search

nextcloud / end_to_end_encryption

:closed_lock_with_key: Server API to support End-to-End Encryption
https://apps.nextcloud.com/apps/end_to_end_encryption
GNU Affero General Public License v3.0
274 stars 34 forks source link

Reset of e2e, deletes all data in nextcloud #420

Closed alexkyb closed 1 year ago

alexkyb commented 1 year ago

How to use GitHub

Steps to reproduce

  1. Setup user account with e2e
  2. upload files to nextcloud non encrypted and e2e encrypted folders
  3. navigate to security tab in user settings on the webinterface
  4. reset the e2e
  5. watch how your nonencrypted files disappear in the web overlay and on the clients.

Expected behaviour

THe non encrypted folders should remain if you reset the e2e encryption.

Actual behaviour

It is gone. All gone. Not only the encrypted but also the nonecrypted files. Only the folder structure remains. 26GB were uploaded to the Nextcloud user accout. Upload to e2e folder was not possible (another bug report will be provided). A reset was initiated. No data remained.

Server configuration

Operating system: using hosted instance Web server:

Database:

PHP version: 8.1.17 Nextcloud version: (see Nextcloud admin page) 26.0.0 Updated from an older Nextcloud/ownCloud or fresh install: updated from 25.05 Where did you install Nextcloud from: was provided by hoster. Signing status:

Signing status No errors have been found.

List of activated apps:

App list e2e Version: 1.12.4

Nextcloud configuration:

Config report array ( ), 'dbtype' => 'mysql', 'version' => '26.0.0.11', 'dbhost' => 'localhost', 'dbport' => '', 'dbtableprefix' => 'oc_', 'mysql.utf8mb4' => true, 'installed' => true, 'memcache.local' => '\\OC\\Memcache\\APCu', 'memcache.locking' => '\\OC\\Memcache\\Redis', 'redis' => array ( 'host' => 'localhost', 'port' => '6379', ), 'filelocking.enabled' => 'true', 'default_phone_region' => 'DE', 'maintenance' => false, 'app_install_overwrite' => array ( 0 => 'end_to_end_encryption', 1 => 'camerarawpreviews', 2 => 'checksum', 3 => 'duplicatefinder', 4 => 'epubreader', 5 => 'groupfolders', 6 => 'onlyoffice', 7 => 'unsplash', 8 => 'twofactor_u2f', 9 => 'quota_warning', 10 => 'files_markdown', 11 => 'drawio', 12 => 'drop_account', ), 'theme' => '', 'loglevel' => 2, 'twofactor_enforced' => 'true', 'twofactor_enforced_groups' => array ( ), 'twofactor_enforced_excluded_groups' => array ( ), 'updater.release.channel' => 'stable', );

Are you using encryption: yes/no unsure

Client configuration

Operating system: Windows 11 Pro (22621.1485) MacOS 13.3

Logs

Web server error log

Web server error log ``` Insert your webserver log here ```

Nextcloud log (data/nextcloud.log)

Nextcloud log log file full of lines simiar to these: > {"reqId":"ZCxbVU-r368wocdDSl7CIwAAAUg","level":3,"time":"2023-04-04T17:33:27+00:00","remoteAddr":"2a02:810d:b63f:ff14:d0da:5945:834c:bfcb","user":"alexkyba","app":"end_to_end_encryption","method":"DELETE","url":"/ocs/v2.php/apps/end_to_end_encryption/api/v1/encrypted-files","message":"No file for owner with ID 450618","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/111.0","version":"26.0.0.11","exception":{"Exception":"OCP\\Files\\NotFoundException","Message":"No file for owner with ID 450618","Code":0,"Trace":[{"file":"../nextcloud/apps/end_to_end_encryption/lib/MetaDataStorage.php","line":146,"function":"verifyOwner","class":"OCA\\EndToEndEncryption\\MetaDataStorage","type":"->"},{"file":"../nextcloud/apps/end_to_end_encryption/lib/Controller/EncryptionController.php","line":119,"function":"deleteMetaData","class":"OCA\\EndToEndEncryption\\MetaDataStorage","type":"->"},{"file":"../nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":230,"function":"removeEncryptedFolders","class":"OCA\\EndToEndEncryption\\Controller\\EncryptionController","type":"->"},{"file":"../nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":137,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"../nextcloud/lib/private/AppFramework/App.php","line":183,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"../nextcloud/lib/private/Route/Router.php","line":315,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"../nextcloud/ocs/v1.php","line":63,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"./nextcloud/ocs/v2.php","line":23,"args":["./nextcloud/ocs/v1.php"],"function":"require_once"}],"File":"./httpdocs/nextcloud/apps/end_to_end_encryption/lib/MetaDataStorage.php","Line":236,"message":"No file for owner with ID 450618","exception":{},"CustomMessage":"No file for owner with ID 450618"}} {"reqId":"ZCxbVU-r368wocdDSl7CIwAAAUg","level":3,"time":"2023-04-04T17:33:27+00:00","remoteAddr":"2a02:810d:b63f:ff14:d0da:5945:834c:bfcb","user":"alexkyba","app":"end_to_end_encryption","method":"DELETE","url":"/ocs/v2.php/apps/end_to_end_encryption/api/v1/encrypted-files","message":"No file for owner with ID 439928","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/111.0","version":"26.0.0.11","exception":{"Exception":"OCP\\Files\\NotFoundException","Message":"No file for owner with ID 439928","Code":0,"Trace":[{"file":"../nextcloud/apps/end_to_end_encryption/lib/MetaDataStorage.php","line":146,"function":"verifyOwner","class":"OCA\\EndToEndEncryption\\MetaDataStorage","type":"->"},{"file":"../nextcloud/apps/end_to_end_encryption/lib/Controller/EncryptionController.php","line":119,"function":"deleteMetaData","class":"OCA\\EndToEndEncryption\\MetaDataStorage","type":"->"},{"file":"../nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":230,"function":"removeEncryptedFolders","class":"OCA\\EndToEndEncryption\\Controller\\EncryptionController","type":"->"},{"file":"../nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":137,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"../nextcloud/lib/private/AppFramework/App.php","line":183,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"../nextcloud/lib/private/Route/Router.php","line":315,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"../nextcloud/ocs/v1.php","line":63,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/var/www/vhosts/cloud.alexkbader.de/httpdocs/nextcloud/ocs/v2.php","line":23,"args":["../nextcloud/ocs/v1.php"],"function":"require_once"}],"File":"../nextcloud/apps/end_to_end_encryption/lib/MetaDataStorage.php","Line":236,"message":"No file for owner with ID 439928","exception":{},"CustomMessage":"No file for owner with ID 439928"}}

Browser log

Browser log ``` Insert your browser log here, this could for example include: a) The javascript console log b) The network log c) ... ```
ostasevych commented 1 year ago

@alexkyb Please, clarify. Do you mean, that all the data in Nextcloud were erased? What about shares and group folders, if they were used?

alexkyb commented 1 year ago

Hi @ostasevych, thanks for your question. I was a bit frustrated by this error, so my description is surly not complete.

As to your question: After resetting the e2e encryption all files of the user account where removed. Including the ReadMe-Description files of all folders. This included two shared files, in a shared folder.

The folder structure itself was not altered/removed in any way. The shared folder persisted. My nextcloud instance itself is encrypted. On top I installed the e2e addin. A reinstallation of nextcloud and the e2e encryption did not help.

artonge commented 1 year ago

@alexkyb By encrypted you mean that you are using server side encryption? Server side encryption and e2e encryption are not compatible with each other and can create a lot of issues.

alexkyb commented 1 year ago

@artonge Sorry for this unprecise info. By encryption I refer to the so called "Default encryption module" version 2.14.0 that is installed with in my nextcloud instance. No server side encryption is enabled. In my understanding this should not result in an issue. Am I here misunderstanding something or have I overlooked an incompatibility?

artonge commented 1 year ago

"Default encryption module" would be server side encryption. As stated in the README, they are not compatible with each other: https://github.com/nextcloud/end_to_end_encryption/tree/master#limitation

bcutter commented 7 months ago

"Default encryption module" would be server side encryption. As stated in the README, they are not compatible with each other: https://github.com/nextcloud/end_to_end_encryption/tree/master#limitation

So what does this tell you? And why is that information not part of the docs (exactly where your link refers to or even more precisely: https://github.com/nextcloud/end_to_end_encryption/tree/master?tab=readme-ov-file#server-side-encryption)?

grafik

grafik

Asking because of multiple issues like https://github.com/nextcloud/end_to_end_encryption/issues/583 and https://github.com/nextcloud/end_to_end_encryption/issues/583#issuecomment-1977725716.