Fwd: cloud.subsurface-divelog.org auth error

Yury Akudovich yorik503 at gmail.com
Fri Aug 4 03:54:52 PDT 2017 

I contacted you privately only because it's suggested in your FAQ:
https://subsurface-divelog.org/faq/. Quote:
"If your credentials are still not working or there is something else
wrong, contact Dirk to sort it out."

I'm sorry about that.


I've also tried to do `curl` and `git clone` to the URL and it also
failed, but it can succeed if I remove second `[email]` in the end of
the URL. So I think there is some bigger problem then just https
support. I can also try to do tcpdump to double check connection, if
needed.  BTW, The OS is Debian testing.


Log:

$ curl -u some.email at gmail.com -v
'https://cloud.subsurface-divelog.org//git/some.email@gmail.com\[some.email@gmail.com\]'
Enter host password for user 'some.email at gmail.com':
*   Trying 52.25.223.173...
* TCP_NODELAY set
* Connected to cloud.subsurface-divelog.org (52.25.223.173) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: OU=Domain Control Validated; CN=*.subsurface-divelog.org
*  start date: Oct  6 10:39:31 2014 GMT
*  expire date: Oct  6 10:39:31 2019 GMT
*  subjectAltName: host "cloud.subsurface-divelog.org" matched cert's
"*.subsurface-divelog.org"
*  issuer: C=BE; O=GlobalSign nv-sa; CN=AlphaSSL CA - SHA256 - G2
*  SSL certificate verify ok.
* Server auth using Basic with user 'some.email at gmail.com'
> GET //git/some.email at gmail.com[some.email at gmail.com] HTTP/1.1
> Host: cloud.subsurface-divelog.org
> Authorization: Basic c29tZS5lbWFpbEBnbWFpbC5jb206c29tZS5wYXNzd29yZA==
> User-Agent: curl/7.52.1
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Date: Thu, 03 Aug 2017 11:35:30 GMT
< Server: Apache/2.4.25 (Ubuntu)
* Authentication problem. Ignoring this.
< WWW-Authenticate: Basic realm="Git access"
< Content-Length: 476
< Content-Type: text/html; charset=iso-8859-1
<
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
<hr>
<address>Apache/2.4.25 (Ubuntu) Server at cloud.subsurface-divelog.org
Port 443</address>
</body></html>
* Curl_http_done: called premature == 0
* Connection #0 to host cloud.subsurface-divelog.org left intact


$ curl -u some.email at gmail.com -v
'https://cloud.subsurface-divelog.org//git/some.email@gmail.com'
Enter host password for user 'some.email at gmail.com':
*   Trying 52.25.223.173...
* TCP_NODELAY set
* Connected to cloud.subsurface-divelog.org (52.25.223.173) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: OU=Domain Control Validated; CN=*.subsurface-divelog.org
*  start date: Oct  6 10:39:31 2014 GMT
*  expire date: Oct  6 10:39:31 2019 GMT
*  subjectAltName: host "cloud.subsurface-divelog.org" matched cert's
"*.subsurface-divelog.org"
*  issuer: C=BE; O=GlobalSign nv-sa; CN=AlphaSSL CA - SHA256 - G2
*  SSL certificate verify ok.
* Server auth using Basic with user 'some.email at gmail.com'
> GET //git/some.email at gmail.com HTTP/1.1
> Host: cloud.subsurface-divelog.org
> Authorization: Basic c29tZS5lbWFpbEBnbWFpbC5jb206c29tZS5wYXNzd29yZA==
> User-Agent: curl/7.52.1
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Date: Thu, 03 Aug 2017 11:35:49 GMT
< Server: Apache/2.4.25 (Ubuntu)
< Expires: Fri, 01 Jan 1980 00:00:00 GMT
< Pragma: no-cache
< Cache-Control: no-cache, max-age=0, must-revalidate
< Content-Length: 0
<
* Curl_http_done: called premature == 0
* Connection #0 to host cloud.subsurface-divelog.org left intact



$ git clone 'https://cloud.subsurface-divelog.org//git/some.email@gmail.com\[some.email@gmail.com\]'
Cloning into 'some.email at gmail.com\[some.email at gmail.com\]'...
Username for 'https://cloud.subsurface-divelog.org': some.email at gmail.com
Password for 'https://some.email@gmail.com@cloud.subsurface-divelog.org':
fatal: Authentication failed for
'https://cloud.subsurface-divelog.org//git/some.email@gmail.com\[some.email@gmail.com\]/'


$ git clone 'https://cloud.subsurface-divelog.org//git/some.email@gmail.com'
Cloning into 'some.email at gmail.com'...
Username for 'https://cloud.subsurface-divelog.org': some.email at gmail.com
Password for 'https://some.email@gmail.com@cloud.subsurface-divelog.org':
remote: Counting objects: 49, done.
remote: Compressing objects: 100% (28/28), done.
remote: Total 49 (delta 10), reused 0 (delta 0)
Unpacking objects: 100% (49/49), done.
warning: remote HEAD refers to nonexistent ref, unable to checkout.

$ ls -al some.email at gmail.com/
total 12
drwxr-xr-x 3 some some 4096 Aug  3 13:35 ./
drwxr-xr-x 3 some some 4096 Aug  3 13:35 ../
drwxr-xr-x 7 some some 4096 Aug  3 13:35 .git/

On 3 August 2017 at 02:13, Dirk Hohndel <dirk at hohndel.org> wrote:
> Sending bug reports to me doesn't scale. We have more than ten thousand
> users. Instead of working on Subsurface, I am spending more and more of my
> time responding to individuals who decide to send me email directly.
>
>> On Aug 2, 2017, at 3:23 PM, Yury Akudovich <yorik503 at gmail.com> wrote:
>>
>> I've just started to use subsurface (great tool, btw! thank you!). But
>> I can't setup cloud sync, especially from desktop version. I've tried
>> to change my password several times, but it didn't help. Looks like my
>> phone can sync, and I can see the same dives from web UI
>> (https://cloud.subsurface-divelog.org/user/yorik503@gmail.com/dives.html)
>>
>> Could you please help? Thank you!
>>
>> My email: yorik503 at gmail.com
>> I've rebuild subsurface from branch v4.6.4.
>> Error:
>>
>> Error connecting to Subsurface cloud storage
>> Unable to open git repository
>> 'https://cloud.subsurface-divelog.org//git/yorik503@gmail.com[yorik503@gmail.com]'
>>
>>
>> Log:
>>
>> Set the current dive site: 0
>> cloud URL set as
>> "https://cloud.subsurface-divelog.org//git/yorik503@gmail.com[yorik503@gmail.com]"
>>
>> File locations:
>>
>> Local git storage: /home/yorik/.subsurface/cloudstorage/66bc60ba012a24a9
>> cloud URL set as
>> "https://cloud.subsurface-divelog.org//git/yorik503@gmail.com[yorik503@gmail.com]"
>> Cloud URL: https://cloud.subsurface-divelog.org//git/yorik503@gmail.com[yorik503@gmail.com]
>> Image hashes: /home/yorik/.subsurface/hashes
>> Local picture directory: /home/yorik/.subsurface/picturedata/
>>
>> cloud URL set as
>> "https://cloud.subsurface-divelog.org//git/yorik503@gmail.com[yorik503@gmail.com]"
>> Saving cloud storage to:
>> "https://cloud.subsurface-divelog.org//git/yorik503@gmail.com[yorik503@gmail.com]"
>> git_remote_repo: accessing
>> https://cloud.subsurface-divelog.org//git/yorik503@gmail.com
>> git storage: 0 % ( start git interaction )
>> git storage: create_local_repo
>> Cloud storage: checking connection to cloud server
>> Checking cloud connection...
>> Cloud storage: successfully checked connection to cloud server
>> git storage: 0 % ( successfully checked cloud connection )
>> git storage: calling git_clone()
>> delete proxy setting
>> git storage: returned from git_clone() with error -1
>
> You built this from sources. The mobile app (presumably the one I built) works.
> Which means it's not an issue of your account or of your password, it's an issue
> with the binary that you built.
>
> If I had to guess, your build is missing https support.
>
> Which OS are you on (you don't mention that). Please use an official binary and
> try that.
>
> If you are looking for help debugging the problem with your "home built" binaries,
> hopefully others on the developer mailing list (copied) can help.
>
> /D



--
With best regards,
Yury Akudovich


-- 
With best regards,
Yury Akudovich

More information about the subsurface mailing list