-
Notifications
You must be signed in to change notification settings - Fork 116
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Encryption header visible in newly created files #2102
Comments
I have the exact same issue for .md files and .txt files. Server detailsOperating system: Ubuntu 16.04 Database: sqlite3 PHP version: 7.0.33 Nextcloud version: 23.0.2 Version of Collabora Online: 21.11.306 |
Same here: Operating system: Ubuntu 20.04 Database: MariaDB 10.6.8 PHP version: 8 Nextcloud version: 24.0.0 Nextcloud Office: 6.1 |
Same here. Same config as before. Quite irritating for users. Unfortunately I could figure out how to suppress the output in the document. Any idea? |
Same issue here. |
I reproduce this too, but notably it seems specific to markdown files. An .odt file did not exhibit this issue. |
Can confirm that this is still happening on NC 25.0.1 with NC Office 7.0.1. Do you all use SAML by any chance? Because we didn't experience that before, but we also upgraded NC from a way older version at the same time. So, no idea if that's related. |
I don't use SAML. |
Found a workaround:
If the template file is exactly 0 bytes in size, it doesn't work, and that seems to be the default specified in line 523. It seems like the difference is that NextCloud would normally only use touch(), which doesn't seem to actually create the file, while with the Office app it instead creates an empty file here:
I confirmed this by changing that section in if ($templateFile === null) {
$emptyFileContent = $this->templateManager->getEmptyFileContent($event->getTarget()->getExtension());
if ($emptyFileContent != '') $event->getTarget()->putContent($emptyFileContent);
return;
} |
@moqmar Nice, your workaround works great. Thanks. I didn't test the latter PHP fix. Not using SAML here either. |
Just pushed a potential fix for this in nextcloud/server#35649 Testing is very welcome :) |
Describe the bug
When opening a new text document (
.md
), which was never written anything but empty text to, the encryption header will be shown instead of an empty document. The encryption header consists ofHBEGIN:oc_encryption_module:OC_DEFAULT_MODULE:cipher:AES-256-CTR:signed:true:HEND
followed by 8111 dashs (-
). This issue only occurs when Nextcloud Office is installed and enabled and encryption with the default encryption module is active. A Collabora Online server doesn't need to be configured.When removing the encryption header and closing the document, the encryption header will again be visible after reopening the document.
When instead replacing the encryption header by some arbitrary text (e.g. just the letter
a
), closing an reopening, just the lettera
without any encryption header will be displayed. The file will still be encrypted on the disk, so this is not a security issue. Interestingly, after clearing the arbitrary text from the new document (such that the document is now empty again), and re-opening it, the document will be shown as empty, the encryption header will not be shown anymore.So let's define two types of files:
When creating a type 1 and a type 2 file, these files will have the same checksum on the disk. Thus there is probably something in the database that can differentiate between those file types, resulting in the encryption header being visible for type 1 files, but not for type 2 files.
When creating a new, non-markdown document it will by default be downloaded. When opening the downloaded file with an editor, the encryption header is also be contained in there.
I reproduced this issue on a fresh local Nextcloud 23.0.2 Docker install, with just the default apps (no recommended apps) and
Nextcloud Office
andDefault Encryption Module
installed.To Reproduce
Steps to reproduce the behavior:
Screenshots
Video displaying the reproduction steps: https://screens.totally.rip/2022/03/623613089d8e0.mp4
Client details:
Server details
Operating system: Linux 5.16.15-arch1-1 x86_64 (don't know which distro the docker container uses), Linux 5.13.19-1-pve x86_64 (Arch Linux)
Web server: Apache 2.4.52, nginx 13.6
Database: sqlite3 3.34.1, PostgreSQL 13.6
PHP version: 8.0.16, 8.1
Nextcloud version: 23.0.2
Version of the richdocuments app: 5.0.3
Version of Collabora Online: None, Collabora Office 21.06.9.1 (git hash: e60ec9f)
Nextcloud log (data/nextcloud.log)
Nothing is logged.
Browser log
Irrelevant because it's a server-side issue.
The text was updated successfully, but these errors were encountered: