Files uploaded by foreign users to editable shares end up being corrupted. I’m using Nextcloud for a while now and this issue is definitely a new one. Users that weren’t registered on my server were able to successfully upload files to it. I don’t know what stopped this feature from working, but the only thing I changed in the past is setting a recovery password for the encryption module. I removed that password now, but it seemingly wasn’t the cause for my problem. It is also worth mentioning that I cross-updated from owncloud to nextcloud some time ago. But I’m relatively sure that this feature was still working after the update.
Nextcloud version: 11.0.3
Operating system and version: Debian Jessie 8.8
Apache or nginx version: Apache 2.4.23
PHP version: 7.0.19
Is this the first time you’ve seen this error?: Yes
Can you reliably replicate it? (If so, please outline steps): Yes, for my server (See next point). Haven’t tried it on fresh installation yet, but I guess I couldn’t reproduce it there.
The issue you are facing:
When I create a share via link and make it editable others can upload files without any error message. However the files seem to be corrupted as nobody can open them. Neither the users on my Nextcloud server nor foreigners accessing the share nor the uploader itself. This means that the gallery app prompts “Error! Could not generate a preview of this file.” on images and trying to download a file triggers apache to send a 500 Status code which is interpreted by the browser as “File not found!”. Users on my Nextcloud server however can successfully upload files that everyone can open.
These corrupted files are copied to the correct directory on the server and are not empty. But I can’t tell if the actual files are okay as I’m using encryption.
The output of your Nextcloud log in Admin > Logging:
I’m getting lots of Fatal errors of this kind when someone is trying to access these corrupt files:
Fatal webdav OC\HintException: Bad Signature
/var/www/html/nextcloud/apps/encryption/lib/Crypto/Crypt.php - line 464: OCA\Encryption\Crypto\Crypt->checkSignature('lHIgwURYWXj9Pbt...', 'K\\\xC8\xBCF8+\x00\xE6\xD8\xD8\x8EU\xACB...', 'fa7bdbea0447601...')
/var/www/html/nextcloud/apps/encryption/lib/Crypto/Encryption.php - line 372: OCA\Encryption\Crypto\Crypt->symmetricDecryptFileContent('lHIgwURYWXj9Pbt...', 'K\\\xC8\xBCF8+\x00\xE6\xD8\xD8\x8EU\xACB...', 'AES-256-CTR', 0, 0)
/var/www/html/nextcloud/lib/private/Files/Stream/Encryption.php - line 460: OCA\Encryption\Crypto\Encryption->decrypt('lHIgwURYWXj9Pbt...', 0)
/var/www/html/nextcloud/lib/private/Files/Stream/Encryption.php - line 291: OC\Files\Stream\Encryption->readCache()
[internal function] OC\Files\Stream\Encryption->stream_read(8192)
/var/www/html/nextcloud/apps/files_external/3rdparty/icewind/streams/src/Wrapper.php - line 83: fread(Resource id #26, 8192)
/var/www/html/nextcloud/apps/files_external/3rdparty/icewind/streams/src/CallbackWrapper.php - line 91: Icewind\Streams\Wrapper->stream_read(8192)
[internal function] Icewind\Streams\CallbackWrapper->stream_read(8192)
/var/www/html/nextcloud/3rdparty/sabre/http/lib/Sapi.php - line 78: stream_copy_to_stream(Resource id #29, Resource id #31, '36092')
/var/www/html/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php - line 498: Sabre\HTTP\Sapi sendResponse(Object(Sabre\HTTP\Response))
/var/www/html/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php - line 254: Sabre\DAV\Server->invokeMethod(Object(Sabre\HTTP\Request), Object(Sabre\HTTP\Response))
/var/www/html/nextcloud/apps/dav/lib/Server.php - line 231: Sabre\DAV\Server->exec()
/var/www/html/nextcloud/apps/dav/appinfo/v2/remote.php - line 30: OCA\DAV\Server->exec()
/var/www/html/nextcloud/remote.php - line 165: require_once('/var/www/html/n...')
{main}
The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):
'instanceid' => 'occ8[...]',
'passwordsalt' => '...',
'secret' => '...',
'trusted_domains' => [...]
'asset-pipeline.enabled' => true,
'datadirectory' => '/var/www/html/nextcloud/data',
'memcache.local' => '\\OC\\Memcache\\APCu',
'overwrite.cli.url' => '/nextcloud',
'dbtype' => 'mysql',
'version' => '9.0.4.1',
'dbname' => 'owncloud',
'dbhost' => 'localhost',
'dbtableprefix' => 'oc_',
'dbuser' => 'owncloud',
'dbpassword' => '...',
'installed' => true,
'loglevel' => 2,
'maintenance' => false,
'theme' => 'example',
'singleuser' => false,
'trashbin_retention_obligation' => 'auto',
'mail_smtpmode' => 'sendmail',
'mail_from_address' => 'no-reply',
'mail_domain' => 'example.com',
'preview_libreoffice_path' => '/usr/bin/libreoffice',
The output of your Apache/nginx/system log in /var/log/____:
Might be unrelated, but when I’m trying to access my logs in nextcloud apache writes the following error to its log file:
[authz_core:error] [pid 15131] [client ip:port] AH01630: client denied by server configuration: /var/www/html/nextcloud/data/.ocdata
All the permissions are okay though.
Edit:
I tried to decrypt all the files on the server via the following command:
sudo -u www-data php occ encryption:decrypt-all
My hope was that it would solve my problem that sounded like an issue with encryption.
However the process crashed while trying to decrypt the very first file and prompted the following error:
Error: Class 'OC_Mount_Config' not found in /var/www/html/nextcloud/lib/private/Encryption/Util.php:292
It seems like I cannot even decrypt my files anymore…