revertprovider: crypted provider was not supported in v4

also ensure to initialize kms before the dataprovider, it could be
needed to downgrade secret from cloud kms providers

cmd/initprovider.go

@@ -43,6 +43,12 @@ Please take a look at the usage below to customize the options.`,
 				logger.WarnToConsole("Unable to initialize data provider, config load error: %v", err)
 				return
 			}
+			kmsConfig := config.GetKMSConfig()
+			err = kmsConfig.Initialize()
+			if err != nil {
+				logger.ErrorToConsole("unable to initialize KMS: %v", err)
+				os.Exit(1)
+			}
 			providerConf := config.GetProviderConf()
 			logger.InfoToConsole("Initializing provider: %#v config file: %#v", providerConf.Driver, viper.ConfigFileUsed())
 			err = dataprovider.InitializeDatabase(providerConf, configDir)

cmd/revertprovider.go

@@ -32,6 +32,12 @@ Please take a look at the usage below to customize the options.`,
 				logger.WarnToConsole("Unable to initialize data provider, config load error: %v", err)
 				return
 			}
+			kmsConfig := config.GetKMSConfig()
+			err = kmsConfig.Initialize()
+			if err != nil {
+				logger.ErrorToConsole("unable to initialize KMS: %v", err)
+				os.Exit(1)
+			}
 			providerConf := config.GetProviderConf()
 			logger.InfoToConsole("Reverting provider: %#v config file: %#v target version %v", providerConf.Driver,
 				viper.ConfigFileUsed(), revertProviderTargetVersion)

cmd/startsubsys.go

@@ -67,6 +67,11 @@ Command-line flags should be specified in the Subsystem declaration.
 			commonConfig.IdleTimeout = 0
 			config.SetCommonConfig(commonConfig)
 			common.Initialize(config.GetCommonConfig())
+			kmsConfig := config.GetKMSConfig()
+			if err := kmsConfig.Initialize(); err != nil {
+				logger.Error(logSender, connectionID, "unable to initialize KMS: %v", err)
+				os.Exit(1)
+			}
 			dataProviderConf := config.GetProviderConf()
 			if dataProviderConf.Driver == dataprovider.SQLiteDataProviderName || dataProviderConf.Driver == dataprovider.BoltDataProviderName {
 				logger.Debug(logSender, connectionID, "data provider %#v not supported in subsystem mode, using %#v provider",
@@ -83,11 +88,6 @@ Command-line flags should be specified in the Subsystem declaration.
 			}
 			httpConfig := config.GetHTTPConfig()
 			httpConfig.Initialize(configDir)
-			kmsConfig := config.GetKMSConfig()
-			if err := kmsConfig.Initialize(); err != nil {
-				logger.Error(logSender, connectionID, "unable to initialize KMS: %v", err)
-				os.Exit(1)
-			}
 			user, err := dataprovider.UserExists(username)
 			if err == nil {
 				if user.HomeDir != filepath.Clean(homedir) && !preserveHomeDir {

dataprovider/compat.go

@@ -277,6 +277,9 @@ func convertFsConfigToV4(fs Filesystem, username string) (compatFilesystemV4, er
 			}
 			fsV4.GCSConfig.Credentials = []byte(creds)
 		}
+	case CryptedFilesystemProvider:
+		// crypted provider was not supported in v4, the configuration will be lost
+		fsV4.Provider = 0
 	}
 	return fsV4, nil
 }

service/service.go

@@ -83,10 +83,17 @@ func (s *Service) Start() error {
 	}
 
 	common.Initialize(config.GetCommonConfig())
+	kmsConfig := config.GetKMSConfig()
+	err := kmsConfig.Initialize()
+	if err != nil {
+		logger.Error(logSender, "", "unable to initialize KMS: %v", err)
+		logger.ErrorToConsole("unable to initialize KMS: %v", err)
+		os.Exit(1)
+	}
 
 	providerConf := config.GetProviderConf()
 
-	err := dataprovider.Initialize(providerConf, s.ConfigDir)
+	err = dataprovider.Initialize(providerConf, s.ConfigDir)
 	if err != nil {
 		logger.Error(logSender, "", "error initializing data provider: %v", err)
 		logger.ErrorToConsole("error initializing data provider: %v", err)
@@ -110,13 +117,6 @@ func (s *Service) Start() error {
 
 	httpConfig := config.GetHTTPConfig()
 	httpConfig.Initialize(s.ConfigDir)
-	kmsConfig := config.GetKMSConfig()
-	err = kmsConfig.Initialize()
-	if err != nil {
-		logger.Error(logSender, "", "unable to initialize KMS: %v", err)
-		logger.ErrorToConsole("unable to initialize KMS: %v", err)
-		os.Exit(1)
-	}
 
 	s.startServices()