Error when trying to export unencrypted organization vault via web interface #2764
Comments
f1d094
changed the title
|
Duplicate of #2760 |
|
Is this the same? #2760 only speaks to cli. I am unable to create backups via GUI. This should be a bug, not an enhancement, no? |
|
Yes it is the same. It's the exact same endpoint (and I changed the title). |
|
What is the last known-good version if I wanted to roll back? This was my first effort with bitwarden/vaultwarden |
|
I would suggest to use the |
BlackDex
added a commit
to BlackDex/vaultwarden
that referenced
this issue
Sep 24, 2022
Since v2022.9.x it seems they changed the export endpoint and way of working. This PR fixes this by adding the export endpoint. Also, it looks like the clients can't handle uppercase first JSON key's. Because of this there now is a function which converts all the key's to lowercase first. I have an issue reported at Bitwarden if this is expected behavior: bitwarden/clients#3606 Fixes dani-garcia#2760 Fixes dani-garcia#2764
dani-garcia
pushed a commit
that referenced
this issue
Sep 25, 2022
Since v2022.9.x it seems they changed the export endpoint and way of working. This PR fixes this by adding the export endpoint. Also, it looks like the clients can't handle uppercase first JSON key's. Because of this there now is a function which converts all the key's to lowercase first. I have an issue reported at Bitwarden if this is expected behavior: bitwarden/clients#3606 Fixes #2760 Fixes #2764
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Subject of the issue
Plaintext export of personal vault data works as expected. It is also possible to create an encrypted_json export of organization data. Plaintext exports of Organization vaults fail for both .csv and .json.
Encrypted exports are not useful for disaster recovery, where it is entirely possible the encryption key may be lost, preventing re-import of an encrypted .json file.
Unencrypted exports are essential for proper backups
Deployment environment
Your environment (Generated via diagnostics page)
Config (Generated via diagnostics page)
Show Running Config
Environment settings which are overridden:
{ "_duo_akey": null, "_enable_duo": false, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_token": "***", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "****/**.*******", "db_connection_retries": 15, "disable_2fa_remember": true, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://******.******.**:*****", "domain_origin": "*****://******.******.**:*****", "domain_path": "", "domain_set": true, "duo_host": null, "duo_ikey": null, "duo_skey": null, "email_attempts_limit": 3, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 5 * * * *", "emergency_request_timeout_schedule": "0 5 * * * *", "enable_db_wal": true, "extended_logging": true, "helo_name": null, "hibp_api_key": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "invitation_org_name": "Vaultwarden", "invitations_allowed": true, "ip_header": "X-Forwarded-For", "job_poll_interval_ms": 30000, "log_file": "/data/logfile", "log_level": "Info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "*****@******.****", "password_hints_allowed": true, "password_iterations": 100000, "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": false, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_explicit_tls": null, "smtp_from": "***********@******.**", "smtp_from_name": "Vaultwarden", "smtp_host": "***.**.**.**", "smtp_password": "***", "smtp_port": 1025, "smtp_security": "off", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": "*******", "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_syslog": false, "user_attachment_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "websocket_address": "0.0.0.0", "websocket_enabled": false, "websocket_port": 3012, "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null }Steps to reproduce
After logging in as the Organization owner, then Organizations -> MyOrganization -> Tools -> Export Vault
Expected behaviour
Unencrypted .json file with organization vault data
Actual behaviour
Selecting File Format "Encrypted .json" and entering Master Password returns encrypted .json file.
Selecting ".json" or ".csv" produces "An unexpected error has occured" in the GUI
Troubleshooting data
With extended logging enabled and LOG_LEVEL=info, the following appears in the log
Setting LOG_LEVEL=debug and trying again produces identical output in the log.
Trying to do export with bw cli results in same issues as #2760
The text was updated successfully, but these errors were encountered: