-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix creation of versions of encrypted files on external storages #23675
fix creation of versions of encrypted files on external storages #23675
Conversation
backport is fine if reviewed successfully by others 👍 |
@@ -301,6 +305,9 @@ public function __construct($webRoot, \OC\Config $config) { | |||
'\\OC\\Memcache\\ArrayCache' | |||
); | |||
}); | |||
$this->registerService('ArrayCache', function(Server $c) { | |||
return new ArrayCache(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this should be global at this level. If other apps use it, there will be key name conflicts.
If you still think it should be that way, then please use prefixes for the key names you use.
@icewind1991 what do you think ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
its fine here, on usage a sane prefix should be used
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't see the reason for a global ArrayCache in the server container
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need the same instance all the time
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is only one encryption manager right, so that would pass one instance of the cache to all wrappers it's creates
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Well it's the util class that wraps, and that one also is generated new each time.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree with @icewind1991, we should find a way to this ArrayCache global only for the encryption code, not OC-wide global. If this was in the encryption app, we could have it in the encryption app's container.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is in core, not in the encryption app, but @schiesbn is trying to do it nicely anyway
Setting to critical since the bug breaks versions with encryption + ext storage (data loss) |
Fixes #23681 |
3540868
to
c46643e
Compare
I removed the global array cache, this increased the size of the PR a bit but I tried to keep the changes as small as possible. |
use OCP\Files\Storage; | ||
use OCP\ILogger; | ||
|
||
class EncryptionWrapper { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
add a note that this is not the actuall wrapper but the thing that applies the wrapper
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good point... done.
@PVince81 I can't reproduce it with sftp, maybe a independent webdav external storage issue? |
@PVince81 @schiesbn As Vincent said, it only works for the 1st version of the file. The following via webdavversions are broken for me too. I used SFTP as external storage |
c46643e
to
f5e5195
Compare
@schiesbn my test was with SFTP. If you can't reproduce we can debug it on my machine later. |
My steps:
Make sure to NOT use the web UI until the end to not pre-generate previews, in case it matters. |
I always tested it with small text files, updating it with the text editor. I remember @LukasReschke said yesterday that we also need the RetryWrapper for sftp. Maybe that's the issue if you test it with larger files? @LukasReschke do you already prepared a pull request for it? |
@schiesbn #23672 was merged, please rebase onto master so we get it |
Same result with RetryWrapper on SFTP 😦 |
I think that's a different issue. If I try it with large files not only some versions are broken but also the original file after some updates "Bad Signature"... |
... if you check the versions on the hard disc all versions should be encrypted. That's what is fixed by this issue. We need to investigate other issues independently |
@schiesbn the version files on-disk are indeed encrypted properly. Fine by me, I'll make a separate issue for it. |
👍 fixes the "unencrypted versions" creation bug |
If I look at the file cache the 'encryption' is set for all files (original and all versions) to '1' which is of course wrong. |
@@ -61,13 +62,14 @@ class Manager implements IManager { | |||
* @param View $rootView | |||
* @param Util $util | |||
*/ | |||
public function __construct(IConfig $config, ILogger $logger, IL10N $l10n, View $rootView, Util $util) { | |||
public function __construct(IConfig $config, ILogger $logger, IL10N $l10n, View $rootView, Util $util, ArrayCache $arrayCache) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
PHPDoc missing
Code works fine. Can you adjust my remarks? Thanks a lot 🚀 👍 |
in order to create a 1:1 copy of a file if a version gets created we need to store this information on copyBetweenStorage(). This allows us to by-pass the encryption wrapper if we read the source file.
f5e5195
to
93ed965
Compare
addressed @LukasReschke comments. |
@karlitschek many code changes, please reconfirm backport |
backport is fine 👍 |
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
in order to create a 1:1 copy of a file if a version gets created we need to store this information on copyBetweenStorage(). This allows us to by-pass the encryption wrapper if we read the source file.
@karlitschek we should consider to backport it to 9.0, 8.2 and 8.1. At the moment versions of files on external storages are stored unencrypted!
cc @PVince81 @LukasReschke please have a look... Thanks!