Add a session wrapper to encrypt the data before storing it on disk

[LukasReschke]

Reanimation of #17744 until we can have #17866

Reviewers please:

@nickvergessen @DeepDiver1975 @MorrisJobke

[LukasReschke]

12:37:22 PHP Fatal error:  Class 'OC\Files\Storage\SMB' not found in /var/lib/jenkins/jobs/server-master-linux-externals-smb-windows-ext-ci/workspace/database/sqlite/external/smb-windows/label/master/apps/files_external/tests/backends/smb.php on line 41

This looks fishy @Xenopathic

[karlitschek]

thanks @LukasReschke

[LukasReschke]

Probably not required anymore since this is now as well a session cookie

[scrutinizer-notifier]

A new inspection was created.

[ghost]

🚀 Test PASSed.🚀

[PVince81]

Works fine in web UI + sync client 1.8.4, tested with encryption which uses the session for the keys. 👍

[MorrisJobke]

Tested and works 👍

[PVince81]

Mysterious regression: #18557

[icewind1991]

Did anyone bother checking the performance of this approach?

https://blackfire.io/profiles/compare/fc575a75-07e5-4b84-b266-d012db68745b/graph

33ms (on my machine) for every single request doesn't seem worth it to me since it's just obfuscation.
If we do want "encrypted" sessions we should make sure it's optimized and only enc/decrypt the data once instead of 43 times

[LukasReschke]

If we do want "encrypted" sessions we should make sure it's optimized and only enc/decrypt the data once instead of 43 times

#17866 would have done this. - With this approach I'm not quite sure how we can achieve this if we want a somewhat useful encryption. Well, or we remove any HMAC verification which would make this even more snake-oily 🙊

[LukasReschke]

Mhm… I think we could emulate this by putting everything into a single session field … Let me see…

[karlitschek]

Hmm. Why does it happen 43 times?

[LukasReschke]

Hmm. Why does it happen 43 times?

Because with this approach every item in the session is encrypted itself instead of the whole session. And thus decrypting each item is required on it's own which involves HMACing ;-)

[karlitschek]

Hmmm. Can we have a config.php option so that this can be switch off on heavy load situations?

[LukasReschke]

Hmmm. Can we have a config.php option so that this can be switch off on heavy load situations?

No. But we can fix this. Please no config switches for stuff that we can fix properly. THX.

[LukasReschke]

Config switch = Nobody tests one of the conditions = It's broken.

[karlitschek]

Agreed. IF you can fix it :-)

[LukasReschke]

[LukasReschke]

#18913

[karlitschek]

LOL