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -1056,64 +1056,26 @@ class Util { } - /** - * @brief Set file migration status for user - * @param $status - * @return bool - */ - private function setMigrationStatus($status) { - - $sql = 'UPDATE `*PREFIX*encryption` SET `migration_status` = ? WHERE `uid` = ?'; - - $args = array( - $status, - $this->userId - ); - - $query = \OCP\DB::prepare($sql); - - if ($query->execute($args)) { - - return true; - - } else { - \OCP\Util::writeLog('Encryption library', "Could not set migration status for " . $this->userId, \OCP\Util::ERROR); - return false; - - } - - } - /** * @brief start migration mode to initially encrypt users data * @return boolean */ public function beginMigration() { - - $return = false; - $transaction = \OC_DB::beginTransaction(); - - if ($transaction === false) { - \OCP\Util::writeLog('Encryption library', "Your database migration doesn't support transactions", \OCP\Util::WARN); - } - - $migrationStatus = $this->getMigrationStatus(); - - if ($migrationStatus === self::MIGRATION_OPEN) { + $return = false; - $return = $this->setMigrationStatus(self::MIGRATION_IN_PROGRESS); + $sql = 'UPDATE `*PREFIX*encryption` SET `migration_status` = ? WHERE `uid` = ? and `migration_status` = ?'; + $args = array(self::MIGRATION_IN_PROGRESS, $this->userId, self::MIGRATION_OPEN); + $query = \OCP\DB::prepare($sql); + $result = $query->execute($args); + $manipulatedRows = $result->numRows(); - if ($return === true) { - \OCP\Util::writeLog('Encryption library', "Enter migration mode for initial encryption for user " . $this->userId, \OCP\Util::INFO); - } else { - \OCP\Util::writeLog('Encryption library', "Could not activate migration mode for " . $this->userId . ", encryption aborted", \OCP\Util::ERROR); - } + if ($manipulatedRows === 1) { + $return = true; + \OCP\Util::writeLog('Encryption library', "Start migration to encryption mode for " . $this->userId, \OCP\Util::INFO); } else { - \OCP\Util::writeLog('Encryption library', "Another process already performs the migration for user " . $this->userId, \OCP\Util::WARN); + \OCP\Util::writeLog('Encryption library', "Could not activate migration mode for " . $this->userId . ". Probably another process already started the initial encryption", \OCP\Util::WARN); } - - \OC_DB::commit(); return $return; } @@ -1126,29 +1088,19 @@ class Util { $return = false; - $transaction = \OC_DB::beginTransaction(); - - if ($transaction === false) { - \OCP\Util::writeLog('Encryption library', "Your database migration doesn't support transactions", \OCP\Util::WARN); - } - - $migrationStatus = $this->getMigrationStatus(); - - if ($migrationStatus === self::MIGRATION_IN_PROGRESS) { - - $return = $this->setMigrationStatus(self::MIGRATION_COMPLETED); + $sql = 'UPDATE `*PREFIX*encryption` SET `migration_status` = ? WHERE `uid` = ? and `migration_status` = ?'; + $args = array(self::MIGRATION_COMPLETED, $this->userId, self::MIGRATION_IN_PROGRESS); + $query = \OCP\DB::prepare($sql); + $result = $query->execute($args); + $manipulatedRows = $result->numRows(); - if ($return === true) { - \OCP\Util::writeLog('Encryption library', "Leave migration mode for: " . $this->userId . " successfully.", \OCP\Util::INFO); - } else { - \OCP\Util::writeLog('Encryption library', "Could not deactivate migration mode for " . $this->userId, \OCP\Util::ERROR); - } + if ($manipulatedRows === 1) { + $result = true; + \OCP\Util::writeLog('Encryption library', "Finish migration successfully for " . $this->userId, \OCP\Util::INFO); } else { - \OCP\Util::writeLog('Encryption library', "Someone else finished the migration mode to early for user " . $this->userId, \OCP\Util::ERROR); + \OCP\Util::writeLog('Encryption library', "Could not deactivate migration mode for " . $this->userId, \OCP\Util::WARN); } - \OC_DB::commit(); - return $return; } @@ -1158,7 +1110,7 @@ class Util { * @note If records are not being returned, check for a hidden space * at the start of the uid in db */ - private function getMigrationStatus() { + public function getMigrationStatus() { $sql = 'SELECT `migration_status` FROM `*PREFIX*encryption` WHERE `uid` = ?'; -- cgit v1.2.3