Cyberduck Mountain Duck CLI

#6570 closed defect (fixed)

Invalid default port used for X-Storage-Url if authentication URI has non default port

Reported by: liemmn Owned by: dkocher
Priority: normal Milestone: 4.3
Component: openstack Version: 4.2.1
Severity: normal Keywords:
Cc: Architecture:
Platform:

Description

Use-case involving Openstack Swift and Keystone:

If the X-Storage-Url has an endpoint (https) without specifying the port number (443), Cyberduck will default to using the Keystone's port instead of the 443 default port for https X-Storage-Url endpoint. Per rfc2818, we should default to 443 if an https port is not specified.

Attachments (1)

cyberduck.log (24.3 KB) - added by liemmn on Mar 24, 2012 at 8:27:15 PM.
log file

Download all attachments as: .zip

Change History (19)

comment:1 Changed on Mar 2, 2012 at 8:48:51 AM by dkocher

  • Component changed from core to openstack
  • Milestone set to 4.3
  • Owner set to dkocher

comment:2 Changed on Mar 2, 2012 at 10:33:59 AM by dkocher

I cannot find this bug looking into the code. Can you verify

  • This is still an issue with the latest snapshot build.
  • Or you have a public instance I can connect to to reproduce the issue.

comment:3 Changed on Mar 22, 2012 at 3:39:31 AM by liemmn

I tried it with the latest snapshot build (9485) version 4.2.1 with same results. Steps to reproduce:

  • Install Swift (running on HTTPS, port 443)
  • Install Keystone, be sure to set the Swift endpoint to point to your Swift instance with HTTPS protocol and do not specify the port number, so the URL should be something like https://<swift_proxy>/v1.0/%tenant_id%.
  • Point Cyberduck to authenticate with your Keystone instance via port 35357 (using the Cyberduck's Swift connector)
  • Capture the HTTP traffic with a proxy like Burp or Paros so you can see the requests and responses.
  • You will see that Keystone responses the authentication request with an X-Storage-Url: https://<swift_proxy>/v1.0/<tenant_id>
  • Cyberduck then makes a GET to Swift proxy on port 35357! (should be using 443)
  • At this point, if you modify the request to use port 443, then the Swift GET will succeed, else it will fail.

It appears that Cyberduck tries to use the port of the auth host, despite the fact that X-Storage-Url specifies https or even port 443.

Please let me know if you need help reproducing this.... Thanks.

Last edited on Mar 22, 2012 at 6:07:21 PM by liemmn (previous) (diff)

comment:4 Changed on Mar 23, 2012 at 2:47:12 PM by dkocher

Because the scheme registry has the default port set for the protocol from the authentication URI, we then use this port as the default port if not port is specified in the storage URI. We will have to fix this in Cloudfiles.

comment:5 Changed on Mar 23, 2012 at 3:55:38 PM by dkocher

  • Resolution set to fixed
  • Status changed from new to closed

In this commit and possibly fixed here with r9487.

comment:6 Changed on Mar 23, 2012 at 3:56:56 PM by dkocher

Pushing a new snapshot build just now for testing.

comment:7 follow-up: Changed on Mar 23, 2012 at 6:03:12 PM by liemmn

Thanks, dkocher! Can you let me know when the snapshot build is ready? I will help verify it. I just did a snapshot build check from Cyberduck, but don't see anything new yet (still on 9485).

comment:8 in reply to: ↑ 7 Changed on Mar 23, 2012 at 9:36:04 PM by dkocher

Replying to liemmn:

Thanks, dkocher! Can you let me know when the snapshot build is ready? I will help verify it. I just did a snapshot build check from Cyberduck, but don't see anything new yet (still on 9485).

Build 9487 is now available.

comment:9 follow-up: Changed on Mar 23, 2012 at 11:48:55 PM by liemmn

Doing a snapshot update from Cyberduck (Windows) still yields 9485. I tried reinstalling Cyberduck to no avail... Any ideas? Thanks.

Last edited on Mar 24, 2012 at 1:15:28 PM by liemmn (previous) (diff)

comment:10 in reply to: ↑ 9 Changed on Mar 24, 2012 at 5:06:28 PM by dkocher

Replying to liemmn:

Doing a snapshot update from Cyberduck (Windows) still yields 9485. I tried reinstalling Cyberduck to no avail... Any ideas? Thanks.

A new snapshot build for Windows is now available as well.

comment:11 Changed on Mar 24, 2012 at 7:07:41 PM by dkocher

Let me know if this fix works for you as I didn't test this myself.

comment:12 Changed on Mar 24, 2012 at 7:08:17 PM by dkocher

  • Summary changed from https protocol should default to port 443 if no port is specified to Invalid default port used for X-Storage-Url if authentication URI has non default port

comment:13 Changed on Mar 24, 2012 at 8:26:09 PM by liemmn

I updated to build 9488. I got the following NPE before a connection was made to Keystone:

2012-03-24 13:19:38,181 [Thread-0] DEBUG ch.cyberduck.core.Host - setProtocol:swift
2012-03-24 13:19:38,182 [Thread-0] DEBUG ch.cyberduck.core.Host - setHostname:csnode.rndd.aw1.hpcloud.net
2012-03-24 13:19:38,182 [Thread-0] DEBUG ch.cyberduck.core.Host - setEncoding:null
2012-03-24 13:19:38,185 [Thread-0] DEBUG ch.cyberduck.ui.AbstractController - background:csnode.rndd.aw1.hpcloud.net
2012-03-24 13:19:38,187 [Thread-0] INFO  ch.cyberduck.ui.AbstractController - Scheduled background runnable csnode.rndd.aw1.hpcloud.net for execution
2012-03-24 13:19:38,187 [background-9] DEBUG ch.cyberduck.ui.AbstractController - Acquired lock for background runnable:csnode.rndd.aw1.hpcloud.net
2012-03-24 13:19:38,190 [background-9] INFO  ch.cyberduck.core.Session - Mounting csnode.rndd.aw1.hpcloud.net
2012-03-24 13:19:38,193 [background-9] DEBUG ch.cyberduck.core.ssl.CustomTrustSSLProtocolSocketFactory - Using SSL context:javax.net.ssl.SSLContext@14d24a
2012-03-24 13:19:38,264 [background-9] ERROR ch.cyberduck.ui.AbstractController - Exception running background task:null
java.lang.NullPointerException
	at java.net.URI$Parser.parse(URI.java:3019)
	at java.net.URI.<init>(URI.java:595)
	at java.net.URI.create(URI.java:857)
	at com.rackspacecloud.client.cloudfiles.FilesClient.parseURI(FilesClient.java:332)
	at com.rackspacecloud.client.cloudfiles.FilesClient.<init>(FilesClient.java:152)
	at ch.cyberduck.core.cf.CFSession.connect(CFSession.java:102)
	at ch.cyberduck.core.Session.check(Session.java:98)
	at ch.cyberduck.core.Session.mount(Session.java:280)
	at ch.cyberduck.core.Session.mount(Session.java:269)
	at cli.Ch.Cyberduck.Ui.Controller.BrowserController$MountAction.run(Unknown Source)
	at ch.cyberduck.core.threading.AbstractBackgroundAction.call(AbstractBackgroundAction.java:94)
	at ch.cyberduck.ui.AbstractController$1.call(AbstractController.java:94)
	at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
	at java.util.concurrent.FutureTask.run(FutureTask.java:167)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:604)
	at java.lang.Thread.run(Thread.java:883)
	at cli.System.Threading.ThreadHelper.ThreadStart_Context(Unknown Source)
	at cli.System.Threading.ExecutionContext.runTryCode(Unknown Source)
	at cli.System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(Unknown Source)
2012-03-24 13:19:38,275 [Thread-0] DEBUG ch.cyberduck.core.Session - connectionDidClose
2012-03-24 13:19:38,275 [background-9] DEBUG ch.cyberduck.ui.AbstractController - Releasing lock for background runnable:csnode.rndd.aw1.hpcloud.net

The auth host in this case is csnode.rndd.aw1.hpcloud.net running on port 35357.

Last edited on Mar 24, 2012 at 8:58:52 PM by dkocher (previous) (diff)

Changed on Mar 24, 2012 at 8:27:15 PM by liemmn

log file

comment:14 Changed on Mar 24, 2012 at 8:58:59 PM by dkocher

  • Resolution fixed deleted
  • Status changed from closed to reopened

comment:15 Changed on Mar 27, 2012 at 7:21:25 AM by dkocher

Let me know if r9489 works.

comment:16 Changed on Mar 28, 2012 at 4:32:38 PM by liemmn

It works! Woohoo!

Thanks, again, Dave.

Liem

comment:17 Changed on Mar 28, 2012 at 5:48:16 PM by dkocher

  • Resolution set to fixed
  • Status changed from reopened to closed

comment:18 Changed on Sep 26, 2012 at 4:49:13 PM by dkocher

  • Milestone changed from 4.3 to 4.2.2
Note: See TracTickets for help on using tickets.
swiss made software