[Desktop-packages] [Bug 1051726] Re: WebDav broken, Nautilus sends data on a closed TCP connection!

Thu, 24 Jan 2019 01:56:02 -0800 

Thank you for the reply, closing the bug then, if someone still have
similar issues they can open a new bug which would include updated
informations

** Changed in: nautilus (Ubuntu)
       Status: Incomplete => Invalid

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to nautilus in Ubuntu.
https://bugs.launchpad.net/bugs/1051726

Title:
  WebDav broken, Nautilus sends data on a closed TCP connection!

Status in nautilus package in Ubuntu:
  Invalid

Bug description:
  ENVIRONMENT:
  ---------------------
  Precise 64
  Nautilus 3.4.2

  $ uname -a && nautilus --version
  Linux zakhar-desktop 3.2.0-30-generic #48-Ubuntu SMP Fri Aug 24 16:52:48 UTC 
2012 x86_64 x86_64 x86_64 GNU/Linux
  GNOME nautilus 3.4.2

  
  WEBDAV:
  ------------
  I set up a local Apache WebDAV with standard options.
  No SSL
  Basic authentication (it is for local use)

  When I instruct Nautilus to go to my WebDAV (dav://127.0.0.1/webdav/)
  I get an error.

  After a few hours of investigation, I discovered the bug: Nautilus
  sends data to a closed TCP connection!

  
  WHAT HAPPENS:
  ----------------------
  When you hit "Enter" after the address  (dav://127.0.0.1/webdav/), Nautilus 
issues a plain request to the server.
  Then, of course, the server replies 401: Authorisation required.
  Having this response, Nautilus shows the box where you can enter 
user/password.

  ... the trouble is... if it takes you more than 5 seconds to type the
  password, the default keepalive of Apache being 5 seconds, the
  connection will be closed.

  Then, once you have entered both username and password, Nautilus re-
  issues the same request with the Authorization header.

  ... but this is done on a closed connection!..

  
  PROOF:
  ----------
  This is the Wireshark summary trace from a second PC (client is 
192.168.0.132, server is 192.168.0.130)
  No.     Time        Source                Destination           Protocol 
Length Info
        1 0.000000    192.168.0.132         192.168.0.130         TCP      74   
  38035 > http [SYN] Seq=0 Win=14600 Len=0 MSS=1460 
        2 0.000040    192.168.0.130         192.168.0.132         TCP      74   
  http > 38035 [SYN, ACK] Seq=0 Ack=1 Win=14480 Len=0 
        3 0.000246    192.168.0.132         192.168.0.130         TCP      66   
  38035 > http [ACK] Seq=1 Ack=1 Win=14656 Len=0
        4 0.000534    192.168.0.132         192.168.0.130         HTTP     230  
  OPTIONS /webdav HTTP/1.1 
        5 0.000555    192.168.0.130         192.168.0.132         TCP      66   
  http > 38035 [ACK] Seq=1 Ack=165 Win=15552 Len=0 
        6 0.001226    192.168.0.130         192.168.0.132         HTTP     727  
  HTTP/1.1 401 Authorization Required  (text/html)
        7 0.001698    192.168.0.132         192.168.0.130         TCP      66   
  38035 > http [ACK] Seq=165 Ack=662 Win=15936 Len=0
        8 5.003870    192.168.0.130         192.168.0.132         TCP      66   
  http > 38035 [FIN, ACK] Seq=662 Ack=165 Win=15552 Len=0
        9 5.042256    192.168.0.132         192.168.0.130         TCP      66   
  38035 > http [ACK] Seq=165 Ack=663 Win=15936 Len=0
       10 7.873829    192.168.0.132         192.168.0.130         HTTP     273  
  OPTIONS /webdav HTTP/1.1 
       11 7.873866    192.168.0.130         192.168.0.132         TCP      54   
  http > 38035 [RST] Seq=663 Win=0 Len=0
       12 7.873872    192.168.0.132         192.168.0.130         TCP      66   
  38035 > http [FIN, ACK] Seq=372 Ack=663 Win=15936 Len=0 
       13 7.873881    192.168.0.130         192.168.0.132         TCP      54   
  http > 38035 [RST] Seq=663 Win=0 Len=0

  
  As you can see, packet 8 occurs around 5 second after the packet 7, and is a 
FIN from the server (5 seconds of inactivity).

  I spent almost 8 seconds typing username/password, and then at 7.8
  sec, the second request with the Authorization goes out... WITHOUT
  reopening the connection.

  Of course, the server is not happy with that and issues a RST, and
  subsequently Nautilus says that there is an error.

  
  To check that it is indeed the source of the bug, I bumped the keep-alive 
time-out in my Apache config to 30 seconds, and this time, all was fine (of 
course I typed the user/password in less than 30 secs).

  
  GUESSING:
  -------------
  With previous versions of Nautilus where you had to enter in a windows the 
address of the server, the protocol, the username and password... THEN hit 
enter, I imagine such things didn't show as it was 'fast enough' not to be in 
that situation.

  Having removed this windows, the bug shows.

  It is bad because my workaround (timeout to 30 secs) is hazardous.
  In fact you can't really guess how much time would the user need to enter 
user/password. In case of strong and long pass phrases, and slow typing user, 
we could imagine over a minute... and we don't want to bump the keep-alive 
time-out on Apache that much for the sake of resource preservation.


  WHAT IS EXPECTED:
  --------------------------
  Nautilus should not produce an error when connecting to a perfectly fine 
WebDAV server.
  Basically, it shouldn't try sending data on a closed TCP connection... 
because obviously that does not work!

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1051726/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to