Closed brotkastn closed 1 year ago
I'm actually seeing something that might be related since the upgrade to 27 (using the official Docker image, aside from that my answers to the template questions would be comparable): Whenever I share a file via public link it becomes inaccessible (with the same error on the public link: "Cannot decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." as described by the OP). Maybe also related to https://github.com/nextcloud/server/issues/28862 (since the behavior for PDFs, images and text files matches the description - although to be fair, the symptoms would probably be the same for any issue that breaks / corrupts encrypted files)?
Issue #28862 sounds like might be related, however it even breaks the access to the files for the owner of the files. Since your files are then inaccessible for you, which is bad, i thought this warrants a new issue. Maybe the bug for both issues is the same though, i am happy to close this one then.
One thing i since learned since opening this issue is that deleting the share shows an error in the frontend: Error deleting the share
- after refreshing the page the share is deleted. Removing the "share" will not restore access to those files.
If there is anything i can test, i will gladly provide the needed logs.
While creating test cases for the encryption-recovery-tools I came across the same problem. When publicly sharing an encrypted file, Nextcloud 27 deletes all corresponding encryption keys for that file. This is severe. (/cc @come-nc)
P.S.: This can be reproduced like this:
$ podman run -d -p 8080:80 --name nextcloud docker.io/library/nextcloud:27.0.0
=> browse to http://localhost:8080/
=> create admin user
=> browse to http://localhost:8080/index.php/settings/apps
=> enable Default encryption module
$ podman exec -it nextcloud bash
$ su -s /bin/bash www-data
$ ./occ encryption:enable
$ ./occ encryption:disable-master-key
=> logout
=> login
$ ./occ encryption:encrypt-all
$ exit
$ exit
=> browse to http://localhost:8080/index.php/apps/files/?dir=/&fileid=2
=> share all files and folders as external links
Can you try this patch:
diff --git a/apps/encryption/lib/Crypto/Encryption.php b/apps/encryption/lib/Crypto/Encryption.php
index 0bcaa167907..899d0f4315d 100644
--- a/apps/encryption/lib/Crypto/Encryption.php
+++ b/apps/encryption/lib/Crypto/Encryption.php
@@ -441,7 +441,7 @@ class Encryption implements IEncryptionModule {
$this->keyManager->deleteAllFileKeys($path);
foreach ($shareKeys as $uid => $keyFile) {
- $this->keyManager->setShareKey($this->path, $uid, $keyFile);
+ $this->keyManager->setShareKey($path, $uid, $keyFile);
}
} else {
$this->logger->debug('no file key found, we assume that the file "{file}" is not encrypted',
@come-nc Yes, on a new installation, this fixed the problem.
Still happening for me on 27.0.2, exactly as described in the first post, while 27.1.0 RC1 works correctly,
(Debian 12 Bookworm, PHP 8.2, Apache 2.4.57)
⚠️ This issue respects the following points: ⚠️
Bug description
Since the Upgrade to 27.0 i am unable to access files stored in a shared folder (shared via public link). Neither the uploading nextcloud User nor those who use the public share link can download the files. The Browser will save the file, however instead of the actual content it contains a HTML-Text containing the following error.
The nextcloud log shows the error message
path needs to be relative to the system wide data folder and point to a user specific file
thrown bygetUidAndFilename
in/var/www/nextcloud/lib/private/Encryption/Keys/Storage.php
after i create the public share via/ocs/v2.php/apps/files_sharing/api/v1/shares
Steps to reproduce
Expected behavior
After sharing a folder i would like to be able to access my files.
Installation method
Community Manual installation with Archive
Nextcloud Server version
27
Operating system
Debian/Ubuntu
PHP engine version
PHP 8.2
Web server
Nginx
Database engine version
MariaDB
Is this bug present after an update or on a fresh install?
Upgraded to a MAJOR version (ex. 22 to 23)
Are you using the Nextcloud Server Encryption module?
Encryption is Enabled
What user-backends are you using?
Configuration report
List of activated Apps
Nextcloud Signing status
Nextcloud Logs
Additional info
Thank you for your work <3