GithubHelp home page GithubHelp logo

"Write access to end-to-end encrypted folder requires token" out of nowhere (E2EE file deletion impossible with "403 Forbidden") about end_to_end_encryption HOT 3 OPEN

bcutter avatar bcutter commented on August 24, 2024 2
"Write access to end-to-end encrypted folder requires token" out of nowhere (E2EE file deletion impossible with "403 Forbidden")

from end_to_end_encryption.

Comments (3)

bcutter avatar bcutter commented on August 24, 2024 1

OK, after resetting keys (including deletion of E2EE files) and uploading E2EE content, everything seemed to work.

Unfortunately, now when adding files inside an E2EE folder, the desktop client (Windows or Android, tested both) complains: "upload failed" with no further information

Windows
grafik

grafik

Android
grafik

grafik

There's NOTHING (!!!) in the server logs.

I even don't know if this issue has to do something with the initial one. Step by step this freaking E2EE kills itself. What now?

from end_to_end_encryption.

bcutter avatar bcutter commented on August 24, 2024

Tested it over and over again. Now I can provoke / replicate the issue:

  1. Reset E2EE
  2. Use it with several Windows desktop clients - works fine
  3. Use E2EE on Android and perform any sync-relevant action (e. g. deleting one E2EE file) --> deletion not working, error presented
  4. Now try to continue E2EE on the (until/before step 3 perfectly working) Windows endpoints by e. g. deleting one E2EE file there: 403 Forbidden - and E2EE is completely broken from now on. No matter if deletions or file uploads.

No idea what the Android app does here. But it breaks E2EE for the whole server, also affecting the Windows endpoints.

[webdav] Fehler: OCA\DAV\Connector\Sabre\Exception\Forbidden: Write access to end-to-end encrypted folder requires token - no token sent at <<closure>>

0. /var/www/nextcloud/apps/end_to_end_encryption/lib/Connector/Sabre/LockPlugin.php line 143
   OCA\EndToEndEncryption\Connector\Sabre\LockPlugin->verifyTokenOnWriteAccess()
1. /var/www/nextcloud/3rdparty/sabre/event/lib/WildcardEmitterTrait.php line 89
   OCA\EndToEndEncryption\Connector\Sabre\LockPlugin->checkLock()
2. /var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php line 456
   Sabre\DAV\Server->emit()
3. /var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php line 253
   Sabre\DAV\Server->invokeMethod()
4. /var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php line 321
   Sabre\DAV\Server->start()
5. /var/www/nextcloud/apps/dav/lib/Server.php line 368
   Sabre\DAV\Server->exec()
6. /var/www/nextcloud/apps/dav/appinfo/v2/remote.php line 35
   OCA\DAV\Server->exec()
7. /var/www/nextcloud/remote.php line 172
   require_once("/var/www/nextcl ... p")

DELETE /remote.php/dav/files/Username/Encrypted/xxxxxxxxxxxxxxxxxde331b37/exxxxxxxxxxxxxxxxxxxxx5ee94947c4cc
from xxx.xxx.xxx.xxx by Username at 2024-03-08T16:39:17+01:00

Workaround: step 1 + step 2. NEVER EVER do step 3.

So, current E2EE status:
✅ Windows
❌ Android (because of triggering the issue at all: see above)
❌ iOS (because of: nextcloud/ios#2809)

from end_to_end_encryption.

digitalpanopticon avatar digitalpanopticon commented on August 24, 2024

For me its even easier to replicate the issue. Or it could, in fact, be a completely different one, but as the symptoms are the exact same im appending to your thread. Correct me if im wrong or if I should open a sperate issue.

Versions at the time of writing:
Nextcloud 27.1.10
E2EE 1.13.1

  1. Reset E2EE, as @bcutter did
  2. Activate the plugin
  3. Upload a file from the web client (To rule out any client being faulty. Still, I get the same result using any other client)
  4. Upon deleting it I get Error deleting file "Fuck around and find out.png". and in the logs it is the same error as described above.

I also thought it was a problem of either the Android or iOS app at first because thats where I first saw the issue, but it even happens when the App is not at play, as was the case in my tests.

So for me the current E2EE status sadly is:
❌ E2EE 1.13.1

from end_to_end_encryption.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.