Bug 1346234

Summary: 9.0.2 has infinite loop with password protected shares
Product: [Fedora] Fedora EPEL Reporter: James Hogarth <james.hogarth>
Component: owncloudAssignee: James Hogarth <james.hogarth>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: epel7CC: extras-qa, ignatenko, james.hogarth, shawn, sheldon.corey
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1346233 Environment:
Last Closed: 2016-07-03 10:59:51 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description James Hogarth 2016-06-14 10:36:32 UTC 
+++ This bug was initially created as a clone of Bug #1346233 +++

Description of problem:
I have updated my OC installation (postgres+nginx) to 9.0.2 four day ago and most functions are working.

Till now I have found a single trouble: infinite loop after authentication for password protected link shares. Owncloud produces following in logs:

> Jun 13 23:25:24 domain.tld ownCloud[14211]: {webdav} Exception: {"Message":"HTTP\/1.1 401 Username or password was incorrect","Exception":"Sabre\\DAV\\Exception\\NotAuthenticated","Code":0,"Trace":"#0 [internal function]: Sabre\\DAV\\Auth\\Plugin->beforeMethod(Object(Sabre\\HTTP\\Request), Object(Sabre\\HTTP\\Response))\n#1 \/usr\/share\/php\/Sabre\/Event\/EventEmitterTrait.php(105): call_user_func_array(Array, Array)\n#2 \/usr\/share\/php\/Sabre\/DAV\/Server.php(446): Sabre\\Event\\EventEmitter->emit('beforeMethod', Array)\n#3 \/usr\/share\/php\/Sabre\/DAV\/Server.php(248): Sabre\\DAV\\Server->invokeMethod(Object(Sabre\\HTTP\\Request), Object(Sabre\\HTTP\\Response))\n#4 \/usr\/share\/owncloud\/apps\/dav\/appinfo\/v1\/publicwebdav.php(82): Sabre\\DAV\\Server->exec()\n#5 \/usr\/share\/owncloud\/public.php(74): require_once('\/usr\/share\/ownc...')\n#6 {main}","File":"\/usr\/share\/php\/Sabre\/DAV\/Auth\/Plugin.php","Line":188,"User":false}


There are no problems with link shares without password or with shares among registered users

--- Additional comment from James Hogarth on 2016-06-14 06:35:41 EDT ---

Illya 2016-06-13 19:53:06 EDT
(In reply to Didier from comment #121)
> 
> Illya,
> Have a look at oC issue #23066 ; you need to apply the patches in
> https://github.com/owncloud/core/commit/
> 8666439b68bc405a156fe2679cd74fe932b07698
>  .

Didier,
thank you for the link!

It work's now.

It was also necessary to make changes to these files:

./apps/gallery/middleware/envcheckmiddleware.php L299
./apps/dav/lib/connector/publicauth.php L92

as suggested in this GitHub comment https://github.com/owncloud/core/issues/23066#issuecomment-224046003

--- Additional comment from James Hogarth on 2016-06-14 06:35:54 EDT ---

Didier 2016-06-14 02:36:11 EDT
To summarize,
In /usr/share/owncloud/ , the following files need to be patched :

./lib/private/share/share.php
./apps/files_sharing/lib/helper.php
./apps/dav/lib/connector/publicauth.php
./apps/gallery/middleware/envcheckmiddleware.php

replacing each occurance of
  $linkItem['id']
with
  (string)$linkItem['id']
Comment 1 James Hogarth 2016-06-14 10:43:23 UTC 
Upstream bug: https://github.com/owncloud/core/issues/23066
Comment 2 Fedora Update System 2016-06-15 22:19:15 UTC 
owncloud-9.0.2-4.el7 php-mcnetic-zipstreamer-1.0-1.el7 php-sabre-dav-3.0.9-1.el7 php-sabre-http-4.2.1-1.el7 php-symfony-2.8.7-1.el7 php-symfony-security-acl-2.8.0-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-437bece53c
Comment 3 Fedora Update System 2016-06-15 22:19:24 UTC 
owncloud-9.0.2-4.el7 php-mcnetic-zipstreamer-1.0-1.el7 php-sabre-dav-3.0.9-1.el7 php-sabre-http-4.2.1-1.el7 php-symfony-2.8.7-1.el7 php-symfony-security-acl-2.8.0-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-437bece53c
Comment 4 Fedora Update System 2016-06-17 18:49:10 UTC 
owncloud-9.0.2-4.el7, php-mcnetic-zipstreamer-1.0-1.el7, php-sabre-dav-3.0.9-1.el7, php-sabre-http-4.2.1-1.el7, php-symfony-2.8.7-1.el7, php-symfony-security-acl-2.8.0-1.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-437bece53c
Comment 5 Fedora Update System 2016-07-02 23:50:15 UTC 
owncloud-9.0.2-4.el7, php-mcnetic-zipstreamer-1.0-1.el7, php-sabre-dav-3.0.9-1.el7, php-sabre-http-4.2.1-1.el7, php-symfony-2.8.7-1.el7, php-symfony-security-acl-2.8.0-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.