mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #11954 from owncloud/enc_stop_uploading_if_private_key_is_missing 

Enc stop uploading if private key is missing
This commit is contained in:
Lukas Reschke 2014-11-07 11:19:04 +01:00
parent 88c329b394 c2a45c1238
commit e345697cab
5 changed files with 22 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
apps/files_encryption/appinfo/app.php
View File

@ -13,6 +13,7 @@ OC::$CLASSPATH['OCA\Encryption\Helper'] = 'files_encryption/lib/helper.php';
// Exceptions // Exceptions
OC::$CLASSPATH['OCA\Encryption\Exceptions\MultiKeyEncryptException'] = 'files_encryption/lib/exceptions.php'; OC::$CLASSPATH['OCA\Encryption\Exceptions\MultiKeyEncryptException'] = 'files_encryption/lib/exceptions.php';
OC::$CLASSPATH['OCA\Encryption\Exceptions\MultiKeyDecryptException'] = 'files_encryption/lib/exceptions.php'; OC::$CLASSPATH['OCA\Encryption\Exceptions\MultiKeyDecryptException'] = 'files_encryption/lib/exceptions.php';
OC::$CLASSPATH['OCA\Encryption\Exceptions\EncryptionException'] = 'files_encryption/lib/exceptions.php';
\OCP\Util::addTranslations('files_encryption'); \OCP\Util::addTranslations('files_encryption');
\OCP\Util::addscript('files_encryption', 'encryption'); \OCP\Util::addscript('files_encryption', 'encryption');

8
apps/files_encryption/lib/exceptions.php
View File

@ -30,8 +30,16 @@ namespace OCA\Encryption\Exceptions;
* 30 - encryption header to large * 30 - encryption header to large
* 40 - unknown cipher * 40 - unknown cipher
* 50 - encryption failed * 50 - encryption failed
* 60 - no private key available
*/ */
class EncryptionException extends \Exception { class EncryptionException extends \Exception {
const UNEXPECTED_END_OF_ENCRTYPTION_HEADER = 10;
const UNEXPECTED_BLOG_SIZE = 20;
const ENCRYPTION_HEADER_TO_LARGE = 30;
const UNKNOWN_CIPHER = 40;
const ENCRYPTION_FAILED = 50;
const NO_PRIVATE_KEY_AVAILABLE = 60;
} }
/** /**

3
apps/files_encryption/lib/proxy.php
View File

@ -95,8 +95,7 @@ class Proxy extends \OC_FileProxy {
// don't call the crypt stream wrapper, if... // don't call the crypt stream wrapper, if...
if ( if (
$session->getInitialized() !== Session::INIT_SUCCESSFUL // encryption successful initialized Crypt::mode() !== 'server' // we are not in server-side-encryption mode
|| Crypt::mode() !== 'server' // we are not in server-side-encryption mode
|| $this->isExcludedPath($path, $userId) // if path is excluded from encryption || $this->isExcludedPath($path, $userId) // if path is excluded from encryption
|| substr($path, 0, 8) === 'crypt://' // we are already in crypt mode || substr($path, 0, 8) === 'crypt://' // we are already in crypt mode
) { ) {

5
apps/files_encryption/lib/stream.php
View File

@ -30,6 +30,7 @@
*/ */
namespace OCA\Encryption; namespace OCA\Encryption;
use OCA\Encryption\Exceptions\EncryptionException;
/** /**
* Provides 'crypt://' stream wrapper protocol. * Provides 'crypt://' stream wrapper protocol.
@ -106,6 +107,10 @@ class Stream {
$this->session = new \OCA\Encryption\Session($this->rootView); $this->session = new \OCA\Encryption\Session($this->rootView);
$this->privateKey = $this->session->getPrivateKey(); $this->privateKey = $this->session->getPrivateKey();
if ($this->privateKey === false) {
throw new EncryptionException('Session does not contain a private key, maybe your login password changed?',
EncryptionException::NO_PRIVATE_KEY_AVAILABLE);
}
$normalizedPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path)); $normalizedPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path));
if ($originalFile = Helper::getPathFromTmpFile($normalizedPath)) { if ($originalFile = Helper::getPathFromTmpFile($normalizedPath)) {

6
lib/private/connector/sabre/file.php
View File

@ -100,6 +100,8 @@ class OC_Connector_Sabre_File extends OC_Connector_Sabre_Node implements \Sabre\
} catch (\OCP\Files\LockNotAcquiredException $e) { } catch (\OCP\Files\LockNotAcquiredException $e) {
// the file is currently being written to by another process // the file is currently being written to by another process
throw new OC_Connector_Sabre_Exception_FileLocked($e->getMessage(), $e->getCode(), $e); throw new OC_Connector_Sabre_Exception_FileLocked($e->getMessage(), $e->getCode(), $e);
} catch (\OCA\Encryption\Exceptions\EncryptionException $e) {
throw new \Sabre\DAV\Exception\Forbidden($e->getMessage());
} }
// if content length is sent by client: // if content length is sent by client:
@ -152,7 +154,11 @@ class OC_Connector_Sabre_File extends OC_Connector_Sabre_Node implements \Sabre\
if (\OC_Util::encryptedFiles()) { if (\OC_Util::encryptedFiles()) {
throw new \Sabre\DAV\Exception\ServiceUnavailable(); throw new \Sabre\DAV\Exception\ServiceUnavailable();
} else { } else {
try {
return $this->fileView->fopen(ltrim($this->path, '/'), 'rb'); return $this->fileView->fopen(ltrim($this->path, '/'), 'rb');
} catch (\OCA\Encryption\Exceptions\EncryptionException $e) {
throw new \Sabre\DAV\Exception\Forbidden($e->getMessage());
}
} }
} }