When specified in the config file, the Proxy password will be migrated
to the keychain, for backward compatibility and to allow admins to
overwrite an existing password by rolling out updated config files.
Once migrated to the keychain, the password will be removed from the
config file.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Awaits completion with no need to connect some slot to the finished() signal first,
inspired by the ProxyAuthHandler class.
Also add:
- Job dtor to safely erase passwords
- textData() method
- New ctor overloads to work with arbitrary keys (without Account ptrs)
Signed-off-by: Michael Schuster <michael@schuster.ms>
When the ClientSideEncryption object is fed, also serialize the
encryption info of the folders inside the metadata table.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
This will turn useful for other consumers of that data. The alternative
would be to expose a method breaking all form of encapsulation.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
We used to do it when the propagation starts, let's do it even before
the discovery starts. This way we'll have a chance to exploit the
information during the discovery phase.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
With the current design of the file upload this necessarily pushed to a
lock starvation on the folder. Indeed you could end up with N jobs
asking for the lock at the same time. So just avoid parallelizing for
now even though it will be slow.
We could try to optimize but that'd require some serious changes to the
sync logic on the jobs... let's stabilize first and optimize later.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
In such cases we get a download for which _file is already the demangled
name and _encryptedFileName has the mangled information. This is
different to what we encountered so far where initially _file was
mangled and _encryptedFileName was empty. Let's deal with that case
properly.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
Yes... I still wish this would be all driven by the type system, would be
much less error-prone.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
I wish this would be all driven by the type system instead of
error-prone string concatenation everywhere. That will be for a (much)
later refactoring hopefully.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
It turns out this job expected an absolute remote path even in the case
of a subfolder sync point.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
This was half broken before that commit and the previous one since some
of the categories would not be captured.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
Otherwise it was a bit confusing and annoying for filter rules:
e.g. "nextcloud.sync.*" vs "sync.*".
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
This means adjusting PropagateDownloadEncrypted so that it knows where
the file will end (otherwise it would create temporary files in non
existant paths for instance).
In turn we have to adjust PropagateDownloadFile accordingly so that it
resolves the local folder the file will end up in.
And last we adjust PropagateLocalMkdir to resolve paths as well and
demangle as needed.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
We give them a parent to make sure they will be destroyed when the jobs
which created them are destroyed themselves.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
PropagateUploadEncrypted made the assumption of the folder names never
being mangled. This is not true since the previous commits so make sure
we properly deal with that using the journal db.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
This is not only a question of performances in our case (complexity
being better on look ups). It also provides a few more services.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
We ensure the PROPFIND Depth is infinity by explicitly specifying the
header (turns out our implementation just doesn't assume infinity
otherwise). This way we have a clear picture about *all* the folders of
the user, otherwise ClientSideEncryption couldn't be a trustable oracle
on the encryption state for any folder not on the root and all the
encryption code assumes it has a full picture of encryption.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
We catch when a directory is inside a known encrypted folder and in such
a case we now do the following:
1) we encrypt the folder meta data (its name) properly and create it
under that mangled name on the server side
2) we mark the new folder itself as encrypted
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
It was assuming we'd encrypt only files but directory names also need to
be encrypted. We just skip the writing to temp file part in that case.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
This way this whole logic isn't stuck into the settings dialog anymore.
Also cleaned up the unused "decrypt folder" logic.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
This is a much better place than the GUI, this way we ensure the
propagator is always operating of up to date information. Previously if
the propagator kicked in without user interaction from startup (not
showing the settings dialog) it would have no E2E information available
whatsoever... unsurprisingly it would thus take wrong information at
every turn.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
Discovered on Windows in conjunction with PAC scripts:
- Already configured accounts worked
- Fresh client account setup did not work
Reason:
- Proxy was reset over and over again in Account::setCredentials
Signed-off-by: Michael Schuster <michael@schuster.ms>
Build failed on Windows, missing libsync export for printQNetworkProxy after
moving ClientProxy class from gui to libsync.
Signed-off-by: Michael Schuster <michael@schuster.ms>
The format in the client log was: 3://host:port
Now it is shown like: HttpProxy://host:port
The old ID display was confusing and misleading users (and people debugging it ;p)
Signed-off-by: Michael Schuster <michael@schuster.ms>
Make the codebase consistent, we already have a lot of implicit pointer comparisons.
Exception: Stay explicit on return's, example:
return _db != nullptr;
Signed-off-by: Michael Schuster <michael@schuster.ms>
This also fixes a couple of warnings at places (out of order init for
instance) and a potential bug in the webflow credentials / qtkeychain
integration.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
The E2E application allows creating unencrypted subdirectories
in an encrypted parent. This is a big privacy problem.
This patch shows a red broken lock icon for these subdirectories
in the NC client UI.
Signed-off-by: Ivan Čukić <ivan.cukic@kde.org>
Due to usage of early-returns, combined with malloc/free,
several buffers that get allocated are leaked when an error
occurs.
Several functions had potential leaks:
- `encryptStringSymmetric` leaked `ctext`
- `EncryptionHelper::fileDecryption` leaked `out`
- `EncryptionHelper::fileEncryption` leaked `out`
Most of the functions had leaks of the cypher context.
This patch uses `QByteArray` as the handler for the dynamically
allocated buffers for openssl to operate on. This also removes
the need for conversions from malloc'd buffers to `QByteArray`
variables previously present in the code.
It also introduces a `CypherCtx` thin wrapper class to provide
a leak-free handling of `EVP_CIPHER_CTX`.
In owncloudsetupnocredspage.ui, the URL input field leUrl has a
placeholder text saying "https://..." which is a very useful hint
for the user. However, in the OwncloudSetupPage constructor, the
placeholer text is overwritten by the return string of the theme's
wizardUrlHint() method. The NextcloudTheme class does not override
this virtual method, so an empty string is used.
To make available the "https://..." hint, it is moved from the
UI file to NextcloudTheme::wizardUrlHint(). Note that, if a
theme is used which does not allow a custom server URL, the
placeholder text is now empty. This makes sense because the
input field is disabled in that case.
Signed-off-by: Stephan Beyer <s-beyer@gmx.net>
In case of denormalized paths in the dav href (presence of . or .. in
the path) simple string startsWith comparison wasn't enough to know if
said href ended up in the right namespace. That's why we're now using
QUrl (pretending local file since we don't have a full URL in the href)
to normalize the path before comparison.
This could happen with broken proxies for instance where we would
wrongly validate the dav information resulting in potentially surprising
syncing and name collisions.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
The message handler globally installed by the logger silently drop
messages if the logger is not logging. On top of it, it doesn't log
debug messages by default.
Anything not logged is currently silently discarded. This can come as a
surprise to a developer trying to contribute for the first time and
adding some debug message for some reason.
We're thus trying to strike a middle ground which is that debug messages
get a regular output if the logger isn't interested in them.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
- Application name, version number, OS
Example: Nextcloud Desktop Client
Version 2.6.4 (macOS)
- Keep previous version info in new method Theme::aboutDetails()
Signed-off-by: Michael Schuster <michael@schuster.ms>
So that user may continue to use http2 on their webpage
Signed-off-by: XNG <Milokita@users.noreply.github.com>
(cherry picked from commit dad95d4e46)
Signed-off-by: Michael Schuster <michael@schuster.ms>
- Fetch in ConnectionValidator::slotCapabilitiesRecieved
- Add editors to a list made of the new DirectEditor class
TODO:
- Add support for re-fetch and continously check for changes (ETag)
Signed-off-by: Michael Schuster <michael@schuster.ms>