From 162b387256651a57d4ce1be38753e850e6e375c7 Mon Sep 17 00:00:00 2001 From: John <3273102+Upellift99@users.noreply.github.com> Date: Sat, 14 Feb 2026 17:46:28 +0100 Subject: [PATCH 1/4] Fix download command silently exiting with code 2 when --id is provided checkRequiredUploadParameter had no return true path for a valid download command. When --id was provided, execution fell through to the upload/Docker logic which returned false, triggering os.Exit(2) with no output. Co-Authored-By: Claude Opus 4.6 --- cmd/cli-uploader/cliflags/cliflags.go | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/cmd/cli-uploader/cliflags/cliflags.go b/cmd/cli-uploader/cliflags/cliflags.go index a0bcffcd..9743086a 100644 --- a/cmd/cli-uploader/cliflags/cliflags.go +++ b/cmd/cli-uploader/cliflags/cliflags.go @@ -167,9 +167,12 @@ func checkRequiredUploadParameter(config *FlagConfig, mode int) bool { if mode == ModeUpload && config.File != "" { return true } - if mode == ModeDownload && config.DownloadId == "" { - fmt.Println("ERROR: Missing parameter --id") - return false + if mode == ModeDownload { + if config.DownloadId == "" { + fmt.Println("ERROR: Missing parameter --id") + return false + } + return true } if !environment.IsDockerInstance() { From cc7c4346f36a10a7c1f077c656fdcc24ce6f8e9e Mon Sep 17 00:00:00 2001 From: John <3273102+Upellift99@users.noreply.github.com> Date: Sat, 14 Feb 2026 17:58:10 +0100 Subject: [PATCH 2/4] Gokapi-cli: Don't leave empty file on disk when download fails Move HTTP request before file creation so no file is left behind on server errors (502, 404, etc.). Also clean up partial files on streaming errors and fix defer placement on os.Create. Co-Authored-By: Claude Opus 4.6 --- cmd/cli-uploader/cliapi/cliapi.go | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/cmd/cli-uploader/cliapi/cliapi.go b/cmd/cli-uploader/cliapi/cliapi.go index 25fd920e..25c14b78 100644 --- a/cmd/cli-uploader/cliapi/cliapi.go +++ b/cmd/cli-uploader/cliapi/cliapi.go @@ -256,17 +256,6 @@ func DownloadFile(downloadParams cliflags.FlagConfig) error { return err } } - helper.CreateDir(downloadParams.OutputPath) - file, err := os.Create(downloadParams.OutputPath + "/" + downloadParams.FileName) - defer file.Close() - if err != nil { - fmt.Println("ERROR: Could not create new file") - return err - } - - if !downloadParams.JsonOutput { - progressBar = progressbar.DefaultBytes(info.SizeBytes, "Downloading") - } req, err := http.NewRequest("GET", gokapiUrl+"/files/download/"+downloadParams.DownloadId, nil) if err != nil { @@ -286,6 +275,18 @@ func DownloadFile(downloadParams cliflags.FlagConfig) error { os.Exit(4) } + helper.CreateDir(downloadParams.OutputPath) + file, err := os.Create(filename) + if err != nil { + fmt.Println("ERROR: Could not create new file") + return err + } + defer file.Close() + + if !downloadParams.JsonOutput { + progressBar = progressbar.DefaultBytes(info.SizeBytes, "Downloading") + } + if !downloadParams.JsonOutput { _, err = io.Copy(file, io.TeeReader(resp.Body, progressBar)) } else { @@ -293,6 +294,7 @@ func DownloadFile(downloadParams cliflags.FlagConfig) error { } if err != nil { + os.Remove(filename) fmt.Println("ERROR: Could not download file") return err } From b48e924b39f72be3204179e60628c0799434c189 Mon Sep 17 00:00:00 2001 From: John <3273102+Upellift99@users.noreply.github.com> Date: Sat, 14 Feb 2026 18:10:52 +0100 Subject: [PATCH 3/4] Fix server crash on API file download with S3 storage serveDecryptedFile unconditionally called encryption.DecryptReader even for non-encrypted files, causing crypto/aes: invalid key size 0 panic that crashed the entire process. Only decrypt when the file is actually encrypted, matching the existing behavior in Stream(). Co-Authored-By: Claude Opus 4.6 --- internal/storage/filesystem/s3filesystem/aws/Aws.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/internal/storage/filesystem/s3filesystem/aws/Aws.go b/internal/storage/filesystem/s3filesystem/aws/Aws.go index 7b451515..68719dfa 100644 --- a/internal/storage/filesystem/s3filesystem/aws/Aws.go +++ b/internal/storage/filesystem/s3filesystem/aws/Aws.go @@ -223,7 +223,11 @@ func serveDecryptedFile(w http.ResponseWriter, file models.File) error { defer obj.Body.Close() headers.Write(file, w, true, true) - return encryption.DecryptReader(file.Encryption, obj.Body, w) + if file.Encryption.IsEncrypted { + return encryption.DecryptReader(file.Encryption, obj.Body, w) + } + _, err = io.Copy(w, obj.Body) + return err } func getTimeoutContext() (context.Context, context.CancelFunc) { From 04c913118a4752daa5bd82f3c7284584e117917a Mon Sep 17 00:00:00 2001 From: John <3273102+Upellift99@users.noreply.github.com> Date: Sat, 14 Feb 2026 21:34:10 +0100 Subject: [PATCH 4/4] Add E2E encrypted file download support to gokapi-cli Server: remove E2E download rejection from API and serve encrypted bytes without server-side decryption for E2E files. Add IsDecryptionAvailable guard to prevent server crash on encrypted files with missing master key. CLI: detect E2E files, retrieve per-file cipher from /api/e2e/get, restore the real filename, and decrypt in streaming using the E2E key. Co-Authored-By: Claude Opus 4.6 --- cmd/cli-uploader/cliapi/cliapi.go | 46 ++++++++++++++++++- internal/encryption/Encryption.go | 6 +++ .../filesystem/s3filesystem/aws/Aws.go | 3 ++ internal/webserver/api/Api.go | 6 +-- 4 files changed, 55 insertions(+), 6 deletions(-) diff --git a/cmd/cli-uploader/cliapi/cliapi.go b/cmd/cli-uploader/cliapi/cliapi.go index 25c14b78..10961d7f 100644 --- a/cmd/cli-uploader/cliapi/cliapi.go +++ b/cmd/cli-uploader/cliapi/cliapi.go @@ -233,6 +233,24 @@ func DownloadFile(downloadParams cliflags.FlagConfig) error { fmt.Println("ERROR: Could not get file info or file does not exist") return err } + + // For E2E files, retrieve the per-file cipher and real filename + var e2eCipher []byte + if info.IsEndToEndEncrypted { + if len(e2eKey) == 0 { + return errors.New("file is end-to-end encrypted but no E2E key is configured - please re-run login") + } + var realName string + e2eCipher, realName, err = getE2eCipher(downloadParams.DownloadId) + if err != nil { + fmt.Println("ERROR: Could not retrieve E2E decryption key for this file") + return err + } + if downloadParams.FileName == "" { + info.Name = realName + } + } + if downloadParams.OutputPath == "" { downloadParams.OutputPath = "." } @@ -287,10 +305,20 @@ func DownloadFile(downloadParams cliflags.FlagConfig) error { progressBar = progressbar.DefaultBytes(info.SizeBytes, "Downloading") } + // For E2E files, wrap the response body in a decryption reader + var body io.Reader = resp.Body + if info.IsEndToEndEncrypted { + body, err = encryption.GetDecryptReader(e2eCipher, resp.Body) + if err != nil { + os.Remove(filename) + return err + } + } + if !downloadParams.JsonOutput { - _, err = io.Copy(file, io.TeeReader(resp.Body, progressBar)) + _, err = io.Copy(file, io.TeeReader(body, progressBar)) } else { - _, err = io.Copy(file, resp.Body) + _, err = io.Copy(file, body) } if err != nil { @@ -312,6 +340,20 @@ func DownloadFile(downloadParams cliflags.FlagConfig) error { return nil } +// getE2eCipher retrieves the per-file cipher and real filename for an E2E encrypted file +func getE2eCipher(fileId string) ([]byte, string, error) { + e2eInfo, err := GetE2eInfo() + if err != nil { + return nil, "", err + } + for _, f := range e2eInfo.Files { + if f.Id == fileId { + return f.Cipher, f.Filename, nil + } + } + return nil, "", errors.New("file not found in E2E metadata") +} + func nameToBase64(f *os.File, uploadParams cliflags.FlagConfig) string { return "base64:" + base64.StdEncoding.EncodeToString([]byte(getFileName(f, uploadParams))) } diff --git a/internal/encryption/Encryption.go b/internal/encryption/Encryption.go index e18eabd4..42e8355d 100644 --- a/internal/encryption/Encryption.go +++ b/internal/encryption/Encryption.go @@ -39,6 +39,12 @@ const EndToEndEncryption = 5 var encryptedKey, ramCipher []byte +// IsDecryptionAvailable returns true if the master encryption key has been +// loaded into memory, meaning server-side decryption is possible. +func IsDecryptionAvailable() bool { + return len(ramCipher) > 0 +} + const blockSize = 32 const nonceSize = 12 diff --git a/internal/storage/filesystem/s3filesystem/aws/Aws.go b/internal/storage/filesystem/s3filesystem/aws/Aws.go index 68719dfa..01a9863c 100644 --- a/internal/storage/filesystem/s3filesystem/aws/Aws.go +++ b/internal/storage/filesystem/s3filesystem/aws/Aws.go @@ -224,6 +224,9 @@ func serveDecryptedFile(w http.ResponseWriter, file models.File) error { headers.Write(file, w, true, true) if file.Encryption.IsEncrypted { + if !encryption.IsDecryptionAvailable() { + return errors.New("file is encrypted but server-side decryption key is not available") + } return encryption.DecryptReader(file.Encryption, obj.Body, w) } _, err = io.Copy(w, obj.Body) diff --git a/internal/webserver/api/Api.go b/internal/webserver/api/Api.go index f643a696..65a5cf0d 100644 --- a/internal/webserver/api/Api.go +++ b/internal/webserver/api/Api.go @@ -598,7 +598,8 @@ func apiDownloadSingle(w http.ResponseWriter, r requestParser, user models.User) return } if !request.PresignUrl { - storage.ServeFile(file, w, request.WebRequest, true, request.IncreaseCounter, true) + forceDecryption := !file.Encryption.IsEndToEndEncrypted + storage.ServeFile(file, w, request.WebRequest, true, request.IncreaseCounter, forceDecryption) return } createAndOutputPresignedUrl([]string{file.Id}, w, "") @@ -635,9 +636,6 @@ func checkDownloadAllowed(fileId string, user models.User) (models.File, int, in if file.UserId != user.Id && !user.HasPermission(models.UserPermListOtherUploads) { return models.File{}, http.StatusUnauthorized, errorcodes.NoPermission, "no permission to download file" } - if file.Encryption.IsEndToEndEncrypted { - return models.File{}, http.StatusBadRequest, errorcodes.EndToEndNotSupported, "End-to-end encrypted files cannot be downloaded" - } return file, 0, 0, "" }