Jump to content
T.Kriener

Sync-Problem with 5.3.0 and Owncloud/Webdav

Recommended Posts

Hello,

I just updated to 5.3.0 and now the synchronization with Owncloud (Webdav) does not work any more.

I already removed the old config and if I now try to establish the synchronization, I can fill the configuration dialog and press Connect.
The the Buttons are grayed out and the Text "Connecting..." is displayed, but the dialog never closes. The only thing I can do is to close the dialog in the upper left corner using the red cross.

I already restated the application and tried with and without our Proxy, but nothing changes.

Any hints how I can analyze the problem further using some traces/debugs/logs...

Regards,
Thomas Kriener

  • Like 1

Share this post


Link to post
Share on other sites

Hi @T.Kriener,

Sorry to hear about your trouble. Please provide some more details for further investigation.

  • Which device (along with OS version) are you using?
  • It would be great if you can share a demo account of your WebDAV (for diagnosing the issue) to support@enpass.io (mentioning this thread) or in a personal message to me. 

Waiting for your response!

Share this post


Link to post
Share on other sites

Hello,

a demo-account could be difficult, because it is our productive company system.

The Client-Environment is OS X 10.11.6 with Enpass 5.3.0 from the AppStore.

The Server-Environment is Owncloud 9.0.4 and an official HTTPS-Certficate.

A little bit unusual could be:

- The Login-Name contains a "@"-Sign
- The Server is normally behind a Proxy, configured via wpad-Mechanism. But I already tried without the proxy and had the same behaviour.

With the last Version (5.2.2) I had only the known problem, that the synchronization did not finish after some time.

Isn't there any way to activate a trace-file?

Regards,
Thomas Kriener
 

Share this post


Link to post
Share on other sites

I had the same problem (with the windows version). After I removed some special char out of my password. The sync start working.

Edited by tijder
I used the windows version and not the mac version

Share this post


Link to post
Share on other sites

I have the same problem. I'm using Enpass on 3 OS :

  • Linux
  • macOS El Capitan
  • iOS 9

I use the last version of Enpass on all 3 devices. Since the last update, synchronisation with WebDAV works fine with Linux and iOS, but not on macOS anymore

My WebDAV server is an Apache server on CentOS 6. You can find the config of the WebDAV share here:

 

Alias /passwords /srv/passwords
<Location /passwords>
    AuthName "*****"
    AuthType Basic
    AuthBasicProvider   ldap file
    Require valid-user

    AuthzLDAPAuthoritative  off
    AuthLDAPURL     ******

    AuthUserFile /srv/www/********/.htpasswd

    DAV filesystem
</Location>

The connection happens over SSL.

I tried to remove and re-create synchronisation configuration. It does not work, the popup stays on Connecting (it's actually in french: "Connexion en cours..."), i can't cancel or whatever, i need to close the popup. I have no special char in the username or password used for the synchronisation. When I look at the Apache logs, i don't see any requests from macOS (while I have requests from Linux and iOS).

Let me know if you need more informations.

Share this post


Link to post
Share on other sites

Hello @Romain,

With version 5.3, we have moved to Mac OS X native secure transport instead of OpenSSL for secure socket connections. Because OpenSSL libraries on Mac OS X are outdated and hence TLSv1.2 was not supported.

It seems this change is having problems with your configuration. It would be very helpful if you can send a demo account for your WebDAV at support@enpass.io (with a mention to this thread) or in a PM to me. It would be very helpful for our testing team in diagnosing the issue.

Thanks!

Share this post


Link to post
Share on other sites

Hello all,

Is everyone able to access the your Webdav account in Safari? Type in the same url as you provide in Enpass sync in safari and provide username and password.  

Meanwhile as we are investigating the issue, if you want to downgrade to previous version of Enpass, you can download it from here: http://dl.sinew.in/mac/setup/Enpass-5.2.1.dmg.

Share this post


Link to post
Share on other sites

I have this same problem but I think it is related to not running WebDAV on a standard port (80 or 443).  Does EnPass support specifying the port as part of the URL string?  If not can we get this fixed ASAP? 

Share this post


Link to post
Share on other sites

Hello,

are there any news on this topic?

Could you reproduce the problem using the URL I send Akur in a PM?

Going back to 5.2.1 is not really an option, because there I have the problem that the sync is working only once.

Regards,

Thomas

Share this post


Link to post
Share on other sites

Hi @T.Kriener,

Sorry for the late reply.
After investigating the issue, we have found that there is a bug in Qt SSL, which has been reported here https://bugreports.qt.io/browse/QTBUG-52975. We are getting same error with your server.
This bug has been resolved in Qt 5.6.2 and 5.7.1 but they are not officially released yet. As soon as these updates will be released we will release an update. Meanwhile please bear with us.

Share this post


Link to post
Share on other sites

Hi, 

@T.Kriener,

Now we are using Qt 5.6.2. to build the app for next versions, so issue has been resolved.  Soon, we will release an update with the fixes. Till then please bear with us.

 

Thanks.

 

Share this post


Link to post
Share on other sites

EnpassPortable 5.3.0 (59) on OSX 10.11.6 and also unable to get WebDAV sync to work. Android (paid) version syncs without any issues, but OSX version errors out with "Error code: -117". WebDAV server is nginx and the error message when attempting sync from OSX client is:

2016/11/19 21:09:41 [error] 12757#12757: *811 MKCOL can create a collection only, client: 192.168.100.10, server: , request: "MKCOL /sync/Enpass HTTP/1.1", host: "server.example.com"

 

Share this post


Link to post
Share on other sites

I was able to work around this bug by using the "sync to folder" option on the desktop mac application and pointing it to the root of my ownCloud sync folder on my Mac.  The application automatically creates a subfolder called Enpass which then gets synced to the cloud via my ownCloud desktop client.  From my other devices (IOS, etc) i used the webdav sync option per the instructions on the website.  Since the location in my ownCloud folder structure matches what it expects, everything works fine.  Just thought I would mention it for anyone out there waiting for the bug to get fixed in the next release.

Aubre

Share this post


Link to post
Share on other sites

Problem still occurs with 5.4.0 / Arch Linux / Nextcloud 11

In which release will it be fixed ?

Update : works when reverting to HTTP, but has issues with HTTPS (Let's Encrypt certificate)

Edited by jhf2442
Update HTTP/HTTPS

Share this post


Link to post
Share on other sites

Hi @jhf2442,

Sorry for the inconvenience. If possible, can you please share a demo account of your WebDAV (for diagnosing the issue) to support@enpass.io (mentioning this thread) or in a personal message to me. So that we can investigate where the problem could be.

Share this post


Link to post
Share on other sites

Hi Kumar

 

many thanks for the quick answer

 

When trying to connect using the Android app, I got the message that the DST Root CA X3 (which cross-signs Let's Encrypt's root CA) is not valid and had to explicitly accept the certificate. Possibly I'm experiencing the same issue here ? -> Where does enpass get its list of valid CA's ?

 

PS : email sent

Share this post


Link to post
Share on other sites

Hi @jhf2442,

Enpass doesn't have its own CA store. Default system CA store is used. The demo account you provided is working ok on our phones. 

Also this may be the problem related to SSLCertificateChainFile:

https://community.letsencrypt.org/t/android-doesnt-trust-the-certificate/16498

Mean while we trying to reproduce and figure out the problem.

Share this post


Link to post
Share on other sites

Hi,

Thanks for investigating

I'll have a look at the android topic, thanks for the link

But my initial issue is with enpass on Linux. There the sync dialog box hangs forever "connecting" (i.e. no error message shown, no possibility to waive a certificate issue etc)

Changing the URL from HTTPS to HTTP results in immediate connection and sync

I'll also check if the chain topic may solve my issue

 

Share this post


Link to post
Share on other sites

well... this is kind of embarrassing...

restarted from scratch, checking that my LE cert+chain is correctly set up in the webserver config (actually was already), disconnected HTTP sync in enpass and connected using HTTPS -> worked out of the box !

no idea what changed between my attempts, besides the fact that I disconnected the sync partnership and set up a new one

 

really sorry for the noise and many many thanks for the great and fast support !

PS : and happy new year !

Share this post


Link to post
Share on other sites

On MacOS Sierra 10.12.3, running Enpass v 5.4.1

Attempting to sync with owncloud version 8.2

I am having the same problem mentioned above. I enter https://MYHOST/owncloud/remote.php/webdav/, username and password, and I get the green "Connecting..." and nothing ever happens. No error. No timeout. I have to close the dialog window.

I *am* able to connect to my owncloud server using Safari. And I can connect and browse files via the Finder's Go:  Connect to Server command, where I can mount the remote files to my laptop. So I don't think the Mac OS SSL libraries are the issue here.

Once I reverted to the above linked 5.2.1 (47), everything worked.

Share this post


Link to post
Share on other sites
Quote

Meanwhile as we are investigating the issue, if you want to downgrade to previous version of Enpass, you can download it from here: http://dl.sinew.in/mac/setup/Enpass-5.2.1.dmg.

@Ankur Gupta How can we verify that this 5.2.1 disk image is a legitimate download? Do you have a checksum we can use? Since there is no https, the MTM attack would be trivial here. 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×
×
  • Create New...