Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CLI --upload / --list Vault does nothing #12812

Closed
doncabreraphone opened this issue Jan 22, 2022 · 11 comments · Fixed by #12845
Closed

CLI --upload / --list Vault does nothing #12812

doncabreraphone opened this issue Jan 22, 2022 · 11 comments · Fixed by #12845
Assignees
@dkocher
Labels
bug cli Command Line Interface cryptomator Cryptomator Vault s3 AWS S3 Protocol Implementation
Milestone
8.2.3

Comments

@doncabreraphone
Copy link

doncabreraphone commented Jan 22, 2022
edited

I'm attempting to upload a simple pdf file to a test vault on my s3 bucket, but it ain't working.

This is what I do:

$ duck --upload s3://s3.amazonaws.com/s3folder/ "~/file.pdf"

Duck asks me for my Access Key and Secret Access Key, so good so far.

I can --list and --upload to other directories, as long as they are not vaults.

So at this point it says:

file.pdf?file.pdf

Is getting ready to upload, but then it realizes it is a locked vault.

It asks me for my phrase.

I enter my phrase and hit enter.

It asks me to save the password.

Then it just disconnects and goes back to cmd, without telling me anything or giving me a reason.

I'm on a Windows 10 using CMD.
I have successfully uploaded to my S3 bucket as long as they are not vaults. When they are vaults, this happens. I can upload to my vault from the cyberduck app, but I cannot upload from the CLI. I cannot also --list anything.
@doncabreraphone doncabreraphone changed the title Cyberduck CLI --upload to vault does nothing Cyberduck CLI --upload / --list Vault does nothing Jan 22, 2022
@doncabreraphone
Copy link
Author

Also, a little update: the vault passphrase shows up in plain text, not in asterisks (I've no idea if this is by design or maybe related to the vault "kicking" me out without saying a word).


C:\> duck -y --upload s3://s3.amazonaws.com/s3folder/FolderBackup/ "~/Desktop/Design/*.pdf"

Reading metadata of FolderBackup?

Login s3.amazonaws.com. Login s3.amazonaws.com ? S3 with username and password. No login credentials could be found in the Keychain.

Access Key ID (pc): USERLOGIN

Login as USERLOGIN

Secret Access Key: secretkey

_.pdf?_.pdf

Unlock Vault. Provide your passphrase to unlock the Cryptomator Vault FolderBackup.

Passphrase: mypass

C:\>

I entered the right passphrase and it kicks me out anyway...

@doncabreraphone
Copy link
Author

doncabreraphone commented Jan 25, 2022
edited

Did another test with another newly created vault: same thing. The passphrase prompt shows up, but for some reason, even after the right credentials have been entered, the login never happens. I'm not sure if this has something to do with the vault being located on an amazon server.

@AliveDevil
Copy link
Contributor

AliveDevil commented Jan 26, 2022
edited

Confirmed, Vault listing doesn't work.

> duck --verbose --debug --list s3-http://ceph.pve.xc/vault-test/vault/ --user FYRWCR5MM918PND8QZMT
S3 connection opened…
Secret Access Key will be sent in plaintext. Please contact your web hosting service provider for assistance.
Continue (y) or Disconnect (n):  (y/n): y
Authenticating as FYRWCR5MM918PND8QZMT…
> GET /vault-test/?location= HTTP/1.1
> Date: Wed, 26 Jan 2022 10:02:35 GMT
> x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
> Host: ceph.pve.xc
> x-amz-date: 20220126T100235Z
> Authorization: ********
> Connection: Keep-Alive
> User-Agent: Cyberduck/8.2.1.36773 (Windows 10/10.0) (amd64)
> Accept-Encoding: gzip,deflate
< HTTP/1.1 200 OK
< x-amz-request-id: tx000000000000000004fe2-0061f11c3b-19791a-default
< Content-Length: 134
< Date: Wed, 26 Jan 2022 10:02:35 GMT
Login successful…
> HEAD /vault-test/vault/ HTTP/1.1
> Date: Wed, 26 Jan 2022 10:02:35 GMT
> x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
> Host: ceph.pve.xc
> x-amz-date: 20220126T100235Z
> Authorization: ********
> Connection: Keep-Alive
> User-Agent: Cyberduck/8.2.1.36773 (Windows 10/10.0) (amd64)
> Accept-Encoding: gzip,deflate
< HTTP/1.1 200 OK
< Content-Length: 0
< Accept-Ranges: bytes
< Last-Modified: Wed, 26 Jan 2022 09:56:31 GMT
< x-rgw-object-type: Normal
< ETag: "d41d8cd98f00b204e9800998ecf8427e"
< x-amz-request-id: tx000000000000000004fe3-0061f11c3b-19791a-default
< Content-Type: application/x-directory
< Date: Wed, 26 Jan 2022 10:02:35 GMT
Listing directory vault…
> GET /vault-test/?versioning HTTP/1.1
> Date: Wed, 26 Jan 2022 10:02:35 GMT
> x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
> Host: ceph.pve.xc
> x-amz-date: 20220126T100235Z
> Authorization: ********
> Connection: Keep-Alive
> User-Agent: Cyberduck/8.2.1.36773 (Windows 10/10.0) (amd64)
> Accept-Encoding: gzip,deflate
< HTTP/1.1 200 OK
< x-amz-request-id: tx000000000000000004fe4-0061f11c3b-19791a-default
< Content-Type: application/xml
< Content-Length: 137
< Date: Wed, 26 Jan 2022 10:02:35 GMT
< Connection: Keep-Alive
> GET /vault-test/?encoding-type=url&max-keys=1000&prefix=vault%2F&delimiter=%2F HTTP/1.1
> Date: Wed, 26 Jan 2022 10:02:35 GMT
> x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
> Host: ceph.pve.xc
> x-amz-date: 20220126T100235Z
> Authorization: ********
> Connection: Keep-Alive
> User-Agent: Cyberduck/8.2.1.36773 (Windows 10/10.0) (amd64)
> Accept-Encoding: gzip,deflate
< HTTP/1.1 200 OK
< Transfer-Encoding: chunked
< x-amz-request-id: tx000000000000000004fe5-0061f11c3b-19791a-default
< Content-Type: application/xml
< Date: Wed, 26 Jan 2022 10:02:35 GMT
< Connection: Keep-Alive
> GET /vault-test/vault/masterkey.cryptomator HTTP/1.1
> Date: Wed, 26 Jan 2022 10:02:35 GMT
> x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
> Host: ceph.pve.xc
> x-amz-date: 20220126T100235Z
> Authorization: ********
> Connection: Keep-Alive
> User-Agent: Cyberduck/8.2.1.36773 (Windows 10/10.0) (amd64)
> Accept-Encoding: gzip,deflate
< HTTP/1.1 200 OK
< Content-Length: 327
< Accept-Ranges: bytes
< Last-Modified: Wed, 26 Jan 2022 09:56:31 GMT
< x-rgw-object-type: Normal
< ETag: "eb04bfecb21308b59ce928c4f67cacf5"
< x-amz-request-id: tx000000000000000004fe6-0061f11c3b-19791a-default
< Content-Type: application/octet-stream
< Date: Wed, 26 Jan 2022 10:02:35 GMT
< Connection: Keep-Alive
Unlock Vault. Provide your passphrase to unlock the Cryptomator Vault vault.
Passphrase: Test

Save password (y/n): n

>

Edit: duck --verbose --debug --list s3-http://ceph.pve.xc/vault-test/vault/ --user FYRWCR5MM918PND8QZMT --vault /vault-test/vault/ doesn't make a difference.

@AliveDevil AliveDevil added cli Command Line Interface cryptomator Cryptomator Vault s3 AWS S3 Protocol Implementation labels Jan 26, 2022
@doncabreraphone
Copy link
Author

Glad to know it wasn't just me. Maybe this has to do with Cryptomator and not with Cyberduck?

@dkocher
Copy link
Contributor

dkocher commented Jan 27, 2022

We have our own interoperable handling of the Cryptomator vault format independent from the implementation in the Cryptomator project.

@dkocher dkocher added this to the 8.2.3 milestone Jan 27, 2022
@dkocher dkocher self-assigned this Jan 27, 2022
@doncabreraphone
Copy link
Author

Question: how can I know when the version with the fixed bug gets published? (and how can I update the CLI?)

@AliveDevil
Copy link
Contributor

You get a notification when this issue is closed, then you should expect it being fixed in the following release (if you opted for GitHub-notification emails).
Releases are announced at @cyberduckapp and our Cyberduck-news mailing list.

Depending on how you installed duck you can update automatically through choco, or find the latest installer on the distribution page dist.duck.sh.

@dkocher
Copy link
Contributor

dkocher commented Feb 2, 2022

I cannot seem to reproduce the problem

silverbullet:cyberduck dkocher$ duck --username AKIA5RMYTHDIWMBSAYUM --list s3:/test-eu-central-1-cyberduck/vault/ --vault /vault
Listing directory vault…
cryptomator_256.png

Note the --vault parameter is mandatory as documented.

@dkocher dkocher changed the title Cyberduck CLI --upload / --list Vault does nothing CLI --upload / --list Vault does nothing Feb 2, 2022
@dkocher dkocher added the bug label Feb 2, 2022
@AliveDevil AliveDevil mentioned this issue Feb 2, 2022
Merged
@dkocher
Copy link
Contributor

dkocher commented Feb 2, 2022

Regression from 20d1a7f with upgrade of cryptolib dependency.

@doncabreraphone
Copy link
Author

doncabreraphone commented Feb 3, 2022
edited

AliveDevil was able to. I just gave it a try myself and I still can't get in, even with the --vault parameter added. If you let the prompt walk you through, at the end, it will just close the connection.

@dkocher
Copy link
Contributor

dkocher commented Feb 3, 2022

AliveDevil was able to. I just gave it a try myself and I still can't get in, even with the --vault parameter added. If you let the prompt walk you through, at the end, it will just close the connection.

We have been able to reproduce the problem (Windows only) and a fix is in review.

dkocher added a commit that referenced this issue Feb 3, 2022
@dkocher
Merge pull request #12845 from iterate-ch/bugfix/GH-12812
78e810f 
Workaround .NET assembly loading IKVM ServiceLoader interoperability screw-up
dkocher added a commit that referenced this issue Feb 3, 2022
@dkocher
Merge pull request #12846 from iterate-ch/bugfix/GH-12812-alert
d4ed9c7 
Always print failure message on exception.
@dkocher dkocher mentioned this issue Feb 5, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dkocher dkocher

Labels
bug cli Command Line Interface cryptomator Cryptomator Vault s3 AWS S3 Protocol Implementation
Projects
None yet
Milestone
8.2.3
Development

Successfully merging a pull request may close this issue.

Workaround .NET assembly loading IKVM ServiceLoader interoperability screw-up iterate-ch/cyberduck
3 participants
@dkocher @AliveDevil @doncabreraphone