Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Mount encrypt password #38728

Merged
merged 13 commits into from
May 20, 2021
Merged

Mount encrypt password #38728

merged 13 commits into from
May 20, 2021

Conversation

jvillafanez
Copy link
Member

@jvillafanez jvillafanez commented May 12, 2021

Description

Ensure configuration parameters marked as passwords in the mount point configuration are encrypted in the DB.
The encryption only happens on rest. The values are decrypted after getting the information from normal means so they can be sent to the storage without problems. The storage implementations won't need to decrypt anything.
A migration is also provided so the mount points are properly updated.

Note that this applies to any password parameter that is saved through the storage. Parameters that don't go through the storage, such as login credentials, and which are saved differently still have its own way of handling. There is no change in this regard.

Related Issue

https://github.com/owncloud/enterprise/issues/4461

Motivation and Context

How Has This Been Tested?

Manually tested.
Test 1

  1. Configure a mount point having any parameter marked as password (textbox in the web UI will hide the content)
  2. Check the DB. Target parameter has the value encrypted

Test 2

  1. Configure a mount point having a parameter marked as password in OC 10.7.0 or less
  2. Check that you can access normally to the mount point
  3. Update the code (planned 10.8.0)
  4. Check that you can still access to the mount point without problems (migrations didn't break anything)
  5. Check that the DB has the parameter encrypted.

Screenshots (if appropriate):

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Database schema changes (next release will require increase of minor version instead of patch)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Technical debt
  • Tests only (no source changes)

Checklist:

  • Code changes
  • Unit tests added
  • Acceptance tests added
  • Documentation ticket raised:
  • Changelog item, see TEMPLATE

@jvillafanez
Copy link
Member Author

@phil-davis
https://drone.owncloud.com/owncloud/core/29990/115/14 seems a wrong test.
The local storage doesn't have those parameters. The current code, except for a few keys that are left due to compatibility, it hides the password based on the backend definition. Since the local storage doesn't have a "client_secret" parameter, the current code assumes it doesn't need protection.

The unit tests should have been fixed with the last commit

@mmattel
Copy link
Contributor

mmattel commented May 13, 2021

docs relevant (wnd), pls file an issue when close to merge

@phil-davis
Copy link
Contributor

PR #37015 added those test scenarios. From reading the PR, I think that we did not know exactly which keys were appropriate to use for local storage (vs Google and other storages).

Now client_secret comes back with the text, in the case of local storage. It no longer displays "***". In this PR we could adjust the test expectation:

client_secret: "userSecretKey"
  • that will demonstrate that if you set client_secret on local storage, that the value will now be displayed in clear-text.

Or we can remove client_secret from the test completely. (And remove whatever other keys you think are not-useful to have)

@jvillafanez
Copy link
Member Author

Taking into account that we don't plan to have a "client_secret" for the local storage, adjusting the test seems good enough to me.

@jvillafanez jvillafanez marked this pull request as ready for review May 14, 2021 13:46
@sonarcloud
Copy link

sonarcloud bot commented May 17, 2021

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 2 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

Copy link
Contributor

@phil-davis phil-davis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe not worth changing just a comment.

use OCP\IConfig;

/**
* Auto-generated migration step: Please modify to your needs!
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO this comment is not relevant - the migration step has been modified according to our needs.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If that's the only change, let me ignore it.
I'll change it if there is anything more that needs to change.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jvillafanez you could choose some reviewers, so that they see that this is ready for review.

Copy link
Member

@IljaN IljaN left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@jvillafanez
Copy link
Member Author

@mmattel docs issue in owncloud/docs#3585

@jvillafanez jvillafanez merged commit 1efa14c into master May 20, 2021
@delete-merged-branch delete-merged-branch bot deleted the mount_encrypt_password branch May 20, 2021 12:15
if ($enabledApp !== 'files_external' && \OC_App::isType($enabledApp, ['filesystem'])) {
try {
\OC_App::loadApp($enabledApp);
} catch (NeedsUpdateException $ex) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jvillafanez https://drone.owncloud.com/owncloud/update-testing/1207/1/5 update-testing nightly is failing (all the pipelines):

+ php ./occ up
ownCloud or one of the apps require upgrade - only a limited number of commands are available
You may use your browser or the occ upgrade command to do the upgrade
2021-05-21T00:06:46+00:00 Set log level to debug
2021-05-21T00:06:46+00:00 Turned on maintenance mode
2021-05-21T00:06:46+00:00 Repair step: Upgrade app code from the marketplace
2021-05-21T00:06:46+00:00 Repair info: Enabling market app to assist with update
2021-05-21T00:06:46+00:00 Repair info: Using market to update existing apps
2021-05-21T00:06:46+00:00 Repair info: Attempting to update the following existing compatible apps from market: dav, federatedfilesharing, files, files_external, files_sharing, files_trashbin, files_versions, firstrunwizard, notifications, provisioning_api
2021-05-21T00:06:46+00:00 Repair info: Fetching app from market: dav
2021-05-21T00:06:46+00:00 Repair info: App (dav) is not installed
2021-05-21T00:06:46+00:00 Repair info: Fetching app from market: federatedfilesharing
2021-05-21T00:06:46+00:00 Repair info: App (federatedfilesharing) is not installed
2021-05-21T00:06:46+00:00 Repair info: Fetching app from market: files
2021-05-21T00:06:47+00:00 Repair info: App (files) is not known at the marketplace.
2021-05-21T00:06:47+00:00 Repair info: Fetching app from market: files_external
2021-05-21T00:06:47+00:00 Repair info: App (files_external) is not installed
2021-05-21T00:06:47+00:00 Repair info: Fetching app from market: files_sharing
2021-05-21T00:06:47+00:00 Repair info: App (files_sharing) is not known at the marketplace.
2021-05-21T00:06:47+00:00 Repair info: Fetching app from market: files_trashbin
2021-05-21T00:06:47+00:00 Repair info: App (files_trashbin) is not known at the marketplace.
2021-05-21T00:06:47+00:00 Repair info: Fetching app from market: files_versions
2021-05-21T00:06:47+00:00 Repair info: App (files_versions) is not known at the marketplace.
2021-05-21T00:06:47+00:00 Repair info: Fetching app from market: firstrunwizard
2021-05-21T00:06:47+00:00 Repair info: App (firstrunwizard) is not known at the marketplace.
2021-05-21T00:06:47+00:00 Repair info: Fetching app from market: notifications
2021-05-21T00:06:47+00:00 Repair info: App (notifications) is not known at the marketplace.
2021-05-21T00:06:47+00:00 Repair info: Fetching app from market: provisioning_api
2021-05-21T00:06:47+00:00 Repair info: App (provisioning_api) is not known at the marketplace.
2021-05-21T00:06:47+00:00 Repair info: App was not updated: dav
2021-05-21T00:06:47+00:00 Repair info: App was not updated: federatedfilesharing
2021-05-21T00:06:47+00:00 Repair info: App was not updated: files
2021-05-21T00:06:47+00:00 Repair info: App was not updated: files_external
2021-05-21T00:06:47+00:00 Repair info: App was not updated: files_sharing
2021-05-21T00:06:47+00:00 Repair info: App was not updated: files_trashbin
2021-05-21T00:06:47+00:00 Repair info: App was not updated: files_versions
2021-05-21T00:06:47+00:00 Repair info: App was not updated: firstrunwizard
2021-05-21T00:06:47+00:00 Repair info: App was not updated: notifications
2021-05-21T00:06:47+00:00 Repair info: App was not updated: provisioning_api
2021-05-21T00:06:47+00:00 Repair step: Repair MySQL database engine
2021-05-21T00:06:47+00:00 Repair step: Repair MySQL collation
2021-05-21T00:06:47+00:00 Repair info: All tables already have the correct collation -> nothing to do
2021-05-21T00:06:47+00:00 Repair step: Repair SQLite autoincrement
2021-05-21T00:06:47+00:00 Repair step: Repair orphaned reshare
2021-05-21T00:06:47+00:00 Repair step: Repair duplicate entries in oc_lucene_status
2021-05-21T00:06:47+00:00 Repair info: lucene_status table does not exist -> nothing to do
2021-05-21T00:06:47+00:00 Updating database schema
2021-05-21T00:06:50+00:00 Updated database
2021-05-21T00:06:50+00:00 Updating <firstrunwizard> ...
2021-05-21T00:06:50+00:00 Updated <firstrunwizard> to 1.2.0
2021-05-21T00:06:50+00:00 Updating <files> ...
2021-05-21T00:06:50+00:00 Updated <files> to 1.5.2
2021-05-21T00:06:50+00:00 Updating <files_sharing> ...
2021-05-21T00:06:52+00:00 Updated <files_sharing> to 0.14.0
2021-05-21T00:06:52+00:00 Updating <files_trashbin> ...
2021-05-21T00:06:53+00:00 Updated <files_trashbin> to 0.9.1
2021-05-21T00:06:53+00:00 Updating <files_versions> ...
2021-05-21T00:06:53+00:00 Updated <files_versions> to 1.3.0
2021-05-21T00:06:53+00:00 Updating <notifications> ...
2021-05-21T00:06:53+00:00 Updated <notifications> to 0.5.2
2021-05-21T00:06:53+00:00 Updating <provisioning_api> ...
2021-05-21T00:06:53+00:00 Updated <provisioning_api> to 0.5.0
2021-05-21T00:06:56+00:00 OC\NeedsUpdateException: 
2021-05-21T00:06:56+00:00 Update failed
2021-05-21T00:06:56+00:00 Maintenance mode is kept active
2021-05-21T00:06:56+00:00 Reset log level

It started failing the morning of 2021-05-21. It passed the morning of 2021-05-20. So something merged on 2021-5-20 might be the cause.

This PR has a migration, and mentions NeedsUpdateException - maybe there is more or different code that is needed here?

(I haven't tried to reproduce locally! I am just guessing at the moment.)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I raised issue #38770 so that we follow-up this.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't discard problems since I mostly tested only upgrading the files_external app and not with other apps. This is probably a new case because the migration requires loading other apps, which could also require updating.

I'll need additional information about where it's failing exactly. In theory, if an additional FS app requires updating, the migration tries to update and then load the app, so it shouldn't crash like that....

@jvillafanez
Copy link
Member Author

Linking with #38773 for the follow up

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants