[Bug]: Expired certificate on federated share causes file list to be shown as empty

[joeysundotcom]

⚠️ This issue respects the following points: ⚠️

• [X] This is a bug, not a question or a configuration/webserver/proxy issue.
• [X] This issue is not already reported on Github OR Nextcloud Community Forum (I've searched it).
• [X] Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
• [X] I agree to follow Nextcloud's Code of Conduct.

Bug description

Hello,

I've stumbled upon some weird behaviour on my instance. The file list of the root folder would be shown as empty on the web interface. The +New button was also missing. I followed the log while reloading the page and it seems to crash with this error message:

Warning no app in context GuzzleHttp\Exception\RequestException: cURL error 60: SSL certificate problem: certificate has expired (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for 2024-01-13T19:01:24+00:00 https://FEDERATED-HOSTNAME-HERE/ocm-provider/ at .../guzzlehttp/guzzle/src/Handler/CurlFactory.php line 211

I do have a shared folder from federation. So contacted the admin of the other server and asked him to renew the certificate. As soon as that was done, everything went back to normal.

Steps to reproduce

1. Have two servers trusted via federation.
2. Have a folder shared from the other instance.
3. Cert from the other instance expires.

Expected behavior

Dunno, but I guess an expired cert should not break the loading process. Instead, the icon or name of the folder could indicate disconnection.

Installation method

Community Manual installation with Archive

Nextcloud Server version

28

Operating system

Other

PHP engine version

PHP 8.1

Web server

Apache (supported)

Database engine version

MariaDB

Is this bug present after an update or on a fresh install?

None

Are you using the Nextcloud Server Encryption module?

None

What user-backends are you using?

• [X] Default user-backend (database)
• [ ] LDAP/ Active Directory
• [ ] SSO - SAML
• [ ] Other

Configuration report

No response

List of activated Apps

No response

Nextcloud Signing status

No response

Nextcloud Logs

No response

Additional info

No response

[joshtrichards]

Can you provide the entire log entry/stack trace? Otherwise we're kind of flying blind here :)

[joeysundotcom]

Sure. Here goes:

Warning  no app in context  GuzzleHttp\Exception\RequestException: cURL error 60: SSL certificate problem: certificate has expired (see https://curl.haxx.se/libcurl/c/libcurl-errors.html)
for2024-01-13T19:01:24+00:00 https://FEDERATED_SERVER_ADDRESS/ocm-provider/ at .../guzzlehttp/guzzle/src/Handler/CurlFactory.php line 211

 0. 3rdparty/guzzlehttp/guzzle/src/Handler/CurlFactory.php line 158
    GuzzleHttp\Handler\CurlFactory::createRejection("*** sensitive parameters replaced ***")
 1. 3rdparty/guzzlehttp/guzzle/src/Handler/CurlFactory.php line 110
    GuzzleHttp\Handler\CurlFactory::finishError(

    )
 2. 3rdparty/guzzlehttp/guzzle/src/Handler/CurlHandler.php line 47
    GuzzleHttp\Handler\CurlFactory::finish(

    )
 3. 3rdparty/guzzlehttp/guzzle/src/Middleware.php line 137
    GuzzleHttp\Handler\CurlHandler->__invoke(

    )
 4. lib/private/Http/Client/DnsPinMiddleware.php line 161
    GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
 5. 3rdparty/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php line 35
    OC\Http\Client\DnsPinMiddleware->OC\Http\Client\{closure}("*** sensitive parameters replaced ***")
 6. 3rdparty/guzzlehttp/guzzle/src/Middleware.php line 31
    GuzzleHttp\PrepareBodyMiddleware->__invoke(

    )
 7. 3rdparty/guzzlehttp/guzzle/src/RedirectMiddleware.php line 71
    GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
 8. 3rdparty/guzzlehttp/guzzle/src/Middleware.php line 63
    GuzzleHttp\RedirectMiddleware->__invoke(

    )
 9. 3rdparty/guzzlehttp/guzzle/src/HandlerStack.php line 75
    GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
10. 3rdparty/guzzlehttp/guzzle/src/Client.php line 331
    GuzzleHttp\HandlerStack->__invoke(

    )
11. 3rdparty/guzzlehttp/guzzle/src/Client.php line 168
    GuzzleHttp\Client->transfer(

    )
12. 3rdparty/guzzlehttp/guzzle/src/Client.php line 187
    GuzzleHttp\Client->requestAsync("*** sensitive parameters replaced ***")
13. lib/private/Http/Client/Client.php line 230
    GuzzleHttp\Client->request(

    )
14. lib/private/OCM/OCMDiscoveryService.php line 91
    OC\Http\Client\Client->get(

    )
15. apps/files_sharing/lib/External/Storage.php line 87
    OC\OCM\OCMDiscoveryService->discover(

    )
16. lib/private/Files/Mount/MountPoint.php line 168
    OCA\Files_Sharing\External\Storage->__construct(

    )
17. lib/private/Files/Mount/MountPoint.php line 193
    OC\Files\Mount\MountPoint->createStorage("*** sensitive parameters replaced ***")
18. lib/private/Files/Mount/MountPoint.php line 294
    OC\Files\Mount\MountPoint->getStorage(

    )
19. lib/private/Files/Config/UserMountCache.php line 83
    OC\Files\Mount\MountPoint->getStorageRootId(

    )
20. lib/private/Files/SetupManager.php line 297
    OC\Files\Config\UserMountCache->registerMounts(

    )
21. lib/private/Files/SetupManager.php line 221
    OC\Files\SetupManager->afterUserFullySetup(

    )
22. lib/private/Files/SetupManager.php line 398
    OC\Files\SetupManager->setupForUser(

    )
23. lib/private/Files/Mount/Manager.php line 139
    OC\Files\SetupManager->setupForPath(

    )
24. lib/private/Files/View.php line 1411
    OC\Files\Mount\Manager->findIn(

    )
25. lib/private/Files/Node/Node.php line 117
    OC\Files\View->addSubMounts(

    )
26. lib/private/Files/Node/Node.php line 244
    OC\Files\Node\Node->getFileInfo(

    )
27. <<closure>>
    OC\Files\Node\Node->getEtag(  

    )
28. lib/private/Files/Node/LazyFolder.php line 84
    call_user_func_array(    

    )
29. lib/private/Files/Node/LazyFolder.php line 260
    OC\Files\Node\LazyFolder->__call(  

    )
30. apps/dav/lib/Connector/Sabre/Node.php line 208
    OC\Files\Node\LazyFolder->getEtag(

    )
31. apps/dav/lib/Connector/Sabre/FilesPlugin.php line 334
    OCA\DAV\Connector\Sabre\Node->getETag(

    )
32. 3rdparty/sabre/dav/lib/DAV/PropFind.php line 95
    OCA\DAV\Connector\Sabre\FilesPlugin->OCA\DAV\Connector\Sabre\{closure}("*** sensitive parameters replaced ***")
33. apps/dav/lib/Connector/Sabre/FilesPlugin.php line 335
    Sabre\DAV\PropFind->handle(

    )
34. 3rdparty/sabre/event/lib/WildcardEmitterTrait.php line 89
    OCA\DAV\Connector\Sabre\FilesPlugin->handleGetProperties(

    )
35. 3rdparty/sabre/dav/lib/DAV/Server.php line 1052
    Sabre\DAV\Server->emit(  

    )
36. 3rdparty/sabre/dav/lib/DAV/Server.php line 984
    Sabre\DAV\Server->getPropertiesByNode(  

    )
37. 3rdparty/sabre/dav/lib/DAV/Server.php line 1662
    Sabre\DAV\Server->getPropertiesIteratorForPath(

    )
38. 3rdparty/sabre/dav/lib/DAV/Server.php line 1647
    Sabre\DAV\Server->writeMultiStatus(

    )
39. 3rdparty/sabre/dav/lib/DAV/CorePlugin.php line 346
    Sabre\DAV\Server->generateMultiStatus(

    )
40. 3rdparty/sabre/event/lib/WildcardEmitterTrait.php line 89
    Sabre\DAV\CorePlugin->httpPropFind(

    )
41. 3rdparty/sabre/dav/lib/DAV/Server.php line 472
    Sabre\DAV\Server->emit(

    )
42. 3rdparty/sabre/dav/lib/DAV/Server.php line 253
    Sabre\DAV\Server->invokeMethod(

    )
43. 3rdparty/sabre/dav/lib/DAV/Server.php line 321
    Sabre\DAV\Server->start(

    )
44. apps/dav/lib/Server.php line 370
    Sabre\DAV\Server->exec(

    )
45. apps/dav/appinfo/v2/remote.php line 35
    OCA\DAV\Server->exec(

    )
46. remote.php line 172 
    require_once("MY_DATA_DIRECTORY/apps\/dav\/appinfo\/v2\/remote.php")