Can not Access shared Files on External Stoage with Encryption enabled

[olerichter]

Steps to reproduce

1. mount an external Storage
2. upload some Files in this mountpoint.
3. a) share this Files or Folders with a user that have not mounted this Storage.
   or b) share this Files or Folders via Link.
4. try to download this file
5. a.) get an error Encryption key not found.
   b.) See a 404 ERROR

Expected behaviour

Share a Large File or Multiple Files from a different Drive of the Server.

Actual behaviour

When sharing a file or folder via link or with a member. Everything will be displayed, but if you try to download a file this does not work.

Possible Fixes

Fix the problem with keymanagement for other useres on external storage
and/or implement an option do disable Encryption on some external storage mountpoints and prevent sharing from encrypted storage mountpoints

Server configuration

Operating system:
Debian Wheezy
Web server:
Apache Prefork 2.2.22
Database:
Mysql 5.5.35
PHP version:
5.4.4
ownCloud version: (see ownCloud admin page)
6.0.3
Updated from an older ownCloud or fresh install:
live since 5.0
List of activated apps:
Encription
External Storage
Files Move
Share Files
Versions
Deleted Files
...

The content of config/config.php:

$CONFIG = array (
  'instanceid' => 'ID',
  'passwordsalt' => '',
  'trusted_domains' => 
  array (
    0 => 'MYDOMAIN',
  ),
  'datadirectory' => '/var/www/owncloud/data',
  'dbtype' => 'mysql',
  'version' => '6.0.3.1',
  'dbname' => 'owncloud',
  'dbhost' => 'localhost',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'owncloud',
  'dbpassword' => '',
  'installed' => true,
); 

Are you using external storage, if yes which one:
Local

Are you using encryption:
yes

Client configuration

Browser:
Firefox 28
Operating system:
happens on Mac 10.9 and Win 8.1

Logs

ownCloud log (data/owncloud.log)

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Fachtag HD.mp4\" during attempted read via stream","level":4,"time":"2014-04-29T12:14:13+00:00"}

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Fachtag HD.mp4\" during attempted read via stream","level":4,"time":"2014-04-29T12:14:14+00:00"}

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Fachtag HD.mp4\" during attempted read via stream","level":4,"time":"2014-04-29T12:14:39+00:00"}

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Fachtag HD.mp4\" during attempted read via stream","level":4,"time":"2014-04-29T12:14:48+00:00"}

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Fachtag HD.mp4\" during attempted read via stream","level":4,"time":"2014-04-29T12:14:49+00:00"}

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Fachtag HD.mp4\" during attempted read via stream","level":4,"time":"2014-04-29T12:17:40+00:00"}

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Fachtag HD.mp4\" during attempted read via stream","level":4,"time":"2014-04-29T12:18:20+00:00"}

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Fachtag HD.mp4\" during attempted read via stream","level":4,"time":"2014-04-29T12:18:20+00:00"}

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Fachtag HD.mp4\" during attempted read via stream","level":4,"time":"2014-04-29T12:18:20+00:00"}

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Fachtag HD.mp4\" during attempted read via stream","level":4,"time":"2014-04-29T12:18:20+00:00"}

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Fachtag HD.mp4\" during attempted read via stream","level":4,"time":"2014-04-29T12:19:45+00:00"}

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Fachtag HD.mp4\" during attempted read via stream","level":4,"time":"2014-04-29T12:19:47+00:00"}

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Fachtag HD.mp4\" during attempted read via stream","level":4,"time":"2014-04-29T12:20:01+00:00"}

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Fachtag HD.mp4\" during attempted read via stream","level":4,"time":"2014-04-29T12:20:23+00:00"}

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Bilder-Nachbearbeitet\/IMG_6795.jpg\" during attempted read via stream","level":4,"time":"2014-04-29T12:20:58+00:00"}

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Bilder-Nachbearbeitet\/IMG_6795.jpg\" during attempted read via stream","level":4,"time":"2014-04-29T12:21:00+00:00"}

{"app":"remote","message":"Encryption key not found for \"\/USER\/files\/Auslieferung-Camcore-HiSpeed\/Auftraege\/AUFTRAGGEBER\/Bilder-Nachbearbeitet\/IMG_6795.jpg\" during attempted read via stream","level":4,"time":"2014-04-29T12:21:02+00:00"}

the other logs only on request for security reasons.

[PVince81]

Did you mount the external storage from the "Personal" page or from the "Admin" page ? (as root)

If from the Personal page, it might be related to #8293

Also, can you tell us what type of ext storage did you use ? (some don't work correctly with encryption like FTP)

Edit: paragraph order

[olerichter]

no it is mounted from the admin page for a group, the sharing user is in that group, and the mounting type is local (dir owner/group is the apacheuser). The Resipiant is not in that group for internal sharing or Public sharing there is obviously no group.

[PVince81]

CC @schiesbn @Xenopathic

[RobinMcCorkell]

Could you post data/mount.json, with any confidential data removed if you wish?

[olerichter]

data/mount.json :

{
    "user":{
        "USER":{
            "\/$user\/files\/Auslieferung-Camcore-HiSpeed":{
                "class":"\\OC\\Files\\Storage\\Local",
                "options":{
                    "datadir":"\/var\/www\/camcoredata"
                }
            },
            "\/$user\/files\/Projektdaten-Camcore":{
                "class":"\\OC\\Files\\Storage\\Local",
                "options":{
                    "datadir":"\/var\/www\/camcorep"
                }
            }
        }
    }
}

DocumentRoot is /var/www/owncloud

Edit: my test configuration for groups

{
    "group":{
        "GROUP":{
            "\/$user\/files\/Projektdaten-Camcore":{
                "class":"\\OC\\Files\\Storage\\Local",
                "options":{
                    "datadir":"\/var\/www\/camcorep"
                }
            },
            "\/$user\/files\/Auslieferung-Camcore-HiSpeed":{
                "class":"\\OC\\Files\\Storage\\Local",
                "options":{
                    "datadir":"\/var\/www\/camcoredata"
                }
            }
        }
    }
} 

(Edited by Xenopathic from flat format to nicer format)

[karlitschek]

@schiesbn What do you think?

[schiessle]

@olerichter I could only reproduce the issue with the public link. Sharing between user works here as expected. The pull request above fixes the public link issue for me and I'm confident that it will also fix the other issue for you. Can you give it a try? Thanks!

[schiessle]

fix merged for master and stable6