diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index e3890ce1d15f9e597717ee19df18af0dfdbcbf3a..676507b52362eaf4452930ce1857726d1fb15be0 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -365,9 +365,9 @@ class Hooks { $userIds = \OC_Group::usersInGroup($params['shareWith']); - } else { + } else if ( $params['shareType'] == \OCP\Share::SHARE_TYPE_LINK ){ - $userIds = array( $params['shareWith'] ); + $userIds = array( $util->getPublicShareKeyId() ); } diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php index 22453131db7f3c209a8dad9b7f3fbf48dc76bca2..920f0b6a9a30919bf572585827ce9136ba5c1d18 100644 --- a/apps/files_encryption/lib/session.php +++ b/apps/files_encryption/lib/session.php @@ -45,10 +45,17 @@ class Session { $this->view->mkdir( 'owncloud_private_key' ); } + + $publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId'); + + if ($publicShareKeyId === null) { + $publicShareKeyId = substr(md5(time()),0,8); + \OC_Appconfig::setValue('files_encryption', 'publicShareKeyId', $publicShareKeyId); + } if ( - ! $this->view->file_exists( "/public-keys/owncloud.public.key" ) - || ! $this->view->file_exists( "/owncloud_private_key/owncloud.private.key" ) + ! $this->view->file_exists( "/public-keys/".$publicShareKeyId.".public.key" ) + || ! $this->view->file_exists( "/owncloud_private_key/".$publicShareKeyId.".private.key" ) ) { //FIXME: Bug: for some reason file_exists is returning @@ -57,23 +64,23 @@ class Session { // our app.php is being executed 18 times per page load // , causing 18 new keypairs and huge performance hit. -// $keypair = Crypt::createKeypair(); -// -// \OC_FileProxy::$enabled = false; -// -// // Save public key -// -// if (!$view->is_dir('/public-keys')) { -// $view->mkdir('/public-keys'); -// } -// -// $this->view->file_put_contents( '/public-keys/owncloud.public.key', $keypair['publicKey'] ); -// -// // Encrypt private key empthy passphrase -// $encryptedPrivateKey = Crypt::symmetricEncryptFileContent( $keypair['privateKey'], '' ); -// -// // Save private key -// $this->view->file_put_contents( '/owncloud_private_key/owncloud.private.key', $encryptedPrivateKey ); + $keypair = Crypt::createKeypair(); + + \OC_FileProxy::$enabled = false; + + // Save public key + + if (!$view->is_dir('/public-keys')) { + $view->mkdir('/public-keys'); + } + + $this->view->file_put_contents( '/public-keys/'.$publicShareKeyId.'.public.key', $keypair['publicKey'] ); + + // Encrypt private key empthy passphrase + $encryptedPrivateKey = Crypt::symmetricEncryptFileContent( $keypair['privateKey'], '' ); + + // Save private key + $this->view->file_put_contents( '/owncloud_private_key/'.$publicShareKeyId.'.private.key', $encryptedPrivateKey ); \OC_FileProxy::$enabled = true; diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index ae8c7ffd5759ee4fc5aa82340bd1f779c3a5030e..8162ae0a367a63a8e36ce78309a15abea51c1543 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -108,6 +108,7 @@ class Util { private $shareKeysPath; // Dir containing env keys for shared files private $publicKeyPath; // Path to user's public key private $privateKeyPath; // Path to user's private key + private $publicShareKeyId; public function __construct( \OC_FilesystemView $view, $userId, $client = false ) { @@ -123,7 +124,7 @@ class Util { $this->shareKeysPath = $this->encryptionDir . '/' . 'share-keys'; $this->publicKeyPath = $this->publicKeyDir . '/' . $this->userId . '.public.key'; // e.g. data/public-keys/admin.public.key $this->privateKeyPath = $this->encryptionDir . '/' . $this->userId . '.private.key'; // e.g. data/admin/admin.private.key - + $this->publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId'); } public function ready() { @@ -211,6 +212,10 @@ class Util { return true; } + + public function getPublicShareKeyId() { + return $this->publicShareKeyId; + } /** * @brief Check whether pwd recovery is enabled for a given user @@ -792,7 +797,7 @@ class Util { // Check that the user is encryption capable, or is the // public system user 'ownCloud' (for public shares) if ( - $user == 'owncloud' + $user == $this->publicShareKeyId or $util->ready() ) { diff --git a/lib/public/share.php b/lib/public/share.php index 418c0028ee5d86791ef3219b61adfcf3ad11b982..b9cf05bbf7f259017a3a1833a74cd2016475783a 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -133,17 +133,17 @@ class Share { * @note $path needs to be relative to user data dir, e.g. 'file.txt' * not '/admin/data/file.txt' */ - public static function getUsersSharingFile( $path, $user, $includeOwner = false, $removeDuplicates = true ) { + public static function getUsersSharingFile($path, $user, $includeOwner = false, $removeDuplicates = true) { $path_parts = explode(DIRECTORY_SEPARATOR, trim($path, DIRECTORY_SEPARATOR)); $path = ''; $shares = array(); - $view = new \OC\Files\View('/'.$user.'/files/'); + $view = new \OC\Files\View('/' . $user . '/files/'); foreach ($path_parts as $p) { - $path .= '/'.$p; + $path .= '/' . $p; $meta = $view->getFileInfo(\OC_Filesystem::normalizePath($path)); $source = $meta['fileid']; - + // Fetch all shares of this file path from DB $query = \OC_DB::prepare( 'SELECT share_with @@ -152,14 +152,14 @@ class Share { WHERE item_source = ? AND share_type = ?' ); - - $result = $query->execute( array( $source, self::SHARE_TYPE_USER ) ); - if ( \OC_DB::isError( $result ) ) { - \OC_Log::write( 'OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR ); + $result = $query->execute(array($source, self::SHARE_TYPE_USER)); + + if (\OC_DB::isError($result)) { + \OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR); } - while( $row = $result->fetchRow() ) { + while ($row = $result->fetchRow()) { $shares[] = $row['share_with']; } @@ -172,44 +172,47 @@ class Share { WHERE item_source = ? AND share_type = ?' ); - - $result = $query->execute( array( $source, self::SHARE_TYPE_GROUP ) ); - if ( \OC_DB::isError( $result ) ) { - \OC_Log::write( 'OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR ); + $result = $query->execute(array($source, self::SHARE_TYPE_GROUP)); + + if (\OC_DB::isError($result)) { + \OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR); } - while( $row = $result->fetchRow() ) { + while ($row = $result->fetchRow()) { $usersInGroup = \OC_Group::usersInGroup($row['share_with']); $shares = array_merge($shares, $usersInGroup); } - - //check for public link shares - $query = \OC_DB::prepare( - 'SELECT share_with + + $publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId'); + + if ($publicShareKeyId) { + //check for public link shares + $query = \OC_DB::prepare( + 'SELECT share_with FROM `*PREFIX*share` WHERE item_source = ? AND share_type = ?' - ); - - $result = $query->execute( array( $source, self::SHARE_TYPE_LINK ) ); - - if ( \OC_DB::isError( $result ) ) { - \OC_Log::write( 'OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR ); - } - - if ($result->fetchRow()) { - $shares[] = "owncloud"; + ); + + $result = $query->execute(array($source, self::SHARE_TYPE_LINK)); + + if (\OC_DB::isError($result)) { + \OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + } + + if ($result->fetchRow()) { + $shares[] = $publicShareKeyId; + } } } // Include owner in list of users, if requested - if ( $includeOwner ) { + if ($includeOwner) { $shares[] = $user; } - - return array_unique($shares); + return array_unique($shares); } /**