[Pkg-owncloud-commits] [owncloud] 114/223: exclude mounted server-to-server shares from encryption
David Prévot
taffit at moszumanska.debian.org
Sun Jun 22 01:54:13 UTC 2014
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to branch master
in repository owncloud.
commit c580aeb4550adab2ffaa25f9b844012d54f9f05f
Author: Bjoern Schiessle <schiessle at owncloud.com>
Date: Wed May 21 11:39:37 2014 +0200
exclude mounted server-to-server shares from encryption
---
apps/files_encryption/lib/proxy.php | 32 ++++++++++++++++++++++++++++----
1 file changed, 28 insertions(+), 4 deletions(-)
diff --git a/apps/files_encryption/lib/proxy.php b/apps/files_encryption/lib/proxy.php
index fd91073..51de8fc 100644
--- a/apps/files_encryption/lib/proxy.php
+++ b/apps/files_encryption/lib/proxy.php
@@ -41,6 +41,30 @@ class Proxy extends \OC_FileProxy {
private static $fopenMode = array(); // remember the fopen mode
private static $enableEncryption = false; // Enable encryption for the given path
+
+ /**
+ * check if path is excluded from encryption
+ *
+ * @param string $path relative to data/
+ * @param string $uid user
+ * @return boolean
+ */
+ private function isExcludedPath($path, $uid) {
+
+ // files outside of the files-folder are excluded
+ if(strpos($path, '/' . $uid . '/files') !== 0) {
+ return true;
+ }
+
+ // we don't encrypt server-to-server shares
+ list($storage, ) = \OC\Files\Filesystem::resolvePath($path);
+ if ($storage instanceof OCA\Files_Sharing\External\Storage) {
+ return true;
+ }
+
+ return false;
+ }
+
/**
* Check if a file requires encryption
* @param string $path
@@ -50,7 +74,7 @@ class Proxy extends \OC_FileProxy {
* Tests if server side encryption is enabled, and if we should call the
* crypt stream wrapper for the given file
*/
- private static function shouldEncrypt($path, $mode = 'w') {
+ private function shouldEncrypt($path, $mode = 'w') {
$userId = Helper::getUser($path);
$session = new Session(new \OC\Files\View());
@@ -59,7 +83,7 @@ class Proxy extends \OC_FileProxy {
if (
$session->getInitialized() !== Session::INIT_SUCCESSFUL // encryption successful initialized
|| Crypt::mode() !== 'server' // we are not in server-side-encryption mode
- || strpos($path, '/' . $userId . '/files') !== 0 // path is not in files/
+ || $this->isExcludedPath($path, $userId) // if path is excluded from encryption
|| substr($path, 0, 8) === 'crypt://' // we are already in crypt mode
) {
return false;
@@ -85,7 +109,7 @@ class Proxy extends \OC_FileProxy {
*/
public function preFile_put_contents($path, &$data) {
- if (self::shouldEncrypt($path)) {
+ if ($this->shouldEncrypt($path)) {
if (!is_resource($data)) {
@@ -219,7 +243,7 @@ class Proxy extends \OC_FileProxy {
public function preFopen($path, $mode) {
self::$fopenMode[$path] = $mode;
- self::$enableEncryption = self::shouldEncrypt($path, $mode);
+ self::$enableEncryption = $this->shouldEncrypt($path, $mode);
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git
More information about the Pkg-owncloud-commits
mailing list