Merge pull request #9615 from nextcloud/backport/9544/stable-4.0

[stable-4.0] fix(e2ee): allow read of metadata 1.2 again

Author: mgallien

src/libsync/discovery.cpp

@@ -2290,7 +2290,7 @@ DiscoverySingleDirectoryJob *ProcessDirectoryJob::startAsyncServerQuery()
                 const auto alreadyDownloaded = _discoveryData->_statedb->getFileRecord(_dirItem->_file, &record) && record.isValid();
                 // we need to make sure we first download all e2ee files/folders before migrating
                 _dirItem->_isEncryptedMetadataNeedUpdate = alreadyDownloaded && serverJob->encryptedMetadataNeedUpdate();
-                _dirItem->_e2eEncryptionStatus = SyncFileItem::EncryptionStatus::EncryptedMigratedV2_0;
+                _dirItem->_e2eEncryptionStatus = serverJob->currentEncryptionStatus();
                 _dirItem->_e2eEncryptionStatusRemote = serverJob->currentEncryptionStatus();
                 _dirItem->_e2eEncryptionServerCapability = serverJob->requiredEncryptionStatus();
                 qCDebug(lcDisco()) << _dirItem->_e2eEncryptionStatus << _dirItem->_e2eEncryptionServerCapability;

src/libsync/discoveryphase.cpp

@@ -645,19 +645,30 @@ void DiscoverySingleDirectoryJob::metadataReceived(const QJsonDocument &json, in
         }
     }
 
-    if (job->signature().isEmpty()) {
-        qCDebug(lcDiscovery) << "Initial signature is empty.";
-        _account->reportClientStatus(OCC::ClientStatusReportingStatus::E2EeError_GeneralError);
-        emit finished(HttpError{0, tr("Encrypted metadata setup error: initial signature from server is empty.")});
-        deleteLater();
-        return;
+    const auto jsonMetadata = statusCode == 404 ? QByteArray{} : json.toJson(QJsonDocument::Compact);
+    const auto jsonMetadataVersion = FolderMetadata::setupVersionFromExistingMetadata(jsonMetadata);
+    switch (jsonMetadataVersion) {
+    case FolderMetadata::MetadataVersion::VersionUndefined:
+    case FolderMetadata::MetadataVersion::Version1:
+    case FolderMetadata::MetadataVersion::Version1_2:
+        break;
+    case FolderMetadata::MetadataVersion::Version2_0:
+    case FolderMetadata::MetadataVersion::Version2_1:
+        if (job->signature().isEmpty()) {
+            qCDebug(lcDiscovery) << "Initial signature is empty.";
+            _account->reportClientStatus(OCC::ClientStatusReportingStatus::E2EeError_GeneralError);
+            emit finished(HttpError{0, tr("Encrypted metadata setup error: initial signature from server is empty.")});
+            deleteLater();
+            return;
+        }
+        break;
     }
 
     const auto e2EeFolderMetadata = new FolderMetadata(_account,
-                                                 _remoteRootFolderPath,
-                                                 statusCode == 404 ? QByteArray{} : json.toJson(QJsonDocument::Compact),
-                                                 RootEncryptedFolderInfo(Utility::fullRemotePathToRemoteSyncRootRelative(topLevelFolderPath, _remoteRootFolderPath)),
-                                                 job->signature());
+                                                       _remoteRootFolderPath,
+                                                       jsonMetadata,
+                                                       RootEncryptedFolderInfo(Utility::fullRemotePathToRemoteSyncRootRelative(topLevelFolderPath, _remoteRootFolderPath)),
+                                                       job->signature());
     connect(e2EeFolderMetadata, &FolderMetadata::setupComplete, this, [this, e2EeFolderMetadata] {
         e2EeFolderMetadata->deleteLater();
         if (!e2EeFolderMetadata->isValid()) {

src/libsync/foldermetadata.cpp

@@ -80,7 +80,7 @@ FolderMetadata::FolderMetadata(AccountPtr account,
     , _initialSignature(signature)
 {
     Q_ASSERT(!_remoteFolderRoot.isEmpty());
-    setupVersionFromExistingMetadata(metadata);
+    _existingMetadataVersion = setupVersionFromExistingMetadata(metadata);
 
     const auto doc = QJsonDocument::fromJson(metadata);
     qCDebug(lcCseMetadata()) << doc.toJson(QJsonDocument::Compact);
@@ -378,8 +378,9 @@ void FolderMetadata::setupExistingMetadataLegacy(const QByteArray &metadata)
     _isMetadataValid = true;
 }
 
-void FolderMetadata::setupVersionFromExistingMetadata(const QByteArray &metadata)
+FolderMetadata::MetadataVersion FolderMetadata::setupVersionFromExistingMetadata(const QByteArray &metadata)
 {
+    auto resultVersion = FolderMetadata::MetadataVersion{};
     const auto &doc = QJsonDocument::fromJson(metadata);
     const auto &metaDataStr = metadataStringFromOCsDocument(doc);
     const auto &metaDataDoc = QJsonDocument::fromJson(metaDataStr.toLocal8Bit()).object();
@@ -407,17 +408,19 @@ void FolderMetadata::setupVersionFromExistingMetadata(const QByteArray &metadata
     }
 
     if (versionStringFromMetadata == QStringLiteral("1.2")) {
-        _existingMetadataVersion = MetadataVersion::Version1_2;
+        resultVersion = MetadataVersion::Version1_2;
     } else if (versionStringFromMetadata == QStringLiteral("2.0") || versionStringFromMetadata == QStringLiteral("2")) {
-        _existingMetadataVersion = MetadataVersion::Version2_0;
+        resultVersion = MetadataVersion::Version2_0;
     } else if (versionStringFromMetadata == QStringLiteral("2.1")) {
-        _existingMetadataVersion = MetadataVersion::Version2_1;
+        resultVersion = MetadataVersion::Version2_1;
     } else if (versionStringFromMetadata == QStringLiteral("1.0")
         || versionStringFromMetadata == QStringLiteral("1.1")) {
         // We used to have an intermediate 1.1 after applying a security-vulnerability fix for metadata keys.
         // It should be treated as MetadataVersion::Version1, as we don't want to change logic related to 1.2, since 1.1 is an edge case.
-        _existingMetadataVersion = MetadataVersion::Version1;
+        resultVersion = MetadataVersion::Version1;
     }
+
+    return resultVersion;
 }
 
 void FolderMetadata::emitSetupComplete()

src/libsync/foldermetadata.h

@@ -143,6 +143,8 @@ class OWNCLOUDSYNC_EXPORT FolderMetadata : public QObject
 
     void updateSelfCertificate();
 
+    static MetadataVersion setupVersionFromExistingMetadata(const QByteArray &metadata);
+
 public slots:
     void addEncryptedFile(const FolderMetadata::EncryptedFile &f);
     void removeEncryptedFile(const FolderMetadata::EncryptedFile &f);
@@ -188,8 +190,6 @@ private slots:
     void setupExistingMetadata(const QByteArray &metadata);
     void setupExistingMetadataLegacy(const QByteArray &metadata);
 
-    void setupVersionFromExistingMetadata(const QByteArray &metadata);
-
     void startFetchRootE2eeFolderMetadata(const QString &path);
     void slotRootE2eeFolderMetadataReceived(int statusCode, const QString &message);