From 7eefaeb5e36c2899d15fe8b9a2cd0a693f61471d Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Sat, 29 Oct 2022 16:20:57 +0200 Subject: [PATCH] nextcloud25: use openssl 1.1 as a PHP extension to fix RC4 encryption --- .../from_md/release-notes/rl-2211.section.xml | 16 +++++++ .../manual/release-notes/rl-2211.section.md | 2 + nixos/modules/services/web-apps/nextcloud.nix | 47 ++++++++++++++++++- nixos/tests/nextcloud/basic.nix | 1 + nixos/tests/nextcloud/default.nix | 5 ++ pkgs/top-level/php-packages.nix | 9 ++++ 6 files changed, 79 insertions(+), 1 deletion(-) diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml index 25b3a686c0d9..e06a6094c1a7 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml @@ -607,6 +607,22 @@ binaries, use the p4d package instead. + + + The NextCloud NixOS module uses OpenSSL 3.x for its PHP’s + openssl extension, this breaks RC4-based server-side + encryption in NextCloud, making all your files unreadable upon + upgrade. Upon testing, we could not trigger any cases of + data loss, but we + cannot guarantee that for + every accidental OpenSSL upgrade. To restore functionality, + services.nextcloud.enableBrokenCiphersForSSE + has to be set to true. NextCloud is + planning to implement AES-256-GCM server-side encryption in + the future through + https://github.com/nextcloud/server/pull/25551. + + The coq package and versioned variants diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md index 583480bec020..5831dbbaba8a 100644 --- a/nixos/doc/manual/release-notes/rl-2211.section.md +++ b/nixos/doc/manual/release-notes/rl-2211.section.md @@ -196,6 +196,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable). - The `p4` package now only includes the open-source Perforce Helix Core command-line client and APIs. It no longer installs the unfree Helix Core Server binaries `p4d`, `p4broker`, and `p4p`. To install the Helix Core Server binaries, use the `p4d` package instead. +- The NextCloud NixOS module uses OpenSSL 3.x for its PHP's openssl extension, this breaks RC4-based server-side encryption in NextCloud, making all your files unreadable upon upgrade. Upon testing, we could not trigger any cases of **data loss**, but we **cannot guarantee** that for every accidental OpenSSL upgrade. To restore functionality, [`services.nextcloud.enableBrokenCiphersForSSE`](#opt-services.nextcloud.enableBrokenCiphersForSSE) has to be set to `true`. NextCloud is planning to implement AES-256-GCM server-side encryption in the future through . + - The `coq` package and versioned variants starting at `coq_8_14` no longer include CoqIDE, which is now available through `coqPackages.coqide`. It is still possible to get CoqIDE as part of diff --git a/nixos/modules/services/web-apps/nextcloud.nix b/nixos/modules/services/web-apps/nextcloud.nix index 04599884f139..2a4ca13b473f 100644 --- a/nixos/modules/services/web-apps/nextcloud.nix +++ b/nixos/modules/services/web-apps/nextcloud.nix @@ -13,7 +13,12 @@ let phpPackage = cfg.phpPackage.buildEnv { extensions = { enabled, all }: (with all; - enabled + # disable default openssl extension + (lib.filter (e: e.pname != "openssl") enabled) + # use OpenSSL 1.1 for RC4 NextCloud encryption if user + # has acknowledged the brokeness of the ciphers (RC4). + # TODO: remove when https://github.com/nextcloud/server/issues/32003 is fixed. + ++ (if cfg.enableBrokenCiphersForSSE then [ cfg.phpPackage.extensions.openssl-legacy ] else [ cfg.phpPackage.extensions.openssl ]) ++ optional cfg.enableImagemagick imagick # Optionally enabled depending on caching settings ++ optional cfg.caching.apcu apcu @@ -80,6 +85,36 @@ in { options.services.nextcloud = { enable = mkEnableOption (lib.mdDoc "nextcloud"); + + enableBrokenCiphersForSSE = mkOption { + type = types.bool; + default = false; + description = lib.mdDoc '' + This option uses OpenSSL PHP extension linked against OpenSSL 1.x rather + than latest OpenSSL (≥ 3), this is not recommended except if you need + it. + + Server-side encryption in NextCloud uses RC4 ciphers, a broken cipher + since ~2004. + + This cipher has been disabled in OpenSSL ≥ 3 and requires + a specific legacy profile to re-enable it. + + If you upgrade to a NextCloud using OpenSSL ≥ 3 and have + server-side encryption configured, you will not be able to access + your files anymore, enabling this option can restore access to your files. + + Unless you are using external storage, + it is advised to [disable server-side encryption](https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/encryption_configuration.html#disabling-encryption) as it is unclear + it provides any amount of security beyond encryption for external storage. + If you know more about this feature and is keen on it, + please chime in or open + an issue in nixpkgs. + + In the future, NextCloud may move to AES-256-GCM, by then, + this option will be deprecated. + ''; + }; hostName = mkOption { type = types.str; description = lib.mdDoc "FQDN for the nextcloud instance."; @@ -649,6 +684,16 @@ in { ++ (optional (versionOlder cfg.package.version "23") (upgradeWarning 22 "22.05")) ++ (optional (versionOlder cfg.package.version "24") (upgradeWarning 23 "22.05")) ++ (optional (versionOlder cfg.package.version "25") (upgradeWarning 24 "22.11")) + ++ (optional cfg.enableBrokenCiphersForSSE '' + You're using PHP's openssl extension built against OpenSSL 1.1. + This is only necessary if you're using NextCloud's server-side encryption. + Please keep in mind that it's using the broken RC4 cipher. + + In order to disable this option and remove this warning, + server-side encryption has to be disabled, see on how to achieve this. + + For more context, here is the implementing pull request: https://github.com/NixOS/nixpkgs/pull/198470 + '') ++ (optional isUnsupportedMariadb '' You seem to be using MariaDB at an unsupported version (i.e. at least 10.6)! Please note that this isn't supported officially by Nextcloud. You can either diff --git a/nixos/tests/nextcloud/basic.nix b/nixos/tests/nextcloud/basic.nix index eb37470a4c7b..5cf4d8ca7554 100644 --- a/nixos/tests/nextcloud/basic.nix +++ b/nixos/tests/nextcloud/basic.nix @@ -41,6 +41,7 @@ in { enable = true; datadir = "/var/lib/nextcloud-data"; hostName = "nextcloud"; + enableBrokenCiphersForSSE = args.enableBrokenCiphersForSSE or false; config = { # Don't inherit adminuser since "root" is supposed to be the default adminpassFile = "${pkgs.writeText "adminpass" adminpass}"; # Don't try this at home! diff --git a/nixos/tests/nextcloud/default.nix b/nixos/tests/nextcloud/default.nix index 7dbdff988238..b55831047c62 100644 --- a/nixos/tests/nextcloud/default.nix +++ b/nixos/tests/nextcloud/default.nix @@ -8,6 +8,11 @@ with pkgs.lib; foldl (matrix: ver: matrix // { "basic${toString ver}" = import ./basic.nix { inherit system pkgs; nextcloudVersion = ver; }; + "with-legacy-openssl${toString ver}" = import ./basic.nix { + inherit system pkgs; + nextcloudVersion = ver; + enableBrokenCiphersForSSE = true; + }; "with-postgresql-and-redis${toString ver}" = import ./with-postgresql-and-redis.nix { inherit system pkgs; nextcloudVersion = ver; diff --git a/pkgs/top-level/php-packages.nix b/pkgs/top-level/php-packages.nix index 0b9f4237327b..2ab2000af583 100644 --- a/pkgs/top-level/php-packages.nix +++ b/pkgs/top-level/php-packages.nix @@ -414,6 +414,15 @@ lib.makeScope pkgs.newScope (self: with self; { configureFlags = [ "--with-openssl" ]; doCheck = false; } + # This provides a legacy OpenSSL PHP extension + # For situations where OpenSSL 3 do not support a set of features + # without a specific openssl.cnf file + { + name = "openssl-legacy"; + buildInputs = [ openssl_1_1 ]; + configureFlags = [ "--with-openssl" ]; + doCheck = false; + } { name = "pcntl"; } { name = "pdo"; doCheck = false; } {