fix creation of versions of encrypted files on external storages #23675
Conversation
|
backport is fine if reviewed successfully by others 👍 |
| @@ -301,6 +305,9 @@ public function __construct($webRoot, \OC\Config $config) { | |||
| '\\OC\\Memcache\\ArrayCache' | |||
| ); | |||
| }); | |||
| $this->registerService('ArrayCache', function(Server $c) { | |||
| return new ArrayCache(); | |||
There was a problem hiding this comment.
I don't think this should be global at this level. If other apps use it, there will be key name conflicts.
If you still think it should be that way, then please use prefixes for the key names you use.
@icewind1991 what do you think ?
There was a problem hiding this comment.
its fine here, on usage a sane prefix should be used
There was a problem hiding this comment.
I don't see the reason for a global ArrayCache in the server container
There was a problem hiding this comment.
We need the same instance all the time
There was a problem hiding this comment.
There is only one encryption manager right, so that would pass one instance of the cache to all wrappers it's creates
There was a problem hiding this comment.
Well it's the util class that wraps, and that one also is generated new each time.
There was a problem hiding this comment.
I agree with @icewind1991, we should find a way to this ArrayCache global only for the encryption code, not OC-wide global. If this was in the encryption app, we could have it in the encryption app's container.
There was a problem hiding this comment.
This is in core, not in the encryption app, but @schiesbn is trying to do it nicely anyway
|
Setting to critical since the bug breaks versions with encryption + ext storage (data loss) |
|
Fixes #23681 |
schiessle
force-pushed
the
fix_encryption_versions_on_external_storages
branch
2 times, most recently
from
3540868
to
c46643e
Compare
|
I removed the global array cache, this increased the size of the PR a bit but I tried to keep the changes as small as possible. |
| use OCP\Files\Storage; | ||
| use OCP\ILogger; | ||
|
|
||
| class EncryptionWrapper { |
There was a problem hiding this comment.
add a note that this is not the actuall wrapper but the thing that applies the wrapper
There was a problem hiding this comment.
good point... done.
|
@schiesbn thank you, the code looks much better! Doesn't work though, when I overwrite more than once (with Webdav), it seems the next versions get broken: |
|
@PVince81 I can't reproduce it with sftp, maybe a independent webdav external storage issue? |
|
@PVince81 @schiesbn As Vincent said, it only works for the 1st version of the file. The following via webdavversions are broken for me too. I used SFTP as external storage
|
schiessle
force-pushed
the
fix_encryption_versions_on_external_storages
branch
from
c46643e
to
f5e5195
Compare
|
@schiesbn my test was with SFTP. If you can't reproduce we can debug it on my machine later. |
|
My steps:
Make sure to NOT use the web UI until the end to not pre-generate previews, in case it matters. |
|
I always tested it with small text files, updating it with the text editor. I remember @LukasReschke said yesterday that we also need the RetryWrapper for sftp. Maybe that's the issue if you test it with larger files? @LukasReschke do you already prepared a pull request for it? |
|
@schiesbn #23672 was merged, please rebase onto master so we get it |
|
Same result with RetryWrapper on SFTP 😦 |
|
I think that's a different issue. If I try it with large files not only some versions are broken but also the original file after some updates "Bad Signature"... |
|
... if you check the versions on the hard disc all versions should be encrypted. That's what is fixed by this issue. We need to investigate other issues independently |
|
@schiesbn the version files on-disk are indeed encrypted properly. Fine by me, I'll make a separate issue for it. |
|
👍 fixes the "unencrypted versions" creation bug |
|
If I look at the file cache the 'encryption' is set for all files (original and all versions) to '1' which is of course wrong. |
| @@ -61,13 +62,14 @@ class Manager implements IManager { | |||
| * @param View $rootView | |||
| * @param Util $util | |||
| */ | |||
| public function __construct(IConfig $config, ILogger $logger, IL10N $l10n, View $rootView, Util $util) { | |||
| public function __construct(IConfig $config, ILogger $logger, IL10N $l10n, View $rootView, Util $util, ArrayCache $arrayCache) { | |||
|
Code works fine. Can you adjust my remarks? Thanks a lot 🚀 👍 |
in order to create a 1:1 copy of a file if a version gets created we need to store this information on copyBetweenStorage(). This allows us to by-pass the encryption wrapper if we read the source file.
schiessle
force-pushed
the
fix_encryption_versions_on_external_storages
branch
from
f5e5195
to
93ed965
Compare
|
addressed @LukasReschke comments. |
|
@karlitschek many code changes, please reconfirm backport |
|
backport is fine 👍 |
|
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
in order to create a 1:1 copy of a file if a version gets created we need to store this information on copyBetweenStorage(). This allows us to by-pass the encryption wrapper if we read the source file.
@karlitschek we should consider to backport it to 9.0, 8.2 and 8.1. At the moment versions of files on external storages are stored unencrypted!
cc @PVince81 @LukasReschke please have a look... Thanks!