Impossible to access files through web UI

encryption
9.1.x
webserver_issue

#1

Hi,

I've been looking for a solution for a few hours now but could not find anything relevant, so I hope you'll be able to help me.

I'm running an ownCloud instance on a Debian server and, since the last update, I can't access any of my files through the web UI. The PDF viewer complains that he receive an unexpected answer from the server and the Gallery app always fails to generate thumbnails or to show a picture in a slideshow. Additionally, all my configured link-shares are gone.

Configuration

Server configuration

Operating system: Debian 7.11
Web server: Apache 2.2.22
Database: MySQL 5.6.35
PHP version: 5.6.30
ownCloud version (see ownCloud admin page): 9.1.5.2

ownCloud has been first installed in August 2016 and regularly upgraded since.

ownCloud configuration

{
    "basic": {
        "license key": "",
        "date": "Sat, 06 May 2017 22:49:18 +0000",
        "ownCloud version": "9.1.5.2",
        "ownCloud version string": "9.1.5",
        "ownCloud edition": "",
        "server OS": "Linux",
        "server OS version": "Linux sd-66373 3.2.0-4-amd64 #1 SMP Debian 3.2.88-1 x86_64",
        "server SAPI": "apache2handler",
        "webserver version": "Apache",
        "hostname": "**removed**",
        "user count": 2,
        "user directories": 2,
        "logged-in user": "gael-ian"
    },
    "integritychecker": {
        "passing": true,
        "enabled": true,
        "result": []
    },
    "apps": [ Skipped (too long) ],
    "config": {
        "updatechecker": false,
        "instanceid": "ocug2ehk1nix",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "**removed**"
        ],
        "datadirectory": "\/var\/www\/owncloud\/data",
        "overwrite.cli.url": "http:\/\/**removed**\/owncloud",
        "dbtype": "mysql",
        "version": "9.1.5.2",
        "dbname": "owncloud",
        "dbhost": "localhost",
        "dbtableprefix": "oc_",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "logtimezone": "UTC",
        "installed": true,
        "maintenance": false,
        "loglevel": 2
    },
    "phpinfo": {
        "apache2handler": {
            "Apache Version": "Apache",
            "Apache API Version": "20051115",
            "Server Administrator": "[no address given]",
            "Hostname:Port": "**removed**:0",
            "User\/Group": "www-data(33)\/33",
            "Max Requests": "Per Child: 10000 - Keep Alive: on - Max Per Connection: 100",
            "Timeouts": "Connection: 300 - Keep-Alive: 5",
            "Virtual Server": "Yes",
            "Server Root": "\/etc\/apache2",
            "Loaded Modules": "core mod_log_config mod_logio mod_version itk http_core mod_so mod_alias mod_auth_basic mod_authn_file mod_authz_default mod_authz_groupfile mod_authz_host mod_authz_user mod_autoindex mod_cgi mod_deflate mod_dir mod_env mod_headers mod_mime mod_negotiation mod_php5 mod_reqtimeout mod_rewrite mod_scgi mod_setenvif mod_ssl mod_status mod_vhost_alias",
            "engine": "1",
            "last_modified": "0",
            "xbithack": "0"
        },
        "Apache Environment": {
            "HTTP_AUTHORIZATION": "no value",
            "HOME": "\/var\/www\/owncloud",
            "HTTP_HOME": "\/var\/www\/owncloud",
            "modHeadersAvailable": "true",
            "htaccessWorking": "true",
            "HTTPS": "on",
            "SSL_TLS_SNI": "**removed**",
            "HTTP_HOST": "**removed**",
            "HTTP_USER_AGENT": "Mozilla\/5.0 (X11; Linux x86_64; rv:53.0) Gecko\/20100101 Firefox\/53.0",
            "HTTP_ACCEPT": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
            "HTTP_ACCEPT_LANGUAGE": "en-US,en;q=0.5",
            "HTTP_ACCEPT_ENCODING": "gzip, deflate, br",
            "HTTP_CONNECTION": "keep-alive",
            "HTTP_UPGRADE_INSECURE_REQUESTS": "1",
            "SERVER_SIGNATURE": "no value",
            "SERVER_SOFTWARE": "Apache",
            "SERVER_NAME": "**removed**",
            "SERVER_ADDR": "62.210.127.122",
            "SERVER_PORT": "443",
            "REMOTE_ADDR": "121.75.227.101",
            "DOCUMENT_ROOT": "\/home\/sd-66373\/ssl",
            "SERVER_ADMIN": "[no address given]",
            "SCRIPT_FILENAME": "\/var\/www\/owncloud\/index.php",
            "REMOTE_PORT": "35902",
            "GATEWAY_INTERFACE": "CGI\/1.1",
            "SERVER_PROTOCOL": "HTTP\/1.1",
            "REQUEST_METHOD": "GET",
            "QUERY_STRING": "no value",
            "REQUEST_URI": "\/owncloud\/index.php\/apps\/configreport\/report",
            "SCRIPT_NAME": "\/owncloud\/index.php",
            "PATH_INFO": "\/apps\/configreport\/report",
            "PATH_TRANSLATED": "\/home\/sd-66373\/ssl\/apps\/configreport\/report"
        },
        "HTTP Headers Information": {
            "HTTP Request": "GET \/owncloud\/index.php\/apps\/configreport\/report HTTP\/1.1",
            "Host": "**removed**",
            "User-Agent": "Mozilla\/5.0 (X11; Linux x86_64; rv:53.0) Gecko\/20100101 Firefox\/53.0",
            "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
            "Accept-Language": "en-US,en;q=0.5",
            "Accept-Encoding": "gzip, deflate, br",
            "Connection": "keep-alive",
            "Upgrade-Insecure-Requests": "1",
            "Expires": "Thu, 19 Nov 1981 08:52:00 GMT",
            "Cache-Control": "no-store, no-cache, must-revalidate, post-check=0, pre-check=0",
            "Pragma": "no-cache",
            "Content-Security-Policy": "default-src self ; script-src self unsafe-eval ; style-src self unsafe-inline ; frame-src *; img-src * data: blob:; font-src self data:; media-src *; connect-src *"
        },
        "Core": {
            "PHP Version": "5.6.30-1~dotdeb+7.1",
            "allow_url_fopen": "On",
            "allow_url_include": "Off",
            "always_populate_raw_post_data": [
                "-1",
                "0"
            ],
            "arg_separator.input": "&",
            "arg_separator.output": "&",
            "asp_tags": "Off",
            "auto_append_file": "no value",
            "auto_globals_jit": "On",
            "auto_prepend_file": "no value",
            "browscap": "no value",
            "default_charset": "UTF-8",
            "default_mimetype": "text\/html",
            "disable_classes": "no value",
            "disable_functions": "pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,",
            "display_errors": "Off",
            "display_startup_errors": "Off",
            "doc_root": "no value",
            "docref_ext": "no value",
            "docref_root": "no value",
            "enable_dl": "Off",
            "enable_post_data_reading": "On",
            "error_append_string": "no value",
            "error_log": "no value",
            "error_prepend_string": "no value",
            "error_reporting": [
                "32767",
                "22527"
            ],
            "exit_on_timeout": "Off",
            "expose_php": "Off",
            "extension_dir": "\/usr\/lib\/php5\/20131226",
            "file_uploads": "On",
            "highlight.comment": "#FF8000",
            "highlight.default": "#0000BB",
            "highlight.html": "#000000",
            "highlight.keyword": "#007700",
            "highlight.string": "#DD0000",
            "html_errors": "On",
            "ignore_repeated_errors": "Off",
            "ignore_repeated_source": "Off",
            "ignore_user_abort": "Off",
            "implicit_flush": "Off",
            "input_encoding": "no value",
            "internal_encoding": "no value",
            "log_errors": "On",
            "log_errors_max_len": "1024",
            "mail.add_x_header": "On",
            "mail.force_extra_parameters": "no value",
            "mail.log": "no value",
            "max_execution_time": [
                "3600",
                "30"
            ],
            "max_file_uploads": "20",
            "max_input_nesting_level": "64",
            "max_input_time": "60",
            "max_input_vars": "1000",
            "memory_limit": "512M",
            "open_basedir": "no value",
            "output_buffering": [
                "0",
                "4096"
            ],
            "output_encoding": "no value",
            "output_handler": "no value",
            "post_max_size": [
                "513M",
                "60M"
            ],
            "precision": "14",
            "realpath_cache_size": "16K",
            "realpath_cache_ttl": "120",
            "register_argc_argv": "Off",
            "report_memleaks": "On",
            "report_zend_debug": "On",
            "request_order": "GP",
            "sendmail_from": "no value",
            "sendmail_path": "\/usr\/sbin\/sendmail -t -i ",
            "serialize_precision": "17",
            "short_open_tag": "Off",
            "SMTP": "localhost",
            "smtp_port": "25",
            "sql.safe_mode": "Off",
            "sys_temp_dir": "no value",
            "track_errors": "Off",
            "unserialize_callback_func": "no value",
            "upload_max_filesize": [
                "513M",
                "60M"
            ],
            "upload_tmp_dir": "no value",
            "user_dir": "no value",
            "user_ini.cache_ttl": "300",
            "user_ini.filename": ".user.ini",
            "variables_order": "GPCS",
            "xmlrpc_error_number": "0",
            "xmlrpc_errors": "Off",
            "zend.detect_unicode": "On",
            "zend.enable_gc": "On",
            "zend.multibyte": "Off",
            "zend.script_encoding": "no value"
        },
        "Environment": {
            "APACHE_RUN_DIR": "\/var\/run\/apache2",
            "APACHE_PID_FILE": "\/var\/run\/apache2.pid",
            "APACHE_LOCK_DIR": "\/var\/lock\/apache2",
            "LANG": "C",
            "APACHE_RUN_USER": "www-data",
            "APACHE_RUN_GROUP": "www-data",
            "APACHE_LOG_DIR": "\/var\/log\/apache2",
            "PWD": "\/"
        }
    }
}

Integrity status for oC9+

No errors have been found.

Issue

Expected behaviour

PDF should be viewable via the document viewer and photos via Gallery.

Actual behaviour

Except for the ownCloud user manual at the root of my home directory, the only file that was present when encryption was activated, no file can be opened via Web UI.

No password or encryption key has been changed. The only maintenance operations executed on this instance are manual upgrade completion and, since problems appears, file cache flush and full file rescan.

When opening a PDF in the web viewer

{"reqId":"5279uur76PZEc1augorq","remoteAddr":"121.75.227.101","app":"webdav","message":"Exception: {\"Message\":\"Bad Signature\",\"Exception\":\"OC\\\\HintException\",\"Code\":0,\"Trace\":\"#0 \\\/var\\\/www\\\/owncloud\\\/apps\\\/encryption\\\/lib\\\/Crypto\\\/Crypt.php(463): OCA\\\\Encryption\\\\Crypto\\\\Crypt->checkSignature('aMqhCsRWFdSBiKf...', '0z\\\\x957\\\\xD1\\\\x18k\\\\x88\\\\xA9\\\\xDA7\\\\x83-R\\\\x8A...', 'bfe77945c47048e...')\\n#1 \\\/var\\\/www\\\/owncloud\\\/apps\\\/encryption\\\/lib\\\/Crypto\\\/Encryption.php(363): OCA\\\\Encryption\\\\Crypto\\\\Crypt->symmetricDecryptFileContent('aMqhCsRWFdSBiKf...', '0z\\\\x957\\\\xD1\\\\x18k\\\\x88\\\\xA9\\\\xDA7\\\\x83-R\\\\x8A...', 'AES-256-CTR', 0, 0)\\n#2 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/Files\\\/Stream\\\/Encryption.php(459): OCA\\\\Encryption\\\\Crypto\\\\Encryption->decrypt('aMqhCsRWFdSBiKf...', 0)\\n#3 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/Files\\\/Stream\\\/Encryption.php(290): OC\\\\Files\\\\Stream\\\\Encryption->readCache()\\n#4 [internal function]: OC\\\\Files\\\\Stream\\\\Encryption->stream_read(8192)\\n#5 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/icewind\\\/streams\\\/src\\\/Wrapper.php(83): fread(Resource id #78, 8192)\\n#6 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/icewind\\\/streams\\\/src\\\/CallbackWrapper.php(91): Icewind\\\\Streams\\\\Wrapper->stream_read(8192)\\n#7 [internal function]: Icewind\\\\Streams\\\\CallbackWrapper->stream_read(8192)\\n#8 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/sabre\\\/http\\\/lib\\\/Sapi.php(78): stream_copy_to_stream(Resource id #82, Resource id #86, '59784')\\n#9 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/sabre\\\/dav\\\/lib\\\/DAV\\\/Server.php(470): Sabre\\\\HTTP\\\\Sapi::sendResponse(Object(Sabre\\\\HTTP\\\\Response))\\n#10 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/sabre\\\/dav\\\/lib\\\/DAV\\\/Server.php(248): Sabre\\\\DAV\\\\Server->invokeMethod(Object(Sabre\\\\HTTP\\\\Request), Object(Sabre\\\\HTTP\\\\Response))\\n#11 \\\/var\\\/www\\\/owncloud\\\/apps\\\/dav\\\/appinfo\\\/v1\\\/webdav.php(61): Sabre\\\\DAV\\\\Server->exec()\\n#12 \\\/var\\\/www\\\/owncloud\\\/remote.php(164): require_once('\\\/var\\\/www\\\/ownclo...')\\n#13 {main}\",\"File\":\"\\\/var\\\/www\\\/owncloud\\\/apps\\\/encryption\\\/lib\\\/Crypto\\\/Crypt.php\",\"Line\":483,\"User\":\"gael-ian\"}","level":4,"time":"2017-05-06T22:41:52+00:00","method":"GET","url":"\/owncloud\/remote.php\/webdav\/Documents\/Aura%20-%20Licence%20tag.pdf","user":"gael-ian"}

When openning a photo

{"reqId":"8c2li4E2vLLq9Df2RPVE","remoteAddr":"121.75.227.101","app":"gallery","message":"Exception: Preview generation has failed","level":3,"time":"2017-05-06T23:02:16+00:00","method":"GET","url":"\/owncloud\/index.php\/apps\/gallery\/preview\/90415?width=1400&height=1400&c=fc764f2717b762d1f8c275bbf891b20c&requesttoken=ESIUfm41GyInRTUkOFYJKAoaLCFYDQ0WOwRAGwNtEh0%3D%3AVEn0EARrkwrqh%2FOFgVaL1FWSzk%2FX2%2Be2JCpdgTgUt%2B0%3D","user":"gael-ian"}

#2

If stuff like this happens after an update/upgrade then please always report those to the developers at https://github.com/owncloud/core/issues


#3

I just opened a new issue on github so it may not happen to anyone else in the future but how can I fix it ?


#4

Thanks, here is a reference:


#5

Got an answer today from one of the ownCloud developpers. It's quite simple but disappointing...

The ownCloud file "cache" stores encryption counter for your files. Without a proper counter, no file can ever be decrypted and your data are inaccessible, either from the web UI or through sync to another computer.

Consequence is you should never flush the file "cache" if you use encryption and, at large, it seems that you should never flush the cache at all...