Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No apparent way to avoid "NotPermittedException: Received counter is not greater than the stored one" once triggered #809

Open
makuser opened this issue Nov 4, 2024 · 1 comment
Open

No apparent way to avoid "NotPermittedException: Received counter is not greater than the stored one" once triggered #809

makuser opened this issue Nov 4, 2024 · 1 comment
Labels
0. Needs triage Pending approval or rejection. This issue is pending approval. bug Something isn't working client: 💻 desktop

Comments

@makuser
Copy link

makuser commented Nov 4, 2024

How to use GitHub

  • Please use the 👍 reaction to show that you are affected by the same issue.
  • Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.

Steps to reproduce

  1. Do something with the contents of an encrypted folder (in my case I added a bunch of files to the folder, where some files were identical to existing files, except having an earlier timestamp, which I explicitely used to overwrite existing files, essentially making some of the files inside of encfolder younger), otherwise what exactly triggers this is unknown
  2. Put new file into folder, if new files were already added in 1, that seems to be enough
  3. Wait for upload action of nextcloud-desktop
  4. Server will respond with 403 Forbidden
  5. remove new file, unsync "encfolder", wait for sync action to delete folder locally
  6. add folder back to synced folders and wait for it to fully synchronize
  7. GOTO: 2. and see no change

Expected behaviour

File is uploaded. If any error is related to some client stuff, unsyncing the folder and having it resync again should have cleared that out.

Actual behaviour

File is rejected, as folder seems to be locked no matter what

Server configuration

Operating system: Debian 12 docker container in Debian 12 LXC container on Debian 12/Proxmox 8.2 hypervisor

Web server: Apache 2.4 in docker, Traefik 3.1.7 as proxy

Database: MariaDB 11.4.3

PHP version: 8.2.21

Nextcloud version: 29.0.8.1

Updated from an older Nextcloud/ownCloud or fresh install: Yes

Where did you install Nextcloud from: nextcloud.com, several years ago

Signing status:

Signing status ``` No errors have been found. ```

List of activated apps:

App list ``` Enabled: - activity: 2.21.1 - admin_audit: 1.19.0 - bruteforcesettings: 2.9.0 - calendar: 4.7.16 - circles: 29.0.0-dev - cloud_federation_api: 1.12.0 - cloud_py_api: 0.1.9 - comments: 1.19.0 - contacts: 6.0.0 - contactsinteraction: 1.10.0 - cookbook: 0.11.2 - cospend: 1.6.1 - dashboard: 7.9.0 - dav: 1.30.1 - deck: 1.13.2 - dicomviewer: 2.2.1 - drawio: 3.0.3 - end_to_end_encryption: 1.15.2 - external: 5.4.1 - facerecognition: 0.9.51 - federatedfilesharing: 1.19.0 - federation: 1.19.0 - files: 2.1.1 - files_accesscontrol: 1.19.1 - files_automatedtagging: 1.19.0 - files_downloadactivity: 1.17.0 - files_downloadlimit: 2.0.0 - files_external: 1.21.0 - files_pdfviewer: 2.10.0 - files_reminders: 1.2.0 - files_sharing: 1.21.0 - files_trashbin: 1.19.0 - files_versions: 1.22.0 - firstrunwizard: 2.18.0 - groupfolders: 17.0.5 - health: 2.2.2 - impersonate: 1.16.0 - logreader: 2.14.0 - lookup_server_connector: 1.17.0 - maps: 1.4.0 - mediadc: 0.3.9 - metadata: 0.21.0 - nextcloud_announcements: 1.18.0 - notes: 4.11.0 - notifications: 2.17.0 - oauth2: 1.17.1 - oidc: 1.0.0 - password_policy: 1.19.0 - phonetrack: 0.8.1 - photos: 2.5.0 - previewgenerator: 5.6.0 - privacy: 1.13.0 - provisioning_api: 1.19.0 - recognize: 7.1.0 - recommendations: 2.1.0 - related_resources: 1.4.0 - richdocuments: 8.4.8 - serverinfo: 1.19.0 - settings: 1.12.0 - sharebymail: 1.19.0 - spreed: 19.0.10 - support: 1.12.0 - survey_client: 1.17.0 - suspicious_login: 7.0.0 - systemtags: 1.19.0 - tasks: 0.16.1 - text: 3.10.1 - theming: 2.4.0 - twofactor_backupcodes: 1.18.0 - twofactor_totp: 11.0.0-dev - twofactor_webauthn: 1.4.0 - updatenotification: 1.19.1 - user_status: 1.9.0 - viewer: 2.3.0 - weather_status: 1.9.0 - workflowengine: 2.11.0 Disabled: - encryption: 2.17.0 (installed 2.7.0) - files_mindmap: 0.0.30 (installed 0.0.30) - files_rightclick: 0.15.1 (installed 1.6.0) - ocsms: 2.2.0 (installed 2.2.0) - ransomware_protection: 1.14.0 (installed 1.14.0) - scanner: 0.2.3 (installed 0.2.3) - user_ldap: 1.20.0 ```

Nextcloud configuration:

Config report 
{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "default_phone_region": "DE",
        "default_language": "de",
        "default_locale": "de_DE",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "cloud.domain.tld1",
            "cloud.domain.tld2"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "overwrite.cli.url": "https:\/\/cloud.kolly.eu\/",
        "htaccess.RewriteBase": "\/",
        "dbtype": "mysql",
        "version": "29.0.8.1",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "3306",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "mail_smtpmode": "smtp",
        "mail_smtpauthtype": "PLAIN",
        "mail_smtpsecure": "ssl",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpauth": 1,
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "465",
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "mail_sendmailmode": "smtp",
        "filelocking.enabled": true,
        "memcache.local": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "dbindex": 0
        },
        "preview_imaginary_url": "***REMOVED SENSITIVE VALUE***",
        "preview_imaginary_key": "***REMOVED SENSITIVE VALUE***",
        "enabledPreviewProviders": [
            "OC\\Preview\\MP3",
            "OC\\Preview\\TXT",
            "OC\\Preview\\MarkDown",
            "OC\\Preview\\OpenDocument",
            "OC\\Preview\\Krita",
            "OC\\Preview\\Imaginary"
        ],
        "updater.release.channel": "stable",
        "maintenance": false,
        "maintenance_window_start": 4,
        "theme": "",
        "loglevel": 1,
        "log_rotate_size": 104857600,
        "trusted_proxies": "***REMOVED SENSITIVE VALUE***"
    }
}

Are you using external storage, if yes which one: Yes, encrypted folder is local

Are you using encryption: E2EE yes, server-side no

Are you using an external user-backend, if yes which one: No

Client configuration

Browser: Nextcloud Desktop-Client 3.14.2

Operating system: Ubuntu 24.04

Logs

Web server error log

Web server error log 
gw - - [04/Nov/2024:10:39:04 +0000] "PROPFIND /remote.php/dav/files/marc/Documents/encfolder HTTP/1.1" 207 1903 "-" "-" 427306 "nccontainer@docker" "http://172.18.0.14:80" 444ms
gw - - [04/Nov/2024:10:39:04 +0000] "GET /ocs/v2.php/apps/end_to_end_encryption/api/v2/meta-data/13371337?format=json HTTP/1.1" 200 7530 "-" "-" 427309 "nccontainer@docker" "http://172.18.0.14:80" 546ms

Nextcloud log (data/nextcloud.log)

Nextcloud log 
{
    "reqId": "6qtYVlppuCHtzGIxxkyz",
    "level": 3,
    "time": "2024-11-04T10:39:06+00:00",
    "remoteAddr": "gw",
    "user": "marc",
    "app": "no app in context",
    "method": "POST",
    "url": "/ocs/v2.php/apps/end_to_end_encryption/api/v2/lock/13371337",
    "message": "Received counter is not greater than the stored one",
    "userAgent": "Mozilla/5.0 (Linux) mirall/3.14.2-20241021.144050.4eec4f3d3-1.0~noble1 (Nextcloud, ubuntu-6.8.0-48-generic ClientArchitecture: x86_64 OsArchitecture: x86_64)",
    "version": "29.0.8.1",
    "exception": {
        "Exception": "OCP\\Files\\NotPermittedException",
        "Message": "Received counter is not greater than the stored one",
        "Code": 0,
        "Trace": [{
            "file": "/var/www/html/apps/end_to_end_encryption/lib/Controller/LockingController.php",
            "line": 123,
            "function": "lockFile",
            "class": "OCA\\EndToEndEncryption\\LockManager",
            "type": "->",
            "args": [13371337, "", 1, "marc"]
        }, {
            "file": "/var/www/html/lib/private/AppFramework/Http/Dispatcher.php",
            "line": 232,
            "function": "lockFolder",
            "class": "OCA\\EndToEndEncryption\\Controller\\LockingController",
            "type": "->",
            "args": [13371337, null]
        }, {
            "file": "/var/www/html/lib/private/AppFramework/Http/Dispatcher.php",
            "line": 138,
            "function": "executeController",
            "class": "OC\\AppFramework\\Http\\Dispatcher",
            "type": "->",
            "args": [
                ["OCA\\EndToEndEncryption\\Controller\\LockingController"], "lockFolder"
            ]
        }, {
            "file": "/var/www/html/lib/private/AppFramework/App.php",
            "line": 184,
            "function": "dispatch",
            "class": "OC\\AppFramework\\Http\\Dispatcher",
            "type": "->",
            "args": [
                ["OCA\\EndToEndEncryption\\Controller\\LockingController"], "lockFolder"
            ]
        }, {
            "file": "/var/www/html/lib/private/Route/Router.php",
            "line": 331,
            "function": "main",
            "class": "OC\\AppFramework\\App",
            "type": "::",
            "args": ["OCA\\EndToEndEncryption\\Controller\\LockingController", "lockFolder", ["OC\\AppFramework\\DependencyInjection\\DIContainer"],
                ["13371337", "ocs.end_to_end_encryption.locking.lockfolder"]
            ]
        }, {
            "file": "/var/www/html/ocs/v1.php",
            "line": 66,
            "function": "match",
            "class": "OC\\Route\\Router",
            "type": "->",
            "args": ["/ocsapp/apps/end_to_end_encryption/api/v2/lock/13371337"]
        }, {
            "file": "/var/www/html/ocs/v2.php",
            "line": 23,
            "args": ["/var/www/html/ocs/v1.php"],
            "function": "require_once"
        }],
        "File": "/var/www/html/apps/end_to_end_encryption/lib/LockManager.php",
        "Line": 84,
        "message": "Received counter is not greater than the stored one",
        "exception": {},
        "CustomMessage": "Received counter is not greater than the stored one"
    }
}

Desktop client log

Desktop client log 
#=#=#=#=# Propagation starts 2024-11-04T15:19:52Z (last step: 381 msec, total: 381 msec)
||Documents/encfolder/newfile.ext|8|1|1575046243||83901||1|Das Hochladen der verschlüsselten Datei ist fehlgeschlagen.|0|0|0||
#=#=#=# Syncrun finished 2024-11-04T15:19:53Z (last step: 593 msec, total: 974 msec)
@makuser makuser added 0. Needs triage Pending approval or rejection. This issue is pending approval. bug Something isn't working labels Nov 4, 2024
@MrRinkana
Copy link

Wouldnt this be a client issue? I don't see how the server would see any difference between a new file and overwriting an existing with new timestamps

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
0. Needs triage Pending approval or rejection. This issue is pending approval. bug Something isn't working client: 💻 desktop
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@joshtrichards @makuser @MrRinkana