Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Direct download endpoint does not work with server side encryption & user key #17497

Open
tobiasKaminsky opened this issue Oct 9, 2019 · 8 comments
Open

Direct download endpoint does not work with server side encryption & user key #17497

tobiasKaminsky opened this issue Oct 9, 2019 · 8 comments
Labels
0. Needs triage Pending check for reproducibility or if it fits our roadmap 26-feedback bug feature: encryption (server-side)

Comments

@tobiasKaminsky
Copy link
Member

Ref: nextcloud/android#3061 (comment)

  • direct endpoint
  • server side encryption with user key
  • try to create a direct download

@rullzer
@tobiasKaminsky tobiasKaminsky added bug 0. Needs triage Pending check for reproducibility or if it fits our roadmap labels Oct 9, 2019
@rullzer
Copy link
Member

rullzer commented Oct 9, 2019

If somebody want to dive into it.

  1. check if server side encryption is enabled
  2. if it is check if the user key is set
  3. if that is the case encrypt with the system key so it works without the users password

Or alternatively

  1. disable direct download when server side encryption with user key is enabled

@tobiasKaminsky
Copy link
Member Author

On alternative, we then need a capability to inform clients that they cannot offer streaming here.

@DPTJKKVH

This comment was marked as outdated.

Sign in to view
@tobiasKaminsky
Copy link
Member Author

@DPTJKKVH this is totally fine, thanks.
However we cannot guarantee which idea we favor. It is possible that we for a first start disable direct downloading /streaming if SSE with user key is enabled.

@DPTJKKVH

This comment was marked as outdated.

Sign in to view
@tobiasKaminsky
Copy link
Member Author

tobiasKaminsky commented Oct 24, 2019
edited

@tobiasKaminsky hmm. So you say even if someone provided functional code that could be merged you still might decide to temporarily disable this feature? Or do you say that you might already have it disabled before someone handed in their finished code

I meant that we maybe disable it for now, until someone develop a correct working direct download endpoint for SSE with user keys. As the current situation is broken in this special case.

If I post a bounty I obviously want this feature to be implemented and would make this a condition for payout.

Of course this will be a requirement to pay out the bounty.

I don't want to waste my money or someone else's time so a short clarification would be much appreciated. Thanks!

If there is a valid enhancement/fix it will be merged and then the bounty can be paid.

So if you put a bounty to this issue, everything is fine as it clearly says that direct download endpoint does not work with SSE & user key.

Sorry for the confusion…

@tobiasKaminsky tobiasKaminsky added 1. to develop Accepted and waiting to be taken care of and removed 0. Needs triage Pending check for reproducibility or if it fits our roadmap labels Nov 9, 2020
@szaimen

This comment was marked as resolved.

Sign in to view
@szaimen szaimen added needs info 0. Needs triage Pending check for reproducibility or if it fits our roadmap and removed 1. to develop Accepted and waiting to be taken care of labels Jan 9, 2023
@tobiasKaminsky

This comment was marked as resolved.

Sign in to view
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
0. Needs triage Pending check for reproducibility or if it fits our roadmap 26-feedback bug feature: encryption (server-side)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@rullzer @joshtrichards @tobiasKaminsky @DPTJKKVH @szaimen