mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into oc_preview

This commit is contained in:
Georg Ehrke 2013-06-06 11:13:55 +02:00
parent f80aba4893 4976f2e0d3
commit 85ecec8b01
729 changed files with 7221 additions and 3856 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
3rdparty

@ -1 +1 @@
Subproject commit a13af72fbe8983686fc47489a750e60319f68ac2
Subproject commit e312294ef62873df2b8c02e774f9dfe1b7fbc38d

2
apps/files/appinfo/app.php
View File

@ -20,4 +20,4 @@ OC_Search::registerProvider('OC_Search_Provider_File');
\OC_Hook::connect('OC_Filesystem', 'post_delete', '\OC\Files\Cache\Updater', 'deleteHook');
\OC_Hook::connect('OC_Filesystem', 'post_rename', '\OC\Files\Cache\Updater', 'renameHook');
\OC_BackgroundJob_RegularTask::register('\OC\Files\Cache\BackgroundWatcher', 'checkNext');
\OCP\BackgroundJob::addRegularTask('\OC\Files\Cache\BackgroundWatcher', 'checkNext');

40
apps/files_encryption/ajax/adminrecovery.php
View File

@ -13,31 +13,47 @@ use OCA\Encryption;
\OCP\JSON::checkAppEnabled('files_encryption');
\OCP\JSON::callCheck();
$l=OC_L10N::get('files_encryption');
$l = OC_L10N::get('files_encryption');
$return = false;
// Enable recoveryAdmin
$recoveryKeyId = OC_Appconfig::getValue('files_encryption', 'recoveryKeyId');
if (isset($_POST['adminEnableRecovery']) && $_POST['adminEnableRecovery'] == 1){
if (isset($_POST['adminEnableRecovery']) && $_POST['adminEnableRecovery'] === '1') {
$return = \OCA\Encryption\Helper::adminEnableRecovery($recoveryKeyId, $_POST['recoveryPassword']);
$action = "enable";
// Return success or failure
if ($return) {
\OCP\JSON::success(array('data' => array('message' => $l->t('Recovery key successfully enabled'))));
} else {
\OCP\JSON::error(array(
'data' => array(
'message' => $l->t(
'Could not enable recovery key. Please check your recovery key password!')
)
));
}
// Disable recoveryAdmin
} elseif (
isset($_POST['adminEnableRecovery'])
&& 0 == $_POST['adminEnableRecovery']
&& '0' === $_POST['adminEnableRecovery']
) {
$return = \OCA\Encryption\Helper::adminDisableRecovery($_POST['recoveryPassword']);
$action = "disable";
// Return success or failure
if ($return) {
\OCP\JSON::success(array('data' => array('message' => $l->t('Recovery key successfully disabled'))));
} else {
\OCP\JSON::error(array(
'data' => array(
'message' => $l->t(
'Could not disable recovery key. Please check your recovery key password!')
)
));
}
}
// Return success or failure
if ($return) {
\OCP\JSON::success(array("data" => array( "message" => $l->t('Recovery key successfully ' . $action.'d'))));
} else {
\OCP\JSON::error(array("data" => array( "message" => $l->t('Could not '.$action.' recovery key. Please check your recovery key password!'))));
}

10
apps/files_encryption/ajax/changeRecoveryPassword.php
View File

@ -6,7 +6,7 @@
* See the COPYING-README file.
*
* @brief Script to change recovery key password
*
*
*/
use OCA\Encryption;
@ -15,7 +15,7 @@ use OCA\Encryption;
\OCP\JSON::checkAppEnabled('files_encryption');
\OCP\JSON::callCheck();
$l=OC_L10N::get('core');
$l = OC_L10N::get('core');
$return = false;
@ -28,7 +28,7 @@ $result = $util->checkRecoveryPassword($oldPassword);
if ($result) {
$keyId = $util->getRecoveryKeyId();
$keyPath = '/owncloud_private_key/' . $keyId . ".private.key";
$keyPath = '/owncloud_private_key/' . $keyId . '.private.key';
$view = new \OC\Files\View('/');
$proxyStatus = \OC_FileProxy::$enabled;
@ -46,7 +46,7 @@ if ($result) {
// success or failure
if ($return) {
\OCP\JSON::success(array("data" => array( "message" => $l->t('Password successfully changed.'))));
\OCP\JSON::success(array('data' => array('message' => $l->t('Password successfully changed.'))));
} else {
\OCP\JSON::error(array("data" => array( "message" => $l->t('Could not change the password. Maybe the old password was not correct.'))));
\OCP\JSON::error(array('data' => array('message' => $l->t('Could not change the password. Maybe the old password was not correct.'))));
}

26
apps/files_encryption/ajax/userrecovery.php
View File

@ -10,32 +10,32 @@
use OCA\Encryption;
\OCP\JSON::checkLoggedIn();
\OCP\JSON::checkAppEnabled( 'files_encryption' );
\OCP\JSON::checkAppEnabled('files_encryption');
\OCP\JSON::callCheck();
if (
isset( $_POST['userEnableRecovery'] )
&& ( 0 == $_POST['userEnableRecovery'] || 1 == $_POST['userEnableRecovery'] )
if (
isset($_POST['userEnableRecovery'])
&& (0 == $_POST['userEnableRecovery'] || '1' === $_POST['userEnableRecovery'])
) {
$userId = \OCP\USER::getUser();
$view = new \OC_FilesystemView( '/' );
$util = new \OCA\Encryption\Util( $view, $userId );
// Save recovery preference to DB
$return = $util->setRecoveryForUser( $_POST['userEnableRecovery'] );
$view = new \OC_FilesystemView('/');
$util = new \OCA\Encryption\Util($view, $userId);
if ($_POST['userEnableRecovery'] == "1") {
// Save recovery preference to DB
$return = $util->setRecoveryForUser($_POST['userEnableRecovery']);
if ($_POST['userEnableRecovery'] === '1') {
$util->addRecoveryKeys();
} else {
$util->removeRecoveryKeys();
}
} else {
$return = false;
}
// Return success or failure
( $return ) ? \OCP\JSON::success() : \OCP\JSON::error();
($return) ? \OCP\JSON::success() : \OCP\JSON::error();

14
apps/files_encryption/appinfo/app.php
View File

@ -10,7 +10,7 @@ OC::$CLASSPATH['OCA\Encryption\Session'] = 'files_encryption/lib/session.php';
OC::$CLASSPATH['OCA\Encryption\Capabilities'] = 'files_encryption/lib/capabilities.php';
OC::$CLASSPATH['OCA\Encryption\Helper'] = 'files_encryption/lib/helper.php';
OC_FileProxy::register( new OCA\Encryption\Proxy() );
OC_FileProxy::register(new OCA\Encryption\Proxy());
// User related hooks
OCA\Encryption\Helper::registerUserHooks();
@ -21,10 +21,16 @@ OCA\Encryption\Helper::registerShareHooks();
// Filesystem related hooks
OCA\Encryption\Helper::registerFilesystemHooks();
stream_wrapper_register( 'crypt', 'OCA\Encryption\Stream' );
stream_wrapper_register('crypt', 'OCA\Encryption\Stream');
// check if we are logged in
if (OCP\User::isLoggedIn()) {
// ensure filesystem is loaded
if(!\OC\Files\Filesystem::$loaded) {
\OC_Util::setupFS();
}
$view = new OC_FilesystemView('/');
$session = new \OCA\Encryption\Session($view);
@ -46,6 +52,6 @@ if (OCP\User::isLoggedIn()) {
}
// Register settings scripts
OCP\App::registerAdmin( 'files_encryption', 'settings-admin' );
OCP\App::registerPersonal( 'files_encryption', 'settings-personal' );
OCP\App::registerAdmin('files_encryption', 'settings-admin');
OCP\App::registerPersonal('files_encryption', 'settings-personal');

366
apps/files_encryption/hooks/hooks.php
View File

@ -37,106 +37,111 @@ class Hooks {
* @brief Startup encryption backend upon user login
* @note This method should never be called for users using client side encryption
*/
public static function login( $params ) {
public static function login($params) {
// Manually initialise Filesystem{} singleton with correct
// fake root path, in order to avoid fatal webdav errors
// NOTE: disabled because this give errors on webdav!
// NOTE: disabled because this give errors on webdav!
//\OC\Files\Filesystem::init( $params['uid'], '/' . 'files' . '/' );
$view = new \OC_FilesystemView( '/' );
$util = new Util( $view, $params['uid'] );
$view = new \OC_FilesystemView('/');
// setup user, if user not ready force relogin
if(Helper::setupUser($util, $params['password']) === false) {
return false;
}
// ensure filesystem is loaded
if(!\OC\Files\Filesystem::$loaded) {
\OC_Util::setupFS($params['uid']);
}
$encryptedKey = Keymanager::getPrivateKey( $view, $params['uid'] );
$privateKey = Crypt::symmetricDecryptFileContent( $encryptedKey, $params['password'] );
$util = new Util($view, $params['uid']);
// setup user, if user not ready force relogin
if (Helper::setupUser($util, $params['password']) === false) {
return false;
}
$encryptedKey = Keymanager::getPrivateKey($view, $params['uid']);
$privateKey = Crypt::symmetricDecryptFileContent($encryptedKey, $params['password']);
$session = new \OCA\Encryption\Session($view);
$session->setPrivateKey($privateKey, $params['uid']);
$session = new \OCA\Encryption\Session( $view );
$session->setPrivateKey( $privateKey, $params['uid'] );
// Check if first-run file migration has already been performed
$migrationCompleted = $util->getMigrationStatus();
// If migration not yet done
if ( ! $migrationCompleted ) {
$userView = new \OC_FilesystemView( '/' . $params['uid'] );
if (!$migrationCompleted) {
$userView = new \OC_FilesystemView('/' . $params['uid']);
// Set legacy encryption key if it exists, to support
// depreciated encryption system
if (
$userView->file_exists( 'encryption.key' )
&& $encLegacyKey = $userView->file_get_contents( 'encryption.key' )
$userView->file_exists('encryption.key')
&& $encLegacyKey = $userView->file_get_contents('encryption.key')
) {
$plainLegacyKey = Crypt::legacyBlockDecrypt( $encLegacyKey, $params['password'] );
$session->setLegacyKey( $plainLegacyKey );
$plainLegacyKey = Crypt::legacyBlockDecrypt($encLegacyKey, $params['password']);
$session->setLegacyKey($plainLegacyKey);
}
// Encrypt existing user files:
// This serves to upgrade old versions of the encryption
// app (see appinfo/spec.txt)
if (
$util->encryptAll( '/' . $params['uid'] . '/' . 'files', $session->getLegacyKey(), $params['password'] )
$util->encryptAll('/' . $params['uid'] . '/' . 'files', $session->getLegacyKey(), $params['password'])
) {
\OC_Log::write(
\OC_Log::write(
'Encryption library', 'Encryption of existing files belonging to "' . $params['uid'] . '" completed'
, \OC_Log::INFO
, \OC_Log::INFO
);
}
// Register successful migration in DB
$util->setMigrationStatus( 1 );
$util->setMigrationStatus(1);
}
return true;
}
/**
* @brief setup encryption backend upon user created
* @note This method should never be called for users using client side encryption
*/
public static function postCreateUser( $params ) {
$view = new \OC_FilesystemView( '/' );
/**
* @brief setup encryption backend upon user created
* @note This method should never be called for users using client side encryption
*/
public static function postCreateUser($params) {
$view = new \OC_FilesystemView('/');
$util = new Util( $view, $params['uid'] );
$util = new Util($view, $params['uid']);
Helper::setupUser($util, $params['password']);
}
Helper::setupUser($util, $params['password']);
}
/**
* @brief cleanup encryption backend upon user deleted
* @note This method should never be called for users using client side encryption
*/
public static function postDeleteUser( $params ) {
$view = new \OC_FilesystemView( '/' );
/**
* @brief cleanup encryption backend upon user deleted
* @note This method should never be called for users using client side encryption
*/
public static function postDeleteUser($params) {
$view = new \OC_FilesystemView('/');
// cleanup public key
$publicKey = '/public-keys/' . $params['uid'] . '.public.key';
// cleanup public key
$publicKey = '/public-keys/' . $params['uid'] . '.public.key';
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$view->unlink($publicKey);
$view->unlink($publicKey);
\OC_FileProxy::$enabled = $proxyStatus;
}
\OC_FileProxy::$enabled = $proxyStatus;
}
/**
/**
* @brief Change a user's encryption passphrase
* @param array $params keys: uid, password
*/
@ -145,9 +150,9 @@ class Hooks {
// Only attempt to change passphrase if server-side encryption
// is in use (client-side encryption does not have access to
// the necessary keys)
if (Crypt::mode() == 'server') {
if (Crypt::mode() === 'server') {
if ($params['uid'] == \OCP\User::getUser()) {
if ($params['uid'] === \OCP\User::getUser()) {
$view = new \OC_FilesystemView('/');
@ -165,10 +170,10 @@ class Hooks {
// NOTE: Session does not need to be updated as the
// private key has not changed, only the passphrase
// used to decrypt it has changed
} else { // admin changed the password for a different user, create new keys and reencrypt file keys
$user = $params['uid'];
$recoveryPassword = $params['recoveryPassword'];
$newUserPassword = $params['password'];
@ -179,21 +184,22 @@ class Hooks {
\OC\Files\Filesystem::initMountPoints($user);
$keypair = Crypt::createKeypair();
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Save public key
$view->file_put_contents( '/public-keys/'.$user.'.public.key', $keypair['publicKey'] );
$view->file_put_contents('/public-keys/' . $user . '.public.key', $keypair['publicKey']);
// Encrypt private key empty passphrase
$encryptedPrivateKey = Crypt::symmetricEncryptFileContent( $keypair['privateKey'], $newUserPassword );
$encryptedPrivateKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], $newUserPassword);
// Save private key
$view->file_put_contents( '/'.$user.'/files_encryption/'.$user.'.private.key', $encryptedPrivateKey );
$view->file_put_contents(
'/' . $user . '/files_encryption/' . $user . '.private.key', $encryptedPrivateKey);
if ( $recoveryPassword ) { // if recovery key is set we can re-encrypt the key files
if ($recoveryPassword) { // if recovery key is set we can re-encrypt the key files
$util = new Util($view, $user);
$util->recoverUsersFiles($recoveryPassword);
}
@ -231,16 +237,17 @@ class Hooks {
}
}
if($error)
// Set flag var 'run' to notify emitting
if ($error) // Set flag var 'run' to notify emitting
// script that hook execution failed
{
$params['run']->run = false;
// TODO: Make sure files_sharing provides user
// feedback on failed share
}
// TODO: Make sure files_sharing provides user
// feedback on failed share
}
/**
* @brief
* @brief
*/
public static function postShared($params) {
@ -273,7 +280,7 @@ class Hooks {
$share = $util->getParentFromShare($params['id']);
//if parent is set, then this is a re-share action
if ($share['parent'] != null) {
if ($share['parent'] !== null) {
// get the parent from current share
$parent = $util->getShareParent($params['parent']);
@ -325,6 +332,12 @@ class Hooks {
$sharingEnabled = \OCP\Share::isEnabled();
// get the path including mount point only if not a shared folder
if(strncmp($path, '/Shared' , strlen('/Shared') !== 0)) {
// get path including the the storage mount point
$path = $util->getPathWithMountPoint($params['itemSource']);
}
// if a folder was shared, get a list of all (sub-)folders
if ($params['itemType'] === 'folder') {
$allFiles = $util->getAllFiles($path);
@ -334,15 +347,15 @@ class Hooks {
foreach ($allFiles as $path) {
$usersSharing = $util->getSharingUsersArray($sharingEnabled, $path);
$util->setSharedFileKeyfiles( $session, $usersSharing, $path );
$util->setSharedFileKeyfiles($session, $usersSharing, $path);
}
}
}
/**
* @brief
* @brief
*/
public static function postUnshare( $params ) {
public static function postUnshare($params) {
// NOTE: $params has keys:
// [itemType] => file
@ -351,40 +364,34 @@ class Hooks {
// [shareWith] => test1
// [itemParent] =>
if ( $params['itemType'] === 'file' || $params['itemType'] === 'folder' ) {
if ($params['itemType'] === 'file' || $params['itemType'] === 'folder') {
$view = new \OC_FilesystemView( '/' );
$view = new \OC_FilesystemView('/');
$userId = \OCP\User::getUser();
$util = new Util( $view, $userId);
$path = $util->fileIdToPath( $params['itemSource'] );
$util = new Util($view, $userId);
$path = $util->fileIdToPath($params['itemSource']);
// check if this is a re-share
if ( $params['itemParent'] ) {
if ($params['itemParent']) {
// get the parent from current share
$parent = $util->getShareParent( $params['itemParent'] );
$parent = $util->getShareParent($params['itemParent']);
// get target path
$targetPath = $util->fileIdToPath( $params['itemSource'] );
$targetPathSplit = array_reverse( explode( '/', $targetPath ) );
$targetPath = $util->fileIdToPath($params['itemSource']);
$targetPathSplit = array_reverse(explode('/', $targetPath));
// init values
$path = '';
$sharedPart = ltrim( $parent['file_target'], '/' );
$sharedPart = ltrim($parent['file_target'], '/');
// rebuild path
foreach ( $targetPathSplit as $pathPart ) {
if ( $pathPart !== $sharedPart ) {
foreach ($targetPathSplit as $pathPart) {
if ($pathPart !== $sharedPart) {
$path = '/' . $pathPart . $path;
} else {
break;
}
}
// prefix path with Shared
@ -392,118 +399,127 @@ class Hooks {
}
// for group shares get a list of the group members
if ( $params['shareType'] == \OCP\Share::SHARE_TYPE_GROUP ) {
if ($params['shareType'] === \OCP\Share::SHARE_TYPE_GROUP) {
$userIds = \OC_Group::usersInGroup($params['shareWith']);
} else if ( $params['shareType'] == \OCP\Share::SHARE_TYPE_LINK ){
$userIds = array( $util->getPublicShareKeyId() );
} else {
$userIds = array( $params['shareWith'] );
if ($params['shareType'] === \OCP\Share::SHARE_TYPE_LINK) {
$userIds = array($util->getPublicShareKeyId());
} else {
$userIds = array($params['shareWith']);
}
}
// get the path including mount point only if not a shared folder
if(strncmp($path, '/Shared' , strlen('/Shared') !== 0)) {
// get path including the the storage mount point
$path = $util->getPathWithMountPoint($params['itemSource']);
}
// if we unshare a folder we need a list of all (sub-)files
if ( $params['itemType'] === 'folder' ) {
if ($params['itemType'] === 'folder') {
$allFiles = $util->getAllFiles( $path );
} else {
$allFiles = array( $path );
$allFiles = array($path);
}
foreach ( $allFiles as $path ) {
foreach ($allFiles as $path) {
// check if the user still has access to the file, otherwise delete share key
$sharingUsers = $util->getSharingUsersArray( true, $path );
$sharingUsers = $util->getSharingUsersArray(true, $path);
// Unshare every user who no longer has access to the file
$delUsers = array_diff( $userIds, $sharingUsers);
$delUsers = array_diff($userIds, $sharingUsers);
// delete share key
Keymanager::delShareKey( $view, $delUsers, $path );
Keymanager::delShareKey($view, $delUsers, $path);
}
}
}
/**
* @brief after a file is renamed, rename its keyfile and share-keys also fix the file size and fix also the sharing
* @param array with oldpath and newpath
*
* This function is connected to the rename signal of OC_Filesystem and adjust the name and location
* of the stored versions along the actual file
*/
public static function postRename($params) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
* @brief after a file is renamed, rename its keyfile and share-keys also fix the file size and fix also the sharing
* @param array with oldpath and newpath
*
* This function is connected to the rename signal of OC_Filesystem and adjust the name and location
* of the stored versions along the actual file
*/
public static function postRename($params) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$view = new \OC_FilesystemView('/');
$session = new \OCA\Encryption\Session($view);
$userId = \OCP\User::getUser();
$util = new Util( $view, $userId );
$view = new \OC_FilesystemView('/');
$session = new \OCA\Encryption\Session($view);
$userId = \OCP\User::getUser();
$util = new Util($view, $userId);
// Format paths to be relative to user files dir
$oldKeyfilePath = \OC\Files\Filesystem::normalizePath($userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $params['oldpath']);
$newKeyfilePath = \OC\Files\Filesystem::normalizePath($userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $params['newpath']);
// Format paths to be relative to user files dir
$oldKeyfilePath = \OC\Files\Filesystem::normalizePath(
$userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $params['oldpath']);
$newKeyfilePath = \OC\Files\Filesystem::normalizePath(
$userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $params['newpath']);
// add key ext if this is not an folder
if (!$view->is_dir($oldKeyfilePath)) {
$oldKeyfilePath .= '.key';
$newKeyfilePath .= '.key';
// add key ext if this is not an folder
if (!$view->is_dir($oldKeyfilePath)) {
$oldKeyfilePath .= '.key';
$newKeyfilePath .= '.key';
// handle share-keys
$localKeyPath = $view->getLocalFile($userId.'/files_encryption/share-keys/'.$params['oldpath']);
$matches = glob(preg_quote($localKeyPath).'*.shareKey');
foreach ($matches as $src) {
$dst = \OC\Files\Filesystem::normalizePath(str_replace($params['oldpath'], $params['newpath'], $src));
// handle share-keys
$localKeyPath = $view->getLocalFile($userId . '/files_encryption/share-keys/' . $params['oldpath']);
$matches = glob(preg_quote($localKeyPath) . '*.shareKey');
foreach ($matches as $src) {
$dst = \OC\Files\Filesystem::normalizePath(str_replace($params['oldpath'], $params['newpath'], $src));
// create destination folder if not exists
if(!file_exists(dirname($dst))) {
mkdir(dirname($dst), 0750, true);
}
// create destination folder if not exists
if (!file_exists(dirname($dst))) {
mkdir(dirname($dst), 0750, true);
}
rename($src, $dst);
}
rename($src, $dst);
}
} else {
// handle share-keys folders
$oldShareKeyfilePath = \OC\Files\Filesystem::normalizePath($userId . '/' . 'files_encryption' . '/' . 'share-keys' . '/' . $params['oldpath']);
$newShareKeyfilePath = \OC\Files\Filesystem::normalizePath($userId . '/' . 'files_encryption' . '/' . 'share-keys' . '/' . $params['newpath']);
} else {
// handle share-keys folders
$oldShareKeyfilePath = \OC\Files\Filesystem::normalizePath(
$userId . '/' . 'files_encryption' . '/' . 'share-keys' . '/' . $params['oldpath']);
$newShareKeyfilePath = \OC\Files\Filesystem::normalizePath(
$userId . '/' . 'files_encryption' . '/' . 'share-keys' . '/' . $params['newpath']);
// create destination folder if not exists
if(!$view->file_exists(dirname($newShareKeyfilePath))) {
$view->mkdir(dirname($newShareKeyfilePath), 0750, true);
}
// create destination folder if not exists
if (!$view->file_exists(dirname($newShareKeyfilePath))) {
$view->mkdir(dirname($newShareKeyfilePath), 0750, true);
}
$view->rename($oldShareKeyfilePath, $newShareKeyfilePath);
}
$view->rename($oldShareKeyfilePath, $newShareKeyfilePath);
}
// Rename keyfile so it isn't orphaned
if($view->file_exists($oldKeyfilePath)) {
// Rename keyfile so it isn't orphaned
if ($view->file_exists($oldKeyfilePath)) {
// create destination folder if not exists
if(!$view->file_exists(dirname($newKeyfilePath))) {
$view->mkdir(dirname($newKeyfilePath), 0750, true);
}
// create destination folder if not exists
if (!$view->file_exists(dirname($newKeyfilePath))) {
$view->mkdir(dirname($newKeyfilePath), 0750, true);
}
$view->rename($oldKeyfilePath, $newKeyfilePath);
}
$view->rename($oldKeyfilePath, $newKeyfilePath);
}
// build the path to the file
$newPath = '/' . $userId . '/files' .$params['newpath'];
$newPathRelative = $params['newpath'];
// build the path to the file
$newPath = '/' . $userId . '/files' . $params['newpath'];
$newPathRelative = $params['newpath'];
if($util->fixFileSize($newPath)) {
// get sharing app state
$sharingEnabled = \OCP\Share::isEnabled();
if ($util->fixFileSize($newPath)) {
// get sharing app state
$sharingEnabled = \OCP\Share::isEnabled();
// get users
$usersSharing = $util->getSharingUsersArray($sharingEnabled, $newPathRelative);
// get users
$usersSharing = $util->getSharingUsersArray($sharingEnabled, $newPathRelative);
// update sharing-keys
$util->setSharedFileKeyfiles($session, $usersSharing, $newPathRelative);
}
// update sharing-keys
$util->setSharedFileKeyfiles($session, $usersSharing, $newPathRelative);
}
\OC_FileProxy::$enabled = $proxyStatus;
}
\OC_FileProxy::$enabled = $proxyStatus;
}
}

12
apps/files_encryption/l10n/de_DE.php
View File

@ -1,9 +1,19 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Der Wiederherstellungsschlüssel wurde erfolgreich aktiviert.",
"Could not enable recovery key. Please check your recovery key password!" => "Der Wiederherstellungsschlüssel konnte nicht aktiviert werden. Bitte überprüfen Sie das Passwort für den Wiederherstellungsschlüssel!",
"Recovery key successfully disabled" => "Der Wiederherstellungsschlüssel wurde erfolgreich deaktiviert.",
"Could not disable recovery key. Please check your recovery key password!" => "Der Wiederherstellungsschlüssel konnte nicht deaktiviert werden. Bitte überprüfen Sie das Passwort für den Wiederherstellungsschlüssel!",
"Password successfully changed." => "Das Passwort wurde erfolgreich geändert.",
"Could not change the password. Maybe the old password was not correct." => "Das Passwort konnte nicht geändert werden. Vielleicht war das alte Passwort nicht richtig.",
"Saving..." => "Speichern...",
"Encryption" => "Verschlüsselung",
"Recovery account password" => "Account-Passwort wiederherstellen",
"Enabled" => "Aktiviert",
"Disabled" => "Deaktiviert",
"Change Password" => "Passwort ändern"
"Old Recovery account password" => "Altes Passwort für die Account-Wiederherstellung",
"New Recovery account password" => "Neues Passwort für die Account-Wiederherstellung",
"Change Password" => "Passwort ändern",
"Enabling this option will allow you to reobtain access to your encrypted files if your password is lost" => "Durch die Aktivierung dieser Option haben Sie die Möglichkeit, wieder auf Ihre verschlüsselten Dateien zugreifen zu können, wenn Sie Ihr Passwort verloren haben.",
"File recovery settings updated" => "Die Einstellungen für die Dateiwiederherstellung wurden aktualisiert.",
"Could not update file recovery" => "Die Dateiwiederherstellung konnte nicht aktualisiert werden."
);

20
apps/files_encryption/l10n/es.php
View File

@ -1,4 +1,22 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Se ha habilitado la recuperación de archivos",
"Could not enable recovery key. Please check your recovery key password!" => "No se pudo habilitar la clave de recuperación. Por favor compruebe su contraseña.",
"Recovery key successfully disabled" => "Clave de recuperación deshabilitada",
"Could not disable recovery key. Please check your recovery key password!" => "No se pudo deshabilitar la clave de recuperación. Por favor compruebe su contraseña!",
"Password successfully changed." => "Su contraseña ha sido cambiada",
"Could not change the password. Maybe the old password was not correct." => "No se pudo cambiar la contraseña. Compruebe que la contraseña actual sea correcta.",
"Saving..." => "Guardando...",
"Encryption" => "Cifrado"
"Encryption" => "Cifrado",
"Enable encryption passwords recovery key (allow sharing to recovery key):" => "Habilitar clave de recuperación de contraseñas ():",
"Recovery account password" => "Recuperar contraseña",
"Enabled" => "Habilitar",
"Disabled" => "Deshabilitado",
"Change encryption passwords recovery key:" => "Cambiar clave de cifrado de contraseñas:",
"Old Recovery account password" => "Contraseña de recuperación actual",
"New Recovery account password" => "Contraseña de recuperación nueva",
"Change Password" => "Cambiar contraseña",
"Enable password recovery by sharing all files with your administrator:" => "Habilitar recuperación de contraseña compartiendo todos los archivos con su administrador",
"Enabling this option will allow you to reobtain access to your encrypted files if your password is lost" => "Habilitar esta opción para poder acceder a sus archivos cifrados si pierde su contraseña",
"File recovery settings updated" => "Opciones de recuperación de archivos actualizada",
"Could not update file recovery" => "No se pudo actualizar la recuperación de archivos"
);

17
apps/files_encryption/l10n/et_EE.php
View File

@ -1,7 +1,22 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Taastevõtme lubamine õnnestus",
"Could not enable recovery key. Please check your recovery key password!" => "Ei suutnud lubada taastevõtit. Palun kontrolli oma taastevõtme parooli!",
"Recovery key successfully disabled" => "Taastevõtme keelamine õnnestus",
"Could not disable recovery key. Please check your recovery key password!" => "Ei suuda keelata taastevõtit. Palun kontrolli oma taastevõtme parooli!",
"Password successfully changed." => "Parool edukalt vahetatud.",
"Could not change the password. Maybe the old password was not correct." => "Ei suutnud vahetada parooli. Võib-olla on vana parool valesti sisestatud.",
"Saving..." => "Salvestamine...",
"Encryption" => "Krüpteerimine",
"Enable encryption passwords recovery key (allow sharing to recovery key):" => "Luba krüpteerimise paroolide taastevõti (võimalda parooli jagamine taastevõtmesse):",
"Recovery account password" => "Konto taasteparool",
"Enabled" => "Sisse lülitatud",
"Disabled" => "Väljalülitatud",
"Change Password" => "Muuda parooli"
"Change encryption passwords recovery key:" => "Muuda taaste võtme krüpteerimise paroole:",
"Old Recovery account password" => "Konto vana taaste parool",
"New Recovery account password" => "Konto uus taasteparool",
"Change Password" => "Muuda parooli",
"Enable password recovery by sharing all files with your administrator:" => "Luba parooli taaste jagades kõik failid administraatoriga:",
"Enabling this option will allow you to reobtain access to your encrypted files if your password is lost" => "Valiku lubamine võimaldab taastada ligipääsu krüpteeritud failidele kui parool on kadunud",
"File recovery settings updated" => "Faili taaste seaded uuendatud",
"Could not update file recovery" => "Ei suuda uuendada taastefaili"
);

6
apps/files_encryption/l10n/gl.php
View File

@ -1,6 +1,8 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully " => "O contrasinal foi recuperado satisfactoriamente",
"Could not " => "Non foi posíbel",
"Recovery key successfully enabled" => "Activada satisfactoriamente a chave de recuperación",
"Could not enable recovery key. Please check your recovery key password!" => "Non foi posíbel activar a chave de recuperación. Comprobe o contrasinal da chave de recuperación!",
"Recovery key successfully disabled" => "Desactivada satisfactoriamente a chave de recuperación",
"Could not disable recovery key. Please check your recovery key password!" => "Non foi posíbel desactivar a chave de recuperación. Comprobe o contrasinal da chave de recuperación!",
"Password successfully changed." => "O contrasinal foi cambiado satisfactoriamente",
"Could not change the password. Maybe the old password was not correct." => "Non foi posíbel cambiar o contrasinal. Probabelmente o contrasinal antigo non é o correcto.",
"Saving..." => "Gardando...",

6
apps/files_encryption/l10n/it.php
View File

@ -1,6 +1,8 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully " => "Chiave ripristinata correttamente",
"Could not " => "Impossibile",
"Recovery key successfully enabled" => "Chiave di ripristino abilitata correttamente",
"Could not enable recovery key. Please check your recovery key password!" => "Impossibile abilitare la chiave di ripristino. Verifica la password della chiave di ripristino.",
"Recovery key successfully disabled" => "Chiave di ripristinata disabilitata correttamente",
"Could not disable recovery key. Please check your recovery key password!" => "Impossibile disabilitare la chiave di ripristino. Verifica la password della chiave di ripristino.",
"Password successfully changed." => "Password modificata correttamente.",
"Could not change the password. Maybe the old password was not correct." => "Impossibile cambiare la password. Forse la vecchia password non era corretta.",
"Saving..." => "Salvataggio in corso...",

6
apps/files_encryption/l10n/ja_JP.php
View File

@ -1,6 +1,8 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully " => "鍵を復旧することができました。",
"Could not " => "できませんでした。",
"Recovery key successfully enabled" => "リカバリ用のキーは正常に有効化されました",
"Could not enable recovery key. Please check your recovery key password!" => "リカバリ用のキーを有効にできませんでした。リカバリ用のキーのパスワードを確認して下さい!",
"Recovery key successfully disabled" => "リカバリ用のキーを正常に無効化しました",
"Could not disable recovery key. Please check your recovery key password!" => "リカバリ用のキーを無効化できませんでした。リカバリ用のキーのパスワードを確認して下さい!",
"Password successfully changed." => "パスワードを変更できました。",
"Could not change the password. Maybe the old password was not correct." => "パスワードを変更できませんでした。古いパスワードが間違っているかもしれません。",
"Saving..." => "保存中...",

6
apps/files_encryption/l10n/nl.php
View File

@ -1,6 +1,8 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully " => "Sleutelherstel succesvol",
"Could not " => "Kon niet",
"Recovery key successfully enabled" => "Herstelsleutel succesvol geactiveerd",
"Could not enable recovery key. Please check your recovery key password!" => "Kon herstelsleutel niet activeren. Controleer het wachtwoord van uw herstelsleutel!",
"Recovery key successfully disabled" => "Herstelsleutel succesvol gedeactiveerd",
"Could not disable recovery key. Please check your recovery key password!" => "Kon herstelsleutel niet deactiveren. Controleer het wachtwoord van uw herstelsleutel!",
"Password successfully changed." => "Wachtwoord succesvol gewijzigd.",
"Could not change the password. Maybe the old password was not correct." => "Kon wachtwoord niet wijzigen. Wellicht oude wachtwoord niet juist ingevoerd.",
"Saving..." => "Opslaan",

2
apps/files_encryption/l10n/pl.php
View File

@ -1,6 +1,4 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully " => "Odzyskanie klucza udane",
"Could not " => "Nie można",
"Password successfully changed." => "Zmiana hasła udana.",
"Could not change the password. Maybe the old password was not correct." => "Nie można zmienić hasła. Może stare hasło nie było poprawne.",
"Saving..." => "Zapisywanie...",

6
apps/files_encryption/l10n/pt_BR.php
View File

@ -1,6 +1,8 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully " => "Recuperação de chave com sucesso",
"Could not " => "Não foi possível",
"Recovery key successfully enabled" => "Recuperação de chave habilitada com sucesso",
"Could not enable recovery key. Please check your recovery key password!" => "Impossível habilitar recuperação de chave. Por favor verifique sua senha para recuperação de chave!",
"Recovery key successfully disabled" => "Recuperação de chave desabilitada com sucesso",
"Could not disable recovery key. Please check your recovery key password!" => "Impossível desabilitar recuperação de chave. Por favor verifique sua senha para recuperação de chave!",
"Password successfully changed." => "Senha alterada com sucesso.",
"Could not change the password. Maybe the old password was not correct." => "Não foi possível alterar a senha. Talvez a senha antiga não estava correta.",
"Saving..." => "Salvando...",

1
apps/files_encryption/l10n/pt_PT.php
View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Could not " => "Não foi possivel",
"Password successfully changed." => "Password alterada com sucesso.",
"Could not change the password. Maybe the old password was not correct." => "Não foi possivel alterar a password. Possivelmente a password antiga não está correcta.",
"Saving..." => "A guardar...",

16
apps/files_encryption/l10n/ru.php
View File

@ -1,4 +1,18 @@
<?php $TRANSLATIONS = array(
"Password successfully changed." => "Пароль изменен удачно.",
"Could not change the password. Maybe the old password was not correct." => "Невозможно изменить пароль. Возможно старый пароль не был верен.",
"Saving..." => "Сохранение...",
"Encryption" => "Шифрование"
"Encryption" => "Шифрование",
"Enable encryption passwords recovery key (allow sharing to recovery key):" => "Включить шифрование пароля ключа восстановления (понадобится разрешение для восстановления ключа)",
"Recovery account password" => "Восстановление пароля учетной записи",
"Enabled" => "Включено",
"Disabled" => "Отключено",
"Change encryption passwords recovery key:" => "Изменить шифрование пароля ключа восстановления:",
"Old Recovery account password" => "Старое Восстановление пароля учетной записи",
"New Recovery account password" => "Новое Восстановление пароля учетной записи",
"Change Password" => "Изменить пароль",
"Enable password recovery by sharing all files with your administrator:" => "Включить восстановление пароля путем доступа Вашего администратора ко всем файлам",
"Enabling this option will allow you to reobtain access to your encrypted files if your password is lost" => "Включение этой опции позволит вам получить доступ к зашифрованным файлам, в случае утери пароля",
"File recovery settings updated" => "Настройки файла восстановления обновлены",
"Could not update file recovery" => "Невозможно обновить файл восстановления"
);

9
apps/files_encryption/l10n/sk_SK.php
View File

@ -1,4 +1,11 @@
<?php $TRANSLATIONS = array(
"Password successfully changed." => "Heslo úspešne zmenené.",
"Saving..." => "Ukladám...",
"Encryption" => "Šifrovanie"
"Encryption" => "Šifrovanie",
"Enabled" => "Povolené",
"Disabled" => "Zakázané",
"Change encryption passwords recovery key:" => "Zmeniť šifrovacie heslo obnovovacieho kľúča:",
"Change Password" => "Zmeniť heslo",
"File recovery settings updated" => "Nastavenie obnovy súborov aktualizované",
"Could not update file recovery" => "Nemožno aktualizovať obnovenie súborov"
);

2
apps/files_encryption/l10n/zh_TW.php
View File

@ -1,6 +1,4 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully " => "成功還原金鑰",
"Could not " => "無法",
"Password successfully changed." => "成功變更密碼。",
"Could not change the password. Maybe the old password was not correct." => "無法變更密碼,或許是輸入的舊密碼不正確。",
"Saving..." => "儲存中...",

221
apps/files_encryption/lib/crypt.php
View File

@ -26,21 +26,20 @@
namespace OCA\Encryption;
//require_once '../3rdparty/Crypt_Blowfish/Blowfish.php';
require_once realpath( dirname( __FILE__ ) . '/../3rdparty/Crypt_Blowfish/Blowfish.php' );
require_once realpath(dirname(__FILE__) . '/../3rdparty/Crypt_Blowfish/Blowfish.php');
/**
* Class for common cryptography functionality
*/
class Crypt
{
class Crypt {
/**
* @brief return encryption mode client or server side encryption
* @param string $user name (use system wide setting if name=null)
* @return string 'client' or 'server'
*/
public static function mode( $user = null ) {
public static function mode($user = null) {
return 'server';
@ -52,17 +51,20 @@ class Crypt
*/
public static function createKeypair() {
$res = openssl_pkey_new( array( 'private_key_bits' => 4096 ) );
$res = openssl_pkey_new(array('private_key_bits' => 4096));
// Get private key
openssl_pkey_export( $res, $privateKey );
openssl_pkey_export($res, $privateKey);
// Get public key
$publicKey = openssl_pkey_get_details( $res );
$publicKey = openssl_pkey_get_details($res);
$publicKey = $publicKey['key'];
return ( array( 'publicKey' => $publicKey, 'privateKey' => $privateKey ) );
return (array(
'publicKey' => $publicKey,
'privateKey' => $privateKey
));
}
@ -75,7 +77,7 @@ class Crypt
* blocks with encryption alone, hence padding is added to achieve the
* required length.
*/
public static function addPadding( $data ) {
public static function addPadding($data) {
$padded = $data . 'xx';
@ -88,11 +90,11 @@ class Crypt
* @param string $padded padded data to remove padding from
* @return string unpadded data on success, false on error
*/
public static function removePadding( $padded ) {
public static function removePadding($padded) {
if ( substr( $padded, -2 ) == 'xx' ) {
if (substr($padded, -2) === 'xx') {
$data = substr( $padded, 0, -2 );
$data = substr($padded, 0, -2);
return $data;
@ -111,26 +113,26 @@ class Crypt
* @return boolean
* @note see also OCA\Encryption\Util->isEncryptedPath()
*/
public static function isCatfileContent( $content ) {
public static function isCatfileContent($content) {
if ( !$content ) {
if (!$content) {
return false;
}
$noPadding = self::removePadding( $content );
$noPadding = self::removePadding($content);
// Fetch encryption metadata from end of file
$meta = substr( $noPadding, -22 );
$meta = substr($noPadding, -22);
// Fetch IV from end of file
$iv = substr( $meta, -16 );
$iv = substr($meta, -16);
// Fetch identifier from start of metadata
$identifier = substr( $meta, 0, 6 );
$identifier = substr($meta, 0, 6);
if ( $identifier == '00iv00' ) {
if ($identifier === '00iv00') {
return true;
@ -147,15 +149,15 @@ class Crypt
* @param string $path
* @return bool
*/
public static function isEncryptedMeta( $path ) {
public static function isEncryptedMeta($path) {
// TODO: Use DI to get \OC\Files\Filesystem out of here
// Fetch all file metadata from DB
$metadata = \OC\Files\Filesystem::getFileInfo( $path );
$metadata = \OC\Files\Filesystem::getFileInfo($path);
// Return encryption status
return isset( $metadata['encrypted'] ) and ( bool )$metadata['encrypted'];
return isset($metadata['encrypted']) && ( bool )$metadata['encrypted'];
}
@ -166,18 +168,17 @@ class Crypt
* e.g. filename or /Docs/filename, NOT admin/files/filename
* @return boolean
*/
public static function isLegacyEncryptedContent( $data, $relPath ) {
public static function isLegacyEncryptedContent($data, $relPath) {
// Fetch all file metadata from DB
$metadata = \OC\Files\Filesystem::getFileInfo( $relPath, '' );
$metadata = \OC\Files\Filesystem::getFileInfo($relPath, '');
// If a file is flagged with encryption in DB, but isn't a
// valid content + IV combination, it's probably using the
// legacy encryption system
if (
isset( $metadata['encrypted'] )
and $metadata['encrypted'] === true
and !self::isCatfileContent( $data )
if (isset($metadata['encrypted'])
&& $metadata['encrypted'] === true
&& !self::isCatfileContent($data)
) {
return true;
@ -197,15 +198,15 @@ class Crypt
* @param string $passphrase
* @return string encrypted file content
*/
public static function encrypt( $plainContent, $iv, $passphrase = '' ) {
public static function encrypt($plainContent, $iv, $passphrase = '') {
if ( $encryptedContent = openssl_encrypt( $plainContent, 'AES-128-CFB', $passphrase, false, $iv ) ) {
if ($encryptedContent = openssl_encrypt($plainContent, 'AES-128-CFB', $passphrase, false, $iv)) {
return $encryptedContent;
} else {
\OC_Log::write( 'Encryption library', 'Encryption (symmetric) of content failed', \OC_Log::ERROR );
\OCP\Util::writeLog('Encryption library', 'Encryption (symmetric) of content failed', \OCP\Util::ERROR);
return false;
@ -221,15 +222,15 @@ class Crypt
* @throws \Exception
* @return string decrypted file content
*/
public static function decrypt( $encryptedContent, $iv, $passphrase ) {
public static function decrypt($encryptedContent, $iv, $passphrase) {
if ( $plainContent = openssl_decrypt( $encryptedContent, 'AES-128-CFB', $passphrase, false, $iv ) ) {
if ($plainContent = openssl_decrypt($encryptedContent, 'AES-128-CFB', $passphrase, false, $iv)) {
return $plainContent;
} else {
throw new \Exception( 'Encryption library: Decryption (symmetric) of content failed' );
throw new \Exception('Encryption library: Decryption (symmetric) of content failed');
}
@ -241,7 +242,7 @@ class Crypt
* @param string $iv IV to be concatenated
* @returns string concatenated content
*/
public static function concatIv( $content, $iv ) {
public static function concatIv($content, $iv) {
$combined = $content . '00iv00' . $iv;
@ -254,20 +255,20 @@ class Crypt
* @param string $catFile concatenated data to be split
* @returns array keys: encrypted, iv
*/
public static function splitIv( $catFile ) {
public static function splitIv($catFile) {
// Fetch encryption metadata from end of file
$meta = substr( $catFile, -22 );
$meta = substr($catFile, -22);
// Fetch IV from end of file
$iv = substr( $meta, -16 );
$iv = substr($meta, -16);
// Remove IV and IV identifier text to expose encrypted content
$encrypted = substr( $catFile, 0, -22 );
$encrypted = substr($catFile, 0, -22);
$split = array(
'encrypted' => $encrypted
, 'iv' => $iv
'encrypted' => $encrypted,
'iv' => $iv
);
return $split;
@ -283,9 +284,9 @@ class Crypt
* @note IV need not be specified, as it will be stored in the returned keyfile
* and remain accessible therein.
*/
public static function symmetricEncryptFileContent( $plainContent, $passphrase = '' ) {
public static function symmetricEncryptFileContent($plainContent, $passphrase = '') {
if ( !$plainContent ) {
if (!$plainContent) {
return false;
@ -293,18 +294,18 @@ class Crypt
$iv = self::generateIv();
if ( $encryptedContent = self::encrypt( $plainContent, $iv, $passphrase ) ) {
if ($encryptedContent = self::encrypt($plainContent, $iv, $passphrase)) {
// Combine content to encrypt with IV identifier and actual IV
$catfile = self::concatIv( $encryptedContent, $iv );
$catfile = self::concatIv($encryptedContent, $iv);
$padded = self::addPadding( $catfile );
$padded = self::addPadding($catfile);
return $padded;
} else {
\OC_Log::write( 'Encryption library', 'Encryption (symmetric) of keyfile content failed', \OC_Log::ERROR );
\OCP\Util::writeLog('Encryption library', 'Encryption (symmetric) of keyfile content failed', \OCP\Util::ERROR);
return false;
@ -326,21 +327,21 @@ class Crypt
*
* This function decrypts a file
*/
public static function symmetricDecryptFileContent( $keyfileContent, $passphrase = '' ) {
public static function symmetricDecryptFileContent($keyfileContent, $passphrase = '') {
if ( !$keyfileContent ) {
if (!$keyfileContent) {
throw new \Exception( 'Encryption library: no data provided for decryption' );
throw new \Exception('Encryption library: no data provided for decryption');
}
// Remove padding
$noPadding = self::removePadding( $keyfileContent );
$noPadding = self::removePadding($keyfileContent);
// Split into enc data and catfile
$catfile = self::splitIv( $noPadding );
$catfile = self::splitIv($noPadding);
if ( $plainContent = self::decrypt( $catfile['encrypted'], $catfile['iv'], $passphrase ) ) {
if ($plainContent = self::decrypt($catfile['encrypted'], $catfile['iv'], $passphrase)) {
return $plainContent;
@ -358,11 +359,11 @@ class Crypt
*
* This function decrypts a file
*/
public static function symmetricEncryptFileContentKeyfile( $plainContent ) {
public static function symmetricEncryptFileContentKeyfile($plainContent) {
$key = self::generateKey();
if ( $encryptedContent = self::symmetricEncryptFileContent( $plainContent, $key ) ) {
if ($encryptedContent = self::symmetricEncryptFileContent($plainContent, $key)) {
return array(
'key' => $key,
@ -384,13 +385,13 @@ class Crypt
* @returns array keys: keys (array, key = userId), data
* @note symmetricDecryptFileContent() can decrypt files created using this method
*/
public static function multiKeyEncrypt( $plainContent, array $publicKeys ) {
public static function multiKeyEncrypt($plainContent, array $publicKeys) {
// openssl_seal returns false without errors if $plainContent
// is empty, so trigger our own error
if ( empty( $plainContent ) ) {
if (empty($plainContent)) {
throw new \Exception( 'Cannot mutliKeyEncrypt empty plain content' );
throw new \Exception('Cannot mutliKeyEncrypt empty plain content');
}
@ -399,13 +400,13 @@ class Crypt
$shareKeys = array();
$mappedShareKeys = array();
if ( openssl_seal( $plainContent, $sealed, $shareKeys, $publicKeys ) ) {
if (openssl_seal($plainContent, $sealed, $shareKeys, $publicKeys)) {
$i = 0;
// Ensure each shareKey is labelled with its
// corresponding userId
foreach ( $publicKeys as $userId => $publicKey ) {
foreach ($publicKeys as $userId => $publicKey) {
$mappedShareKeys[$userId] = $shareKeys[$i];
$i++;
@ -437,21 +438,21 @@ class Crypt
*
* This function decrypts a file
*/
public static function multiKeyDecrypt( $encryptedContent, $shareKey, $privateKey ) {
public static function multiKeyDecrypt($encryptedContent, $shareKey, $privateKey) {
if ( !$encryptedContent ) {
if (!$encryptedContent) {
return false;
}
if ( openssl_open( $encryptedContent, $plainContent, $shareKey, $privateKey ) ) {
if (openssl_open($encryptedContent, $plainContent, $shareKey, $privateKey)) {
return $plainContent;
} else {
\OC_Log::write( 'Encryption library', 'Decryption (asymmetric) of sealed content failed', \OC_Log::ERROR );
\OCP\Util::writeLog('Encryption library', 'Decryption (asymmetric) of sealed content failed', \OCP\Util::ERROR);
return false;
@ -461,11 +462,13 @@ class Crypt
/**
* @brief Asymetrically encrypt a string using a public key
* @param $plainContent
* @param $publicKey
* @return string encrypted file
*/
public static function keyEncrypt( $plainContent, $publicKey ) {
public static function keyEncrypt($plainContent, $publicKey) {
openssl_public_encrypt( $plainContent, $encryptedContent, $publicKey );
openssl_public_encrypt($plainContent, $encryptedContent, $publicKey);
return $encryptedContent;
@ -473,13 +476,15 @@ class Crypt
/**
* @brief Asymetrically decrypt a file using a private key
* @param $encryptedContent
* @param $privatekey
* @return string decrypted file
*/
public static function keyDecrypt( $encryptedContent, $privatekey ) {
public static function keyDecrypt($encryptedContent, $privatekey) {
$result = @openssl_private_decrypt( $encryptedContent, $plainContent, $privatekey );
$result = @openssl_private_decrypt($encryptedContent, $plainContent, $privatekey);
if ( $result ) {
if ($result) {
return $plainContent;
}
@ -493,24 +498,24 @@ class Crypt
*/
public static function generateIv() {
if ( $random = openssl_random_pseudo_bytes( 12, $strong ) ) {
if ($random = openssl_random_pseudo_bytes(12, $strong)) {
if ( !$strong ) {
if (!$strong) {
// If OpenSSL indicates randomness is insecure, log error
\OC_Log::write( 'Encryption library', 'Insecure symmetric key was generated using openssl_random_pseudo_bytes()', \OC_Log::WARN );
\OCP\Util::writeLog('Encryption library', 'Insecure symmetric key was generated using openssl_random_pseudo_bytes()', \OCP\Util::WARN);
}
// We encode the iv purely for string manipulation
// purposes - it gets decoded before use
$iv = base64_encode( $random );
$iv = base64_encode($random);
return $iv;
} else {
throw new \Exception( 'Generating IV failed' );
throw new \Exception('Generating IV failed');
}
@ -523,12 +528,12 @@ class Crypt
public static function generateKey() {
// Generate key
if ( $key = base64_encode( openssl_random_pseudo_bytes( 183, $strong ) ) ) {
if ($key = base64_encode(openssl_random_pseudo_bytes(183, $strong))) {
if ( !$strong ) {
if (!$strong) {
// If OpenSSL indicates randomness is insecure, log error
throw new \Exception( 'Encryption library, Insecure symmetric key was generated using openssl_random_pseudo_bytes()' );
throw new \Exception('Encryption library, Insecure symmetric key was generated using openssl_random_pseudo_bytes()');
}
@ -545,15 +550,15 @@ class Crypt
/**
* @brief Get the blowfish encryption handeler for a key
* @param $key string (optional)
* @return Crypt_Blowfish blowfish object
* @return \Crypt_Blowfish blowfish object
*
* if the key is left out, the default handeler will be used
*/
public static function getBlowfish( $key = '' ) {
public static function getBlowfish($key = '') {
if ( $key ) {
if ($key) {
return new \Crypt_Blowfish( $key );
return new \Crypt_Blowfish($key);
} else {
@ -567,13 +572,13 @@ class Crypt
* @param $passphrase
* @return mixed
*/
public static function legacyCreateKey( $passphrase ) {
public static function legacyCreateKey($passphrase) {
// Generate a random integer
$key = mt_rand( 10000, 99999 ) . mt_rand( 10000, 99999 ) . mt_rand( 10000, 99999 ) . mt_rand( 10000, 99999 );
$key = mt_rand(10000, 99999) . mt_rand(10000, 99999) . mt_rand(10000, 99999) . mt_rand(10000, 99999);
// Encrypt the key with the passphrase
$legacyEncKey = self::legacyEncrypt( $key, $passphrase );
$legacyEncKey = self::legacyEncrypt($key, $passphrase);
return $legacyEncKey;
@ -583,17 +588,15 @@ class Crypt
* @brief encrypts content using legacy blowfish system
* @param string $content the cleartext message you want to encrypt
* @param string $passphrase
* @return
* @internal param \OCA\Encryption\the $key encryption key (optional)
* @returns string encrypted content
*
* This function encrypts an content
*/
public static function legacyEncrypt( $content, $passphrase = '' ) {
public static function legacyEncrypt($content, $passphrase = '') {
$bf = self::getBlowfish( $passphrase );
$bf = self::getBlowfish($passphrase);
return $bf->encrypt( $content );
return $bf->encrypt($content);
}
@ -601,20 +604,17 @@ class Crypt
* @brief decrypts content using legacy blowfish system
* @param string $content the cleartext message you want to decrypt
* @param string $passphrase
* @return string
* @internal param \OCA\Encryption\the $key encryption key (optional)
* @return string cleartext content
*
* This function decrypts an content
*/
private static function legacyDecrypt( $content, $passphrase = '' ) {
private static function legacyDecrypt($content, $passphrase = '') {
$bf = self::getBlowfish( $passphrase );
$bf = self::getBlowfish($passphrase);
$decrypted = $bf->decrypt( $content );
$decrypted = $bf->decrypt($content);
return $decrypted;
}
/**
@ -623,16 +623,17 @@ class Crypt
* @param int $maxLength
* @return string
*/
public static function legacyBlockDecrypt( $data, $key = '', $maxLength = 0 ) {
public static function legacyBlockDecrypt($data, $key = '', $maxLength = 0) {
$result = '';
while ( strlen( $data ) ) {
$result .= self::legacyDecrypt( substr( $data, 0, 8192 ), $key );
$data = substr( $data, 8192 );
while (strlen($data)) {
$result .= self::legacyDecrypt(substr($data, 0, 8192), $key);
$data = substr($data, 8192);
}
if ( $maxLength > 0 ) {
return substr( $result, 0, $maxLength );
if ($maxLength > 0) {
return substr($result, 0, $maxLength);
} else {
return rtrim( $result, "\0" );
return rtrim($result, "\0");
}
}
@ -640,21 +641,23 @@ class Crypt
* @param $legacyEncryptedContent
* @param $legacyPassphrase
* @param $publicKeys
* @param $newPassphrase
* @param $path
* @return array
*/
public static function legacyKeyRecryptKeyfile( $legacyEncryptedContent, $legacyPassphrase, $publicKeys, $newPassphrase, $path ) {
public static function legacyKeyRecryptKeyfile($legacyEncryptedContent, $legacyPassphrase, $publicKeys) {
$decrypted = self::legacyBlockDecrypt( $legacyEncryptedContent, $legacyPassphrase );
$decrypted = self::legacyBlockDecrypt($legacyEncryptedContent, $legacyPassphrase);
// Encrypt plain data, generate keyfile & encrypted file
$cryptedData = self::symmetricEncryptFileContentKeyfile( $decrypted );
$cryptedData = self::symmetricEncryptFileContentKeyfile($decrypted);
// Encrypt plain keyfile to multiple sharefiles
$multiEncrypted = Crypt::multiKeyEncrypt( $cryptedData['key'], $publicKeys );
$multiEncrypted = Crypt::multiKeyEncrypt($cryptedData['key'], $publicKeys);
return array( 'data' => $cryptedData['encrypted'], 'filekey' => $multiEncrypted['data'], 'sharekeys' => $multiEncrypted['keys'] );
return array(
'data' => $cryptedData['encrypted'],
'filekey' => $multiEncrypted['data'],
'sharekeys' => $multiEncrypted['keys']
);
}

103
apps/files_encryption/lib/helper.php
View File

@ -23,15 +23,11 @@
namespace OCA\Encryption;
/**
* @brief Class to manage registration of hooks an various helper methods
*/
/**
* Class Helper
* @brief Class to manage registration of hooks an various helper methods
* @package OCA\Encryption
*/
class Helper
{
class Helper {
/**
* @brief register share related hooks
@ -39,9 +35,9 @@ class Helper
*/
public static function registerShareHooks() {
\OCP\Util::connectHook( 'OCP\Share', 'pre_shared', 'OCA\Encryption\Hooks', 'preShared' );
\OCP\Util::connectHook( 'OCP\Share', 'post_shared', 'OCA\Encryption\Hooks', 'postShared' );
\OCP\Util::connectHook( 'OCP\Share', 'post_unshare', 'OCA\Encryption\Hooks', 'postUnshare' );
\OCP\Util::connectHook('OCP\Share', 'pre_shared', 'OCA\Encryption\Hooks', 'preShared');
\OCP\Util::connectHook('OCP\Share', 'post_shared', 'OCA\Encryption\Hooks', 'postShared');
\OCP\Util::connectHook('OCP\Share', 'post_unshare', 'OCA\Encryption\Hooks', 'postUnshare');
}
/**
@ -50,10 +46,10 @@ class Helper
*/
public static function registerUserHooks() {
\OCP\Util::connectHook( 'OC_User', 'post_login', 'OCA\Encryption\Hooks', 'login' );
\OCP\Util::connectHook( 'OC_User', 'post_setPassword', 'OCA\Encryption\Hooks', 'setPassphrase' );
\OCP\Util::connectHook( 'OC_User', 'post_createUser', 'OCA\Encryption\Hooks', 'postCreateUser' );
\OCP\Util::connectHook( 'OC_User', 'post_deleteUser', 'OCA\Encryption\Hooks', 'postDeleteUser' );
\OCP\Util::connectHook('OC_User', 'post_login', 'OCA\Encryption\Hooks', 'login');
\OCP\Util::connectHook('OC_User', 'post_setPassword', 'OCA\Encryption\Hooks', 'setPassphrase');
\OCP\Util::connectHook('OC_User', 'post_createUser', 'OCA\Encryption\Hooks', 'postCreateUser');
\OCP\Util::connectHook('OC_User', 'post_deleteUser', 'OCA\Encryption\Hooks', 'postDeleteUser');
}
/**
@ -62,7 +58,7 @@ class Helper
*/
public static function registerFilesystemHooks() {
\OCP\Util::connectHook( 'OC_Filesystem', 'post_rename', 'OCA\Encryption\Hooks', 'postRename' );
\OCP\Util::connectHook('OC_Filesystem', 'post_rename', 'OCA\Encryption\Hooks', 'postRename');
}
/**
@ -72,13 +68,14 @@ class Helper
* @param string $password
* @return bool
*/
public static function setupUser( $util, $password ) {
public static function setupUser($util, $password) {
// Check files_encryption infrastructure is ready for action
if ( !$util->ready() ) {
if (!$util->ready()) {
\OC_Log::write( 'Encryption library', 'User account "' . $util->getUserId() . '" is not ready for encryption; configuration started', \OC_Log::DEBUG );
\OCP\Util::writeLog('Encryption library', 'User account "' . $util->getUserId()
. '" is not ready for encryption; configuration started', \OCP\Util::DEBUG);
if ( !$util->setupServerSide( $password ) ) {
if (!$util->setupServerSide($password)) {
return false;
}
}
@ -95,21 +92,21 @@ class Helper
* @internal param string $password
* @return bool
*/
public static function adminEnableRecovery( $recoveryKeyId, $recoveryPassword ) {
$view = new \OC\Files\View( '/' );
public static function adminEnableRecovery($recoveryKeyId, $recoveryPassword) {
$view = new \OC\Files\View('/');
if ( $recoveryKeyId === null ) {
$recoveryKeyId = 'recovery_' . substr( md5( time() ), 0, 8 );
\OC_Appconfig::setValue( 'files_encryption', 'recoveryKeyId', $recoveryKeyId );
if ($recoveryKeyId === null) {
$recoveryKeyId = 'recovery_' . substr(md5(time()), 0, 8);
\OC_Appconfig::setValue('files_encryption', 'recoveryKeyId', $recoveryKeyId);
}
if ( !$view->is_dir( '/owncloud_private_key' ) ) {
$view->mkdir( '/owncloud_private_key' );
if (!$view->is_dir('/owncloud_private_key')) {
$view->mkdir('/owncloud_private_key');
}
if (
( !$view->file_exists( "/public-keys/" . $recoveryKeyId . ".public.key" )
|| !$view->file_exists( "/owncloud_private_key/" . $recoveryKeyId . ".private.key" ) )
(!$view->file_exists("/public-keys/" . $recoveryKeyId . ".public.key")
|| !$view->file_exists("/owncloud_private_key/" . $recoveryKeyId . ".private.key"))
) {
$keypair = \OCA\Encryption\Crypt::createKeypair();
@ -118,37 +115,37 @@ class Helper
// Save public key
if ( !$view->is_dir( '/public-keys' ) ) {
$view->mkdir( '/public-keys' );
if (!$view->is_dir('/public-keys')) {
$view->mkdir('/public-keys');
}
$view->file_put_contents( '/public-keys/' . $recoveryKeyId . '.public.key', $keypair['publicKey'] );
$view->file_put_contents('/public-keys/' . $recoveryKeyId . '.public.key', $keypair['publicKey']);
// Encrypt private key empthy passphrase
$encryptedPrivateKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent( $keypair['privateKey'], $recoveryPassword );
$encryptedPrivateKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($keypair['privateKey'], $recoveryPassword);
// Save private key
$view->file_put_contents( '/owncloud_private_key/' . $recoveryKeyId . '.private.key', $encryptedPrivateKey );
$view->file_put_contents('/owncloud_private_key/' . $recoveryKeyId . '.private.key', $encryptedPrivateKey);
// create control file which let us check later on if the entered password was correct.
$encryptedControlData = \OCA\Encryption\Crypt::keyEncrypt( "ownCloud", $keypair['publicKey'] );
if ( !$view->is_dir( '/control-file' ) ) {
$view->mkdir( '/control-file' );
$encryptedControlData = \OCA\Encryption\Crypt::keyEncrypt("ownCloud", $keypair['publicKey']);
if (!$view->is_dir('/control-file')) {
$view->mkdir('/control-file');
}
$view->file_put_contents( '/control-file/controlfile.enc', $encryptedControlData );
$view->file_put_contents('/control-file/controlfile.enc', $encryptedControlData);
\OC_FileProxy::$enabled = true;
// Set recoveryAdmin as enabled
\OC_Appconfig::setValue( 'files_encryption', 'recoveryAdminEnabled', 1 );
\OC_Appconfig::setValue('files_encryption', 'recoveryAdminEnabled', 1);
$return = true;
} else { // get recovery key and check the password
$util = new \OCA\Encryption\Util( new \OC_FilesystemView( '/' ), \OCP\User::getUser() );
$return = $util->checkRecoveryPassword( $recoveryPassword );
if ( $return ) {
\OC_Appconfig::setValue( 'files_encryption', 'recoveryAdminEnabled', 1 );
$util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), \OCP\User::getUser());
$return = $util->checkRecoveryPassword($recoveryPassword);
if ($return) {
\OC_Appconfig::setValue('files_encryption', 'recoveryAdminEnabled', 1);
}
}
@ -162,13 +159,13 @@ class Helper
* @param $recoveryPassword
* @return bool
*/
public static function adminDisableRecovery( $recoveryPassword ) {
$util = new Util( new \OC_FilesystemView( '/' ), \OCP\User::getUser() );
$return = $util->checkRecoveryPassword( $recoveryPassword );
public static function adminDisableRecovery($recoveryPassword) {
$util = new Util(new \OC_FilesystemView('/'), \OCP\User::getUser());
$return = $util->checkRecoveryPassword($recoveryPassword);
if ( $return ) {
if ($return) {
// Set recoveryAdmin as disabled
\OC_Appconfig::setValue( 'files_encryption', 'recoveryAdminEnabled', 0 );
\OC_Appconfig::setValue('files_encryption', 'recoveryAdminEnabled', 0);
}
return $return;
@ -189,4 +186,18 @@ class Helper
return false;
}
}
/**
* @brief Format a path to be relative to the /user/files/ directory
* @param string $path the absolute path
* @return string e.g. turns '/admin/files/test.txt' into 'test.txt'
*/
public static function stripUserFilesPath($path) {
$trimmed = ltrim($path, '/');
$split = explode('/', $trimmed);
$sliced = array_slice($split, 2);
$relPath = implode('/', $sliced);
return $relPath;
}
}

226
apps/files_encryption/lib/keymanager.php
View File

@ -27,8 +27,7 @@ namespace OCA\Encryption;
* @brief Class to manage storage and retrieval of encryption keys
* @note Where a method requires a view object, it's root must be '/'
*/
class Keymanager
{
class Keymanager {
/**
* @brief retrieve the ENCRYPTED private key from a user
@ -38,14 +37,14 @@ class Keymanager
* @return string private key or false (hopefully)
* @note the key returned by this method must be decrypted before use
*/
public static function getPrivateKey( \OC_FilesystemView $view, $user ) {
public static function getPrivateKey(\OC_FilesystemView $view, $user) {
$path = '/' . $user . '/' . 'files_encryption' . '/' . $user . '.private.key';
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$key = $view->file_get_contents( $path );
$key = $view->file_get_contents($path);
\OC_FileProxy::$enabled = $proxyStatus;
@ -58,12 +57,12 @@ class Keymanager
* @param $userId
* @return string public key or false
*/
public static function getPublicKey( \OC_FilesystemView $view, $userId ) {
public static function getPublicKey(\OC_FilesystemView $view, $userId) {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$result = $view->file_get_contents( '/public-keys/' . $userId . '.public.key' );
$result = $view->file_get_contents('/public-keys/' . $userId . '.public.key');
\OC_FileProxy::$enabled = $proxyStatus;
@ -77,11 +76,11 @@ class Keymanager
* @param $userId
* @return array keys: privateKey, publicKey
*/
public static function getUserKeys( \OC_FilesystemView $view, $userId ) {
public static function getUserKeys(\OC_FilesystemView $view, $userId) {
return array(
'publicKey' => self::getPublicKey( $view, $userId )
, 'privateKey' => self::getPrivateKey( $view, $userId )
'publicKey' => self::getPublicKey($view, $userId),
'privateKey' => self::getPrivateKey($view, $userId)
);
}
@ -92,13 +91,13 @@ class Keymanager
* @param array $userIds
* @return array of public keys for the specified users
*/
public static function getPublicKeys( \OC_FilesystemView $view, array $userIds ) {
public static function getPublicKeys(\OC_FilesystemView $view, array $userIds) {
$keys = array();
foreach ( $userIds as $userId ) {
foreach ($userIds as $userId) {
$keys[$userId] = self::getPublicKey( $view, $userId );
$keys[$userId] = self::getPublicKey($view, $userId);
}
@ -118,40 +117,41 @@ class Keymanager
* @note The keyfile is not encrypted here. Client code must
* asymmetrically encrypt the keyfile before passing it to this method
*/
public static function setFileKey( \OC_FilesystemView $view, $path, $userId, $catfile ) {
public static function setFileKey(\OC_FilesystemView $view, $path, $userId, $catfile) {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
//here we need the currently logged in user, while userId can be a different user
$util = new Util( $view, \OCP\User::getUser() );
list( $owner, $filename ) = $util->getUidAndFilename( $path );
$util = new Util($view, \OCP\User::getUser());
list($owner, $filename) = $util->getUidAndFilename($path);
$basePath = '/' . $owner . '/files_encryption/keyfiles';
$targetPath = self::keySetPreparation( $view, $filename, $basePath, $owner );
$targetPath = self::keySetPreparation($view, $filename, $basePath, $owner);
if ( !$view->is_dir( $basePath . '/' . $targetPath ) ) {
if (!$view->is_dir($basePath . '/' . $targetPath)) {
// create all parent folders
$info = pathinfo( $basePath . '/' . $targetPath );
$keyfileFolderName = $view->getLocalFolder( $info['dirname'] );
$info = pathinfo($basePath . '/' . $targetPath);
$keyfileFolderName = $view->getLocalFolder($info['dirname']);
if ( !file_exists( $keyfileFolderName ) ) {
if (!file_exists($keyfileFolderName)) {
mkdir( $keyfileFolderName, 0750, true );
mkdir($keyfileFolderName, 0750, true);
}
}
// try reusing key file if part file
if ( self::isPartialFilePath( $targetPath ) ) {
if (self::isPartialFilePath($targetPath)) {
$result = $view->file_put_contents( $basePath . '/' . self::fixPartialFilePath( $targetPath ) . '.key', $catfile );
$result = $view->file_put_contents(
$basePath . '/' . self::fixPartialFilePath($targetPath) . '.key', $catfile);
} else {
$result = $view->file_put_contents( $basePath . '/' . $targetPath . '.key', $catfile );
$result = $view->file_put_contents($basePath . '/' . $targetPath . '.key', $catfile);
}
@ -167,12 +167,12 @@ class Keymanager
* @return string File path without .part extension
* @note this is needed for reusing keys
*/
public static function fixPartialFilePath( $path ) {
public static function fixPartialFilePath($path) {
if ( preg_match( '/\.part$/', $path ) ) {
if (preg_match('/\.part$/', $path) || preg_match('/\.etmp$/', $path)) {
$newLength = strlen( $path ) - 5;
$fPath = substr( $path, 0, $newLength );
$newLength = strlen($path) - 5;
$fPath = substr($path, 0, $newLength);
return $fPath;
@ -189,9 +189,9 @@ class Keymanager
* @param string $path Path that may identify a .part file
* @return bool
*/
public static function isPartialFilePath( $path ) {
public static function isPartialFilePath($path) {
if ( preg_match( '/\.part$/', $path ) ) {
if (preg_match('/\.part$/', $path) || preg_match('/\.etmp$/', $path)) {
return true;
@ -213,14 +213,14 @@ class Keymanager
* @note The keyfile returned is asymmetrically encrypted. Decryption
* of the keyfile must be performed by client code
*/
public static function getFileKey( \OC_FilesystemView $view, $userId, $filePath ) {
public static function getFileKey(\OC_FilesystemView $view, $userId, $filePath) {
// try reusing key file if part file
if ( self::isPartialFilePath( $filePath ) ) {
if (self::isPartialFilePath($filePath)) {
$result = self::getFileKey( $view, $userId, self::fixPartialFilePath( $filePath ) );
$result = self::getFileKey($view, $userId, self::fixPartialFilePath($filePath));
if ( $result ) {
if ($result) {
return $result;
@ -228,19 +228,19 @@ class Keymanager
}
$util = new Util( $view, \OCP\User::getUser() );
$util = new Util($view, \OCP\User::getUser());
list( $owner, $filename ) = $util->getUidAndFilename( $filePath );
$filePath_f = ltrim( $filename, '/' );
list($owner, $filename) = $util->getUidAndFilename($filePath);
$filePath_f = ltrim($filename, '/');
$keyfilePath = '/' . $owner . '/files_encryption/keyfiles/' . $filePath_f . '.key';
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
if ( $view->file_exists( $keyfilePath ) ) {
if ($view->file_exists($keyfilePath)) {
$result = $view->file_get_contents( $keyfilePath );
$result = $view->file_get_contents($keyfilePath);
} else {
@ -264,26 +264,29 @@ class Keymanager
* @note $path must be relative to data/user/files. e.g. mydoc.txt NOT
* /data/admin/files/mydoc.txt
*/
public static function deleteFileKey( \OC_FilesystemView $view, $userId, $path ) {
public static function deleteFileKey(\OC_FilesystemView $view, $userId, $path) {
$trimmed = ltrim( $path, '/' );
$trimmed = ltrim($path, '/');
$keyPath = '/' . $userId . '/files_encryption/keyfiles/' . $trimmed;
$result = false;
if ( $view->is_dir( $keyPath ) ) {
if ($view->is_dir($keyPath)) {
$result = $view->unlink( $keyPath );
$result = $view->unlink($keyPath);
} else if ( $view->file_exists( $keyPath . '.key' ) ) {
} else {
if ($view->file_exists($keyPath . '.key')) {
$result = $view->unlink( $keyPath . '.key' );
$result = $view->unlink($keyPath . '.key');
}
}
if ( !$result ) {
if (!$result) {
\OC_Log::write( 'Encryption library', 'Could not delete keyfile; does not exist: "' . $keyPath, \OC_Log::ERROR );
\OCP\Util::writeLog('Encryption library',
'Could not delete keyfile; does not exist: "' . $keyPath, \OCP\Util::ERROR);
}
@ -298,19 +301,19 @@ class Keymanager
* @note Encryption of the private key must be performed by client code
* as no encryption takes place here
*/
public static function setPrivateKey( $key ) {
public static function setPrivateKey($key) {
$user = \OCP\User::getUser();
$view = new \OC_FilesystemView( '/' . $user . '/files_encryption' );
$view = new \OC_FilesystemView('/' . $user . '/files_encryption');
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
if ( !$view->file_exists( '' ) )
$view->mkdir( '' );
if (!$view->file_exists(''))
$view->mkdir('');
$result = $view->file_put_contents( $user . '.private.key', $key );
$result = $view->file_put_contents($user . '.private.key', $key);
\OC_FileProxy::$enabled = $proxyStatus;
@ -331,21 +334,21 @@ class Keymanager
* @note The keyfile is not encrypted here. Client code must
* asymmetrically encrypt the keyfile before passing it to this method
*/
public static function setShareKey( \OC_FilesystemView $view, $path, $userId, $shareKey ) {
public static function setShareKey(\OC_FilesystemView $view, $path, $userId, $shareKey) {
// Here we need the currently logged in user, while userId can be a different user
$util = new Util( $view, \OCP\User::getUser() );
$util = new Util($view, \OCP\User::getUser());
list( $owner, $filename ) = $util->getUidAndFilename( $path );
list($owner, $filename) = $util->getUidAndFilename($path);
$basePath = '/' . $owner . '/files_encryption/share-keys';
$shareKeyPath = self::keySetPreparation( $view, $filename, $basePath, $owner );
$shareKeyPath = self::keySetPreparation($view, $filename, $basePath, $owner);
// try reusing key file if part file
if ( self::isPartialFilePath( $shareKeyPath ) ) {
if (self::isPartialFilePath($shareKeyPath)) {
$writePath = $basePath . '/' . self::fixPartialFilePath( $shareKeyPath ) . '.' . $userId . '.shareKey';
$writePath = $basePath . '/' . self::fixPartialFilePath($shareKeyPath) . '.' . $userId . '.shareKey';
} else {
@ -356,12 +359,12 @@ class Keymanager
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$result = $view->file_put_contents( $writePath, $shareKey );
$result = $view->file_put_contents($writePath, $shareKey);
\OC_FileProxy::$enabled = $proxyStatus;
if (
is_int( $result )
is_int($result)
&& $result > 0
) {
@ -382,16 +385,16 @@ class Keymanager
* @param array $shareKeys
* @return bool
*/
public static function setShareKeys( \OC_FilesystemView $view, $path, array $shareKeys ) {
public static function setShareKeys(\OC_FilesystemView $view, $path, array $shareKeys) {
// $shareKeys must be an array with the following format:
// [userId] => [encrypted key]
$result = true;
foreach ( $shareKeys as $userId => $shareKey ) {
foreach ($shareKeys as $userId => $shareKey) {
if ( !self::setShareKey( $view, $path, $userId, $shareKey ) ) {
if (!self::setShareKey($view, $path, $userId, $shareKey)) {
// If any of the keys are not set, flag false
$result = false;
@ -415,14 +418,14 @@ class Keymanager
* @note The sharekey returned is encrypted. Decryption
* of the keyfile must be performed by client code
*/
public static function getShareKey( \OC_FilesystemView $view, $userId, $filePath ) {
public static function getShareKey(\OC_FilesystemView $view, $userId, $filePath) {
// try reusing key file if part file
if ( self::isPartialFilePath( $filePath ) ) {
if (self::isPartialFilePath($filePath)) {
$result = self::getShareKey( $view, $userId, self::fixPartialFilePath( $filePath ) );
$result = self::getShareKey($view, $userId, self::fixPartialFilePath($filePath));
if ( $result ) {
if ($result) {
return $result;
@ -434,14 +437,15 @@ class Keymanager
\OC_FileProxy::$enabled = false;
//here we need the currently logged in user, while userId can be a different user
$util = new Util( $view, \OCP\User::getUser() );
$util = new Util($view, \OCP\User::getUser());
list( $owner, $filename ) = $util->getUidAndFilename( $filePath );
$shareKeyPath = \OC\Files\Filesystem::normalizePath( '/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey' );
list($owner, $filename) = $util->getUidAndFilename($filePath);
$shareKeyPath = \OC\Files\Filesystem::normalizePath(
'/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey');
if ( $view->file_exists( $shareKeyPath ) ) {
if ($view->file_exists($shareKeyPath)) {
$result = $view->file_get_contents( $shareKeyPath );
$result = $view->file_get_contents($shareKeyPath);
} else {
@ -461,17 +465,18 @@ class Keymanager
* @param string $userId owner of the file
* @param string $filePath path to the file, relative to the owners file dir
*/
public static function delAllShareKeys( \OC_FilesystemView $view, $userId, $filePath ) {
public static function delAllShareKeys(\OC_FilesystemView $view, $userId, $filePath) {
if ( $view->is_dir( $userId . '/files/' . $filePath ) ) {
$view->unlink( $userId . '/files_encryption/share-keys/' . $filePath );
if ($view->is_dir($userId . '/files/' . $filePath)) {
$view->unlink($userId . '/files_encryption/share-keys/' . $filePath);
} else {
$localKeyPath = $view->getLocalFile( $userId . '/files_encryption/share-keys/' . $filePath );
$matches = glob( preg_quote( $localKeyPath ) . '*.shareKey' );
foreach ( $matches as $ma ) {
$result = unlink( $ma );
if ( !$result ) {
\OC_Log::write( 'Encryption library', 'Keyfile or shareKey could not be deleted for file "' . $filePath . '"', \OC_Log::ERROR );
$localKeyPath = $view->getLocalFile($userId . '/files_encryption/share-keys/' . $filePath);
$matches = glob(preg_quote($localKeyPath) . '*.shareKey');
foreach ($matches as $ma) {
$result = unlink($ma);
if (!$result) {
\OCP\Util::writeLog('Encryption library',
'Keyfile or shareKey could not be deleted for file "' . $filePath . '"', \OCP\Util::ERROR);
}
}
}
@ -480,29 +485,31 @@ class Keymanager
/**
* @brief Delete a single user's shareKey for a single file
*/
public static function delShareKey( \OC_FilesystemView $view, $userIds, $filePath ) {
public static function delShareKey(\OC_FilesystemView $view, $userIds, $filePath) {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
//here we need the currently logged in user, while userId can be a different user
$util = new Util( $view, \OCP\User::getUser() );
$util = new Util($view, \OCP\User::getUser());
list( $owner, $filename ) = $util->getUidAndFilename( $filePath );
list($owner, $filename) = $util->getUidAndFilename($filePath);
$shareKeyPath = \OC\Files\Filesystem::normalizePath( '/' . $owner . '/files_encryption/share-keys/' . $filename );
$shareKeyPath = \OC\Files\Filesystem::normalizePath('/' . $owner . '/files_encryption/share-keys/' . $filename);
if ( $view->is_dir( $shareKeyPath ) ) {
if ($view->is_dir($shareKeyPath)) {
$localPath = \OC\Files\Filesystem::normalizePath( $view->getLocalFolder( $shareKeyPath ) );
self::recursiveDelShareKeys( $localPath, $userIds );
$localPath = \OC\Files\Filesystem::normalizePath($view->getLocalFolder($shareKeyPath));
self::recursiveDelShareKeys($localPath, $userIds);
} else {
foreach ( $userIds as $userId ) {
foreach ($userIds as $userId) {
if ( !$view->unlink( $shareKeyPath . '.' . $userId . '.shareKey' ) ) {
\OC_Log::write( 'Encryption library', 'Could not delete shareKey; does not exist: "' . $shareKeyPath . '.' . $userId . '.shareKey"', \OC_Log::ERROR );
if (!$view->unlink($shareKeyPath . '.' . $userId . '.shareKey')) {
\OCP\Util::writeLog('Encryption library',
'Could not delete shareKey; does not exist: "' . $shareKeyPath . '.' . $userId
. '.shareKey"', \OCP\Util::ERROR);
}
}
@ -517,42 +524,43 @@ class Keymanager
* @param string $dir directory
* @param array $userIds user ids for which the share keys should be deleted
*/
private static function recursiveDelShareKeys( $dir, $userIds ) {
foreach ( $userIds as $userId ) {
$matches = glob( preg_quote( $dir ) . '/*' . preg_quote( '.' . $userId . '.shareKey' ) );
private static function recursiveDelShareKeys($dir, $userIds) {
foreach ($userIds as $userId) {
$matches = glob(preg_quote($dir) . '/*' . preg_quote('.' . $userId . '.shareKey'));
}
/** @var $matches array */
foreach ( $matches as $ma ) {
if ( !unlink( $ma ) ) {
\OC_Log::write( 'Encryption library', 'Could not delete shareKey; does not exist: "' . $ma . '"', \OC_Log::ERROR );
foreach ($matches as $ma) {
if (!unlink($ma)) {
\OCP\Util::writeLog('Encryption library',
'Could not delete shareKey; does not exist: "' . $ma . '"', \OCP\Util::ERROR);
}
}
$subdirs = $directories = glob( preg_quote( $dir ) . '/*', GLOB_ONLYDIR );
foreach ( $subdirs as $subdir ) {
self::recursiveDelShareKeys( $subdir, $userIds );
$subdirs = $directories = glob(preg_quote($dir) . '/*', GLOB_ONLYDIR);
foreach ($subdirs as $subdir) {
self::recursiveDelShareKeys($subdir, $userIds);
}
}
/**
* @brief Make preparations to vars and filesystem for saving a keyfile
*/
public static function keySetPreparation( \OC_FilesystemView $view, $path, $basePath, $userId ) {
public static function keySetPreparation(\OC_FilesystemView $view, $path, $basePath, $userId) {
$targetPath = ltrim( $path, '/' );
$targetPath = ltrim($path, '/');
$path_parts = pathinfo( $targetPath );
$path_parts = pathinfo($targetPath);
// If the file resides within a subdirectory, create it
if (
isset( $path_parts['dirname'] )
&& !$view->file_exists( $basePath . '/' . $path_parts['dirname'] )
isset($path_parts['dirname'])
&& !$view->file_exists($basePath . '/' . $path_parts['dirname'])
) {
$sub_dirs = explode( DIRECTORY_SEPARATOR, $basePath . '/' . $path_parts['dirname'] );
$sub_dirs = explode(DIRECTORY_SEPARATOR, $basePath . '/' . $path_parts['dirname']);
$dir = '';
foreach ( $sub_dirs as $sub_dir ) {
foreach ($sub_dirs as $sub_dir) {
$dir .= '/' . $sub_dir;
if ( !$view->is_dir( $dir ) ) {
$view->mkdir( $dir );
if (!$view->is_dir($dir)) {
$view->mkdir($dir);
}
}
}

286
apps/files_encryption/lib/proxy.php
View File

@ -34,8 +34,7 @@ namespace OCA\Encryption;
* Class Proxy
* @package OCA\Encryption
*/
class Proxy extends \OC_FileProxy
{
class Proxy extends \OC_FileProxy {
private static $blackList = null; //mimetypes blacklisted from encryption
@ -48,13 +47,13 @@ class Proxy extends \OC_FileProxy
*
* Tests if server side encryption is enabled, and file is allowed by blacklists
*/
private static function shouldEncrypt( $path ) {
private static function shouldEncrypt($path) {
if ( is_null( self::$enableEncryption ) ) {
if (is_null(self::$enableEncryption)) {
if (
\OCP\Config::getAppValue( 'files_encryption', 'enable_encryption', 'true' ) == 'true'
&& Crypt::mode() == 'server'
\OCP\Config::getAppValue('files_encryption', 'enable_encryption', 'true') === 'true'
&& Crypt::mode() === 'server'
) {
self::$enableEncryption = true;
@ -67,27 +66,27 @@ class Proxy extends \OC_FileProxy
}
if ( !self::$enableEncryption ) {
if (!self::$enableEncryption) {
return false;
}
if ( is_null( self::$blackList ) ) {
if (is_null(self::$blackList)) {
self::$blackList = explode( ',', \OCP\Config::getAppValue( 'files_encryption', 'type_blacklist', '' ) );
self::$blackList = explode(',', \OCP\Config::getAppValue('files_encryption', 'type_blacklist', ''));
}
if ( Crypt::isCatfileContent( $path ) ) {
if (Crypt::isCatfileContent($path)) {
return true;
}
$extension = substr( $path, strrpos( $path, '.' ) + 1 );
$extension = substr($path, strrpos($path, '.') + 1);
if ( array_search( $extension, self::$blackList ) === false ) {
if (array_search($extension, self::$blackList) === false) {
return true;
@ -101,78 +100,44 @@ class Proxy extends \OC_FileProxy
* @param $data
* @return bool
*/
public function preFile_put_contents( $path, &$data ) {
public function preFile_put_contents($path, &$data) {
if ( self::shouldEncrypt( $path ) ) {
if (self::shouldEncrypt($path)) {
// Stream put contents should have been converted to fopen
if ( !is_resource( $data ) ) {
if (!is_resource($data)) {
$userId = \OCP\USER::getUser();
$view = new \OC_FilesystemView( '/' );
$util = new Util( $view, $userId );
$session = new \OCA\Encryption\Session( $view );
$privateKey = $session->getPrivateKey();
$filePath = $util->stripUserFilesPath( $path );
// Set the filesize for userland, before encrypting
$size = strlen( $data );
// get root view
$view = new \OC_FilesystemView('/');
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Check if there is an existing key we can reuse
if ( $encKeyfile = Keymanager::getFileKey( $view, $userId, $filePath ) ) {
// Fetch shareKey
$shareKey = Keymanager::getShareKey( $view, $userId, $filePath );
// Decrypt the keyfile
$plainKey = Crypt::multiKeyDecrypt( $encKeyfile, $shareKey, $privateKey );
} else {
// Make a new key
$plainKey = Crypt::generateKey();
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
if (!isset($relativePath)) {
return true;
}
// Encrypt data
$encData = Crypt::symmetricEncryptFileContent( $data, $plainKey );
$handle = fopen('crypt://' . $relativePath . '.etmp', 'w');
if (is_resource($handle)) {
$sharingEnabled = \OCP\Share::isEnabled();
// write data to stream
fwrite($handle, $data);
// if file exists try to get sharing users
if ( $view->file_exists( $path ) ) {
$uniqueUserIds = $util->getSharingUsersArray( $sharingEnabled, $filePath, $userId );
} else {
$uniqueUserIds[] = $userId;
// close stream
fclose($handle);
// disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// get encrypted content
$data = $view->file_get_contents($path . '.etmp');
// remove our temp file
$view->unlink($path . '.etmp');
// re-enable proxy - our work is done
\OC_FileProxy::$enabled = $proxyStatus;
}
// Fetch public keys for all users who will share the file
$publicKeys = Keymanager::getPublicKeys( $view, $uniqueUserIds );
// Encrypt plain keyfile to multiple sharefiles
$multiEncrypted = Crypt::multiKeyEncrypt( $plainKey, $publicKeys );
// Save sharekeys to user folders
Keymanager::setShareKeys( $view, $filePath, $multiEncrypted['keys'] );
// Set encrypted keyfile as common varname
$encKey = $multiEncrypted['data'];
// Save keyfile for newly encrypted file in parallel directory tree
Keymanager::setFileKey( $view, $filePath, $userId, $encKey );
// Replace plain content with encrypted content by reference
$data = $encData;
// Update the file cache with file info
\OC\Files\Filesystem::putFileInfo( $filePath, array( 'encrypted' => true, 'size' => strlen( $data ), 'unencrypted_size' => $size ), '' );
// Re-enable proxy - our work is done
\OC_FileProxy::$enabled = $proxyStatus;
}
}
@ -184,51 +149,46 @@ class Proxy extends \OC_FileProxy
* @param string $path Path of file from which has been read
* @param string $data Data that has been read from file
*/
public function postFile_get_contents( $path, $data ) {
public function postFile_get_contents($path, $data) {
$userId = \OCP\USER::getUser();
$view = new \OC_FilesystemView( '/' );
$util = new Util( $view, $userId );
$plainData = null;
$view = new \OC_FilesystemView('/');
$relPath = $util->stripUserFilesPath( $path );
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
// init session
$session = new \OCA\Encryption\Session( $view );
$session = new \OCA\Encryption\Session($view);
// If data is a catfile
if (
Crypt::mode() == 'server'
&& Crypt::isCatfileContent( $data )
Crypt::mode() === 'server'
&& Crypt::isCatfileContent($data)
) {
$privateKey = $session->getPrivateKey( $userId );
$handle = fopen('crypt://' . $relativePath, 'r');
// Get the encrypted keyfile
$encKeyfile = Keymanager::getFileKey( $view, $userId, $relPath );
// Attempt to fetch the user's shareKey
$shareKey = Keymanager::getShareKey( $view, $userId, $relPath );
// Decrypt keyfile with shareKey
$plainKeyfile = Crypt::multiKeyDecrypt( $encKeyfile, $shareKey, $privateKey );
$plainData = Crypt::symmetricDecryptFileContent( $data, $plainKeyfile );
if (is_resource($handle)) {
while (($plainDataChunk = fgets($handle, 8192)) !== false) {
$plainData .= $plainDataChunk;
}
}
} elseif (
Crypt::mode() == 'server'
&&\OC::$session->exists('legacyenckey')
&& Crypt::isEncryptedMeta( $path )
&& \OC::$session->exists('legacyenckey')
&& Crypt::isEncryptedMeta($path)
) {
$plainData = Crypt::legacyBlockDecrypt( $data, $session->getLegacyKey() );
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$plainData = Crypt::legacyBlockDecrypt($data, $session->getLegacyKey());
\OC_FileProxy::$enabled = $proxyStatus;
}
\OC_FileProxy::$enabled = $proxyStatus;
if ( !isset( $plainData ) ) {
if (!isset($plainData)) {
$plainData = $data;
@ -241,10 +201,10 @@ class Proxy extends \OC_FileProxy
/**
* @brief When a file is deleted, remove its keyfile also
*/
public function preUnlink( $path ) {
public function preUnlink($path) {
// let the trashbin handle this
if ( \OCP\App::isEnabled( 'files_trashbin' ) ) {
if (\OCP\App::isEnabled('files_trashbin')) {
return true;
}
@ -252,23 +212,24 @@ class Proxy extends \OC_FileProxy
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$view = new \OC_FilesystemView( '/' );
$view = new \OC_FilesystemView('/');
$userId = \OCP\USER::getUser();
$util = new Util( $view, $userId );
$util = new Util($view, $userId);
// Format path to be relative to user files dir
$relPath = $util->stripUserFilesPath( $path );
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
list( $owner, $ownerPath ) = $util->getUidAndFilename( $relPath );
list($owner, $ownerPath) = $util->getUidAndFilename($relativePath);
// Delete keyfile & shareKey so it isn't orphaned
if ( !Keymanager::deleteFileKey( $view, $owner, $ownerPath ) ) {
\OC_Log::write( 'Encryption library', 'Keyfile or shareKey could not be deleted for file "' . $ownerPath . '"', \OC_Log::ERROR );
if (!Keymanager::deleteFileKey($view, $owner, $ownerPath)) {
\OCP\Util::writeLog('Encryption library',
'Keyfile or shareKey could not be deleted for file "' . $ownerPath . '"', \OCP\Util::ERROR);
}
Keymanager::delAllShareKeys( $view, $owner, $ownerPath );
Keymanager::delAllShareKeys($view, $owner, $ownerPath);
\OC_FileProxy::$enabled = $proxyStatus;
@ -282,8 +243,8 @@ class Proxy extends \OC_FileProxy
* @param $path
* @return bool
*/
public function postTouch( $path ) {
$this->handleFile( $path );
public function postTouch($path) {
$this->handleFile($path);
return true;
}
@ -293,20 +254,22 @@ class Proxy extends \OC_FileProxy
* @param $result
* @return resource
*/
public function postFopen( $path, &$result ) {
public function postFopen($path, &$result) {
if ( !$result ) {
if (!$result) {
return $result;
}
// Reformat path for use with OC_FSV
$path_split = explode( '/', $path );
$path_f = implode( '/', array_slice( $path_split, 3 ) );
// split the path parts
$pathParts = explode('/', $path);
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
// FIXME: handling for /userId/cache used by webdav for chunking. The cache chunks are NOT encrypted
if ( count($path_split) >= 2 && $path_split[2] == 'cache' ) {
if (isset($pathParts[2]) && $pathParts[2] === 'cache') {
return $result;
}
@ -314,31 +277,31 @@ class Proxy extends \OC_FileProxy
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$meta = stream_get_meta_data( $result );
$meta = stream_get_meta_data($result);
$view = new \OC_FilesystemView( '' );
$view = new \OC_FilesystemView('');
$util = new Util( $view, \OCP\USER::getUser() );
$util = new Util($view, \OCP\USER::getUser());
// If file is already encrypted, decrypt using crypto protocol
if (
Crypt::mode() == 'server'
&& $util->isEncryptedPath( $path )
Crypt::mode() === 'server'
&& $util->isEncryptedPath($path)
) {
// Close the original encrypted file
fclose( $result );
fclose($result);
// Open the file using the crypto stream wrapper
// protocol and let it do the decryption work instead
$result = fopen( 'crypt://' . $path_f, $meta['mode'] );
$result = fopen('crypt://' . $relativePath, $meta['mode']);
} elseif (
self::shouldEncrypt( $path )
and $meta ['mode'] != 'r'
and $meta['mode'] != 'rb'
self::shouldEncrypt($path)
and $meta ['mode'] !== 'r'
and $meta['mode'] !== 'rb'
) {
$result = fopen( 'crypt://' . $path_f, $meta['mode'] );
$result = fopen('crypt://' . $relativePath, $meta['mode']);
}
// Re-enable the proxy
@ -353,17 +316,17 @@ class Proxy extends \OC_FileProxy
* @param $data
* @return array
*/
public function postGetFileInfo( $path, $data ) {
public function postGetFileInfo($path, $data) {
// if path is a folder do nothing
if ( is_array( $data ) && array_key_exists( 'size', $data ) ) {
if (is_array($data) && array_key_exists('size', $data)) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// get file size
$data['size'] = self::postFileSize( $path, $data['size'] );
$data['size'] = self::postFileSize($path, $data['size']);
// Re-enable the proxy
\OC_FileProxy::$enabled = $proxyStatus;
@ -377,51 +340,50 @@ class Proxy extends \OC_FileProxy
* @param $size
* @return bool
*/
public function postFileSize( $path, $size ) {
public function postFileSize($path, $size) {
$view = new \OC_FilesystemView( '/' );
$view = new \OC_FilesystemView('/');
// if path is a folder do nothing
if ( $view->is_dir( $path ) ) {
if ($view->is_dir($path)) {
return $size;
}
// Reformat path for use with OC_FSV
$path_split = explode( '/', $path );
$path_f = implode( '/', array_slice( $path_split, 3 ) );
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
// if path is empty we cannot resolve anything
if ( empty( $path_f ) ) {
if (empty($relativePath)) {
return $size;
}
$fileInfo = false;
// get file info from database/cache if not .part file
if ( !Keymanager::isPartialFilePath( $path ) ) {
$fileInfo = $view->getFileInfo( $path );
if (!Keymanager::isPartialFilePath($path)) {
$fileInfo = $view->getFileInfo($path);
}
// if file is encrypted return real file size
if ( is_array( $fileInfo ) && $fileInfo['encrypted'] === true ) {
if (is_array($fileInfo) && $fileInfo['encrypted'] === true) {
$size = $fileInfo['unencrypted_size'];
} else {
// self healing if file was removed from file cache
if ( !is_array( $fileInfo ) ) {
if (!is_array($fileInfo)) {
$fileInfo = array();
}
$userId = \OCP\User::getUser();
$util = new Util( $view, $userId );
$fixSize = $util->getFileSize( $path );
if ( $fixSize > 0 ) {
$util = new Util($view, $userId);
$fixSize = $util->getFileSize($path);
if ($fixSize > 0) {
$size = $fixSize;
$fileInfo['encrypted'] = true;
$fileInfo['unencrypted_size'] = $size;
// put file info if not .part file
if ( !Keymanager::isPartialFilePath( $path_f ) ) {
$view->putFileInfo( $path, $fileInfo );
if (!Keymanager::isPartialFilePath($relativePath)) {
$view->putFileInfo($path, $fileInfo);
}
}
@ -432,32 +394,34 @@ class Proxy extends \OC_FileProxy
/**
* @param $path
*/
public function handleFile( $path ) {
public function handleFile($path) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$view = new \OC_FilesystemView( '/' );
$session = new \OCA\Encryption\Session( $view );
$view = new \OC_FilesystemView('/');
$session = new \OCA\Encryption\Session($view);
$userId = \OCP\User::getUser();
$util = new Util( $view, $userId );
$util = new Util($view, $userId);
// Reformat path for use with OC_FSV
$path_split = explode( '/', $path );
$path_f = implode( '/', array_slice( $path_split, 3 ) );
// split the path parts
$pathParts = explode('/', $path);
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
// only if file is on 'files' folder fix file size and sharing
if ( count($path_split) >= 2 && $path_split[2] == 'files' && $util->fixFileSize( $path ) ) {
if (isset($pathParts[2]) && $pathParts[2] === 'files' && $util->fixFileSize($path)) {
// get sharing app state
$sharingEnabled = \OCP\Share::isEnabled();
// get users
$usersSharing = $util->getSharingUsersArray( $sharingEnabled, $path_f );
$usersSharing = $util->getSharingUsersArray($sharingEnabled, $relativePath);
// update sharing-keys
$util->setSharedFileKeyfiles( $session, $usersSharing, $path_f );
$util->setSharedFileKeyfiles($session, $usersSharing, $relativePath);
}
\OC_FileProxy::$enabled = $proxyStatus;

37
apps/files_encryption/lib/session.php
View File

@ -26,8 +26,7 @@ namespace OCA\Encryption;
* Class for handling encryption related session data
*/
class Session
{
class Session {
private $view;
@ -37,26 +36,26 @@ class Session
*
* @note The ownCloud key pair is used to allow public link sharing even if encryption is enabled
*/
public function __construct( $view ) {
public function __construct($view) {
$this->view = $view;
if ( !$this->view->is_dir( 'owncloud_private_key' ) ) {
if (!$this->view->is_dir('owncloud_private_key')) {
$this->view->mkdir( 'owncloud_private_key' );
$this->view->mkdir('owncloud_private_key');
}
$publicShareKeyId = \OC_Appconfig::getValue( 'files_encryption', 'publicShareKeyId' );
$publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId');
if ( $publicShareKeyId === null ) {
$publicShareKeyId = 'pubShare_' . substr( md5( time() ), 0, 8 );
\OC_Appconfig::setValue( 'files_encryption', 'publicShareKeyId', $publicShareKeyId );
if ($publicShareKeyId === null) {
$publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8);
\OC_Appconfig::setValue('files_encryption', 'publicShareKeyId', $publicShareKeyId);
}
if (
!$this->view->file_exists( "/public-keys/" . $publicShareKeyId . ".public.key" )
|| !$this->view->file_exists( "/owncloud_private_key/" . $publicShareKeyId . ".private.key" )
!$this->view->file_exists("/public-keys/" . $publicShareKeyId . ".public.key")
|| !$this->view->file_exists("/owncloud_private_key/" . $publicShareKeyId . ".private.key")
) {
$keypair = Crypt::createKeypair();
@ -67,17 +66,18 @@ class Session
// Save public key
if ( !$view->is_dir( '/public-keys' ) ) {
$view->mkdir( '/public-keys' );
if (!$view->is_dir('/public-keys')) {
$view->mkdir('/public-keys');
}
$this->view->file_put_contents( '/public-keys/' . $publicShareKeyId . '.public.key', $keypair['publicKey'] );
$this->view->file_put_contents('/public-keys/' . $publicShareKeyId . '.public.key', $keypair['publicKey']);
// Encrypt private key empty passphrase
$encryptedPrivateKey = Crypt::symmetricEncryptFileContent( $keypair['privateKey'], '' );
$encryptedPrivateKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], '');
// Save private key
$this->view->file_put_contents( '/owncloud_private_key/' . $publicShareKeyId . '.private.key', $encryptedPrivateKey );
$this->view->file_put_contents(
'/owncloud_private_key/' . $publicShareKeyId . '.private.key', $encryptedPrivateKey);
\OC_FileProxy::$enabled = $proxyStatus;
@ -103,7 +103,7 @@ class Session
*
* @note this should only be set on login
*/
public function setPrivateKey( $privateKey ) {
public function setPrivateKey($privateKey) {
\OC::$session->set('privateKey', $privateKey);
@ -117,7 +117,6 @@ class Session
*
*/
public function getPrivateKey() {
// return the public share private key if this is a public access
if (\OCA\Encryption\Helper::isPublicAccess()) {
return $this->getPublicSharePrivateKey();
@ -163,7 +162,7 @@ class Session
* @param $legacyKey
* @return bool
*/
public function setLegacyKey( $legacyKey ) {
public function setLegacyKey($legacyKey) {
\OC::$session->set('legacyKey', $legacyKey);

152
apps/files_encryption/lib/stream.php
View File

@ -48,8 +48,7 @@ namespace OCA\Encryption;
* previous version deleted, this is handled by OC\Files\View, and thus the
* encryption proxies are used and keyfiles deleted.
*/
class Stream
{
class Stream {
private $plainKey;
private $encKeyfiles;
@ -77,18 +76,18 @@ class Stream
* @param $opened_path
* @return bool
*/
public function stream_open( $path, $mode, $options, &$opened_path ) {
public function stream_open($path, $mode, $options, &$opened_path) {
if ( !isset( $this->rootView ) ) {
$this->rootView = new \OC_FilesystemView( '/' );
if (!isset($this->rootView)) {
$this->rootView = new \OC_FilesystemView('/');
}
$util = new Util( $this->rootView, \OCP\USER::getUser() );
$util = new Util($this->rootView, \OCP\USER::getUser());
$this->userId = $util->getUserId();
// Strip identifier text from path, this gives us the path relative to data/<user>/files
$this->relPath = \OC\Files\Filesystem::normalizePath( str_replace( 'crypt://', '', $path ) );
$this->relPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path));
// rawPath is relative to the data directory
$this->rawPath = $util->getUserFilesDir() . $this->relPath;
@ -98,10 +97,10 @@ class Stream
\OC_FileProxy::$enabled = false;
if (
$mode == 'w'
or $mode == 'w+'
or $mode == 'wb'
or $mode == 'wb+'
$mode === 'w'
or $mode === 'w+'
or $mode === 'wb'
or $mode === 'wb+'
) {
// We're writing a new file so start write counter with 0 bytes
@ -110,25 +109,25 @@ class Stream
} else {
$this->size = $this->rootView->filesize( $this->rawPath, $mode );
$this->size = $this->rootView->filesize($this->rawPath, $mode);
}
$this->handle = $this->rootView->fopen( $this->rawPath, $mode );
$this->handle = $this->rootView->fopen($this->rawPath, $mode);
\OC_FileProxy::$enabled = $proxyStatus;
if ( !is_resource( $this->handle ) ) {
if (!is_resource($this->handle)) {
\OCP\Util::writeLog( 'files_encryption', 'failed to open file "' . $this->rawPath . '"', \OCP\Util::ERROR );
\OCP\Util::writeLog('files_encryption', 'failed to open file "' . $this->rawPath . '"', \OCP\Util::ERROR);
} else {
$this->meta = stream_get_meta_data( $this->handle );
$this->meta = stream_get_meta_data($this->handle);
}
return is_resource( $this->handle );
return is_resource($this->handle);
}
@ -136,11 +135,11 @@ class Stream
* @param $offset
* @param int $whence
*/
public function stream_seek( $offset, $whence = SEEK_SET ) {
public function stream_seek($offset, $whence = SEEK_SET) {
$this->flush();
fseek( $this->handle, $offset, $whence );
fseek($this->handle, $offset, $whence);
}
@ -149,36 +148,37 @@ class Stream
* @return bool|string
* @throws \Exception
*/
public function stream_read( $count ) {
public function stream_read($count) {
$this->writeCache = '';
if ( $count != 8192 ) {
if ($count !== 8192) {
// $count will always be 8192 https://bugs.php.net/bug.php?id=21641
// This makes this function a lot simpler, but will break this class if the above 'bug' gets 'fixed'
\OCP\Util::writeLog( 'files_encryption', 'PHP "bug" 21641 no longer holds, decryption system requires refactoring', \OCP\Util::FATAL );
\OCP\Util::writeLog('files_encryption', 'PHP "bug" 21641 no longer holds, decryption system requires refactoring', \OCP\Util::FATAL);
die();
}
// Get the data from the file handle
$data = fread( $this->handle, 8192 );
$data = fread($this->handle, 8192);
$result = '';
if ( strlen( $data ) ) {
if (strlen($data)) {
if ( !$this->getKey() ) {
if (!$this->getKey()) {
// Error! We don't have a key to decrypt the file with
throw new \Exception( 'Encryption key not found for "' . $this->rawPath . '" during attempted read via stream' );
throw new \Exception(
'Encryption key not found for "' . $this->rawPath . '" during attempted read via stream');
}
// Decrypt data
$result = Crypt::symmetricDecryptFileContent( $data, $this->plainKey );
$result = Crypt::symmetricDecryptFileContent($data, $this->plainKey);
}
@ -192,10 +192,10 @@ class Stream
* @param string $key key to use for encryption
* @return string encrypted data on success, false on failure
*/
public function preWriteEncrypt( $plainData, $key ) {
public function preWriteEncrypt($plainData, $key) {
// Encrypt data to 'catfile', which includes IV
if ( $encrypted = Crypt::symmetricEncryptFileContent( $plainData, $key ) ) {
if ($encrypted = Crypt::symmetricEncryptFileContent($plainData, $key)) {
return $encrypted;
@ -215,7 +215,7 @@ class Stream
public function getKey() {
// Check if key is already set
if ( isset( $this->plainKey ) && isset( $this->encKeyfile ) ) {
if (isset($this->plainKey) && isset($this->encKeyfile)) {
return true;
@ -223,18 +223,18 @@ class Stream
// Fetch and decrypt keyfile
// Fetch existing keyfile
$this->encKeyfile = Keymanager::getFileKey( $this->rootView, $this->userId, $this->relPath );
$this->encKeyfile = Keymanager::getFileKey($this->rootView, $this->userId, $this->relPath);
// If a keyfile already exists
if ( $this->encKeyfile ) {
if ($this->encKeyfile) {
$session = new \OCA\Encryption\Session( $this->rootView );
$privateKey = $session->getPrivateKey( $this->userId );
$privateKey = $session->getPrivateKey($this->userId);
$shareKey = Keymanager::getShareKey( $this->rootView, $this->userId, $this->relPath );
$shareKey = Keymanager::getShareKey($this->rootView, $this->userId, $this->relPath);
$this->plainKey = Crypt::multiKeyDecrypt( $this->encKeyfile, $shareKey, $privateKey );
$this->plainKey = Crypt::multiKeyDecrypt($this->encKeyfile, $shareKey, $privateKey);
return true;
@ -255,7 +255,7 @@ class Stream
* @note Padding is added to each encrypted block to ensure that the resulting block is exactly 8192 bytes. This is removed during stream_read
* @note PHP automatically updates the file pointer after writing data to reflect it's length. There is generally no need to update the poitner manually using fseek
*/
public function stream_write( $data ) {
public function stream_write($data) {
// Disable the file proxies so that encryption is not
// automatically attempted when the file is written to disk -
@ -265,16 +265,16 @@ class Stream
\OC_FileProxy::$enabled = false;
// Get the length of the unencrypted data that we are handling
$length = strlen( $data );
$length = strlen($data);
// Find out where we are up to in the writing of data to the
// file
$pointer = ftell( $this->handle );
$pointer = ftell($this->handle);
// Get / generate the keyfile for the file we're handling
// If we're writing a new file (not overwriting an existing
// one), save the newly generated keyfile
if ( !$this->getKey() ) {
if (!$this->getKey()) {
$this->plainKey = Crypt::generateKey();
@ -282,7 +282,7 @@ class Stream
// If extra data is left over from the last round, make sure it
// is integrated into the next 6126 / 8192 block
if ( $this->writeCache ) {
if ($this->writeCache) {
// Concat writeCache to start of $data
$data = $this->writeCache . $data;
@ -294,15 +294,15 @@ class Stream
}
// While there still remains some data to be processed & written
while ( strlen( $data ) > 0 ) {
while (strlen($data) > 0) {
// Remaining length for this iteration, not of the
// entire file (may be greater than 8192 bytes)
$remainingLength = strlen( $data );
$remainingLength = strlen($data);
// If data remaining to be written is less than the
// size of 1 6126 byte block
if ( $remainingLength < 6126 ) {
if ($remainingLength < 6126) {
// Set writeCache to contents of $data
// The writeCache will be carried over to the
@ -320,25 +320,25 @@ class Stream
} else {
// Read the chunk from the start of $data
$chunk = substr( $data, 0, 6126 );
$chunk = substr($data, 0, 6126);
$encrypted = $this->preWriteEncrypt( $chunk, $this->plainKey );
$encrypted = $this->preWriteEncrypt($chunk, $this->plainKey);
// Write the data chunk to disk. This will be
// attended to the last data chunk if the file
// being handled totals more than 6126 bytes
fwrite( $this->handle, $encrypted );
fwrite($this->handle, $encrypted);
// Remove the chunk we just processed from
// $data, leaving only unprocessed data in $data
// var, for handling on the next round
$data = substr( $data, 6126 );
$data = substr($data, 6126);
}
}
$this->size = max( $this->size, $pointer + $length );
$this->size = max($this->size, $pointer + $length);
$this->unencryptedSize += $length;
\OC_FileProxy::$enabled = $proxyStatus;
@ -353,17 +353,17 @@ class Stream
* @param $arg1
* @param $arg2
*/
public function stream_set_option( $option, $arg1, $arg2 ) {
public function stream_set_option($option, $arg1, $arg2) {
$return = false;
switch ( $option ) {
switch ($option) {
case STREAM_OPTION_BLOCKING:
$return = stream_set_blocking( $this->handle, $arg1 );
$return = stream_set_blocking($this->handle, $arg1);
break;
case STREAM_OPTION_READ_TIMEOUT:
$return = stream_set_timeout( $this->handle, $arg1, $arg2 );
$return = stream_set_timeout($this->handle, $arg1, $arg2);
break;
case STREAM_OPTION_WRITE_BUFFER:
$return = stream_set_write_buffer( $this->handle, $arg1 );
$return = stream_set_write_buffer($this->handle, $arg1);
}
return $return;
@ -373,14 +373,14 @@ class Stream
* @return array
*/
public function stream_stat() {
return fstat( $this->handle );
return fstat($this->handle);
}
/**
* @param $mode
*/
public function stream_lock( $mode ) {
return flock( $this->handle, $mode );
public function stream_lock($mode) {
return flock($this->handle, $mode);
}
/**
@ -388,7 +388,7 @@ class Stream
*/
public function stream_flush() {
return fflush( $this->handle );
return fflush($this->handle);
// Not a typo: http://php.net/manual/en/function.fflush.php
}
@ -397,19 +397,19 @@ class Stream
* @return bool
*/
public function stream_eof() {
return feof( $this->handle );
return feof($this->handle);
}
private function flush() {
if ( $this->writeCache ) {
if ($this->writeCache) {
// Set keyfile property for file in question
$this->getKey();
$encrypted = $this->preWriteEncrypt( $this->writeCache, $this->plainKey );
$encrypted = $this->preWriteEncrypt($this->writeCache, $this->plainKey);
fwrite( $this->handle, $encrypted );
fwrite($this->handle, $encrypted);
$this->writeCache = '';
@ -425,42 +425,42 @@ class Stream
$this->flush();
if (
$this->meta['mode'] != 'r'
and $this->meta['mode'] != 'rb'
and $this->size > 0
$this->meta['mode'] !== 'r'
and $this->meta['mode'] !== 'rb'
and $this->size > 0
) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Fetch user's public key
$this->publicKey = Keymanager::getPublicKey( $this->rootView, $this->userId );
$this->publicKey = Keymanager::getPublicKey($this->rootView, $this->userId);
// Check if OC sharing api is enabled
$sharingEnabled = \OCP\Share::isEnabled();
$util = new Util( $this->rootView, $this->userId );
$util = new Util($this->rootView, $this->userId);
// Get all users sharing the file includes current user
$uniqueUserIds = $util->getSharingUsersArray( $sharingEnabled, $this->relPath, $this->userId );
$uniqueUserIds = $util->getSharingUsersArray($sharingEnabled, $this->relPath, $this->userId);
// Fetch public keys for all sharing users
$publicKeys = Keymanager::getPublicKeys( $this->rootView, $uniqueUserIds );
$publicKeys = Keymanager::getPublicKeys($this->rootView, $uniqueUserIds);
// Encrypt enc key for all sharing users
$this->encKeyfiles = Crypt::multiKeyEncrypt( $this->plainKey, $publicKeys );
$this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
$view = new \OC_FilesystemView( '/' );
$view = new \OC_FilesystemView('/');
// Save the new encrypted file key
Keymanager::setFileKey( $this->rootView, $this->relPath, $this->userId, $this->encKeyfiles['data'] );
Keymanager::setFileKey($this->rootView, $this->relPath, $this->userId, $this->encKeyfiles['data']);
// Save the sharekeys
Keymanager::setShareKeys( $view, $this->relPath, $this->encKeyfiles['keys'] );
Keymanager::setShareKeys($view, $this->relPath, $this->encKeyfiles['keys']);
// get file info
$fileInfo = $view->getFileInfo( $this->rawPath );
if ( !is_array( $fileInfo ) ) {
$fileInfo = $view->getFileInfo($this->rawPath);
if (!is_array($fileInfo)) {
$fileInfo = array();
}
@ -473,10 +473,10 @@ class Stream
$fileInfo['unencrypted_size'] = $this->unencryptedSize;
// set fileinfo
$view->putFileInfo( $this->rawPath, $fileInfo );
$view->putFileInfo($this->rawPath, $fileInfo);
}
return fclose( $this->handle );
return fclose($this->handle);
}

103
apps/files_encryption/lib/util.php
View File

@ -188,7 +188,9 @@ class Util {
/**
* @brief Sets up user folders and keys for serverside encryption
* @param string $passphrase passphrase to encrypt server-stored private key with
*
* @param string $passphrase to encrypt server-stored private key with
* @return bool
*/
public function setupServerSide($passphrase = null) {
@ -382,7 +384,7 @@ class Util {
// we handle them
\OC_FileProxy::$enabled = false;
if ($found == false) {
if ($found === false) {
$found = array(
'plain' => array(),
'encrypted' => array(),
@ -398,12 +400,12 @@ class Util {
while (false !== ($file = readdir($handle))) {
if (
$file != "."
&& $file != ".."
$file !== "."
&& $file !== ".."
) {
$filePath = $directory . '/' . $this->view->getRelativePath('/' . $file);
$relPath = $this->stripUserFilesPath($filePath);
$relPath = \OCA\Encryption\Helper::stripUserFilesPath($filePath);
// If the path is a directory, search
// its contents
@ -528,7 +530,7 @@ class Util {
/**
* @brief Check if a given path identifies an encrypted file
* @param $path
* @param string $path
* @return boolean
*/
public function isEncryptedPath($path) {
@ -541,7 +543,7 @@ class Util {
// we only need 24 byte from the last chunk
$data = '';
$handle = $this->view->fopen($path, 'r');
if (!fseek($handle, -24, SEEK_END)) {
if (is_resource($handle) && !fseek($handle, -24, SEEK_END)) {
$data = fgets($handle);
}
@ -565,11 +567,13 @@ class Util {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Reformat path for use with OC_FSV
$pathSplit = explode('/', $path);
$pathRelative = implode('/', array_slice($pathSplit, 3));
// split the path parts
$pathParts = explode('/', $path);
if ($pathSplit[2] == 'files' && $this->view->file_exists($path) && $this->isEncryptedPath($path)) {
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
if (isset($pathParts[2]) && $pathParts[2] === 'files' && $this->view->file_exists($path) && $this->isEncryptedPath($path)) {
// get the size from filesystem
$fullPath = $this->view->getLocalFile($path);
@ -579,7 +583,7 @@ class Util {
$lastChunkNr = floor($size / 8192);
// open stream
$stream = fopen('crypt://' . $pathRelative, "r");
$stream = fopen('crypt://' . $relativePath, "r");
if (is_resource($stream)) {
// calculate last chunk position
@ -639,21 +643,7 @@ class Util {
return $result;
}
/**
* @brief Format a path to be relative to the /user/files/ directory
* @note e.g. turns '/admin/files/test.txt' into 'test.txt'
*/
public function stripUserFilesPath($path) {
$trimmed = ltrim($path, '/');
$split = explode('/', $trimmed);
$sliced = array_slice($split, 2);
$relPath = implode('/', $sliced);
return $relPath;
}
/**
* @param $path
* @return bool
@ -663,7 +653,7 @@ class Util {
$trimmed = ltrim($path, '/');
$split = explode('/', $trimmed);
if ($split[2] == "Shared") {
if (isset($split[2]) && $split[2] === 'Shared') {
return true;
@ -745,10 +735,10 @@ class Util {
$publicKeys = Keymanager::getPublicKeys($this->view, $uniqueUserIds);
// Recrypt data, generate catfile
$recrypted = Crypt::legacyKeyRecryptKeyfile($legacyData, $legacyPassphrase, $publicKeys, $newPassphrase, $legacyFile['path']);
$recrypted = Crypt::legacyKeyRecryptKeyfile( $legacyData, $legacyPassphrase, $publicKeys );
$rawPath = $legacyFile['path'];
$relPath = $this->stripUserFilesPath($rawPath);
$relPath = \OCA\Encryption\Helper::stripUserFilesPath($rawPath);
// Save keyfile
Keymanager::setFileKey($this->view, $relPath, $this->userId, $recrypted['filekey']);
@ -869,8 +859,8 @@ class Util {
// Check that the user is encryption capable, or is the
// public system user 'ownCloud' (for public shares)
if (
$user == $this->publicShareKeyId
or $user == $this->recoveryKeyId
$user === $this->publicShareKeyId
or $user === $this->recoveryKeyId
or $util->ready()
) {
@ -903,6 +893,7 @@ class Util {
* @param string $filePath
* @param string $fileOwner
* @param string $privateKey
* @return bool|string
* @note Checks whether file was encrypted with openssl_seal or
* openssl_encrypt, and decrypts accrdingly
* @note This was used when 2 types of encryption for keyfiles was used,
@ -918,7 +909,7 @@ class Util {
// We need to decrypt the keyfile
// Has the file been shared yet?
if (
$this->userId == $fileOwner
$this->userId === $fileOwner
&& !Keymanager::getShareKey($this->view, $this->userId, $filePath) // NOTE: we can't use isShared() here because it's a post share hook so it always returns true
) {
@ -1028,7 +1019,7 @@ class Util {
if ($sharingEnabled) {
// Find out who, if anyone, is sharing the file
$result = \OCP\Share::getUsersSharingFile($ownerPath, $owner, true, true, true);
$result = \OCP\Share::getUsersSharingFile($ownerPath, $owner, true);
$userIds = $result['users'];
if ($result['public']) {
$userIds[] = $this->publicShareKeyId;
@ -1049,7 +1040,7 @@ class Util {
}
// add current user if given
if ($currentUserId != false) {
if ($currentUserId !== false) {
$userIds[] = $currentUserId;
@ -1136,6 +1127,7 @@ class Util {
/**
* @brief get uid of the owners of the file and the path to the file
* @param string $path Path of the file to check
* @throws \Exception
* @note $shareFilePath must be relative to data/UID/files. Files
* relative to /Shared are also acceptable
* @return array
@ -1166,7 +1158,7 @@ class Util {
\OC\Files\Filesystem::initMountPoints($fileOwnerUid);
// If the file owner is the currently logged in user
if ($fileOwnerUid == $this->userId) {
if ($fileOwnerUid === $this->userId) {
// Assume the path supplied is correct
$filename = $path;
@ -1199,14 +1191,14 @@ class Util {
$result = array();
$content = $this->view->getDirectoryContent($this->userFilesDir . $dir);
$content = $this->view->getDirectoryContent(\OC\Files\Filesystem::normalizePath($this->userFilesDir . '/' . $dir));
// handling for re shared folders
$path_split = explode('/', $dir);
$pathSplit = explode('/', $dir);
foreach ($content as $c) {
$sharedPart = $path_split[sizeof($path_split) - 1];
$sharedPart = $pathSplit[sizeof($pathSplit) - 1];
$targetPathSplit = array_reverse(explode('/', $c['path']));
$path = '';
@ -1228,7 +1220,7 @@ class Util {
$path = $dir . $path;
if ($c['type'] === "dir") {
if ($c['type'] === 'dir') {
$result = array_merge($result, $this->getAllFiles($path));
@ -1417,11 +1409,12 @@ class Util {
foreach ($dirContent as $item) {
// get relative path from files_encryption/keyfiles/
$filePath = substr($item['path'], strlen('files_encryption/keyfiles'));
if ($item['type'] == 'dir') {
if ($item['type'] === 'dir') {
$this->addRecoveryKeys($filePath . '/');
} else {
$session = new \OCA\Encryption\Session(new \OC_FilesystemView('/'));
$sharingEnabled = \OCP\Share::isEnabled();
// remove '.key' extension from path e.g. 'file.txt.key' to 'file.txt'
$file = substr($filePath, 0, -4);
$usersSharing = $this->getSharingUsersArray($sharingEnabled, $file);
$this->setSharedFileKeyfiles($session, $usersSharing, $file);
@ -1437,9 +1430,10 @@ class Util {
foreach ($dirContent as $item) {
// get relative path from files_encryption/keyfiles
$filePath = substr($item['path'], strlen('files_encryption/keyfiles'));
if ($item['type'] == 'dir') {
if ($item['type'] === 'dir') {
$this->removeRecoveryKeys($filePath . '/');
} else {
// remove '.key' extension from path e.g. 'file.txt.key' to 'file.txt'
$file = substr($filePath, 0, -4);
$this->view->unlink($this->shareKeysPath . '/' . $file . '.' . $this->recoveryKeyId . '.shareKey');
}
@ -1457,7 +1451,7 @@ class Util {
// Find out who, if anyone, is sharing the file
if ($sharingEnabled) {
$result = \OCP\Share::getUsersSharingFile($file, $this->userId, true, true, true);
$result = \OCP\Share::getUsersSharingFile($file, $this->userId, true);
$userIds = $result['users'];
$userIds[] = $this->recoveryKeyId;
if ($result['public']) {
@ -1502,10 +1496,12 @@ class Util {
private function recoverAllFiles($path, $privateKey) {
$dirContent = $this->view->getDirectoryContent($this->keyfilesPath . $path);
foreach ($dirContent as $item) {
$filePath = substr($item['path'], 25);
if ($item['type'] == 'dir') {
// get relative path from files_encryption/keyfiles
$filePath = substr($item['path'], strlen('files_encryption/keyfiles'));
if ($item['type'] === 'dir') {
$this->recoverAllFiles($filePath . '/', $privateKey);
} else {
// remove '.key' extension from path e.g. 'file.txt.key' to 'file.txt'
$file = substr($filePath, 0, -4);
$this->recoverFile($file, $privateKey);
}
@ -1531,4 +1527,21 @@ class Util {
$this->recoverAllFiles('/', $privateKey);
}
/**
* Get the path including the storage mount point
* @param int $id
* @return string the path including the mount point like AmazonS3/folder/file.txt
*/
public function getPathWithMountPoint($id) {
list($storage, $internalPath) = \OC\Files\Cache\Cache::getById($id);
$mount = \OC\Files\Filesystem::getMountByStorageId($storage);
$mountPoint = $mount[0]->getMountPoint();
$path = \OC\Files\Filesystem::normalizePath($mountPoint.'/'.$internalPath);
// reformat the path to be relative e.g. /user/files/folder becomes /folder/
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
return $relativePath;
}
}

12
apps/files_encryption/settings-admin.php
View File

@ -8,16 +8,16 @@
\OC_Util::checkAdminUser();
$tmpl = new OCP\Template( 'files_encryption', 'settings-admin' );
$tmpl = new OCP\Template('files_encryption', 'settings-admin');
// Check if an adminRecovery account is enabled for recovering files after lost pwd
$view = new OC_FilesystemView( '' );
$view = new OC_FilesystemView('');
$recoveryAdminEnabled = OC_Appconfig::getValue( 'files_encryption', 'recoveryAdminEnabled' );
$recoveryAdminEnabled = OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled');
$tmpl->assign( 'recoveryEnabled', $recoveryAdminEnabled );
$tmpl->assign('recoveryEnabled', $recoveryAdminEnabled);
\OCP\Util::addscript( 'files_encryption', 'settings-admin' );
\OCP\Util::addscript( 'core', 'multiselect' );
\OCP\Util::addscript('files_encryption', 'settings-admin');
\OCP\Util::addscript('core', 'multiselect');
return $tmpl->fetchPage();

20
apps/files_encryption/settings-personal.php
View File

@ -7,22 +7,22 @@
*/
// Add CSS stylesheet
\OC_Util::addStyle( 'files_encryption', 'settings-personal' );
$tmpl = new OCP\Template( 'files_encryption', 'settings-personal');
\OC_Util::addStyle('files_encryption', 'settings-personal');
$tmpl = new OCP\Template('files_encryption', 'settings-personal');
$user = \OCP\USER::getUser();
$view = new \OC_FilesystemView( '/' );
$util = new \OCA\Encryption\Util( $view, $user );
$view = new \OC_FilesystemView('/');
$util = new \OCA\Encryption\Util($view, $user);
$recoveryAdminEnabled = OC_Appconfig::getValue( 'files_encryption', 'recoveryAdminEnabled' );
$recoveryAdminEnabled = OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled');
$recoveryEnabledForUser = $util->recoveryEnabledForUser();
\OCP\Util::addscript( 'files_encryption', 'settings-personal' );
\OCP\Util::addScript( 'settings', 'personal' );
\OCP\Util::addscript('files_encryption', 'settings-personal');
\OCP\Util::addScript('settings', 'personal');
$tmpl->assign( 'recoveryEnabled', $recoveryAdminEnabled );
$tmpl->assign( 'recoveryEnabledForUser', $recoveryEnabledForUser );
$tmpl->assign('recoveryEnabled', $recoveryAdminEnabled);
$tmpl->assign('recoveryEnabledForUser', $recoveryEnabledForUser);
return $tmpl->fetchPage();

2
apps/files_encryption/tests/crypt.php
View File

@ -575,7 +575,7 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase {
*/
function testLegacyKeyRecryptKeyfileEncrypt($crypted) {
$recrypted = Encryption\Crypt::LegacyKeyRecryptKeyfile($crypted, $this->pass, array($this->genPublicKey), $this->pass, '');
$recrypted = Encryption\Crypt::LegacyKeyRecryptKeyfile($crypted, $this->pass, array($this->genPublicKey));
$this->assertNotEquals($this->dataLong, $recrypted['data']);

2
apps/files_encryption/tests/share.php
View File

@ -534,7 +534,7 @@ class Test_Encryption_Share extends \PHPUnit_Framework_TestCase {
// some hacking to simulate public link
$GLOBALS['app'] = 'files_sharing';
$GLOBALS['fileOwner'] = \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1;
\OC_User::setUserId('');
\OC_User::setUserId(false);
// get file contents
$retrievedCryptedFile = file_get_contents('crypt://' . $this->filename);

8
apps/files_encryption/tests/webdav.php
View File

@ -120,7 +120,7 @@ class Test_Encryption_Webdav extends \PHPUnit_Framework_TestCase {
$_SERVER['REQUEST_METHOD'] = 'PUT';
$_SERVER['REQUEST_URI'] = '/remote.php/webdav' . $filename;
$_SERVER['HTTP_AUTHORIZATION'] = 'Basic YWRtaW46YWRtaW4=';
$_SERVER['HTTP_AUTHORIZATION'] = 'Basic dGVzdC13ZWJkYXYtdXNlcjE6dGVzdC13ZWJkYXYtdXNlcjE=';
$_SERVER['CONTENT_TYPE'] = 'application/octet-stream';
$_SERVER['PATH_INFO'] = '/webdav' . $filename;
$_SERVER['CONTENT_LENGTH'] = strlen($this->dataShort);
@ -172,7 +172,7 @@ class Test_Encryption_Webdav extends \PHPUnit_Framework_TestCase {
// set server vars
$_SERVER['REQUEST_METHOD'] = 'GET';
$_SERVER['REQUEST_URI'] = '/remote.php/webdav' . $filename;
$_SERVER['HTTP_AUTHORIZATION'] = 'Basic YWRtaW46YWRtaW4=';
$_SERVER['HTTP_AUTHORIZATION'] = 'Basic dGVzdC13ZWJkYXYtdXNlcjE6dGVzdC13ZWJkYXYtdXNlcjE=';
$_SERVER['PATH_INFO'] = '/webdav' . $filename;
// handle webdav request
@ -193,7 +193,7 @@ class Test_Encryption_Webdav extends \PHPUnit_Framework_TestCase {
// set server vars
$_SERVER['REQUEST_METHOD'] = 'DELETE';
$_SERVER['REQUEST_URI'] = '/remote.php/webdav' . $filename;
$_SERVER['HTTP_AUTHORIZATION'] = 'Basic YWRtaW46YWRtaW4=';
$_SERVER['HTTP_AUTHORIZATION'] = 'Basic dGVzdC13ZWJkYXYtdXNlcjE6dGVzdC13ZWJkYXYtdXNlcjE=';
$_SERVER['PATH_INFO'] = '/webdav' . $filename;
// handle webdav request
@ -216,7 +216,7 @@ class Test_Encryption_Webdav extends \PHPUnit_Framework_TestCase {
*
* @param bool $body
*
* @note this init procedure is copied from /apps/files/remote.php
* @note this init procedure is copied from /apps/files/appinfo/remote.php
*/
function handleWebdavRequest($body = false) {
// Backends

1
apps/files_external/l10n/lt_LT.php
View File

@ -6,6 +6,7 @@
"Error configuring Google Drive storage" => "Klaida nustatinėjant Google Drive talpyklą",
"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Įspėjimas:</b> \"smbclient\" nėra įdiegtas. CIFS/SMB dalinimasis nėra galimas. Prašome susisiekti su sistemos administratoriumi kad būtų įdiegtas \"smbclient\"",
"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Įspėjimas:</b> FTP palaikymas PHP sistemoje nėra įjungtas arba nėra įdiegtas. FTP dalinimosi įjungimas nėra galimas. Prašome susisiekti su sistemos administratoriumi kad būtų įdiegtas FTP palaikymas. ",
"<b>Warning:</b> The Curl support in PHP is not enabled or installed. Mounting of ownCloud / WebDAV or GoogleDrive is not possible. Please ask your system administrator to install it." => "<b>Įspėjimas:</b> \"Curl\" palaikymas PHP terpėje nėra įjungtas arba įdiegtas. ownCloud/WebDAV ar GoogleDrive įjungimas nebus įmanomas. Prašome susisiekti su sistemos administratoriumi kad būtų įdiegtas arba įjungtas \"Curl\" palaikymas.",
"External Storage" => "Išorinės saugyklos",
"Folder name" => "Katalogo pavadinimas",
"External storage" => "Išorinė saugykla",

1
apps/files_external/l10n/nn_NO.php
View File

@ -1,4 +1,5 @@
<?php $TRANSLATIONS = array(
"Configuration" => "Innstillingar",
"Groups" => "Grupper",
"Users" => "Brukarar",
"Delete" => "Slett"

14
apps/files_external/lib/smb.php
View File

@ -57,12 +57,22 @@ class SMB extends \OC\Files\Storage\StreamWrapper{
public function stat($path) {
if ( ! $path and $this->root=='/') {//mtime doesn't work for shares
$mtime=$this->shareMTime();
$stat=stat($this->constructUrl($path));
if (empty($stat)) {
return false;
}
$mtime=$this->shareMTime();
$stat['mtime']=$mtime;
return $stat;
} else {
return stat($this->constructUrl($path));
$stat = stat($this->constructUrl($path));
// smb4php can return an empty array if the connection could not be established
if (empty($stat)) {
return false;
}
return $stat;
}
}

25
apps/files_sharing/lib/permissions.php
View File

@ -70,6 +70,28 @@ class Shared_Permissions extends Permissions {
return $filePermissions;
}
/**
* get the permissions for all files in a folder
*
* @param int $parentId
* @param string $user
* @return int[]
*/
public function getDirectoryPermissions($parentId, $user) {
// Root of the Shared folder
if ($parentId === -1) {
return \OCP\Share::getItemsSharedWith('file', \OC_Share_Backend_File::FORMAT_PERMISSIONS);
}
$permissions = $this->get($parentId, $user);
$query = \OC_DB::prepare('SELECT `fileid` FROM `*PREFIX*filecache` WHERE `parent` = ?');
$result = $query->execute(array($parentId));
$filePermissions = array();
while ($row = $result->fetchRow()) {
$filePermissions[$row['fileid']] = $permissions;
}
return $filePermissions;
}
/**
* remove the permissions for a file
*
@ -83,4 +105,5 @@ class Shared_Permissions extends Permissions {
public function removeMultiple($fileIds, $user) {
// Not a valid action for Shared Permissions
}
}
}

7
apps/files_sharing/lib/share/file.php
View File

@ -26,6 +26,7 @@ class OC_Share_Backend_File implements OCP\Share_Backend_File_Dependent {
const FORMAT_FILE_APP_ROOT = 2;
const FORMAT_OPENDIR = 3;
const FORMAT_GET_ALL = 4;
const FORMAT_PERMISSIONS = 5;
private $path;
@ -125,6 +126,12 @@ class OC_Share_Backend_File implements OCP\Share_Backend_File_Dependent {
$ids[] = $item['file_source'];
}
return $ids;
} else if ($format === self::FORMAT_PERMISSIONS) {
$filePermissions = array();
foreach ($items as $item) {
$filePermissions[$item['file_source']] = $item['permissions'];
}
return $filePermissions;
}
return array();
}

17
apps/files_versions/lib/versions.php
View File

@ -113,8 +113,16 @@ class Storage {
mkdir($versionsFolderName.'/'.$info['dirname'], 0750, true);
}
// disable proxy to prevent multiple fopen calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// store a new version of a file
$users_view->copy('files'.$filename, 'files_versions'.$filename.'.v'.$users_view->filemtime('files'.$filename));
// reset proxy state
\OC_FileProxy::$enabled = $proxyStatus;
$versionsSize = self::getVersionsSize($uid);
if ( $versionsSize === false || $versionsSize < 0 ) {
$versionsSize = self::calculateSize($uid);
@ -195,7 +203,16 @@ class Storage {
//first create a new version
$version = 'files_versions'.$filename.'.v'.$users_view->filemtime('files'.$filename);
if ( !$users_view->file_exists($version)) {
// disable proxy to prevent multiple fopen calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$users_view->copy('files'.$filename, 'files_versions'.$filename.'.v'.$users_view->filemtime('files'.$filename));
// reset proxy state
\OC_FileProxy::$enabled = $proxyStatus;
$versionCreated = true;
}

2
apps/user_ldap/appinfo/app.php
View File

@ -49,7 +49,7 @@ $entry = array(
'name' => 'LDAP'
);
OCP\Backgroundjob::addRegularTask('OCA\user_ldap\lib\Jobs', 'updateGroups');
OCP\Backgroundjob::registerJob('OCA\user_ldap\lib\Jobs');
if(OCP\App::isEnabled('user_webdavauth')) {
OCP\Util::writeLog('user_ldap',
'user_ldap and user_webdavauth are incompatible. You may experience unexpected behaviour',

2
apps/user_ldap/js/settings.js
View File

@ -14,7 +14,7 @@ var LdapConfiguration = {
//deal with Checkboxes
if($(elementID).is('input[type=checkbox]')) {
if(configvalue === 1) {
if(parseInt(configvalue) === 1) {
$(elementID).attr('checked', 'checked');
} else {
$(elementID).removeAttr('checked');

2
apps/user_ldap/l10n/de_DE.php
View File

@ -74,6 +74,8 @@
"Leave empty for user name (default). Otherwise, specify an LDAP/AD attribute." => "Ohne Eingabe wird der Benutzername (Standard) verwendet. Anderenfalls tragen Sie bitte ein LDAP/AD-Attribut ein.",
"Internal Username" => "Interner Benutzername",
"By default the internal username will be created from the UUID attribute. It makes sure that the username is unique and characters do not need to be converted. The internal username has the restriction that only these characters are allowed: [ a-zA-Z0-9_.@- ]. Other characters are replaced with their ASCII correspondence or simply omitted. On collisions a number will be added/increased. The internal username is used to identify a user internally. It is also the default name for the user home folder in ownCloud. It is also a port of remote URLs, for instance for all *DAV services. With this setting, the default behaviour can be overriden. To achieve a similar behaviour as before ownCloud 5 enter the user display name attribute in the following field. Leave it empty for default behaviour. Changes will have effect only on newly mapped (added) LDAP users." => "Standardmäßig wird der interne Benutzername mittels des UUID-Attributes erzeugt. Dies stellt sicher, dass der Benutzername einzigartig ist und keinerlei Zeichen konvertiert werden müssen. Der interne Benutzername unterliegt Beschränkungen, die nur die nachfolgenden Zeichen erlauben: [ a-zA-Z0-9_.@- ]. Andere Zeichenwerden mittels ihrer korrespondierenden Zeichen ersetzt oder einfach ausgelassen. Bei Übereinstimmungen wird ein Zähler hinzugefügt bzw. der Zähler um einen Wert erhöht. Der interne Benutzername wird benutzt, um einen Benutzer intern zu identifizieren. Es ist ebenso der standardmäßig vorausgewählte Namen des Heimatverzeichnisses in ownCloud. Es dient weiterhin als Port für Remote-URLs - zum Beispiel für alle *DAV-Dienste Mit dieser Einstellung kann das Standardverhalten überschrieben werden. Um ein ähnliches Verhalten wie vor ownCloud 5 zu erzielen, fügen Sie das anzuzeigende Attribut des Benutzernamens in das nachfolgende Feld ein. Lassen Sie dies hingegen für das Standardverhalten leer. Die Änderungen werden sich einzig und allein nur auf neu gemappte (hinzugefügte) LDAP-Benutzer auswirken.",
"Override UUID detection" => "UUID-Erkennung überschreiben",
"UUID Attribute:" => "UUID-Attribut:",
"Test Configuration" => "Testkonfiguration",
"Help" => "Hilfe"
);

6
apps/user_ldap/l10n/hu_HU.php
View File

@ -75,6 +75,12 @@
"User Home Folder Naming Rule" => "A home könyvtár elérési útvonala",
"Leave empty for user name (default). Otherwise, specify an LDAP/AD attribute." => "Hagyja üresen, ha a felhasználónevet kívánja használni. Ellenkező esetben adjon meg egy LDAP/AD attribútumot!",
"Internal Username" => "Belső felhasználónév",
"Internal Username Attribute:" => "A belső felhasználónév attribútuma:",
"Override UUID detection" => "Az UUID-felismerés felülbírálása",
"UUID Attribute:" => "UUID attribútum:",
"Username-LDAP User Mapping" => "Felhasználó - LDAP felhasználó hozzárendelés",
"Clear Username-LDAP User Mapping" => "A felhasználó - LDAP felhasználó hozzárendelés törlése",
"Clear Groupname-LDAP Group Mapping" => "A csoport - LDAP csoport hozzárendelés törlése",
"Test Configuration" => "A beállítások tesztelése",
"Help" => "Súgó"
);

3
apps/user_ldap/l10n/nl.php
View File

@ -75,10 +75,13 @@
"User Home Folder Naming Rule" => "Gebruikers Home map naamgevingsregel",
"Leave empty for user name (default). Otherwise, specify an LDAP/AD attribute." => "Laat leeg voor de gebruikersnaam (standaard). Of, specificeer een LDAP/AD attribuut.",
"Internal Username" => "Interne gebruikersnaam",
"By default the internal username will be created from the UUID attribute. It makes sure that the username is unique and characters do not need to be converted. The internal username has the restriction that only these characters are allowed: [ a-zA-Z0-9_.@- ]. Other characters are replaced with their ASCII correspondence or simply omitted. On collisions a number will be added/increased. The internal username is used to identify a user internally. It is also the default name for the user home folder in ownCloud. It is also a port of remote URLs, for instance for all *DAV services. With this setting, the default behaviour can be overriden. To achieve a similar behaviour as before ownCloud 5 enter the user display name attribute in the following field. Leave it empty for default behaviour. Changes will have effect only on newly mapped (added) LDAP users." => "Standaard wordt de interne gebruikersnaam aangemaakt op basis van de UUID attribuut. Het zorgt ervoor dat de gebruikersnaam uniek is en dat tekens niet hoeven te worden geconverteerd. De interne gebruikersnaam heeft als beperking dat alleen deze tekens zijn toegestaan: [a-zA-Z0-9_.@- ]. Andere tekens worden vervangen door hun ASCII vertaling of gewoonweg weggelaten. Bij identieke namen wordt een nummer toegevoegd of verhoogd. De interne gebruikersnaam wordt gebruikt om een gebruiker binnen het systeem te herkennen. Het is ook de standaardnaam voor de standaardmap van de gebruiker in ownCloud. Het is ook een vertaling voor externe URL's, bijvoorbeeld voor alle * DAV diensten. Met deze instelling kan het standaardgedrag worden overschreven. Om een soortgelijk gedrag te bereiken als van voor ownCloud 5, voer het gebruikersweergavenaam attribuut in in het volgende veld. Laat het leeg voor standaard gedrag. Veranderingen worden alleen toegepast op nieuw in kaart gebracht (toegevoegde) LDAP-gebruikers.",
"Internal Username Attribute:" => "Interne gebruikersnaam attribuut:",
"Override UUID detection" => "Negeren UUID detectie",
"By default, ownCloud autodetects the UUID attribute. The UUID attribute is used to doubtlessly identify LDAP users and groups. Also, the internal username will be created based on the UUID, if not specified otherwise above. You can override the setting and pass an attribute of your choice. You must make sure that the attribute of your choice can be fetched for both users and groups and it is unique. Leave it empty for default behaviour. Changes will have effect only on newly mapped (added) LDAP users and groups." => "Standaard herkent ownCloud het UUID attribuut automatisch. Het UUID attribuut wordt gebruikt om LDAP-gebruikers en -groepen uniek te identificeren. Ook zal de interne gebruikersnaam worden aangemaakt op basis van het UUID, tenzij dit hierboven anders is aangegeven. U kunt de instelling overschrijven en zelf een waarde voor het attribuut opgeven. U moet ervoor zorgen dat het ingestelde attribuut kan worden opgehaald voor zowel gebruikers als groepen en dat het uniek is. Laat het leeg voor standaard gedrag. Veranderingen worden alleen doorgevoerd op nieuw in kaart gebrachte (toegevoegde) LDAP-gebruikers en-groepen.",
"UUID Attribute:" => "UUID Attribuut:",
"Username-LDAP User Mapping" => "Gebruikersnaam-LDAP gebruikers vertaling",
"ownCloud uses usernames to store and assign (meta) data. In order to precisely identify and recognize users, each LDAP user will have a internal username. This requires a mapping from ownCloud username to LDAP user. The created username is mapped to the UUID of the LDAP user. Additionally the DN is cached as well to reduce LDAP interaction, but it is not used for identification. If the DN changes, the changes will be found by ownCloud. The internal ownCloud name is used all over in ownCloud. Clearing the Mappings will have leftovers everywhere. Clearing the Mappings is not configuration sensitive, it affects all LDAP configurations! Do never clear the mappings in a production environment. Only clear mappings in a testing or experimental stage." => "ownCloud maakt gebruik van gebruikersnamen om (meta) data op te slaan en toe te wijzen. Om gebruikers uniek te identificeren, zal elke LDAP-gebruiker ook een interne gebruikersnaam krijgen. Dit vereist een mapping van de ownCloud gebruikersnaam naar een LDAP-gebruiker. De gecreëerde gebruikersnaam is gekoppeld aan de UUID van de LDAP-gebruiker. Ook de 'DN' wordt gecached om het aantal LDAP transacties te verminderen, maar deze wordt niet gebruikt voor identificatie. Als de DN verandert, zullen de veranderingen worden gevonden door ownCloud. De interne ownCloud naam wordt overal in ownCloud gebruikt. Wissen van de koppeling zal overal overblijfsel laten staan. Het wissen van Mappings is niet configuratiegevoelig, maar het raakt wel alle LDAP instellingen! Zorg ervoor dat deze Mappings nooit in een productieomgeving plaatsvinden. Maak ze alleen leeg in een test-of ontwikkelomgeving.",
"Clear Username-LDAP User Mapping" => "Leegmaken Gebruikersnaam-LDAP gebruikers vertaling",
"Clear Groupname-LDAP Group Mapping" => "Leegmaken Groepsnaam-LDAP groep vertaling",
"Test Configuration" => "Test configuratie",

2
apps/user_ldap/l10n/pl.php
View File

@ -79,6 +79,8 @@
"Override UUID detection" => "Zastąp wykrywanie UUID",
"UUID Attribute:" => "Atrybuty UUID:",
"Username-LDAP User Mapping" => "Mapowanie użytkownika LDAP",
"Clear Username-LDAP User Mapping" => "Czyść Mapowanie użytkownika LDAP",
"Clear Groupname-LDAP Group Mapping" => "Czyść Mapowanie nazwy grupy LDAP",
"Test Configuration" => "Konfiguracja testowa",
"Help" => "Pomoc"
);

7
apps/user_ldap/l10n/sk_SK.php
View File

@ -1,4 +1,5 @@
<?php $TRANSLATIONS = array(
"Failed to clear the mappings." => "Nepodarilo sa vymazať mapovania.",
"Failed to delete the server configuration" => "Zlyhalo zmazanie nastavenia servera.",
"The configuration is valid and the connection could be established!" => "Nastavenie je v poriadku a pripojenie je stabilné.",
"The configuration is valid, but the Bind failed. Please check the server settings and credentials." => "Nastavenie je v poriadku, ale pripojenie zlyhalo. Skontrolujte nastavenia servera a prihlasovacie údaje.",
@ -7,6 +8,7 @@
"Take over settings from recent server configuration?" => "Prebrať nastavenia z nedávneho nastavenia servera?",
"Keep settings?" => "Ponechať nastavenia?",
"Cannot add server configuration" => "Nemožno pridať nastavenie servera",
"mappings cleared" => "mapovanie vymazané",
"Success" => "Úspešné",
"Error" => "Chyba",
"Connection test succeeded" => "Test pripojenia bol úspešný",
@ -72,6 +74,11 @@
"Email Field" => "Pole email",
"User Home Folder Naming Rule" => "Pravidlo pre nastavenie mena používateľského priečinka dát",
"Leave empty for user name (default). Otherwise, specify an LDAP/AD attribute." => "Nechajte prázdne pre používateľské meno (predvolené). Inak uveďte atribút LDAP/AD.",
"Internal Username" => "Interné používateľské meno",
"By default the internal username will be created from the UUID attribute. It makes sure that the username is unique and characters do not need to be converted. The internal username has the restriction that only these characters are allowed: [ a-zA-Z0-9_.@- ]. Other characters are replaced with their ASCII correspondence or simply omitted. On collisions a number will be added/increased. The internal username is used to identify a user internally. It is also the default name for the user home folder in ownCloud. It is also a port of remote URLs, for instance for all *DAV services. With this setting, the default behaviour can be overriden. To achieve a similar behaviour as before ownCloud 5 enter the user display name attribute in the following field. Leave it empty for default behaviour. Changes will have effect only on newly mapped (added) LDAP users." => "V predvolenom nastavení bude interné používateľské meno vytvorené z UUID atribútu. Zabezpečí sa to, že používateľské meno bude jedinečné a znaky nemusia byť prevedené. Interné meno má obmedzenie, iba tieto znaky sú povolené: [a-zA-Z0-9_ @ -.]. Ostatné znaky sú nahradené ich ASCII alebo jednoducho vynechané. Pri kolíziách bude číslo byť pridané / odobrané. Interné používateľské meno sa používa na identifikáciu používateľa interne. Je to tiež predvolený názov používateľského domovského priečinka v ownCloud. To je tiež port vzdialeného URL, napríklad pre všetky služby * DAV. S týmto nastavením sa dá prepísať predvolené správanie. Pre dosiahnutie podobného správania sa ako pred ownCloud 5 zadajte atribút zobrazenia používateľského mena v tomto poli. Ponechajte prázdne pre predvolené správanie. Zmeny budú mať vplyv iba na novo mapovaných (pridaných) LDAP používateľov.",
"Internal Username Attribute:" => "Atribút interného používateľského mena:",
"Override UUID detection" => "Prepísať UUID detekciu",
"UUID Attribute:" => "UUID atribút:",
"Test Configuration" => "Test nastavenia",
"Help" => "Pomoc"
);

4
apps/user_ldap/lib/access.php
View File

@ -441,8 +441,8 @@ abstract class Access {
//while loop is just a precaution. If a name is not generated within
//20 attempts, something else is very wrong. Avoids infinite loop.
while($attempts < 20){
$altName = $name . '_' . uniqid();
if(\OCP\User::userExists($altName)) {
$altName = $name . '_' . rand(1000,9999);
if(!\OCP\User::userExists($altName)) {
return $altName;
}
$attempts++;

16
apps/user_ldap/lib/connection.php
View File

@ -601,14 +601,13 @@ class Connection {
$error = null;
}
$error = null;
//if LDAP server is not reachable, try the Backup (Replica!) Server
if((!$bindStatus && ($error === -1))
if((!$bindStatus && ($error !== 0))
|| $this->config['ldapOverrideMainServer']
|| $this->getFromCache('overrideMainServer')) {
$this->doConnect($this->config['ldapBackupHost'], $this->config['ldapBackupPort']);
$bindStatus = $this->bind();
if($bindStatus && $error === -1) {
if(!$bindStatus && $error === -1) {
//when bind to backup server succeeded and failed to main server,
//skip contacting him until next cache refresh
$this->writeToCache('overrideMainServer', true);
@ -622,6 +621,10 @@ class Connection {
if(empty($host)) {
return false;
}
if(strpos($host, '://') !== false) {
//ldap_connect ignores port paramater when URLs are passed
$host .= ':' . $port;
}
$this->ldapConnectionRes = ldap_connect($host, $port);
if(ldap_set_option($this->ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
if(ldap_set_option($this->ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
@ -636,10 +639,17 @@ class Connection {
* Binds to LDAP
*/
public function bind() {
static $getConnectionResourceAttempt = false;
if(!$this->config['ldapConfigurationActive']) {
return false;
}
if($getConnectionResourceAttempt) {
$getConnectionResourceAttempt = false;
return false;
}
$getConnectionResourceAttempt = true;
$cr = $this->getConnectionResource();
$getConnectionResourceAttempt = false;
if(!is_resource($cr)) {
return false;
}

8
apps/user_ldap/lib/helper.php
View File

@ -118,7 +118,13 @@ class Helper {
return false;
}
$query = \OCP\DB::prepare('TRUNCATE '.$table);
if(strpos(\OCP\Config::getSystemValue('dbtype'), 'sqlite') !== false) {
$query = \OCP\DB::prepare('DELETE FROM '.$table);
} else {
$query = \OCP\DB::prepare('TRUNCATE '.$table);
}
$res = $query->execute();
if(\OCP\DB::isError($res)) {

19
apps/user_ldap/lib/jobs.php
View File

@ -23,20 +23,22 @@
namespace OCA\user_ldap\lib;
class Jobs {
class Jobs extends \OC\BackgroundJob\TimedJob {
static private $groupsFromDB;
static private $groupBE;
static private $connector;
public function __construct(){
$this->interval = self::getRefreshInterval();
}
public function run($argument){
Jobs::updateGroups();
}
static public function updateGroups() {
\OCP\Util::writeLog('user_ldap', 'Run background job "updateGroups"', \OCP\Util::DEBUG);
$lastUpdate = \OCP\Config::getAppValue('user_ldap', 'bgjUpdateGroupsLastRun', 0);
if((time() - $lastUpdate) < self::getRefreshInterval()) {
\OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" last run too fresh, aborting.', \OCP\Util::DEBUG);
//komm runter Werner die Maurer geben ein aus
return;
}
$knownGroups = array_keys(self::getKnownGroups());
$actualGroups = self::getGroupBE()->getGroups();
@ -45,7 +47,6 @@ class Jobs {
\OCP\Util::writeLog('user_ldap',
'bgJ "updateGroups" groups do not seem to be configured properly, aborting.',
\OCP\Util::INFO);
\OCP\Config::setAppValue('user_ldap', 'bgjUpdateGroupsLastRun', time());
return;
}
@ -53,8 +54,6 @@ class Jobs {
self::handleCreatedGroups(array_diff($actualGroups, $knownGroups));
self::handleRemovedGroups(array_diff($knownGroups, $actualGroups));
\OCP\Config::setAppValue('user_ldap', 'bgjUpdateGroupsLastRun', time());
\OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" Finished.', \OCP\Util::DEBUG);
}

5
apps/user_webdavauth/l10n/nn_NO.php Normal file
View File

@ -0,0 +1,5 @@
<?php $TRANSLATIONS = array(
"WebDAV Authentication" => "WebDAV-autentisering",
"URL: http://" => "Nettadresse: http://",
"ownCloud will send the user credentials to this URL. This plugin checks the response and will interpret the HTTP statuscodes 401 and 403 as invalid credentials, and all other responses as valid credentials." => "ownCloud sender brukarakkreditiv til denne nettadressa. Dette programtillegget kontrollerer svaret og tolkar HTTP-statuskodane 401 og 403 som ugyldige, og alle andre svar som gyldige."
);

48
core/css/jquery.ocdialog.css Normal file
View File

@ -0,0 +1,48 @@
.oc-dialog {
background: white;
color: #333333;
border-radius: 3px; box-shadow: 0 0 7px #888888;
padding: 15px;
z-index: 1000;
font-size: 100%;
-webkit-box-sizing: border-box;
-moz-box-sizing: border-box;
box-sizing: border-box;
min-width: 200px;
}
.oc-dialog-title {
background: white;
font-weight: bold;
font-size: 110%;
margin-bottom: 10px;
}
.oc-dialog-content {
z-index: 1000;
background: white;
}
.oc-dialog-separator {
}
.oc-dialog-buttonrow {
background: white;
float: right;
position: relative;
bottom: 0;
display: block;
margin-top: 10px;
}
.oc-dialog-close {
position:absolute;
top:7px; right:7px;
height:20px; width:20px;
background:url('../img/actions/delete.svg') no-repeat center;
}
.oc-dialog-dim {
background-color: #000;
opacity: .20;filter:Alpha(Opacity=20);
z-index: 999;
position: absolute;
top: 0; left: 0;
width: 100%; height: 100%;
}

7
core/css/styles.css
View File

@ -391,7 +391,12 @@ a.bookmarklet { background-color:#ddd; border:1px solid #ccc; padding:5px;paddin
#oc-dialog-filepicker-content .dirtree span:not(:last-child) { cursor: pointer; }
#oc-dialog-filepicker-content .dirtree span:last-child { font-weight: bold; }
#oc-dialog-filepicker-content .dirtree span:not(:last-child)::after { content: '>'; padding: 3px;}
#oc-dialog-filepicker-content .filelist {height:270px; overflow-y:auto; background-color:white; width:100%;}
#oc-dialog-filepicker-content .filelist {
overflow-y:auto;
max-height: 300px;
background-color:white;
width:100%;
}
#oc-dialog-filepicker-content .filelist img { margin: 2px 1em 0 4px; }
#oc-dialog-filepicker-content .filelist .date { float:right;margin-right:1em; }
#oc-dialog-filepicker-content .filepicker_element_selected { background-color:lightblue;}

6
core/js/jquery-1.10.0.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

4
core/js/jquery-1.7.2.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
core/js/jquery-migrate-1.2.1.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

217
core/js/jquery.ocdialog.js Normal file
View File

@ -0,0 +1,217 @@
(function($) {
$.widget('oc.ocdialog', {
options: {
width: 'auto',
height: 'auto',
closeButton: true,
closeOnEscape: true,
modal: false
},
_create: function() {
var self = this;
this.originalCss = {
display: this.element[0].style.display,
width: this.element[0].style.width,
height: this.element[0].style.height,
};
this.originalTitle = this.element.attr('title');
this.options.title = this.options.title || this.originalTitle;
this.$dialog = $('<div class="oc-dialog" />')
.attr({
// Setting tabIndex makes the div focusable
tabIndex: -1,
role: 'dialog'
})
.insertBefore(this.element);
this.$dialog.append(this.element.detach());
this.element.removeAttr('title').addClass('oc-dialog-content').appendTo(this.$dialog);
this.$dialog.css({
display: 'inline-block',
position: 'fixed'
});
$(document).on('keydown keyup', function(event) {
if(event.target !== self.$dialog.get(0) && self.$dialog.find($(event.target)).length === 0) {
return;
}
// Escape
if(event.keyCode === 27 && self.options.closeOnEscape) {
self.close();
return false;
}
// Enter
if(event.keyCode === 13) {
event.stopImmediatePropagation();
if(event.type === 'keyup') {
event.preventDefault();
return false;
}
// If no button is selected we trigger the primary
if(self.$buttonrow && self.$buttonrow.find($(event.target)).length === 0) {
var $button = self.$buttonrow.find('button.primary');
if($button) {
$button.trigger('click');
}
} else if(self.$buttonrow) {
$(event.target).trigger('click');
}
return false;
}
});
$(window).resize(function() {
self.parent = self.$dialog.parent().length > 0 ? self.$dialog.parent() : $('body');
var pos = self.parent.position();
self.$dialog.css({
left: pos.left + (self.parent.width() - self.$dialog.outerWidth())/2,
top: pos.top + (self.parent.height() - self.$dialog.outerHeight())/2
});
});
this._setOptions(this.options);
$(window).trigger('resize');
this._createOverlay();
},
_init: function() {
this.$dialog.focus();
this._trigger('open');
},
_setOption: function(key, value) {
var self = this;
switch(key) {
case 'title':
var $title = $('<h3 class="oc-dialog-title">' + this.options.title
+ '</h3>'); //<hr class="oc-dialog-separator" />');
if(this.$title) {
this.$title.replaceWith($title);
} else {
this.$title = $title.prependTo(this.$dialog);
}
this._setSizes();
break;
case 'buttons':
var $buttonrow = $('<div class="oc-dialog-buttonrow" />');
if(this.$buttonrow) {
this.$buttonrow.replaceWith($buttonrow);
} else {
this.$buttonrow = $buttonrow.appendTo(this.$dialog);
}
$.each(value, function(idx, val) {
var $button = $('<button>').text(val.text);
if(val.defaultButton) {
$button.addClass('primary');
self.$defaultButton = $button;
}
self.$buttonrow.append($button);
$button.click(function() {
val.click.apply(self.element[0], arguments);
});
});
this.$buttonrow.find('button')
.on('focus', function(event) {
self.$buttonrow.find('button').removeClass('primary');
$(this).addClass('primary');
});
this._setSizes();
break;
case 'closeButton':
if(value) {
var $closeButton = $('<a class="oc-dialog-close svg"></a>');
this.$dialog.prepend($closeButton);
$closeButton.on('click', function() {
self.close();
});
}
break;
case 'width':
this.$dialog.css('width', value);
break;
case 'height':
this.$dialog.css('height', value);
break;
case 'close':
this.closeCB = value;
break;
}
//this._super(key, value);
$.Widget.prototype._setOption.apply(this, arguments );
},
_setOptions: function(options) {
//this._super(options);
$.Widget.prototype._setOptions.apply(this, arguments);
},
_setSizes: function() {
var content_height = this.$dialog.height();
if(this.$title) {
content_height -= this.$title.outerHeight(true);
}
if(this.$buttonrow) {
content_height -= this.$buttonrow.outerHeight(true);
}
this.parent = this.$dialog.parent().length > 0 ? this.$dialog.parent() : $('body');
content_height = Math.min(content_height, this.parent.height()-20)
this.element.css({
height: content_height + 'px',
width: this.$dialog.innerWidth()-20 + 'px'
});
},
_createOverlay: function() {
if(!this.options.modal) {
return;
}
var self = this;
this.overlay = $('<div>')
.addClass('oc-dialog-dim')
.appendTo($('#content'));
this.overlay.on('click keydown keyup', function(event) {
if(event.target !== self.$dialog.get(0) && self.$dialog.find($(event.target)).length === 0) {
event.preventDefault();
event.stopPropagation();
return;
}
});
},
_destroyOverlay: function() {
if (!this.options.modal) {
return;
}
if (this.overlay) {
this.overlay.off('click keydown keyup');
this.overlay.remove();
this.overlay = null;
}
},
widget: function() {
return this.$dialog
},
close: function() {
this._destroyOverlay();
var self = this;
// Ugly hack to catch remaining keyup events.
setTimeout(function() {
self._trigger('close', self);
self.$dialog.hide();
}, 200);
},
destroy: function() {
if(this.$title) {
this.$title.remove()
}
if(this.$buttonrow) {
this.$buttonrow.remove()
}
if(this.originalTitle) {
this.element.attr('title', this.originalTitle);
}
this.element.removeClass('oc-dialog-content')
.css(this.originalCss).detach().insertBefore(this.$dialog);
this.$dialog.remove();
}
});
}(jQuery));

29
core/js/oc-dialogs.js
View File

@ -72,7 +72,7 @@ var OCdialogs = {
var dialog_name = 'oc-dialog-filepicker-content';
var dialog_id = '#' + dialog_name;
if(self.$filePicker) {
self.$filePicker.dialog('close');
self.$filePicker.ocdialog('close');
}
self.$filePicker = $tmpl.octemplate({
dialog_name: dialog_name,
@ -110,26 +110,29 @@ var OCdialogs = {
datapath += '/' + self.$filelist.find('.filepicker_element_selected .filename').text();
}
callback(datapath);
self.$filePicker.dialog('close');
self.$filePicker.ocdialog('close');
}
};
var buttonlist = [{
text: t('core', 'Choose'),
click: functionToCall
click: functionToCall,
defaultButton: true
},
{
text: t('core', 'Cancel'),
click: function(){self.$filePicker.dialog('close'); }
click: function(){self.$filePicker.ocdialog('close'); }
}];
self.$filePicker.dialog({
self.$filePicker.ocdialog({
closeOnEscape: true,
width: (4/9)*$(document).width(),
height: 420,
modal: modal,
buttons: buttonlist,
close: function(event, ui) {
self.$filePicker.dialog('destroy').remove();
try {
$(this).ocdialog('destroy').remove();
} catch(e) {}
self.$filePicker = null;
}
});
@ -161,30 +164,32 @@ var OCdialogs = {
text: t('core', 'Yes'),
click: function(){
if (callback !== undefined) { callback(true) };
$(dialog_id).dialog('close');
}
$(dialog_id).ocdialog('close');
},
defaultButton: true
},
{
text: t('core', 'No'),
click: function(){
if (callback !== undefined) { callback(false) };
$(dialog_id).dialog('close');
$(dialog_id).ocdialog('close');
}
}];
break;
case OCdialogs.OK_BUTTON:
var functionToCall = function() {
$(dialog_id).dialog('close');
$(dialog_id).ocdialog('close');
if(callback !== undefined) { callback() };
};
buttonlist[0] = {
text: t('core', 'Ok'),
click: functionToCall
click: functionToCall,
defaultButton: true
};
break;
};
$(dialog_id).dialog({
$(dialog_id).ocdialog({
closeOnEscape: true,
modal: modal,
buttons: buttonlist

8
core/js/octemplate.js
View File

@ -60,11 +60,11 @@
var self = this;
if(typeof this.options.escapeFunction === 'function') {
$.each(this.vars, function(key, val) {
if(typeof val === 'string') {
self.vars[key] = self.options.escapeFunction(val);
for (var key = 0; key < this.vars.length; key++) {
if(typeof this.vars[key] === 'string') {
this.vars[key] = self.options.escapeFunction(this.vars[key]);
}
});
}
}
var _html = this._build(this.vars);

3
core/l10n/da.php
View File

@ -88,6 +88,8 @@
"The update was successful. Redirecting you to ownCloud now." => "Opdateringen blev udført korrekt. Du bliver nu viderestillet til ownCloud.",
"ownCloud password reset" => "Nulstil ownCloud kodeord",
"Use the following link to reset your password: {link}" => "Anvend følgende link til at nulstille din adgangskode: {link}",
"The link to reset your password has been sent to your email.<br>If you do not receive it within a reasonable amount of time, check your spam/junk folders.<br>If it is not there ask your local administrator ." => "Linket til at nulstille dit kodeord er blevet sendt til din e-post. <br> Hvis du ikke modtager den inden for en rimelig tid, så tjek dine spam / junk mapper.<br> Hvis det ikke er der, så spørg din lokale administrator.",
"Request failed!<br>Did you make sure your email/username was right?" => "Anmodning mislykkedes!<br>Er du sikker på at din e-post / brugernavn var korrekt?",
"You will receive a link to reset your password via Email." => "Du vil modtage et link til at nulstille dit kodeord via email.",
"Username" => "Brugernavn",
"Request reset" => "Anmod om nulstilling",
@ -123,6 +125,7 @@
"Database host" => "Databasehost",
"Finish setup" => "Afslut opsætning",
"web services under your control" => "Webtjenester under din kontrol",
"%s is available. Get more information on how to update." => "%s er tilgængelig. Få mere information om, hvordan du opdaterer.",
"Log out" => "Log ud",
"Automatic logon rejected!" => "Automatisk login afvist!",
"If you did not change your password recently, your account may be compromised!" => "Hvis du ikke har ændret din adgangskode for nylig, har nogen muligvis tiltvunget sig adgang til din konto!",

1
core/l10n/ru.php
View File

@ -46,6 +46,7 @@
"years ago" => "несколько лет назад",
"Choose" => "Выбрать",
"Cancel" => "Отменить",
"Error loading file picker template" => "Ошибка при загрузке файла выбора шаблона",
"Yes" => "Да",
"No" => "Нет",
"Ok" => "Ок",

111
cron.php
View File

@ -1,24 +1,24 @@
<?php
/**
* ownCloud
*
* @author Jakob Sack
* @copyright 2012 Jakob Sack owncloud@jakobsack.de
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
* ownCloud
*
* @author Jakob Sack
* @copyright 2012 Jakob Sack owncloud@jakobsack.de
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
// Unfortunately we need this class for shutdown function
class TemporaryCronClass {
@ -30,17 +30,16 @@ class TemporaryCronClass {
// We use this function to handle (unexpected) shutdowns
function handleUnexpectedShutdown() {
// Delete lockfile
if( !TemporaryCronClass::$keeplock && file_exists( TemporaryCronClass::$lockfile )) {
unlink( TemporaryCronClass::$lockfile );
if (!TemporaryCronClass::$keeplock && file_exists(TemporaryCronClass::$lockfile)) {
unlink(TemporaryCronClass::$lockfile);
}
// Say goodbye if the app did not shutdown properly
if( !TemporaryCronClass::$sent ) {
if( OC::$CLI ) {
echo 'Unexpected error!'.PHP_EOL;
}
else{
OC_JSON::error( array( 'data' => array( 'message' => 'Unexpected error!')));
if (!TemporaryCronClass::$sent) {
if (OC::$CLI) {
echo 'Unexpected error!' . PHP_EOL;
} else {
OC_JSON::error(array('data' => array('message' => 'Unexpected error!')));
}
}
}
@ -50,8 +49,8 @@ require_once 'lib/base.php';
session_write_close();
// Don't do anything if ownCloud has not been installed
if( !OC_Config::getValue( 'installed', false )) {
exit( 0 );
if (!OC_Config::getValue('installed', false)) {
exit(0);
}
// Handle unexpected errors
@ -62,50 +61,54 @@ OC_Helper::cleanTmpNoClean();
// Exit if background jobs are disabled!
$appmode = OC_BackgroundJob::getExecutionType();
if( $appmode == 'none' ) {
if ($appmode == 'none') {
TemporaryCronClass::$sent = true;
if( OC::$CLI ) {
echo 'Background Jobs are disabled!'.PHP_EOL;
if (OC::$CLI) {
echo 'Background Jobs are disabled!' . PHP_EOL;
} else {
OC_JSON::error(array('data' => array('message' => 'Background jobs disabled!')));
}
else{
OC_JSON::error( array( 'data' => array( 'message' => 'Background jobs disabled!')));
}
exit( 1 );
exit(1);
}
if( OC::$CLI ) {
if (OC::$CLI) {
// Create lock file first
TemporaryCronClass::$lockfile = OC_Config::getValue( "datadirectory", OC::$SERVERROOT.'/data' ).'/cron.lock';
TemporaryCronClass::$lockfile = OC_Config::getValue("datadirectory", OC::$SERVERROOT . '/data') . '/cron.lock';
// We call ownCloud from the CLI (aka cron)
if( $appmode != 'cron' ) {
if ($appmode != 'cron') {
// Use cron in feature!
OC_BackgroundJob::setExecutionType('cron' );
OC_BackgroundJob::setExecutionType('cron');
}
// check if backgroundjobs is still running
if( file_exists( TemporaryCronClass::$lockfile )) {
if (file_exists(TemporaryCronClass::$lockfile)) {
TemporaryCronClass::$keeplock = true;
TemporaryCronClass::$sent = true;
echo "Another instance of cron.php is still running!";
exit( 1 );
exit(1);
}
// Create a lock file
touch( TemporaryCronClass::$lockfile );
touch(TemporaryCronClass::$lockfile);
// Work
OC_BackgroundJob_Worker::doAllSteps();
}
else{
// We call cron.php from some website
if( $appmode == 'cron' ) {
// Cron is cron :-P
OC_JSON::error( array( 'data' => array( 'message' => 'Backgroundjobs are using system cron!')));
$jobList = new \OC\BackgroundJob\JobList();
$jobs = $jobList->getAll();
foreach ($jobs as $job) {
$job->execute($jobList);
}
else{
} else {
// We call cron.php from some website
if ($appmode == 'cron') {
// Cron is cron :-P
OC_JSON::error(array('data' => array('message' => 'Backgroundjobs are using system cron!')));
} else {
// Work and success :-)
OC_BackgroundJob_Worker::doNextStep();
$jobList = new \OC\BackgroundJob\JobList();
$job = $jobList->getNext();
$job->execute($jobList);
$jobList->setLastJob($job);
OC_JSON::success();
}
}

30
db_structure.xml
View File

@ -859,7 +859,7 @@
<table>
<name>*dbprefix*queuedtasks</name>
<name>*dbprefix*jobs</name>
<declaration>
@ -874,35 +874,35 @@
</field>
<field>
<name>app</name>
<name>class</name>
<type>text</type>
<default></default>
<notnull>true</notnull>
<length>255</length>
<length>256</length>
</field>
<field>
<name>klass</name>
<name>argument</name>
<type>text</type>
<default></default>
<notnull>true</notnull>
<length>255</length>
<length>256</length>
</field>
<field>
<name>method</name>
<type>text</type>
<name>last_run</name>
<type>integer</type>
<default></default>
<notnull>true</notnull>
<length>255</length>
<notnull>false</notnull>
</field>
<field>
<name>parameters</name>
<type>text</type>
<notnull>true</notnull>
<length>255</length>
</field>
<index>
<name>job_class_index</name>
<field>
<name>class</name>
<sorting>ascending</sorting>
</field>
</index>
</declaration>

14
l10n/af_ZA/core.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:02+0200\n"
"PO-Revision-Date: 2013-05-29 00:02+0000\n"
"POT-Creation-Date: 2013-06-04 02:29+0200\n"
"PO-Revision-Date: 2013-06-03 00:32+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Afrikaans (South Africa) (http://www.transifex.com/projects/p/owncloud/language/af_ZA/)\n"
"MIME-Version: 1.0\n"
@ -216,23 +216,23 @@ msgstr ""
msgid "Choose"
msgstr ""
#: js/oc-dialogs.js:121
#: js/oc-dialogs.js:122
msgid "Cancel"
msgstr ""
#: js/oc-dialogs.js:138 js/oc-dialogs.js:195
#: js/oc-dialogs.js:141 js/oc-dialogs.js:200
msgid "Error loading file picker template"
msgstr ""
#: js/oc-dialogs.js:161
#: js/oc-dialogs.js:164
msgid "Yes"
msgstr ""
#: js/oc-dialogs.js:168
#: js/oc-dialogs.js:172
msgid "No"
msgstr ""
#: js/oc-dialogs.js:181
#: js/oc-dialogs.js:185
msgid "Ok"
msgstr ""

22
l10n/af_ZA/files_encryption.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-25 02:01+0200\n"
"PO-Revision-Date: 2013-05-25 00:02+0000\n"
"POT-Creation-Date: 2013-05-30 02:27+0200\n"
"PO-Revision-Date: 2013-05-30 00:27+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Afrikaans (South Africa) (http://www.transifex.com/projects/p/owncloud/language/af_ZA/)\n"
"MIME-Version: 1.0\n"
@ -17,12 +17,22 @@ msgstr ""
"Language: af_ZA\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
#: ajax/adminrecovery.php:40
msgid "Recovery key successfully "
#: ajax/adminrecovery.php:29
msgid "Recovery key successfully enabled"
msgstr ""
#: ajax/adminrecovery.php:42
msgid "Could not "
#: ajax/adminrecovery.php:34
msgid ""
"Could not enable recovery key. Please check your recovery key password!"
msgstr ""
#: ajax/adminrecovery.php:48
msgid "Recovery key successfully disabled"
msgstr ""
#: ajax/adminrecovery.php:53
msgid ""
"Could not disable recovery key. Please check your recovery key password!"
msgstr ""
#: ajax/changeRecoveryPassword.php:49

6
l10n/af_ZA/lib.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:02+0200\n"
"PO-Revision-Date: 2013-05-29 00:02+0000\n"
"POT-Creation-Date: 2013-06-04 02:29+0200\n"
"PO-Revision-Date: 2013-06-03 00:32+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Afrikaans (South Africa) (http://www.transifex.com/projects/p/owncloud/language/af_ZA/)\n"
"MIME-Version: 1.0\n"
@ -57,7 +57,7 @@ msgstr ""
msgid "Selected files too large to generate zip file."
msgstr ""
#: helper.php:228
#: helper.php:236
msgid "couldn't be determined"
msgstr ""

14
l10n/ar/core.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:02+0200\n"
"PO-Revision-Date: 2013-05-29 00:02+0000\n"
"POT-Creation-Date: 2013-06-04 02:29+0200\n"
"PO-Revision-Date: 2013-06-03 00:32+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Arabic (http://www.transifex.com/projects/p/owncloud/language/ar/)\n"
"MIME-Version: 1.0\n"
@ -216,23 +216,23 @@ msgstr "سنة مضت"
msgid "Choose"
msgstr "اختيار"
#: js/oc-dialogs.js:121
#: js/oc-dialogs.js:122
msgid "Cancel"
msgstr "الغاء"
#: js/oc-dialogs.js:138 js/oc-dialogs.js:195
#: js/oc-dialogs.js:141 js/oc-dialogs.js:200
msgid "Error loading file picker template"
msgstr ""
#: js/oc-dialogs.js:161
#: js/oc-dialogs.js:164
msgid "Yes"
msgstr "نعم"
#: js/oc-dialogs.js:168
#: js/oc-dialogs.js:172
msgid "No"
msgstr "لا"
#: js/oc-dialogs.js:181
#: js/oc-dialogs.js:185
msgid "Ok"
msgstr "موافق"

4
l10n/ar/files.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:17+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:17+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Arabic (http://www.transifex.com/projects/p/owncloud/language/ar/)\n"
"MIME-Version: 1.0\n"

22
l10n/ar/files_encryption.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-26 01:58+0200\n"
"PO-Revision-Date: 2013-05-25 00:20+0000\n"
"POT-Creation-Date: 2013-05-30 02:27+0200\n"
"PO-Revision-Date: 2013-05-30 00:27+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Arabic (http://www.transifex.com/projects/p/owncloud/language/ar/)\n"
"MIME-Version: 1.0\n"
@ -17,12 +17,22 @@ msgstr ""
"Language: ar\n"
"Plural-Forms: nplurals=6; plural=n==0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 && n%100<=10 ? 3 : n%100>=11 && n%100<=99 ? 4 : 5;\n"
#: ajax/adminrecovery.php:40
msgid "Recovery key successfully "
#: ajax/adminrecovery.php:29
msgid "Recovery key successfully enabled"
msgstr ""
#: ajax/adminrecovery.php:42
msgid "Could not "
#: ajax/adminrecovery.php:34
msgid ""
"Could not enable recovery key. Please check your recovery key password!"
msgstr ""
#: ajax/adminrecovery.php:48
msgid "Recovery key successfully disabled"
msgstr ""
#: ajax/adminrecovery.php:53
msgid ""
"Could not disable recovery key. Please check your recovery key password!"
msgstr ""
#: ajax/changeRecoveryPassword.php:49

4
l10n/ar/files_external.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:17+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:17+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Arabic (http://www.transifex.com/projects/p/owncloud/language/ar/)\n"
"MIME-Version: 1.0\n"

4
l10n/ar/files_sharing.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:18+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:18+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Arabic (http://www.transifex.com/projects/p/owncloud/language/ar/)\n"
"MIME-Version: 1.0\n"

4
l10n/ar/files_trashbin.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:18+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:18+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Arabic (http://www.transifex.com/projects/p/owncloud/language/ar/)\n"
"MIME-Version: 1.0\n"

6
l10n/ar/lib.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:02+0200\n"
"PO-Revision-Date: 2013-05-29 00:02+0000\n"
"POT-Creation-Date: 2013-06-04 02:29+0200\n"
"PO-Revision-Date: 2013-06-03 00:32+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Arabic (http://www.transifex.com/projects/p/owncloud/language/ar/)\n"
"MIME-Version: 1.0\n"
@ -57,7 +57,7 @@ msgstr "العودة الى الملفات"
msgid "Selected files too large to generate zip file."
msgstr "الملفات المحددة كبيرة جدا ليتم ضغطها في ملف zip"
#: helper.php:228
#: helper.php:236
msgid "couldn't be determined"
msgstr "تعذّر تحديده"

4
l10n/ar/settings.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:02+0200\n"
"PO-Revision-Date: 2013-05-28 23:17+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:17+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Arabic (http://www.transifex.com/projects/p/owncloud/language/ar/)\n"
"MIME-Version: 1.0\n"

4
l10n/ar/user_ldap.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:18+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:18+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Arabic (http://www.transifex.com/projects/p/owncloud/language/ar/)\n"
"MIME-Version: 1.0\n"

22
l10n/be/files_encryption.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-25 02:01+0200\n"
"PO-Revision-Date: 2013-05-25 00:02+0000\n"
"POT-Creation-Date: 2013-05-30 02:27+0200\n"
"PO-Revision-Date: 2013-05-30 00:27+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Belarusian (http://www.transifex.com/projects/p/owncloud/language/be/)\n"
"MIME-Version: 1.0\n"
@ -17,12 +17,22 @@ msgstr ""
"Language: be\n"
"Plural-Forms: nplurals=4; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
#: ajax/adminrecovery.php:40
msgid "Recovery key successfully "
#: ajax/adminrecovery.php:29
msgid "Recovery key successfully enabled"
msgstr ""
#: ajax/adminrecovery.php:42
msgid "Could not "
#: ajax/adminrecovery.php:34
msgid ""
"Could not enable recovery key. Please check your recovery key password!"
msgstr ""
#: ajax/adminrecovery.php:48
msgid "Recovery key successfully disabled"
msgstr ""
#: ajax/adminrecovery.php:53
msgid ""
"Could not disable recovery key. Please check your recovery key password!"
msgstr ""
#: ajax/changeRecoveryPassword.php:49

14
l10n/bg_BG/core.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:02+0200\n"
"PO-Revision-Date: 2013-05-29 00:02+0000\n"
"POT-Creation-Date: 2013-06-04 02:29+0200\n"
"PO-Revision-Date: 2013-06-03 00:32+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bulgarian (Bulgaria) (http://www.transifex.com/projects/p/owncloud/language/bg_BG/)\n"
"MIME-Version: 1.0\n"
@ -216,23 +216,23 @@ msgstr "последните години"
msgid "Choose"
msgstr ""
#: js/oc-dialogs.js:121
#: js/oc-dialogs.js:122
msgid "Cancel"
msgstr "Отказ"
#: js/oc-dialogs.js:138 js/oc-dialogs.js:195
#: js/oc-dialogs.js:141 js/oc-dialogs.js:200
msgid "Error loading file picker template"
msgstr ""
#: js/oc-dialogs.js:161
#: js/oc-dialogs.js:164
msgid "Yes"
msgstr "Да"
#: js/oc-dialogs.js:168
#: js/oc-dialogs.js:172
msgid "No"
msgstr "Не"
#: js/oc-dialogs.js:181
#: js/oc-dialogs.js:185
msgid "Ok"
msgstr "Добре"

4
l10n/bg_BG/files.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:17+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:17+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bulgarian (Bulgaria) (http://www.transifex.com/projects/p/owncloud/language/bg_BG/)\n"
"MIME-Version: 1.0\n"

22
l10n/bg_BG/files_encryption.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-26 01:58+0200\n"
"PO-Revision-Date: 2013-05-25 00:20+0000\n"
"POT-Creation-Date: 2013-05-30 02:27+0200\n"
"PO-Revision-Date: 2013-05-30 00:27+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bulgarian (Bulgaria) (http://www.transifex.com/projects/p/owncloud/language/bg_BG/)\n"
"MIME-Version: 1.0\n"
@ -17,12 +17,22 @@ msgstr ""
"Language: bg_BG\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
#: ajax/adminrecovery.php:40
msgid "Recovery key successfully "
#: ajax/adminrecovery.php:29
msgid "Recovery key successfully enabled"
msgstr ""
#: ajax/adminrecovery.php:42
msgid "Could not "
#: ajax/adminrecovery.php:34
msgid ""
"Could not enable recovery key. Please check your recovery key password!"
msgstr ""
#: ajax/adminrecovery.php:48
msgid "Recovery key successfully disabled"
msgstr ""
#: ajax/adminrecovery.php:53
msgid ""
"Could not disable recovery key. Please check your recovery key password!"
msgstr ""
#: ajax/changeRecoveryPassword.php:49

4
l10n/bg_BG/files_external.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:17+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:17+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bulgarian (Bulgaria) (http://www.transifex.com/projects/p/owncloud/language/bg_BG/)\n"
"MIME-Version: 1.0\n"

4
l10n/bg_BG/files_sharing.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:18+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:18+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bulgarian (Bulgaria) (http://www.transifex.com/projects/p/owncloud/language/bg_BG/)\n"
"MIME-Version: 1.0\n"

4
l10n/bg_BG/files_trashbin.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:18+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:18+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bulgarian (Bulgaria) (http://www.transifex.com/projects/p/owncloud/language/bg_BG/)\n"
"MIME-Version: 1.0\n"

6
l10n/bg_BG/lib.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:02+0200\n"
"PO-Revision-Date: 2013-05-29 00:02+0000\n"
"POT-Creation-Date: 2013-06-04 02:29+0200\n"
"PO-Revision-Date: 2013-06-03 00:32+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bulgarian (Bulgaria) (http://www.transifex.com/projects/p/owncloud/language/bg_BG/)\n"
"MIME-Version: 1.0\n"
@ -57,7 +57,7 @@ msgstr "Назад към файловете"
msgid "Selected files too large to generate zip file."
msgstr "Избраните файлове са прекалено големи за генерирането на ZIP архив."
#: helper.php:228
#: helper.php:236
msgid "couldn't be determined"
msgstr "не може да се определи"

4
l10n/bg_BG/settings.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:02+0200\n"
"PO-Revision-Date: 2013-05-28 23:17+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:17+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bulgarian (Bulgaria) (http://www.transifex.com/projects/p/owncloud/language/bg_BG/)\n"
"MIME-Version: 1.0\n"

4
l10n/bg_BG/user_ldap.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:18+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:18+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bulgarian (Bulgaria) (http://www.transifex.com/projects/p/owncloud/language/bg_BG/)\n"
"MIME-Version: 1.0\n"

14
l10n/bn_BD/core.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:02+0200\n"
"PO-Revision-Date: 2013-05-29 00:02+0000\n"
"POT-Creation-Date: 2013-06-04 02:29+0200\n"
"PO-Revision-Date: 2013-06-03 00:32+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bengali (Bangladesh) (http://www.transifex.com/projects/p/owncloud/language/bn_BD/)\n"
"MIME-Version: 1.0\n"
@ -216,23 +216,23 @@ msgstr "বছর পূর্বে"
msgid "Choose"
msgstr "বেছে নিন"
#: js/oc-dialogs.js:121
#: js/oc-dialogs.js:122
msgid "Cancel"
msgstr "বাতির"
#: js/oc-dialogs.js:138 js/oc-dialogs.js:195
#: js/oc-dialogs.js:141 js/oc-dialogs.js:200
msgid "Error loading file picker template"
msgstr ""
#: js/oc-dialogs.js:161
#: js/oc-dialogs.js:164
msgid "Yes"
msgstr "হ্যাঁ"
#: js/oc-dialogs.js:168
#: js/oc-dialogs.js:172
msgid "No"
msgstr "না"
#: js/oc-dialogs.js:181
#: js/oc-dialogs.js:185
msgid "Ok"
msgstr "তথাস্তু"

4
l10n/bn_BD/files.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:17+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:17+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bengali (Bangladesh) (http://www.transifex.com/projects/p/owncloud/language/bn_BD/)\n"
"MIME-Version: 1.0\n"

22
l10n/bn_BD/files_encryption.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-26 01:58+0200\n"
"PO-Revision-Date: 2013-05-25 00:20+0000\n"
"POT-Creation-Date: 2013-05-30 02:27+0200\n"
"PO-Revision-Date: 2013-05-30 00:27+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bengali (Bangladesh) (http://www.transifex.com/projects/p/owncloud/language/bn_BD/)\n"
"MIME-Version: 1.0\n"
@ -17,12 +17,22 @@ msgstr ""
"Language: bn_BD\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
#: ajax/adminrecovery.php:40
msgid "Recovery key successfully "
#: ajax/adminrecovery.php:29
msgid "Recovery key successfully enabled"
msgstr ""
#: ajax/adminrecovery.php:42
msgid "Could not "
#: ajax/adminrecovery.php:34
msgid ""
"Could not enable recovery key. Please check your recovery key password!"
msgstr ""
#: ajax/adminrecovery.php:48
msgid "Recovery key successfully disabled"
msgstr ""
#: ajax/adminrecovery.php:53
msgid ""
"Could not disable recovery key. Please check your recovery key password!"
msgstr ""
#: ajax/changeRecoveryPassword.php:49

4
l10n/bn_BD/files_external.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:17+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:17+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bengali (Bangladesh) (http://www.transifex.com/projects/p/owncloud/language/bn_BD/)\n"
"MIME-Version: 1.0\n"

4
l10n/bn_BD/files_sharing.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:18+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:18+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bengali (Bangladesh) (http://www.transifex.com/projects/p/owncloud/language/bn_BD/)\n"
"MIME-Version: 1.0\n"

4
l10n/bn_BD/files_trashbin.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:18+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:18+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bengali (Bangladesh) (http://www.transifex.com/projects/p/owncloud/language/bn_BD/)\n"
"MIME-Version: 1.0\n"

6
l10n/bn_BD/lib.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:02+0200\n"
"PO-Revision-Date: 2013-05-29 00:02+0000\n"
"POT-Creation-Date: 2013-06-04 02:29+0200\n"
"PO-Revision-Date: 2013-06-03 00:32+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bengali (Bangladesh) (http://www.transifex.com/projects/p/owncloud/language/bn_BD/)\n"
"MIME-Version: 1.0\n"
@ -57,7 +57,7 @@ msgstr "ফাইলে ফিরে চল"
msgid "Selected files too large to generate zip file."
msgstr "নির্বাচিত ফাইলগুলো এতই বৃহৎ যে জিপ ফাইল তৈরী করা সম্ভব নয়।"
#: helper.php:228
#: helper.php:236
msgid "couldn't be determined"
msgstr ""

4
l10n/bn_BD/settings.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:02+0200\n"
"PO-Revision-Date: 2013-05-28 23:17+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:17+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bengali (Bangladesh) (http://www.transifex.com/projects/p/owncloud/language/bn_BD/)\n"
"MIME-Version: 1.0\n"

4
l10n/bn_BD/user_ldap.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:18+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:18+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Bengali (Bangladesh) (http://www.transifex.com/projects/p/owncloud/language/bn_BD/)\n"
"MIME-Version: 1.0\n"

14
l10n/ca/core.po
View File

@ -9,8 +9,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:02+0200\n"
"PO-Revision-Date: 2013-05-29 00:02+0000\n"
"POT-Creation-Date: 2013-06-04 02:29+0200\n"
"PO-Revision-Date: 2013-06-03 00:32+0000\n"
"Last-Translator: rogerc\n"
"Language-Team: Catalan (http://www.transifex.com/projects/p/owncloud/language/ca/)\n"
"MIME-Version: 1.0\n"
@ -218,23 +218,23 @@ msgstr "anys enrere"
msgid "Choose"
msgstr "Escull"
#: js/oc-dialogs.js:121
#: js/oc-dialogs.js:122
msgid "Cancel"
msgstr "Cancel·la"
#: js/oc-dialogs.js:138 js/oc-dialogs.js:195
#: js/oc-dialogs.js:141 js/oc-dialogs.js:200
msgid "Error loading file picker template"
msgstr "Error en carregar la plantilla del seleccionador de fitxers"
#: js/oc-dialogs.js:161
#: js/oc-dialogs.js:164
msgid "Yes"
msgstr "Sí"
#: js/oc-dialogs.js:168
#: js/oc-dialogs.js:172
msgid "No"
msgstr "No"
#: js/oc-dialogs.js:181
#: js/oc-dialogs.js:185
msgid "Ok"
msgstr "D'acord"

4
l10n/ca/files.po
View File

@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:17+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:17+0000\n"
"Last-Translator: rogerc\n"
"Language-Team: Catalan (http://www.transifex.com/projects/p/owncloud/language/ca/)\n"
"MIME-Version: 1.0\n"

22
l10n/ca/files_encryption.po
View File

@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-26 01:58+0200\n"
"PO-Revision-Date: 2013-05-25 00:20+0000\n"
"POT-Creation-Date: 2013-05-30 02:27+0200\n"
"PO-Revision-Date: 2013-05-30 00:27+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Catalan (http://www.transifex.com/projects/p/owncloud/language/ca/)\n"
"MIME-Version: 1.0\n"
@ -18,12 +18,22 @@ msgstr ""
"Language: ca\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
#: ajax/adminrecovery.php:40
msgid "Recovery key successfully "
#: ajax/adminrecovery.php:29
msgid "Recovery key successfully enabled"
msgstr ""
#: ajax/adminrecovery.php:42
msgid "Could not "
#: ajax/adminrecovery.php:34
msgid ""
"Could not enable recovery key. Please check your recovery key password!"
msgstr ""
#: ajax/adminrecovery.php:48
msgid "Recovery key successfully disabled"
msgstr ""
#: ajax/adminrecovery.php:53
msgid ""
"Could not disable recovery key. Please check your recovery key password!"
msgstr ""
#: ajax/changeRecoveryPassword.php:49

4
l10n/ca/files_external.po
View File

@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:17+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:17+0000\n"
"Last-Translator: rogerc\n"
"Language-Team: Catalan (http://www.transifex.com/projects/p/owncloud/language/ca/)\n"
"MIME-Version: 1.0\n"

4
l10n/ca/files_sharing.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:18+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:18+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Catalan (http://www.transifex.com/projects/p/owncloud/language/ca/)\n"
"MIME-Version: 1.0\n"

4
l10n/ca/files_trashbin.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:01+0200\n"
"PO-Revision-Date: 2013-05-28 23:18+0000\n"
"POT-Creation-Date: 2013-06-03 02:27+0200\n"
"PO-Revision-Date: 2013-06-02 23:18+0000\n"
"Last-Translator: I Robot <owncloud-bot@tmit.eu>\n"
"Language-Team: Catalan (http://www.transifex.com/projects/p/owncloud/language/ca/)\n"
"MIME-Version: 1.0\n"

6
l10n/ca/lib.po
View File

@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: ownCloud\n"
"Report-Msgid-Bugs-To: http://bugs.owncloud.org/\n"
"POT-Creation-Date: 2013-05-29 02:02+0200\n"
"PO-Revision-Date: 2013-05-29 00:02+0000\n"
"POT-Creation-Date: 2013-06-04 02:29+0200\n"
"PO-Revision-Date: 2013-06-03 00:32+0000\n"
"Last-Translator: rogerc\n"
"Language-Team: Catalan (http://www.transifex.com/projects/p/owncloud/language/ca/)\n"
"MIME-Version: 1.0\n"
@ -58,7 +58,7 @@ msgstr "Torna a Fitxers"
msgid "Selected files too large to generate zip file."
msgstr "Els fitxers seleccionats son massa grans per generar un fitxer zip."
#: helper.php:228
#: helper.php:236
msgid "couldn't be determined"
msgstr "no s'ha pogut determinar"

Some files were not shown because too many files have changed in this diff Show More