Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Owncloud 10.0.4.4 DavFS issue #29793

Closed
Dreis74 opened this issue Dec 8, 2017 · 17 comments · Fixed by #29798
Closed

Owncloud 10.0.4.4 DavFS issue #29793

Dreis74 opened this issue Dec 8, 2017 · 17 comments · Fixed by #29798
Assignees
Labels
Milestone

Comments

@Dreis74
Copy link

Dreis74 commented Dec 8, 2017

Steps to reproduce

  1. Upgrade to owncloud 10.0.4
  2. Try to mount a davfs share

Expected behaviour

The Share should be mounted

Actual behaviour

/sbin/mount.davfs: mounting failed; the server does not support WebDAV

Server configuration

Operating system: Ubuntu 16.04

Web server: Apache 2.4

Database: mysql 5.7

PHP version: 5.6

ownCloud version: (see ownCloud admin page) 10.0.4.4

Updated from an older ownCloud or fresh install: Updated from 10.0.3.3

Where did you install ownCloud from: from repo download.owncloud.org/download/repositories/stable/Ubuntu_16.04/

Signing status (ownCloud 9.0 and above):

No errors have been found.

The content of config/config.php:

{
    "system": {
        "forcessl": true,
        "installed": true,
        "dbtype": "mysql",
        "dbname": "owncloud",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "localhost",
        "dbtableprefix": "oc_",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "overwritehost": "",
        "overwriteprotocol": "",
        "theme": "",
        "3rdpartyroot": "",
        "3rdpartyurl": "",
        "defaultapp": "files",
        "knowledgebaseenabled": true,
        "knowledgebaseurl": "http:\/\/api.apps.owncloud.com\/v1",
        "appstoreenabled": true,
        "mail_smtpmode": "sendmail",
        "mail_smtphost": "127.0.0.1",
        "mail_smtpport": 25,
        "mail_smtpauth": false,
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "appcodechecker": "",
        "updatechecker": false,
        "logtimezone": "Europe\/Zurich",
        "logfile": "\/var\/log\/owncloud.log",
        "loglevel": 0,
        "log_authfailip": true,
        "log_type": "owncloud",
        "log_query": false,
        "debug": true,
        "apps_paths": [
            {
                "path": "\/var\/www\/owncloud\/apps",
                "url": "\/apps",
                "writable": true
            }
        ],
        "instanceid": "513e28974df26",
        "datadirectory": "\/var\/www\/owncloud\/data",
        "version": "10.0.4.4",
        "maintenance": false,
        "trusted_domains": [
            "gland.netoxygen.ch",
            "ge.netoxygen.ch",
            "cloud.netoxygen.ch"
        ],
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trashbin_retention_obligation": "auto",
        "appstore.experimental.enabled": true
    }
}

List of activated apps:

Enabled:
  - calendar: 1.5.4
  - comments: 0.3.0
  - configreport: 0.1.1
  - contacts: 1.5.3
  - dav: 0.3.2
  - federatedfilesharing: 0.3.1
  - federation: 0.1.0
  - files: 1.5.1
  - files_external: 0.7.1
  - files_sharing: 0.10.1
  - files_trashbin: 0.9.1
  - files_versions: 1.3.0
  - files_videoplayer: 0.9.8
  - firstrunwizard: 1.1
  - market: 0.2.3
  - notifications: 0.3.2
  - provisioning_api: 0.5.0
  - systemtags: 0.3.0
  - templateeditor: 0.1
  - updatenotification: 0.2.1
Disabled:
  - encryption
  - external
  - theme-example
  - user_external

Are you using external storage, if yes which one: NO

Are you using encryption: NO

Are you using an external user-backend, if yes which one: NO

Client configuration

Browser: Davfs2

Operating system: Ubuntu 16.04

Logs

Web server error log

xxx.xxx.xxx:443 192.168.0.184 - - [07/Dec/2017:18:17:36 +0100] "OPTIONS /remote.php/webdav/ HTTP/1.1" 200 4378 "-" "davfs2/1.5.2 neon/0.30.1"

ownCloud log (data/owncloud.log)

Nothing is logged

I did a few tests and could detect some strange things.
I test to mount davfs from demo.ownloud.org and it works. But demo uses version 10.0.3.3 (a version on wich it was working for me before the upgrade).
Cadaver is working on my 10.0.4.4 owncloud but not davfs.
I did some tests using curl and can see that a simple curl to remote/webdav without autentication retunr a code 200 instead of a code 401

curl -D - -X OPTIONS https:/xxx.xxx.xxx/remote.php/webdav/

HTTP/1.1 200 OK
Date: Thu, 07 Dec 2017 17:20:53 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: 513e28974df26=v4lef9aamd3vq82vnmseoeogr7; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: oc_sessionPassphrase=CNa9pkjoDLG4qfFuJKbAfqkw4u0cmDxHn48h8mynSofwD6KzHtpy%2FN3OvEoWPq8oAnPcipfIbRuxtEWO4m475nJgYW9RfdDTkbOxSasE5sjsFLqWdI7rRn%2B2uWwY%2BKAy; path=/; secure; httponly
Content-Security-Policy: default-src 'none';
Access-Control-Allow-Headers: authorization,OCS-APIREQUEST,Origin,X-Requested-With,Content-Type,Access-Control-Allow-Origin,X-OC-Mtime,OC-Checksum,OC-Total-Length,Depth,Destination,Overwrite
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,OPTIONS,POST,PUT,DELETE,MKCOL,PROPFIND,PATCH,PROPPATCH,REPORT,MOVE,COPY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Length: 0
Content-Type: text/html; charset=UTF-8

On demo
curl -D - -X OPTIONS https://demo.owncloud.org/remote.php/webdav/

HTTP/1.1 401 Unauthorized
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 412
Content-Security-Policy: default-src 'none';
Content-Type: application/xml; charset=utf-8
Date: Thu, 07 Dec 2017 17:22:02 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache
Set-Cookie: ocgj9l8b2hha=ncb9c78r10dng4mhuvsu4nbmj2; path=/; HttpOnly
Set-Cookie: oc_sessionPassphrase=VMe9TPNuHvzwpPdl8qTbsBHNcn2Xw0xAh9ZjQpAXDBU8917cvBLt2geLGuV%2B%2BmEdenAilycACi8%2B1fWBBMzr3MIpV62ygpVpV5uorCy7qhEMwwPjcNpZxIODZGQvmZg3; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=15768000; preload
Www-Authenticate: Basic realm="ownCloud"
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-Xss-Protection: 1; mode=block

<?xml version="1.0" encoding="utf-8"?>
<d:error xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns">
  <s:exception>Sabre\DAV\Exception\NotAuthenticated</s:exception>
  <s:message>No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfigured, No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfigured</s:message>
</d:error>`

It appears that davfs make a first OPTIONS call without authentication, waits for a 401 and then proceed to authentication.
Here are my davfs logs:
When connecting to my owncloud

Dec  7 18:23:51 dreis-desktop mount.davfs: davfs2 1.5.2
Dec  7 18:23:56 dreis-desktop mount.davfs: Initializing webdav
Dec  7 18:23:56 dreis-desktop mount.davfs: HTTP session to https://xxx.xxx.xxx:443 begins.
Dec  7 18:23:56 dreis-desktop mount.davfs: ah_create, for WWW-Authenticate
Dec  7 18:23:56 dreis-desktop mount.davfs: Running pre_send hooks
Dec  7 18:23:56 dreis-desktop mount.davfs: Sending request headers:#012OPTIONS /remote.php/webdav/ HTTP/1.1#015#012User-Agent: davfs2/1.5.2 neon/0.30.1#015#012Keep-Alive: #015#012Connection: TE, Keep-Alive#015#012TE: trailers#015#012Host: xxx.xxx.xxx
Dec  7 18:23:56 dreis-desktop mount.davfs: Sending request-line and headers:
Dec  7 18:23:56 dreis-desktop mount.davfs: Doing DNS lookup on xxx.xxx.xxx..
Dec  7 18:23:56 dreis-desktop mount.davfs: req: Connecting to 192.168.0.1:443
Dec  7 18:23:56 dreis-desktop mount.davfs: Request sent; retry is 0.
Dec  7 18:23:56 dreis-desktop mount.davfs: [status-line] < HTTP/1.1 200 OK
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] Date: Thu, 07 Dec 2017 17:23:56 GMT
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [date], Value: [Thu, 07 Dec 2017 17:23:56 GMT]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] Server: Apache/2.4.18 (Ubuntu)
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [server], Value: [Apache/2.4.18 (Ubuntu)]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] Set-Cookie: 513e28974df26=n3okeska5ece9ho3fnqrmf8o83; path=/; HttpOnly
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [set-cookie], Value: [513e28974df26=n3okeska5ece9ho3fnqrmf8o83; path=/; HttpOnly]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] Expires: Thu, 19 Nov 1981 08:52:00 GMT
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [expires], Value: [Thu, 19 Nov 1981 08:52:00 GMT]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [cache-control], Value: [no-store, no-cache, must-revalidate, post-check=0, pre-check=0]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] Pragma: no-cache
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [pragma], Value: [no-cache]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] Set-Cookie: oc_sessionPassphrase=FBhgCuRqIYjJ8B144mqsZapghFNcFokFFcOOKTNTPz5TDoQX5rW0%%2BonY3rkig4st6clqpHSpH3T%%2BYAXZEz8npZk46dqOp0e%%2BV2S4%%2F6Fcpi96KqWGsLCaHs83C6ACnpMY; path=/; secure; httponly
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [set-cookie], Value: [oc_sessionPassphrase=FBhgCuRqIYjJ8B144mqsZapghFNcFokFFcOOKTNTPz5TDoQX5rW0%%2BonY3rkig4st6clqpHSpH3T%%2BYAXZEz8npZk46dqOp0e%%2BV2S4%%2F6Fcpi96KqWGsLCaHs83C6ACnpMY; path=/; secure; httponly]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] Content-Security-Policy: default-src 'none';
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [content-security-policy], Value: [default-src 'none';]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] Access-Control-Allow-Headers: authorization,OCS-APIREQUEST,Origin,X-Requested-With,Content-Type,Access-Control-Allow-Origin,X-OC-Mtime,OC-Checksum,OC-Total-Length,Depth,Destination,Overwrite
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [access-control-allow-headers], Value: [authorization,OCS-APIREQUEST,Origin,X-Requested-With,Content-Type,Access-Control-Allow-Origin,X-OC-Mtime,OC-Checksum,OC-Total-Length,Depth,Destination,Overwrite]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] Access-Control-Allow-Origin: *
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [access-control-allow-origin], Value: [*]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] Access-Control-Allow-Methods: GET,OPTIONS,POST,PUT,DELETE,MKCOL,PROPFIND,PATCH,PROPPATCH,REPORT,MOVE,COPY
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [access-control-allow-methods], Value: [GET,OPTIONS,POST,PUT,DELETE,MKCOL,PROPFIND,PATCH,PROPPATCH,REPORT,MOVE,COPY]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] X-Content-Type-Options: nosniff
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [x-content-type-options], Value: [nosniff]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] X-XSS-Protection: 1; mode=block
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [x-xss-protection], Value: [1; mode=block]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] X-Robots-Tag: none
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [x-robots-tag], Value: [none]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] X-Frame-Options: SAMEORIGIN
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [x-frame-options], Value: [SAMEORIGIN]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] X-Download-Options: noopen
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [x-download-options], Value: [noopen]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] X-Permitted-Cross-Domain-Policies: none
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [x-permitted-cross-domain-policies], Value: [none]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] Content-Length: 0
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [content-length], Value: [0]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] Keep-Alive: timeout=5, max=100
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [keep-alive], Value: [timeout=5, max=100]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] Connection: Keep-Alive
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [connection], Value: [Keep-Alive]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr] Content-Type: text/html; charset=UTF-8
Dec  7 18:23:56 dreis-desktop mount.davfs: Header Name: [content-type], Value: [text/html; charset=UTF-8]
Dec  7 18:23:56 dreis-desktop mount.davfs: [hdr]
Dec  7 18:23:56 dreis-desktop mount.davfs: End of headers.
Dec  7 18:23:56 dreis-desktop mount.davfs: Running post_headers hooks
Dec  7 18:23:56 dreis-desktop mount.davfs: Running post_send hooks
Dec  7 18:23:56 dreis-desktop mount.davfs: ah_post_send (#0), code is 200 (want 401), WWW-Authenticate is (none)
Dec  7 18:23:56 dreis-desktop mount.davfs: Request ends, status 200 class 2xx, error line:#012200 OK
Dec  7 18:23:56 dreis-desktop mount.davfs: Running destroy hooks.
Dec  7 18:23:56 dreis-desktop mount.davfs: Request ends.

On demo.owncloud.org:

Dec  7 18:25:38 dreis-desktop mount.davfs: davfs2 1.5.2
Dec  7 18:25:41 dreis-desktop mount.davfs: Initializing webdav
Dec  7 18:25:41 dreis-desktop mount.davfs: HTTP session to https://demo.owncloud.org:443 begins.
Dec  7 18:25:41 dreis-desktop mount.davfs: ah_create, for WWW-Authenticate
Dec  7 18:25:41 dreis-desktop mount.davfs: Running pre_send hooks
Dec  7 18:25:41 dreis-desktop mount.davfs: Sending request headers:#012OPTIONS /remote.php/webdav/ HTTP/1.1#015#012User-Agent: davfs2/1.5.2 neon/0.30.1#015#012Keep-Alive: #015#012Connection: TE, Keep-Alive#015#012TE: trailers#015#012Host: demo.owncloud.org
Dec  7 18:25:41 dreis-desktop mount.davfs: Sending request-line and headers:
Dec  7 18:25:41 dreis-desktop mount.davfs: Doing DNS lookup on demo.owncloud.org...
Dec  7 18:25:41 dreis-desktop mount.davfs: req: Connecting to 136.243.60.151:443
Dec  7 18:25:41 dreis-desktop mount.davfs: Request sent; retry is 0.
Dec  7 18:25:41 dreis-desktop mount.davfs: [status-line] < HTTP/1.1 401 Unauthorized
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] Cache-Control: no-store, no-cache, must-revalidate
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [cache-control], Value: [no-store, no-cache, must-revalidate]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] Content-Length: 412
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [content-length], Value: [412]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] Content-Security-Policy: default-src 'none';
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [content-security-policy], Value: [default-src 'none';]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] Content-Type: application/xml; charset=utf-8
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [content-type], Value: [application/xml; charset=utf-8]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] Date: Thu, 07 Dec 2017 17:25:41 GMT
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [date], Value: [Thu, 07 Dec 2017 17:25:41 GMT]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] Expires: Thu, 19 Nov 1981 08:52:00 GMT
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [expires], Value: [Thu, 19 Nov 1981 08:52:00 GMT]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] Pragma: no-cache
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [pragma], Value: [no-cache]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] Server: Apache
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [server], Value: [Apache]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] Set-Cookie: ocgj9l8b2hha=kegme5fuimqfo9bbkqb5inp4t6; path=/; HttpOnly
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [set-cookie], Value: [ocgj9l8b2hha=kegme5fuimqfo9bbkqb5inp4t6; path=/; HttpOnly]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] Set-Cookie: oc_sessionPassphrase=Xt80uNgZY6lCUHaRxLQ6%%2FlMN%%2B3gC8bDeH4yCjUvGS%%2F41LZeFomiu6bpAUMBcbSKAXDhBdadddF%%2B%%2F4isQ3LtBK2du16XPsGqPa1EtVo67zmHuASHxhKgx%%2BfBQ2EXCCBBw; path=/; secure; HttpOnly
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [set-cookie], Value: [oc_sessionPassphrase=Xt80uNgZY6lCUHaRxLQ6%%2FlMN%%2B3gC8bDeH4yCjUvGS%%2F41LZeFomiu6bpAUMBcbSKAXDhBdadddF%%2B%%2F4isQ3LtBK2du16XPsGqPa1EtVo67zmHuASHxhKgx%%2BfBQ2EXCCBBw; path=/; secure; HttpOnly]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] Strict-Transport-Security: max-age=15768000; preload
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [strict-transport-security], Value: [max-age=15768000; preload]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] Www-Authenticate: Basic realm="ownCloud"
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [www-authenticate], Value: [Basic realm="ownCloud"]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] X-Content-Type-Options: nosniff
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [x-content-type-options], Value: [nosniff]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] X-Download-Options: noopen
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [x-download-options], Value: [noopen]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] X-Frame-Options: SAMEORIGIN
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [x-frame-options], Value: [SAMEORIGIN]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] X-Permitted-Cross-Domain-Policies: none
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [x-permitted-cross-domain-policies], Value: [none]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] X-Robots-Tag: none
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [x-robots-tag], Value: [none]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr] X-Xss-Protection: 1; mode=block
Dec  7 18:25:41 dreis-desktop mount.davfs: Header Name: [x-xss-protection], Value: [1; mode=block]
Dec  7 18:25:41 dreis-desktop mount.davfs: [hdr]
Dec  7 18:25:41 dreis-desktop mount.davfs: End of headers.
Dec  7 18:25:41 dreis-desktop mount.davfs: Running post_headers hooks
Dec  7 18:25:41 dreis-desktop mount.davfs: Reading 412 bytes of response body.
Dec  7 18:25:41 dreis-desktop mount.davfs: Got 322 bytes.
Dec  7 18:25:41 dreis-desktop mount.davfs: Reading 90 bytes of response body.
Dec  7 18:25:41 dreis-desktop mount.davfs: Got 90 bytes.
Dec  7 18:25:41 dreis-desktop mount.davfs: Running post_send hooks
Dec  7 18:25:41 dreis-desktop mount.davfs: ah_post_send (#0), code is 401 (want 401), WWW-Authenticate is Basic realm="ownCloud"
Dec  7 18:25:41 dreis-desktop mount.davfs: auth: Got challenge (code 401).
Dec  7 18:25:41 dreis-desktop mount.davfs: auth: Got 'Basic' challenge.
Dec  7 18:25:41 dreis-desktop mount.davfs: auth: Trying Basic challenge...
Dec  7 18:25:41 dreis-desktop mount.davfs: auth: Accepted Basic challenge.
Dec  7 18:25:41 dreis-desktop mount.davfs: Running pre_send hooks
Dec  7 18:25:41 dreis-desktop mount.davfs: auth: Sending 'Basic' response.
Dec  7 18:25:41 dreis-desktop mount.davfs: Sending request headers:#012OPTIONS /remote.php/webdav/ HTTP/1.1#015#012User-Agent: davfs2/1.5.2 neon/0.30.1#015#012Keep-Alive: #015#012Connection: TE, Keep-Alive#015#012TE: trailers#015#012Host: demo.owncloud.org#015#012Authorization: xxxxxxxxxxxxxxxxxx
Dec  7 18:25:41 dreis-desktop mount.davfs: Sending request-line and headers:
Dec  7 18:25:41 dreis-desktop mount.davfs: Request sent; retry is 1.
Dec  7 18:25:50 dreis-desktop mount.davfs: [status-line] < HTTP/1.1 200 OK
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Accept-Ranges: bytes
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [accept-ranges], Value: [bytes]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Allow: OPTIONS, GET, HEAD, DELETE, PROPFIND, PUT, PROPPATCH, COPY, MOVE, REPORT
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [allow], Value: [OPTIONS, GET, HEAD, DELETE, PROPFIND, PUT, PROPPATCH, COPY, MOVE, REPORT]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Cache-Control: no-store, no-cache, must-revalidate
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [cache-control], Value: [no-store, no-cache, must-revalidate]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Content-Length: 0
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [content-length], Value: [0]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Content-Security-Policy: default-src 'none';
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [content-security-policy], Value: [default-src 'none';]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Content-Type: text/html; charset=UTF-8
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [content-type], Value: [text/html; charset=UTF-8]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Date: Thu, 07 Dec 2017 17:25:41 GMT
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [date], Value: [Thu, 07 Dec 2017 17:25:41 GMT]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Dav: 1, 3, extended-mkcol
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [dav], Value: [1, 3, extended-mkcol]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Expires: Thu, 19 Nov 1981 08:52:00 GMT
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [expires], Value: [Thu, 19 Nov 1981 08:52:00 GMT]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Ms-Author-Via: DAV
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [ms-author-via], Value: [DAV]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Pragma: no-cache
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [pragma], Value: [no-cache]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Server: Apache
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [server], Value: [Apache]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Set-Cookie: ocgj9l8b2hha=orp8cdblk3kcvu14808qi936t4; path=/; HttpOnly
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [set-cookie], Value: [ocgj9l8b2hha=orp8cdblk3kcvu14808qi936t4; path=/; HttpOnly]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Set-Cookie: oc_sessionPassphrase=1c65yXjYeMHw8GMzizlc9%%2F4x2uIsUA2f5zJxEn%%2BQJduLkMRu%%2FE4HtFkrccB9YoeQlsKIlovhdsRcgKSHCurIjsyWKqzjq3NgRGJVHpg9%%2ByuUs%%2Bya9zY1uOuY5HtmlUCa; path=/; secure; HttpOnly
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [set-cookie], Value: [oc_sessionPassphrase=1c65yXjYeMHw8GMzizlc9%%2F4x2uIsUA2f5zJxEn%%2BQJduLkMRu%%2FE4HtFkrccB9YoeQlsKIlovhdsRcgKSHCurIjsyWKqzjq3NgRGJVHpg9%%2ByuUs%%2Bya9zY1uOuY5HtmlUCa; path=/; secure; HttpOnly]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Set-Cookie: ocgj9l8b2hha=s2vlugbs714b4ajrcjjnlpv0k4; path=/; secure; HttpOnly
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [set-cookie], Value: [ocgj9l8b2hha=s2vlugbs714b4ajrcjjnlpv0k4; path=/; secure; HttpOnly]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Set-Cookie: cookie_test=test; expires=Thu, 07-Dec-2017 18:25:50 GMT; Max-Age=3600
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [set-cookie], Value: [cookie_test=test; expires=Thu, 07-Dec-2017 18:25:50 GMT; Max-Age=3600]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] Strict-Transport-Security: max-age=15768000; preload
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [strict-transport-security], Value: [max-age=15768000; preload]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] X-Content-Type-Options: nosniff
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [x-content-type-options], Value: [nosniff]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] X-Download-Options: noopen
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [x-download-options], Value: [noopen]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] X-Frame-Options: SAMEORIGIN
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [x-frame-options], Value: [SAMEORIGIN]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] X-Permitted-Cross-Domain-Policies: none
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [x-permitted-cross-domain-policies], Value: [none]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] X-Robots-Tag: none
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [x-robots-tag], Value: [none]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr] X-Xss-Protection: 1; mode=block
Dec  7 18:25:50 dreis-desktop mount.davfs: Header Name: [x-xss-protection], Value: [1; mode=block]
Dec  7 18:25:50 dreis-desktop mount.davfs: [hdr]
Dec  7 18:25:50 dreis-desktop mount.davfs: End of headers.
Dec  7 18:25:50 dreis-desktop mount.davfs: Running post_headers hooks
Dec  7 18:25:50 dreis-desktop mount.davfs: Running post_send hooks
Dec  7 18:25:50 dreis-desktop mount.davfs: ah_post_send (#1), code is 200 (want 401), WWW-Authenticate is (none)
Dec  7 18:25:50 dreis-desktop mount.davfs: Request ends, status 200 class 2xx, error line:#012200 OK
Dec  7 18:25:50 dreis-desktop mount.davfs: Running destroy hooks.
Dec  7 18:25:50 dreis-desktop mount.davfs: Request ends.
Dec  7 18:25:50 dreis-desktop mount.davfs: ah_create, for WWW-Authenticate
Dec  7 18:25:50 dreis-desktop mount.davfs: Running pre_send hooks
Dec  7 18:25:50 dreis-desktop mount.davfs: auth: Sending 'Basic' response.
Dec  7 18:25:50 dreis-desktop mount.davfs: Sending request headers:#012PROPFIND /remote.php/webdav/ HTTP/1.1#015#012User-Agent: davfs2/1.5.2 neon/0.30.1#015#012Connection: TE#015#012TE: trailers#015#012Host: demo.owncloud.org#015#012Depth: 1#015#012Content-Length: 257#015#012Content-Type: application/xml#015#012Authorization: xxxxxxxxxxxxxxxxxx
Dec  7 18:25:50 dreis-desktop mount.davfs: Sending request-line and headers:
Dec  7 18:25:50 dreis-desktop mount.davfs: Sending request body:
Dec  7 18:25:50 dreis-desktop mount.davfs: Request sent; retry is 1.
Dec  7 18:25:51 dreis-desktop mount.davfs: [status-line] < HTTP/1.1 207 Multi-Status
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] Cache-Control: no-store, no-cache, must-revalidate
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [cache-control], Value: [no-store, no-cache, must-revalidate]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] Content-Length: 2048
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [content-length], Value: [2048]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] Content-Security-Policy: default-src 'none';
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [content-security-policy], Value: [default-src 'none';]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] Content-Type: application/xml; charset=utf-8
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [content-type], Value: [application/xml; charset=utf-8]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] Date: Thu, 07 Dec 2017 17:25:50 GMT
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [date], Value: [Thu, 07 Dec 2017 17:25:50 GMT]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] Dav: 1, 3, extended-mkcol
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [dav], Value: [1, 3, extended-mkcol]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] Expires: Thu, 19 Nov 1981 08:52:00 GMT
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [expires], Value: [Thu, 19 Nov 1981 08:52:00 GMT]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] Pragma: no-cache
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [pragma], Value: [no-cache]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] Server: Apache
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [server], Value: [Apache]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] Set-Cookie: ocgj9l8b2hha=jkh4koh95cjq4v1t6imofl8a83; path=/; HttpOnly
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [set-cookie], Value: [ocgj9l8b2hha=jkh4koh95cjq4v1t6imofl8a83; path=/; HttpOnly]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] Set-Cookie: oc_sessionPassphrase=tUNkQFz9aCqHYIeJsEADndojKnPScXhHpnK9ygtKNRyuHhOUIG3ldTKo2tFnLFSuVuYyTk6yWAFDWMoYoej74tlGJddsUs%%2F07opRY2jgxR91%%2F1Gmh%%2FfdfT0i2nHZ%%2BO2j; path=/; secure; HttpOnly
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [set-cookie], Value: [oc_sessionPassphrase=tUNkQFz9aCqHYIeJsEADndojKnPScXhHpnK9ygtKNRyuHhOUIG3ldTKo2tFnLFSuVuYyTk6yWAFDWMoYoej74tlGJddsUs%%2F07opRY2jgxR91%%2F1Gmh%%2FfdfT0i2nHZ%%2BO2j; path=/; secure; HttpOnly]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] Set-Cookie: ocgj9l8b2hha=i76d3gg45m8gvd6grsr2kf9ku7; path=/; secure; HttpOnly
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [set-cookie], Value: [ocgj9l8b2hha=i76d3gg45m8gvd6grsr2kf9ku7; path=/; secure; HttpOnly]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] Set-Cookie: cookie_test=test; expires=Thu, 07-Dec-2017 18:25:51 GMT; Max-Age=3600
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [set-cookie], Value: [cookie_test=test; expires=Thu, 07-Dec-2017 18:25:51 GMT; Max-Age=3600]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] Strict-Transport-Security: max-age=15768000; preload
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [strict-transport-security], Value: [max-age=15768000; preload]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] Vary: Brief,Prefer
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [vary], Value: [Brief,Prefer]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] X-Content-Type-Options: nosniff
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [x-content-type-options], Value: [nosniff]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] X-Download-Options: noopen
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [x-download-options], Value: [noopen]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] X-Frame-Options: SAMEORIGIN
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [x-frame-options], Value: [SAMEORIGIN]
Dec  7 18:25:51 dreis-desktop mount.davfs: [hdr] X-Permitted-Cross-Domain-Policies: none
Dec  7 18:25:51 dreis-desktop mount.davfs: Header Name: [x-permitted-cross-domain-policies], Value: [none]
...

Any help would be great.
Regards,
David

@PVince81
Copy link
Contributor

PVince81 commented Dec 8, 2017

Confirmed:

sudo mount.davfs http://localhost/owncloud/remote.php/dav/files/admin/ /mnt
Please enter the username to authenticate with server
http://localhost/owncloud/remote.php/dav/files/admin/ or hit enter for none.
  Username: admin
Please enter the password to authenticate user admin with server
http://localhost/owncloud/remote.php/dav/files/admin/ or hit enter for none.
  Password:  
mount.davfs: mounting failed; the server does not support WebDAV

@PVince81 PVince81 added this to the development milestone Dec 8, 2017
@PVince81
Copy link
Contributor

PVince81 commented Dec 8, 2017

Bisected, the CORS PR seems to break this: #28852.

I suspect it's the OPTIONS method that might not be returning the correct results. Strange that litmus didn't detect that.

@noveens

@PVince81 PVince81 self-assigned this Dec 8, 2017
@guibar
Copy link

guibar commented Dec 8, 2017

I am new to owncloud and have been banging my head over this.
Should I downgrade to 10.0.3 or is this going to be an easy fix?
Thanks,

@PVince81
Copy link
Contributor

PVince81 commented Dec 8, 2017

Workaround, disabling the DAV CORS plugin:

diff --git a/apps/dav/lib/Connector/Sabre/ServerFactory.php b/apps/dav/lib/Connector/Sabre/ServerFactory.php
index 0f89d16205..7257c2699a 100644
--- a/apps/dav/lib/Connector/Sabre/ServerFactory.php
+++ b/apps/dav/lib/Connector/Sabre/ServerFactory.php
@@ -101,7 +101,7 @@ class ServerFactory {
                $server->setBaseUri($baseUri);
 
                // Load plugins
-               $server->addPlugin(new \OCA\DAV\Connector\Sabre\CorsPlugin($this->userSession));
+               //$server->addPlugin(new \OCA\DAV\Connector\Sabre\CorsPlugin($this->userSession));
                $server->addPlugin(new \OCA\DAV\Connector\Sabre\MaintenancePlugin($this->config));
                $server->addPlugin(new \OCA\DAV\Connector\Sabre\ValidateRequestPlugin('webdav'));
                $server->addPlugin(new \OCA\DAV\Connector\Sabre\BlockLegacyClientPlugin($this->config));
diff --git a/apps/dav/lib/Server.php b/apps/dav/lib/Server.php
index 7fd765b5c0..4553c295ab 100644
--- a/apps/dav/lib/Server.php
+++ b/apps/dav/lib/Server.php
@@ -89,7 +89,7 @@ class Server {
                $this->server->addPlugin(new MaintenancePlugin($config));
                $this->server->addPlugin(new ValidateRequestPlugin('dav'));
                $this->server->addPlugin(new BlockLegacyClientPlugin($config));
-               $this->server->addPlugin(new CorsPlugin(\OC::$server->getUserSession()));
+               //$this->server->addPlugin(new CorsPlugin(\OC::$server->getUserSession()));
                $authPlugin = new Plugin();
                $authPlugin->addBackend(new PublicAuth());
                $this->server->addPlugin($authPlugin);

Not sure yet how difficult the fix will be. Need to have CORS' OPTIONS stuff to be able to coexist with DAV's OPTIONS stuff.

@PVince81
Copy link
Contributor

PVince81 commented Dec 8, 2017

Hmm it looks like davfs is expecting the OPTIONS call to fail with 401 when there is no authorization.
However we need OPTIONS to be able to return something different when doing a CORS request.

Only when davfs gets the 401 first and then is able to authenticate, it works.

I hope there is no other client that expects the same...

A possible hack would be to detect the user-agent in the request and skip the CORS plugin whenever the request is coming from davfs. Or, detect whether the request comes from a browser and only do CORS if it's a browser. Not sure how accurate.

@PVince81
Copy link
Contributor

PVince81 commented Dec 8, 2017

Some info about how to detect browser vs non-browser: https://www.npmjs.com/package/user-agent-is-browser.

I'd suggest to just detect if user-agent contains "Mozilla", if yes, activate the CorsPlugin. Else disable it.

@ghost
Copy link

ghost commented Dec 8, 2017

I hope there is no other client that expects the same...

Not sure if this is related: #29344 . The windows WebDAV client is requiring a 401 on an OPTIONS request to /, not sure if it also needs a 401 on /remote.php/webdav as well.

@PVince81
Copy link
Contributor

PVince81 commented Dec 8, 2017

PR to disable CORS for non-browsers: #29798

@guibar
Copy link

guibar commented Dec 8, 2017 via email

@Signum
Copy link

Signum commented Dec 10, 2017

@PVince81 Thanks. I can confirm that I can use davs:// URLs finally in file managers like "nemo" or "nautilus".

@Dreis74
Copy link
Author

Dreis74 commented Dec 11, 2017

@PVince81 Thanks a lot for your workaround. I can confirm that I can mount my folder via webdav now.

@cdamken
Copy link
Contributor

cdamken commented Dec 11, 2017

Tested #29798 with 10.0.4 and works fine.

@cruiseflight
Copy link

@PVince81 Thank you, that worked fine on owncloud 10.0.4 / Ubuntu 17.04.

There is another DAV issue in 10.0.3 and 10.0.4 documented here: https://central.owncloud.org/t/webdav-folder-sync-ios-readdle-documents-6-issue/10789. The CORS workaround did not resolve that one.

@PVince81
Copy link
Contributor

There is another DAV issue in 10.0.3 and 10.0.4 documented

CORS was only added in 10.0.4, so this issue is likely something different. Would be good to have a new ticket for that one and also check whether there is a past OC version where it did work so we can bisect and find potential breaking changes.

@micw
Copy link

micw commented Jan 5, 2018

That issue also breaks CardDav synchronisation with mobile phones (e.g. via Android's App "CardDavSync") - please keep that in mind when implementing the workaround.
UserAgent is "CardDAV-Sync/0.4.23 (HUAWEI; FRD-L19; Android 7.0; de_DE; org.dmfs.carddav.Sync/145" or similar.

@PVince81
Copy link
Contributor

PVince81 commented Jan 8, 2018

@micw does this PR fix your issue ?

@lock
Copy link

lock bot commented Jul 31, 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked as resolved and limited conversation to collaborators Jul 31, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

Successfully merging a pull request may close this issue.

7 participants