search

hbons / SparkleShare

Share and collaborate by syncing with any Git repository instantly. Linux, macOS, and Windows.
https://sparkleshare.org
Other
4.88k stars 579 forks source link

SparkleShare doesn't ask for password on encrypted repository #1854

Closed frubi closed 6 years ago

frubi commented 6 years ago

If I add an existing, client-side encrypted Git repository to a new SparkleShare installation (flatpak), the client doesn't asks for the encryption password. After fetching the files in the temporary directory, the client shows directly the final dialog of the setup wizard.

What happened:

Git repository on own server is added. Files in SparkleShare directory are encrypted.

What I expected to happen:

Git repository on own server is added. Files in SparkleShare directory are not encrypted.

flatpak list -d

Ref                                             Origin  Active commit Latest commit Installed size Options       
org.sparkleshare.SparkleShare/x86_64/stable     flathub d8666467ac7d  -             575,6 MB       system,current
org.freedesktop.Platform.VAAPI.Intel/x86_64/1.6 flathub 818a1504fad1  -               8,7 MB       system,runtime
org.freedesktop.Platform.ffmpeg/x86_64/1.6      flathub b5f77229b85f  -               7,7 MB       system,runtime
org.gnome.Platform/x86_64/3.24                  flathub 425f63d3d6b3  -               1,3 GB       system,runtime

Log file:

22:20:48 Environment | SparkleShare 2.0.1 (Flatpak)
22:20:48 Environment | Git LFS 2.3.0
22:20:48 Environment | Git 2.14.1
22:20:48 Environment | GNOME (Unix 4.16.0.2)
22:20:48 Cmd |  | gvfs-set-attribute "/home/felix/SparkleShare" metadata::custom-icon-name org.sparkleshare.SparkleShare
22:21:12 Fetcher | /home/felix/.config/org.sparkleshare.SparkleShare/tmp/DIRNAME-crypto | Fetching folder: ssh://storage@HOST/home/storage/DIRNAME-crypto
22:21:12 Auth | Fetching host key for HOST
22:21:12 Cmd |  | ssh-keyscan -t rsa -p 22 HOST
22:21:12 Auth | Skipping fingerprint check
22:21:12 Cmd | tmp | git ls-remote --heads "ssh://storage@HOST/home/storage/DIRNAME-crypto"
22:21:13 Cmd | tmp | git clone --progress --no-checkout "ssh://storage@HOST/home/storage/DIRNAME-crypto" "/home/felix/.config/org.sparkleshare.SparkleShare/tmp/DIRNAME-crypto"
22:21:13 Git | Cloning into '/home/felix/.config/org.sparkleshare.SparkleShare/tmp/DIRNAME-crypto'...
22:21:14 Git | remote: Counting objects: 10410, done.        
22:25:53 Git | remote: Total 10410 (delta 4701), reused 2188 (delta 109)        
22:25:56 Fetcher | Finished
22:25:56 Cmd | DIRNAME-crypto | git rev-parse HEAD
22:25:56 Cmd | DIRNAME-crypto | git config core.autocrlf input
22:25:56 Cmd | DIRNAME-crypto | git config core.quotepath false
22:25:56 Cmd | DIRNAME-crypto | git config core.ignorecase false
22:25:56 Cmd | DIRNAME-crypto | git config core.filemode false
22:25:56 Cmd | DIRNAME-crypto | git config core.precomposeunicode true
22:25:56 Cmd | DIRNAME-crypto | git config core.safecrlf false
22:25:56 Cmd | DIRNAME-crypto | git config core.excludesfile ""
22:25:56 Cmd | DIRNAME-crypto | git config core.packedGitLimit 128m
22:25:56 Cmd | DIRNAME-crypto | git config core.packedGitWindowSize 128m
22:25:56 Cmd | DIRNAME-crypto | git config pack.deltaCacheSize 128m
22:25:56 Cmd | DIRNAME-crypto | git config pack.packSizeLimit 128m
22:25:56 Cmd | DIRNAME-crypto | git config pack.windowMemory 128m
22:25:56 Cmd | DIRNAME-crypto | git config push.default matching
22:25:56 Cmd | DIRNAME-crypto | git config filter.lfs.required true
22:25:56 Cmd | DIRNAME-crypto | git config filter.lfs.clean 'git-lfs clean %f'
22:25:56 Cmd | DIRNAME-crypto | git config filter.lfs.smudge "env GIT_SSH_COMMAND='ssh -i /home/felix/.config/org.sparkleshare.SparkleShare/ssh/2016-12-24_11h29.key -o UserKnownHostsFile=/home/felix/.config/org.sparkleshare.SparkleShare/ssh/known_hosts -o IdentitiesOnly=yes -o PasswordAuthentication=no -F /dev/null' git-lfs smudge %f"
22:25:56 Cmd | DIRNAME-crypto | git rev-parse HEAD
22:25:56 Cmd | DIRNAME-crypto | git show-ref --verify --quiet refs/heads/SparkleShare
22:25:57 Cmd | DIRNAME-crypto | git checkout --quiet --force HEAD
22:26:00 Config | Wrote to '/home/felix/.config/org.sparkleshare.SparkleShare/projects.xml'
22:26:00 /home/felix/SparkleShare/HOST/DIRNAME-crypto | Initializing...
22:26:00 Cmd | DIRNAME-crypto | git config core.ignorecase false
22:26:00 Cmd | DIRNAME-crypto | git config remote.origin.url "ssh://storage@HOST/home/storage/DIRNAME-crypto"
22:26:00 Cmd | DIRNAME-crypto | git config core.sshCommand ssh -i /home/felix/.config/org.sparkleshare.SparkleShare/ssh/2016-12-24_11h29.key -o UserKnownHostsFile=/home/felix/.config/org.sparkleshare.SparkleShare/ssh/known_hosts -o IdentitiesOnly=yes -o PasswordAuthentication=no -F /dev/null
22:26:00 Cmd | DIRNAME-crypto | git --no-pager log --since=1.month --raw --find-renames --date=iso --format=medium --no-color --no-merges
22:26:00 Git | DIRNAME-crypto | Checking for remote changes...
22:26:00 Cmd | DIRNAME-crypto | git rev-parse HEAD
22:26:00 Cmd | DIRNAME-crypto | git config core.ignorecase true
22:26:00 Cmd | DIRNAME-crypto | git config core.ignorecase false
22:26:00 Cmd | DIRNAME-crypto | git rev-parse --abbrev-ref HEAD
22:26:00 Cmd | DIRNAME-crypto | git ls-remote --heads --exit-code origin master
22:26:01 Git | DIRNAME-crypto | No remote changes, local+remote: 094d8d84124ffc774d1d0c9a6b7398c930068a29
22:26:01 Cmd | DIRNAME-crypto | git status --porcelain
hbons commented 6 years ago

Was the repository created with the 1.x version of SparkleShare? In 2.x encrypted repositories are handled differently and need to be recreated.

frubi commented 6 years ago

Yes, the repository was created with version 1.5.0. So client-side encryption is incompatible between SparkleShare 1.x and 2.x?

hbons commented 6 years ago

Yes, sadly. This had to be done to fix some issues and make improvements... If you create an empty git repo (no need to name it "-crypto" anymore) and add it using 2.x, SparkleShare will ask if you want it encrypted.

ianchanning commented 5 years ago

I've just hit this issue, so I've added some upgrade instructions to the Client Side Encryption wiki page:

Upgrading from SparkleShare v1.x to v2.x

The encryption mechanism has changed in SparkleShare v2, so if you have created an encrypted repository with the crypto extension in v1.x you will no longer be able to decrypt it in v2.x.

This means that to convert a v1.x repo you will need to have to have a decrypted version of your repository locally from v1.x and then create a new SparkleShare repo via the v2 interface (there is no longer a requirement for the crypto directory name postfix) and move all your decrypted files into the new repo.

That's my best guess of the only way that you can upgrade an existing repo.

ianchanning commented 5 years ago

Related issue #1831.