Set your old private key password to your current log-in password returns a 503

[davitol]

Under investigation in other to clarify the steps to reproduce

{"reqId":"ItroLLPcW0lVkg0faA9o","level":3,"time":"2019-08-27T06:46:55+00:00","remoteAddr":"","user":"--","app":"no app in context","method":"--","url":"--","message":"User backend OC\\User\\Database is returning home: \/mnt\/data\/files\/admin for user: admin which differs from existing value: "}
{"reqId":"e6dd5637-db10-412c-96c1-b673b7262b26","level":2,"time":"2019-08-27T06:48:19+00:00","remoteAddr":"172.18.0.1","user":"admin","app":"no app in context","method":"GET","url":"\/remote.php\/dav\/avatars\/admin\/128.png","message":""}
{"reqId":"ccb04d60-36cd-44c7-af9e-5e1c2efcbc59","level":4,"time":"2019-08-27T08:55:38+00:00","remoteAddr":"172.18.0.1","user":"admin","app":"webdav","method":"PROPFIND","url":"\/remote.php\/dav\/files\/admin\/","message":"Exception: HTTP\/1.1 503 System in single user mode.: {\"Exception\":\"Sabre\\\\DAV\\\\Exception\\\\ServiceUnavailable\",\"Message\":\"System in single user mode.\",\"Code\":0,\"Trace\":\"#0 \\\/var\\\/www\\\/owncloud\\\/lib\\\/composer\\\/sabre\\\/event\\\/lib\\\/WildcardEmitterTrait.php(96): OCA\\\\DAV\\\\Connector\\\\Sabre\\\\MaintenancePlugin->checkMaintenanceMode(Object(Sabre\\\\HTTP\\\\Request), Object(Sabre\\\\HTTP\\\\Response))\\n#1 \\\/var\\\/www\\\/owncloud\\\/lib\\\/composer\\\/sabre\\\/dav\\\/lib\\\/DAV\\\/Server.php(448): Sabre\\\\DAV\\\\Server->emit('beforeMethod:PR...', Array)\\n#2 \\\/var\\\/www\\\/owncloud\\\/lib\\\/composer\\\/sabre\\\/dav\\\/lib\\\/DAV\\\/Server.php(241): Sabre\\\\DAV\\\\Server->invokeMethod(Object(Sabre\\\\HTTP\\\\Request), Object(Sabre\\\\HTTP\\\\Response))\\n#3 \\\/var\\\/www\\\/owncloud\\\/apps\\\/dav\\\/lib\\\/Server.php(319): Sabre\\\\DAV\\\\Server->start()\\n#4 \\\/var\\\/www\\\/owncloud\\\/apps\\\/dav\\\/appinfo\\\/v2\\\/remote.php(31): OCA\\\\DAV\\\\Server->exec()\\n#5 \\\/var\\\/www\\\/owncloud\\\/remote.php(165): require_once('\\\/var\\\/www\\\/ownclo...')\\n#6 {main}\",\"File\":\"\\\/var\\\/www\\\/owncloud\\\/apps\\\/dav\\\/lib\\\/Connector\\\/Sabre\\\/MaintenancePlugin.php\",\"Line\":79}"}
{"reqId":"duanRaYZHUlgGwT7Gv81","level":3,"time":"2019-08-27T08:55:53+00:00","remoteAddr":"","user":"--","app":"PHP","method":"--","url":"--","message":"Undefined offset: 1 at \/var\/www\/owncloud\/lib\/private\/Mail\/Message.php#59"}
{"reqId":"abwsLUz4l6h1nGQHn4La","level":2,"time":"2019-08-27T10:54:54+00:00","remoteAddr":"172.18.0.1","user":"admin","app":"no app in context","method":"GET","url":"\/apps\/files\/?dir=\/&fileid=3","message":"Could not decrypt the private key from user \"admin\"\" during login. Assume password change on the user back-end. Error message: Bad Signature"}
{"reqId":"looEDZnF8LKeBgltIRat","level":2,"time":"2019-08-27T10:55:25+00:00","remoteAddr":"172.18.0.1","user":"admin","app":"no app in context","method":"POST","url":"\/login","message":"Could not decrypt the private key from user \"admin\"\" during login. Assume password change on the user back-end. Error message: Bad Signature"}

[jvillafanez]

I reproduced the issue using a wrong password as the old one. This could happen if the user forgets his old password
OC 10.3.2 and encryption 1.4.0

[jvillafanez]

Steps to reproduce:

1. Setup encryption with the default module, using user-key encryption type
2. Connect ownCloud to an ldap
3. Login with an ldap user and upload some files (encryption keys should be initialized now). Ensure the files are encrypted and can be downloaded without problems
4. Logout
5. Change the user's password in the ldap
6. Login again with the user and the new password. A warning message should appear telling you to move to the settings page to update the private key password.
7. In the setting page, encryption section, update the private key password. As said above, use a wrong "old-password" (assuming you don't remember the old password)

Request crashes with a 503 error code

{"reqId":"4gAOJEZlYPGwEX8PWLmj","level":2,"time":"2021-01-28T08:56:27+00:00","remoteAddr":"10.0.2.28","user":"9c7fac5a-d008-1036-855a-dd0c704ad877","app":"core","method":"POST","url":"\/apps\/encryption\/ajax\/updatePrivateKeyPassword","message":"Login failed: 'aaliyah_adams' (Remote IP: '10.0.2.28')"}
{"reqId":"IvQHhXT86lpy9JyGvRI5","level":2,"time":"2021-01-28T08:56:44+00:00","remoteAddr":"10.0.2.28","user":"9c7fac5a-d008-1036-855a-dd0c704ad877","app":"core","method":"POST","url":"\/apps\/encryption\/ajax\/updatePrivateKeyPassword","message":"Login failed: '9c7fac5a-d008-1036-855a-dd0c704ad877' (Remote IP: '10.0.2.28')"}
{"reqId":"IvQHhXT86lpy9JyGvRI5","level":2,"time":"2021-01-28T08:56:44+00:00","remoteAddr":"10.0.2.28","user":"9c7fac5a-d008-1036-855a-dd0c704ad877","app":"core","method":"POST","url":"\/apps\/encryption\/ajax\/updatePrivateKeyPassword","message":"Login failed: 'aaliyah_adams' (Remote IP: '10.0.2.28')"}
{"reqId":"VZWSF6A2OSqCshp6zQqn","level":2,"time":"2021-01-28T08:57:01+00:00","remoteAddr":"10.0.2.28","user":"9c7fac5a-d008-1036-855a-dd0c704ad877","app":"core","method":"POST","url":"\/apps\/encryption\/ajax\/updatePrivateKeyPassword","message":"Login failed: '9c7fac5a-d008-1036-855a-dd0c704ad877' (Remote IP: '10.0.2.28')"}
{"reqId":"sI71Tvo3GYNI3gLzGgsh","level":2,"time":"2021-01-28T09:04:13+00:00","remoteAddr":"10.0.2.28","user":"9c7fac5a-d008-1036-855a-dd0c704ad877","app":"core","method":"POST","url":"\/apps\/encryption\/ajax\/updatePrivateKeyPassword","message":"Login failed: '9c7fac5a-d008-1036-855a-dd0c704ad877' (Remote IP: '10.0.2.28')"}

[posita]

I have encountered a similar issue, but with remote files, not LDAP:

owncloud {"reqId":"…","level":2,"time":"…","remoteAddr":"…","user":"…","app":"no app in context","method":"PROPFIND","url":"\/remote.php\/dav\/files\/…\/","message":"Could not decrypt the private key from user \"…\"\" during login. Assume password change on the user back-end. Error message: Bad Signature"}

AFAIK, the user does not have any encrypted files and does not have access to their old password.