|
|
@@ -15,6 +15,7 @@ import (
|
|
|
"fmt"
|
|
|
"io"
|
|
|
"net"
|
|
|
+ "os"
|
|
|
"path/filepath"
|
|
|
"reflect"
|
|
|
"runtime"
|
|
|
@@ -192,6 +193,8 @@ var (
|
|
|
errEncryptionNotEncryptedRemote = errors.New("folder is configured to be encrypted but not announced thus")
|
|
|
errEncryptionNotEncryptedUntrusted = errors.New("device is untrusted, but configured to receive not encrypted data")
|
|
|
errEncryptionPassword = errors.New("different encryption passwords used")
|
|
|
+ errEncryptionTokenRead = errors.New("failed to read encryption token")
|
|
|
+ errEncryptionTokenWrite = errors.New("failed to write encryption token")
|
|
|
errEncryptionNeedToken = errors.New("require password token for receive-encrypted token")
|
|
|
errMissingRemoteInClusterConfig = errors.New("remote device missing in cluster config")
|
|
|
errMissingLocalInClusterConfig = errors.New("local device missing in cluster config")
|
|
|
@@ -1381,9 +1384,12 @@ func (m *model) ccHandleFolders(folders []protocol.Folder, deviceCfg config.Devi
|
|
|
if sameError {
|
|
|
l.Debugln(msg)
|
|
|
} else {
|
|
|
+ if rerr, ok := err.(*redactedError); ok {
|
|
|
+ err = rerr.redacted
|
|
|
+ }
|
|
|
+ m.evLogger.Log(events.Failure, err.Error())
|
|
|
l.Warnln(msg)
|
|
|
}
|
|
|
- m.evLogger.Log(events.Failure, err.Error())
|
|
|
return tempIndexFolders, paused, err
|
|
|
}
|
|
|
if devErrs, ok := m.folderEncryptionFailures[folder.ID]; ok {
|
|
|
@@ -1506,7 +1512,13 @@ func (m *model) ccCheckEncryption(fcfg config.FolderConfiguration, folderDevice
|
|
|
var err error
|
|
|
token, err = readEncryptionToken(fcfg)
|
|
|
if err != nil && !fs.IsNotExist(err) {
|
|
|
- return err
|
|
|
+ if rerr, ok := redactPathError(err); ok {
|
|
|
+ return rerr
|
|
|
+ }
|
|
|
+ return &redactedError{
|
|
|
+ error: err,
|
|
|
+ redacted: errEncryptionTokenRead,
|
|
|
+ }
|
|
|
}
|
|
|
if err == nil {
|
|
|
m.fmut.Lock()
|
|
|
@@ -1514,7 +1526,14 @@ func (m *model) ccCheckEncryption(fcfg config.FolderConfiguration, folderDevice
|
|
|
m.fmut.Unlock()
|
|
|
} else {
|
|
|
if err := writeEncryptionToken(ccToken, fcfg); err != nil {
|
|
|
- return err
|
|
|
+ if rerr, ok := redactPathError(err); ok {
|
|
|
+ return rerr
|
|
|
+ } else {
|
|
|
+ return &redactedError{
|
|
|
+ error: err,
|
|
|
+ redacted: errEncryptionTokenWrite,
|
|
|
+ }
|
|
|
+ }
|
|
|
}
|
|
|
m.fmut.Lock()
|
|
|
m.folderEncryptionPasswordTokens[fcfg.ID] = ccToken
|
|
|
@@ -3258,3 +3277,21 @@ type updatedPendingFolder struct {
|
|
|
DeviceID protocol.DeviceID `json:"deviceID"`
|
|
|
ReceiveEncrypted bool `json:"receiveEncrypted"`
|
|
|
}
|
|
|
+
|
|
|
+// redactPathError checks if the error is actually a os.PathError, and if yes
|
|
|
+// returns a redactedError with the path removed.
|
|
|
+func redactPathError(err error) (error, bool) {
|
|
|
+ perr, ok := err.(*os.PathError)
|
|
|
+ if !ok {
|
|
|
+ return nil, false
|
|
|
+ }
|
|
|
+ return &redactedError{
|
|
|
+ error: err,
|
|
|
+ redacted: fmt.Errorf("%v: %w", perr.Op, perr.Err),
|
|
|
+ }, true
|
|
|
+}
|
|
|
+
|
|
|
+type redactedError struct {
|
|
|
+ error
|
|
|
+ redacted error
|
|
|
+}
|
Simon Frei