Accueil Explorer Aide
S'inscrire Connexion
dennis
/
Nextcloud-release
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Parcourir la source

Only request mnemonic when user explicitly wants to enable E2EE

Signed-off-by: Claudio Cambra <claudio.cambra@nextcloud.com>
Claudio Cambra il y a 3 ans
Parent
7a3d30a047
commit
31876926ac
4 fichiers modifiés avec 22 ajouts et 0 suppressions
Vue séparée Afficher les stats Diff
  1. 2 0
      src/gui/accountsettings.cpp
  2. 10 0
      src/libsync/account.cpp
  3. 4 0
      src/libsync/account.h
  4. 6 0
      src/libsync/clientsideencryption.cpp

+ 2 - 0
src/gui/accountsettings.cpp
Voir le fichier 

@@ -258,6 +258,7 @@ void AccountSettings::slotE2eEncryptionGenerateKeys()
 
 {
 
     connect(_accountState->account()->e2e(), &ClientSideEncryption::initializationFinished, this, &AccountSettings::slotE2eEncryptionInitializationFinished);
 
     _accountState->account()->setE2eEncryptionKeysGenerationAllowed(true);
 
+    _accountState->account()->setAskUserForMnemonic(true);
 
     _accountState->account()->e2e()->initialize(_accountState->account());
 
 }
 
 
@@ -271,6 +272,7 @@ void AccountSettings::slotE2eEncryptionInitializationFinished(bool isNewMnemonic
 
             displayMnemonic(_accountState->account()->e2e()->_mnemonic);
 
         }
 
     }
 
+    _accountState->account()->setAskUserForMnemonic(false);
 
 }
 
 
 void AccountSettings::slotEncryptFolderFinished(int status)

+ 10 - 0
src/libsync/account.cpp
Voir le fichier 

@@ -966,4 +966,14 @@ void Account::setE2eEncryptionKeysGenerationAllowed(bool allowed)
 
     return _e2eEncryptionKeysGenerationAllowed;
 
 }
 
 
+bool Account::askUserForMnemonic() const
 
+{
 
+    return _e2eAskUserForMnemonic;
 
+}
 
+
 
+void Account::setAskUserForMnemonic(const bool ask)
 
+{
 
+    _e2eAskUserForMnemonic = ask;
 
+}
 
+
 
 } // namespace OCC

+ 4 - 0
src/libsync/account.h
Voir le fichier 

@@ -314,10 +314,13 @@ public:
 
     void setE2eEncryptionKeysGenerationAllowed(bool allowed);
 
     [[nodiscard]] bool e2eEncryptionKeysGenerationAllowed() const;
 
 
+    [[nodiscard]] bool askUserForMnemonic() const;
 
+
 
 public slots:
 
     /// Used when forgetting credentials
 
     void clearQNAMCache();
 
     void slotHandleSslErrors(QNetworkReply *, QList<QSslError>);
 
+    void setAskUserForMnemonic(const bool ask);
 
 
 signals:
 
     /// Emitted whenever there's network activity
 
@@ -370,6 +373,7 @@ private:
 
     bool _trustCertificates = false;
 
 
     bool _e2eEncryptionKeysGenerationAllowed = false;
 
+    bool _e2eAskUserForMnemonic = false;
 
 
     QWeakPointer<Account> _sharedThis;
 
     QString _id;

+ 6 - 0
src/libsync/clientsideencryption.cpp
Voir le fichier 

@@ -1248,6 +1248,12 @@ void ClientSideEncryption::encryptPrivateKey(const AccountPtr &account)
 
 }
 
 
 void ClientSideEncryption::decryptPrivateKey(const AccountPtr &account, const QByteArray &key) {
 
+    if (!account->askUserForMnemonic()) {
 
+        qCDebug(lcCse) << "Not allowed to ask user for mnemonic";
 
+        emit initializationFinished();
 
+        return;
 
+    }
 
+
 
     QString msg = tr("Please enter your end-to-end encryption passphrase:<br>"
 
                      "<br>"
 
                      "Username: %2<br>"