GNOME Bugzilla – Bug 702489
Can't add ownCloud accounts with non-ASCII passwords
Last modified: 2018-09-21 16:14:01 UTC
If an ownCloud account has a password with a non-ASCII character, like §, then it can't be added. Here is the log: (gnome-control-center:4637): goa-DEBUG: > GET /remote.php/webdav/ HTTP/1.1 (gnome-control-center:4637): goa-DEBUG: > Soup-Debug-Timestamp: 1371464389 (gnome-control-center:4637): goa-DEBUG: > Soup-Debug: SoupSessionAsync 1 (0x7efefacce1f0), SoupMessage 1 (0x7efefaad7140), SoupSocket 2 (0x7efefa84a600), restarted (gnome-control-center:4637): goa-DEBUG: > Host: cloud.geoadel.net (gnome-control-center:4637): goa-DEBUG: > Connection: close (gnome-control-center:4637): goa-DEBUG: > Authorization: Basic [test5:*********] (gnome-control-center:4637): goa-DEBUG: (gnome-control-center:4637): goa-DEBUG: < HTTP/1.1 401 Unauthorized (gnome-control-center:4637): goa-DEBUG: < Soup-Debug-Timestamp: 1371464389 (gnome-control-center:4637): goa-DEBUG: < Soup-Debug: SoupMessage 1 (0x7efefaad7140) (gnome-control-center:4637): goa-DEBUG: < Date: Mon, 17 Jun 2013 10:19:49 GMT (gnome-control-center:4637): goa-DEBUG: < Server: Apache (gnome-control-center:4637): goa-DEBUG: < X-Powered-By: PHP/5.3.24 (gnome-control-center:4637): goa-DEBUG: < Expires: Thu, 19 Nov 1981 08:52:00 GMT (gnome-control-center:4637): goa-DEBUG: < Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 (gnome-control-center:4637): goa-DEBUG: < Pragma: no-cache (gnome-control-center:4637): goa-DEBUG: < WWW-Authenticate: Basic realm="ownCloud" (gnome-control-center:4637): goa-DEBUG: < Set-Cookie: 51987b44c6b50=2c4768ea3b7196fe58c035855d3e2558; path=/; HttpOnly (gnome-control-center:4637): goa-DEBUG: < Connection: close (gnome-control-center:4637): goa-DEBUG: < Transfer-Encoding: chunked (gnome-control-center:4637): goa-DEBUG: < Content-Type: application/xml; charset=utf-8 (gnome-control-center:4637): goa-DEBUG: < (gnome-control-center:4637): goa-DEBUG: < <?xml version="1.0" encoding="utf-8"?> (gnome-control-center:4637): goa-DEBUG: < <d:error xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns"> (gnome-control-center:4637): goa-DEBUG: < <s:exception>Sabre_DAV_Exception_NotAuthenticated</s:exception> (gnome-control-center:4637): goa-DEBUG: < <s:message>Username or password does not match</s:message> (gnome-control-center:4637): goa-DEBUG: < <s:sabredav-version>1.7.6</s:sabredav-version> (gnome-control-center:4637): goa-DEBUG: < </d:error>
I noticed that Epiphany has the same issue. Reassigning to libsoup.
Created attachment 247120 [details] [review] Added test case This patch adds a test case using an utf8 password. The spec says passwords should be latin1, but removing the conversion in soup_auth_basic_authenticate() makes this test pass.
Created attachment 247123 [details] [review] Test case I submitted the wrong patch, sorry
From what I can see, it appears that Firefox and Chrome both also only allow iso-8859-1: https://bugzilla.mozilla.org/show_bug.cgi?id=41489#c116 http://code.google.com/p/chromium/issues/detail?id=25790 and it is known that there are lots of sites that will fail if this gets changed. There's a proposal for allowing a server to specify utf-8 instead: http://tools.ietf.org/html/draft-reschke-basicauth-enc-08
The thing is that the test site that Debarshi was using worked fine in chromium and also firefox IIRC.
If you want I can pass you the credentials to the test instance privately.
For what it's worth I seem to be having a similar problem; all login attempts via gnome (nautilus or gnome-online-accounts) always result in a 401 error. Login via a web browser is fine. And here's the key bit -- my password does *not* have any non-ascii characters. I am using g-o-a 3.8.2 and libsoup 2.42.2 on a fully updated Fedora 19 system. Here's my debug log: (gnome-control-center:15719): goa-DEBUG: > GET /owncloud/remote.php/webdav/ HTTP/1.1 (gnome-control-center:15719): goa-DEBUG: > Soup-Debug-Timestamp: 1375358585 (gnome-control-center:15719): goa-DEBUG: > Soup-Debug: SoupSessionAsync 1 (0x1fd88e0), SoupMessage 1 (0x213dc40), SoupSocket 1 (0x1f35480) (gnome-control-center:15719): goa-DEBUG: > Host: mail.shaftnet.org (gnome-control-center:15719): goa-DEBUG: > Connection: close (gnome-control-center:15719): goa-DEBUG: (gnome-control-center:15719): goa-DEBUG: < HTTP/1.1 401 Unauthorized (gnome-control-center:15719): goa-DEBUG: < Soup-Debug-Timestamp: 1375358585 (gnome-control-center:15719): goa-DEBUG: < Soup-Debug: SoupMessage 1 (0x213dc40) (gnome-control-center:15719): goa-DEBUG: < Date: Thu, 01 Aug 2013 12:02:27 GMT (gnome-control-center:15719): goa-DEBUG: < Server: Apache/2.4.4 (Fedora) OpenSSL/1.0.1e-fips PHP/5.4.17 mod_wsgi/3.4 Python/2.7.3 (gnome-control-center:15719): goa-DEBUG: < X-Powered-By: PHP/5.4.17 (gnome-control-center:15719): goa-DEBUG: < Strict-Transport-Security: max-age=31536000 (gnome-control-center:15719): goa-DEBUG: < Set-Cookie: 51f947410bacb=suep4ulkqe30uglch623uqg2t4; path=/; secure; HttpOnly (gnome-control-center:15719): goa-DEBUG: < Expires: Thu, 19 Nov 1981 08:52:00 GMT (gnome-control-center:15719): goa-DEBUG: < Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 (gnome-control-center:15719): goa-DEBUG: < Pragma: no-cache (gnome-control-center:15719): goa-DEBUG: < WWW-Authenticate: Basic realm="ownCloud" (gnome-control-center:15719): goa-DEBUG: < Content-Length: 291 (gnome-control-center:15719): goa-DEBUG: < Connection: close (gnome-control-center:15719): goa-DEBUG: < Content-Type: application/xml; charset=utf-8 (gnome-control-center:15719): goa-DEBUG: < (gnome-control-center:15719): goa-DEBUG: < <?xml version="1.0" encoding="utf-8"?> (gnome-control-center:15719): goa-DEBUG: < <d:error xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns"> (gnome-control-center:15719): goa-DEBUG: < <s:exception>Sabre_DAV_Exception_NotAuthenticated</s:exception> (gnome-control-center:15719): goa-DEBUG: < <s:message>No basic authentication headers were found</s:message> (gnome-control-center:15719): goa-DEBUG: < <s:sabredav-version>1.7.6</s:sabredav-version> (gnome-control-center:15719): goa-DEBUG: < </d:error> (gnome-control-center:15719): goa-DEBUG: (gnome-control-center:15719): goa-DEBUG: > GET /owncloud/remote.php/webdav/ HTTP/1.1 (gnome-control-center:15719): goa-DEBUG: > Soup-Debug-Timestamp: 1375358585 (gnome-control-center:15719): goa-DEBUG: > Soup-Debug: SoupSessionAsync 1 (0x1fd88e0), SoupMessage 1 (0x213dc40), SoupSocket 2 (0x1f35600), restarted (gnome-control-center:15719): goa-DEBUG: > Host: mail.shaftnet.org (gnome-control-center:15719): goa-DEBUG: > Connection: close (gnome-control-center:15719): goa-DEBUG: > Authorization: Basic [****:*************] (gnome-control-center:15719): goa-DEBUG: (gnome-control-center:15719): goa-DEBUG: < HTTP/1.1 401 Unauthorized (gnome-control-center:15719): goa-DEBUG: < Soup-Debug-Timestamp: 1375358585 (gnome-control-center:15719): goa-DEBUG: < Soup-Debug: SoupMessage 1 (0x213dc40) (gnome-control-center:15719): goa-DEBUG: < Date: Thu, 01 Aug 2013 12:02:27 GMT (gnome-control-center:15719): goa-DEBUG: < Server: Apache/2.4.4 (Fedora) OpenSSL/1.0.1e-fips PHP/5.4.17 mod_wsgi/3.4 Python/2.7.3 (gnome-control-center:15719): goa-DEBUG: < X-Powered-By: PHP/5.4.17 (gnome-control-center:15719): goa-DEBUG: < Strict-Transport-Security: max-age=31536000 (gnome-control-center:15719): goa-DEBUG: < Set-Cookie: 51f947410bacb=gmuc38pgsfjjf2lm5m0euata03; path=/; secure; HttpOnly (gnome-control-center:15719): goa-DEBUG: < Expires: Thu, 19 Nov 1981 08:52:00 GMT (gnome-control-center:15719): goa-DEBUG: < Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 (gnome-control-center:15719): goa-DEBUG: < Pragma: no-cache (gnome-control-center:15719): goa-DEBUG: < WWW-Authenticate: Basic realm="ownCloud" (gnome-control-center:15719): goa-DEBUG: < Content-Length: 284 (gnome-control-center:15719): goa-DEBUG: < Connection: close (gnome-control-center:15719): goa-DEBUG: < Content-Type: application/xml; charset=utf-8 (gnome-control-center:15719): goa-DEBUG: < (gnome-control-center:15719): goa-DEBUG: < <?xml version="1.0" encoding="utf-8"?> (gnome-control-center:15719): goa-DEBUG: < <d:error xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns"> (gnome-control-center:15719): goa-DEBUG: < <s:exception>Sabre_DAV_Exception_NotAuthenticated</s:exception> (gnome-control-center:15719): goa-DEBUG: < <s:message>Username or password does not match</s:message> (gnome-control-center:15719): goa-DEBUG: < <s:sabredav-version>1.7.6</s:sabredav-version> (gnome-control-center:15719): goa-DEBUG: < </d:error> (gnome-control-center:15719): goa-DEBUG:
(In reply to comment #7) > Login via a web browser is fine. And here's the key bit -- my password does > *not* have any non-ascii characters. then it's not this bug
In my tests, Firefox (23) always uses iso-8859-1, even if the 401 response has "Content-Type: text/html; charset=UTF-8", and even if the password you type in contains characters that can't be expressed in iso-8859-1 (in which case it just mangles the password). Can you get a tcpdump of owncloud's 401 response, and firefox's response with a non-ASCII password? (It doesn't have to be your real password; it doesn't matter whether the request succeeds or not.)
-- GitLab Migration Automatic Message -- This bug has been migrated to GNOME's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.gnome.org/GNOME/libsoup/issues/52.