nextcloud / server

ā˜ļø Nextcloud server, a safe home for all your data
https://nextcloud.com
GNU Affero General Public License v3.0
27.38k stars 4.07k forks source link

All shared files: "Can not decrypt this file, probably this is a shared file." #28862

Open CamZie opened 3 years ago

CamZie commented 3 years ago

How to use GitHub

Steps to reproduce

  1. Share link of any kind of files like PDFs, zip files, text files and images etc.
  2. Open or download the files
  3. Opening files like PDF and text files returns an error on the web interface and when downloaded, it downloads an HTML file that is 4.5kb with an error.

Expected behaviour

Shows and downloads the files through the shared link without any problems

Actual behaviour

The owner of the shared link can access the files so it does not seem to be corrupted. It just gets corrupted when it is shared. Also re-shared the files many times and still same problem occurs.

$ file image.png image.png: HTML document, UTF-8 Unicode text, with very long lines

Here is the content of the HTML document:

                                    <div class="error">
    <h2>Error</h2>
    <ul>
                    <li>
                    <p>Can&#039;t read file</p>
                                                    <p class='hint'>Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you.</p>
                                    </li>
            </ul>

Server configuration

Operating system: Debian 9.13 (stretch)

Web server: nginx 1.10.3

Database: MariaDB 10.1.48

PHP version: 7.2

Nextcloud version: 20.0.12

Updated from an older Nextcloud/ownCloud or fresh install: updated from an older version. The problem started since version 18.0.6 .

Where did you install Nextcloud from: Nextcloud website

Signing status:

Signing status ``` No errors have been found. ```

List of activated apps:

App list ``` Enabled: - accessibility: 1.6.0 - activity: 2.13.4 - admin_audit: 1.10.0 - apporder: 0.13.0 - bruteforcesettings: 2.2.0 - calendar: 2.3.2 - cloud_federation_api: 1.3.0 - comments: 1.10.0 - contacts: 4.0.1 - contactsinteraction: 1.1.0 - dashboard: 7.0.0 - dav: 1.16.2 - drop_account: 1.0.2 - encryption: 2.8.1 - external: 3.7.3 - federatedfilesharing: 1.10.2 - federation: 1.10.1 - files: 1.15.0 - files_pdfviewer: 2.0.1 - files_rightclick: 0.17.0 - files_sharing: 1.12.2 - files_trashbin: 1.10.1 - files_videoplayer: 1.9.0 - logreader: 2.5.0 - lookup_server_connector: 1.8.0 - mail: 1.6.0 - notes: 4.0.4 - notifications: 2.8.0 - oauth2: 1.8.0 - password_policy: 1.10.1 - photos: 1.2.3 - provisioning_api: 1.10.0 - quota_warning: 1.9.1 - recommendations: 0.8.0 - serverinfo: 1.10.0 - settings: 1.2.0 - sharebymail: 1.10.0 - tasks: 0.14.1 - text: 3.1.0 - theming: 1.11.0 - twofactor_backupcodes: 1.9.0 - twofactor_totp: 5.0.0 - updatenotification: 1.10.0 - user_status: 1.0.1 - viewer: 1.4.0 - weather_status: 1.0.0 - workflowengine: 2.2.0 ```

Nextcloud configuration:

Config report ``` { "system": { "instanceid": "***REMOVED SENSITIVE VALUE***", "passwordsalt": "***REMOVED SENSITIVE VALUE***", "datadirectory": "***REMOVED SENSITIVE VALUE***", "dbtype": "mysql", "version": "20.0.12.1", "dbname": "***REMOVED SENSITIVE VALUE***", "dbhost": "***REMOVED SENSITIVE VALUE***", "dbtableprefix": "oc_", "dbuser": "***REMOVED SENSITIVE VALUE***", "dbpassword": "***REMOVED SENSITIVE VALUE***", "installed": true, "forcessl": true, "enable_avatars": false, "mail_domain": "***REMOVED SENSITIVE VALUE***", "mail_smtpmode": "smtp", "log_authfailip": true, "loglevel": 2, "maintenance": false, "customclient_desktop": "https:\/\/***REMOVED SENSITIVE VALUE***\/en\/downloads", "trusted_domains": [ "***REMOVED SENSITIVE VALUE***" ], "share_folder": "\/Shared", "overwritewebroot": "\/", "overwriteprotocol": "https", "secret": "***REMOVED SENSITIVE VALUE***", "singleuser": false, "memcache.local": "\\OC\\Memcache\\APCu", "trashbin_retention_obligation": "auto,30", "activity_expire_days": 14, "logtimezone": "Europe\/Zurich", "log_type": "errorlog", "skeletondirectory": "\/var\/www\/nextcloud\/themes\/core\/skeleton", "overwrite.cli.url": "https:\/\/***REMOVED SENSITIVE VALUE***", "mail_from_address": "***REMOVED SENSITIVE VALUE***", "mail_smtpauthtype": "LOGIN", "preview_max_scale_factor": 1, "preview_max_filesize_image": 2, "preview_max_x": 1024, "preview_max_y": 1024, "mysql.utf8mb4": true, "app_install_overwrite": [ "drop_account" ], "encryption.legacy_format_support": true, "encryption.key_storage_migrated": false }, ```

Are you using encryption: yes - server side encryption with user keys

Client configuration

Browser: Chrome, Firefox

Operating system: Linux / Windows / Mac OS

Logs

Web server error log

Web server error log ``` no errors ```

Nextcloud log (data/nextcloud.log)

Nextcloud log ``` [error] 25168#25168: *43072837 FastCGI sent in stderr: "PHP message: [owncloud][no app in context][3] Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you. PHP message: [owncloud][no app in context][3] {"Exception":"OC\\Encryption\\Exceptions\\DecryptionFailedException","Message":"Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you.","Code":0,"Trace":[{"file":"/var/www/nextcloud/lib/private/Files/Stream/Encryption.php","line":501,"function":"decrypt","class":"OCA\\Encryption\\Crypto\\Encryption","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/nextcloud/lib/private/Files/Stream/Encryption.php","line":299,"function":"readCache","class":"OC\\Files\\Stream\\Encryption","type":"->","args":[]},{"function":"stream_read","class":"OC\\Files\\Stream\\Encryption","type":"->","args":[8192]},{"file":"/var/www/nextcloud/3rdparty/icewind/streams/src/Wrapper.php","line":91,"function":"fread","args":[null,8192]},{"file":"/var/www/nextcloud/3rdparty/icewind/streams/src/CallbackWrapper.php","line":98,"function":"stream_read","class":"Icewind\\Streams\\Wrapper","type":"->","args":[8192" while reading response header from upstream, client: ***REMOVED SENSITIVE VALUE***, server: ***REMOVED SENSITIVE VALUE***, request: "GET /s/RSGxCLoYfeTQSBy/download?path=%2F&files=document.pdf HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "***REMOVED SENSITIVE VALUE***" ```

Browser log

Browser log for opening PDFs ``` Content Security Policy: The pageā€™s settings blocked the loading of a resource at inline (ā€œscript-srcā€). 2 utils.js:35:9 Content Security Policy: The pageā€™s settings blocked the loading of a resource at eval (ā€œscript-srcā€). global.js:10:10 Please do NOT wait for the DOMContentLoaded before registering your viewer handler Viewer.vue:217 [ERROR] Files_PDFViewer: But this does not appear to be a public page Object { app: "Files_PDFViewer" } ConsoleLogger.js:54:18 Content Security Policy: The pageā€™s settings blocked the loading of a resource at inline (ā€œscript-srcā€). utils.js:35:9 Content Security Policy: The pageā€™s settings blocked the loading of a resource at inline (ā€œscript-srcā€). utils.js:35:9 Uncaught (in promise) Error: Invalid or corrupted PDF file. _callee7$/

Please let me know if you need more information

CamZie commented 3 years ago

Can anyone please help here? We have this issue since Nextcloud version 18.0.6...

onfire4g05 commented 1 year ago

This is definitely a bug somewhere, but not sure where. I thought I lost all of them. Fortunately, someone has written a script that'll let you decrypt them, though it took me a little time to figure out exactly how to set it up with my setup:

https://github.com/syseleven/nextcloud-tools

I was able to decrypt all of mine using this tool where Nextcloud would fail. I believe an update around version 20 broke it for me, but not sure since this appears to be an issue for a while.

szaimen commented 1 year ago

Hi, please update to 24.0.9 or better 25.0.3 and report back if it fixes the issue. Thank you!

My goal is to add a label like e.g. 25-feedback to this ticket of an up-to-date major Nextcloud version where the bug could be reproduced. However this is not going to work without your help. So thanks for all your effort!

If you don't manage to reproduce the issue in time and the issue gets closed but you can reproduce the issue afterwards, feel free to create a new bug report with up-to-date information by following this link: https://github.com/nextcloud/server/issues/new?assignees=&labels=bug%2C0.+Needs+triage&template=BUG_REPORT.yml&title=%5BBug%5D%3A+

CamZie commented 1 year ago

Hello, tested this on version 25.0.3 and still same issue with the share.

joshtrichards commented 1 year ago