Cyberduck Mountain Duck CLI

#8158 closed defect (thirdparty)

Interoperability with AmpliStor

Reported by: jfallon Owned by: dkocher
Priority: highest Milestone:
Component: webdav Version: 4.5.1
Severity: blocker Keywords:
Cc: Architecture:

Description (last modified by dkocher)

CyberDuck fails to upload files

The strange thing is, this was working for quite some time with this System and then it suddenly started failing. I have tried various revisions on the MAC, and Windows with no luck.

tcpdumps, of successful curl and failure of CyberDuck uploads included

Server side, log file also attached, which demonstrates the issue.

Details below from AmpliData Engineering.

The cause of the bug in Cyberduck is (again) the combination of the use of HTTP digest authentication and the Expect: 100-continue header. The issue with 100-continu is that there is no guarantee that the server will actually send this. The HTTP RFC instructs the client not to wait indefinitely on the 100-continue reply. This means that the server has no way of knowing whether the body of the request will be sent by the client or not, regardless of whether it has sent the 100-continue reply or it has sent an error code back. To make this work in all cases, there are only 2 options available to the server if it replies with something else than 100-continue:

  1. Always close the connection
  2. Always read the body (and expect that the body is in fact sent by the client)

The behaviour of DSS is configurable (there is a threshold content-length for which it will close the connection if the actual content-length is larger than this value, and it will read the body when it is smaller). This only works correctly if the client also is aware of this behaviour of 100-continue. E.g. for Curl, this is the case, but Cyberduck will wait indefinitely for the 100-continue response, and not send the body if it receives something else (e.g. 401). DSS expects the body to be sent in all cases (if option 2 is chosen), and thus start reading the body which Cyberduck never has sent. DSS will thus interpret the next Cyberduck requests as part of the body. Once it has read content-length bytes, DSS expects that the next bytes on the connection will be a new request. In the Cyberduck case, it is likely that we are now in the middle of the body of another request, which will most likely not be a valid HTTP request, and definitely not an intended HTTP request. If option 1 is active, this problem should not occur, but it appears that Cyberduck also does not handle server side disconnects gracefully: it should retry the request on a new connection, but it seems to simply throw a broken pipe exception to the user. There is a remote chance that this is because DSS does not send Connection: close in its response. This is still something in AXR that is not 100% correct according to the HTTP specs. Still, Cyberduck should handle this more gracefully. There is no way to make the behaviour of (2) in DSS work with Cyberduck without breaking other (valid) HTTP clients like Curl. This should be fixed in Cyberduck. We can try to make (1) work with Cyberduck by adding Connection: close, but most likely Cyberduck will still need to be fixed as well.

Attachments (4)

dumpfordavid_8083_curl_debug.pcap (52.1 KB) - added by jfallon on Aug 7, 2014 at 1:59:51 PM.
dumpfordavid_8083_cyberduck_fail_capture.pcap (65.3 KB) - added by jfallon on Aug 7, 2014 at 2:00:15 PM.
tcpdump with failure when using cyberduck
clientx.log (945.5 KB) - added by jfallon on Aug 7, 2014 at 2:00:41 PM.
client daemon, AmpliStor server side log of activity
Screen Shot 2014-08-06 at 8.57.56 AM.png (285.6 KB) - added by jfallon on Aug 7, 2014 at 2:05:32 PM.
screen shot of cyberduck message

Download all attachments as: .zip

Change History (8)

Changed on Aug 7, 2014 at 1:59:51 PM by jfallon


Changed on Aug 7, 2014 at 2:00:15 PM by jfallon

tcpdump with failure when using cyberduck

Changed on Aug 7, 2014 at 2:00:41 PM by jfallon

client daemon, AmpliStor server side log of activity

Changed on Aug 7, 2014 at 2:05:32 PM by jfallon

screen shot of cyberduck message

comment:1 Changed on Aug 7, 2014 at 2:08:55 PM by jfallon

  • Description modified (diff)
  • Severity changed from normal to blocker

comment:2 Changed on Aug 10, 2014 at 8:34:27 PM by dkocher

  • Summary changed from Uploads failing with CyberDuck via AXR/WebDev with AmpliData to Interoperability with AmpliStor

comment:3 Changed on Aug 10, 2014 at 8:35:32 PM by dkocher

  • Description modified (diff)

comment:4 Changed on Aug 14, 2014 at 8:00:27 PM by dkocher

  • Resolution set to thirdparty
  • Status changed from new to closed

The server should not expect payload to be sent if it replies with a 401 to a request with an Expect header set.

Note: See TracTickets for help on using tickets.