Skip to content
This repository has been archived by the owner. It is now read-only.

Error Code 10 #21

Closed
n1am opened this issue Jun 4, 2015 · 15 comments
Closed

Error Code 10 #21

n1am opened this issue Jun 4, 2015 · 15 comments
Labels

Comments

@n1am
Copy link

@n1am n1am commented Jun 4, 2015

Hi,
I'm trying out this plugin. Every time I'm getting "Error Code: 10 Status Message, Browser-side Error Code: User-agent returned error. Error code: 2" while registering new key.

I've tried to install it on a vanilla WordPress installation under Ubuntu (PHP 5.5.9) but same error.

Even tried different version of Chrome (stable branch and dev branch).

Am I doing something wrong?

Thank You

@shield-9

This comment has been minimized.

Copy link
Owner

@shield-9 shield-9 commented Jun 4, 2015

Did you do "git submodule init" and "git submodule update"?

@n1am

This comment has been minimized.

Copy link
Author

@n1am n1am commented Jun 4, 2015

I did a git clone --recursive. Few minutes ago I deleted everything, did a git clone, submodule init and update, but I get the same error.

Right now I'm testing this plugin on a vanilla Digital Ocean's Wordpress template droplet. The specs are Ubuntu 14.04 (3.13.0-27-generic #50-Ubuntu SMP Thu May 15 18:06:16 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux)
PHP 5.5.9
Wordpress 4.2.2
MySQL 5.5.38

Used either Chrome 45.0.2414.0 dev-m and 43.0.2357.81 m.

Same issue on my live installation of WordPress based on CentOS 6.6/nginx and PHP 5.5.25.

u2f-login-error10

@shield-9

This comment has been minimized.

Copy link
Owner

@shield-9 shield-9 commented Jun 4, 2015

What security key product are you using? (e.g. Yubikey NEO, Plug-up FIDO U2F Security Key)

@n1am

This comment has been minimized.

Copy link
Author

@n1am n1am commented Jun 4, 2015

I am using a Yubikey NEO. I've tried with different mode: only U2F, OTP+U2F and OTP+U2F+CCID but same result.

Is it NEO supported?

@n1am

This comment has been minimized.

Copy link
Author

@n1am n1am commented Jun 4, 2015

Is it possible that new versions of Chrome are incompatible? I just tried to register the key in an old VM with Chromium OS, and in this case when I press register an animated icon appairs and i don't get the error message.

@shield-9

This comment has been minimized.

Copy link
Owner

@shield-9 shield-9 commented Jun 4, 2015

I've confirmed NEO works well. And there are no problem with "45.0.2422.0 canary (64-bit) on Windows 7 Pro 64 bit".


Sorry, I have no idea to resolve this issue...
But Chrome's "console" (Ctrl + Shift + I) may help you.

@shield-9

This comment has been minimized.

Copy link
Owner

@shield-9 shield-9 commented Jun 4, 2015

Maybe related to Yubico/php-u2flib-server#21

@n1am

This comment has been minimized.

Copy link
Author

@n1am n1am commented Jun 5, 2015

Resolved the name problem on the wp test installation, but I don't think this is the problem.
Same problem with Chrome on Windows 8.1 X64 and Windows 7 X64

This is the console output when I press Register button:

Register: Object {version: "U2F_V2", challenge: "TlxK5oOyORkCQNv-ekAruvBML67JnRjBYSLnVdkvzCE", appId: "http://wp.xxxx.it"}

admin.min.js?ver=0.1.0-dev:2 Register callback Object {errorCode: 2}

load-scripts.php?c=0&load[]=jquery-core,jquery-migrate,utils&ver=4.2.2:4 XHR finished loading: POST "http://wp.xxxx.it/wp-admin/admin-ajax.php".m.ajaxTransport.send @ load-scripts.php?c=0&load[]=jquery-core,jquery-migrate,utils&ver=4.2.2:4m.extend.ajax @ load-scripts.php?c=0&load[]=jquery-core,jquery-migrate,utils&ver=4.2.2:4m.each.m.(anonymous function) @ load-scripts.php?c=0&load[]=jquery-core,jquery-migrate,utils&ver=4.2.2:4(anonymous function) @
admin.min.js?ver=0.1.0-dev:2u2f.responseHandler_ @ u2f-api.js?ver=0.1.0-dev:314(anonymous function) @ u2f-api.js?ver=0.1.0-dev:200target.(anonymous function) @ extensions::SafeBuiltins:19EventImpl.dispatchToListener @ extensions::event_bindings:387target.(anonymous function) @ extensions::SafeBuiltins:19$Array.forEach.publicClass.(anonymous function) @ extensions::utils:94EventImpl.dispatch_ @ extensions::event_bindings:371EventImpl.dispatch @ extensions::event_bindings:393target.(anonymous function) @ extensions::SafeBuiltins:19$Array.forEach.publicClass.(anonymous function) @ extensions::utils:94dispatchOnMessage @ extensions::messaging:322

admin.min.js?ver=0.1.0-dev:2 Ajax Response Object {readyState: 4, responseText: "{"errorCode":10,"errorText":"User-agent returned error. Error code: 2"}", responseJSON: Object, status: 200, statusText: "OK"}abort: (a)always: ()complete: ()done: ()error: ()fail: ()getAllResponseHeaders: ()arguments: nullcaller: nulllength: 0name: ""prototype: m.extend.ajax.v.getAllResponseHeaders__proto__: ()getResponseHeader: (a)overrideMimeType: (a)pipe: ()progress: ()promise: (a)readyState: 4responseJSON: ObjectresponseText: "{"errorCode":10,"errorText":"User-agent returned error. Error code: 2"}"setRequestHeader: (a,b)state: ()status: 200statusCode: (a)statusText: "OK"success: ()arguments: nullcaller: nulllength: 0name: ""prototype: m.Callbacks.k.add__proto__: ()then: ()proto: Object

admin.min.js?ver=0.1.0-dev:3 Error occured

@n1am

This comment has been minimized.

Copy link
Author

@n1am n1am commented Jun 5, 2015

Hi,
I continue getting the error relative to the authentication message not matching any registration.
For the testing I'm using wp.virho.it. AppId is exactly "http://wp.virho.it".

The u2f plugin for WordPress made by Yubico works. I can't understand why this not.

I tried different PC, with different OS and different version of Chrome. I think the problem is not in the client side.

Thanks

P.S.
Is the support for u2f native in Chrome or do you need the chrome extension "FIDO U2F (Universal 2nd Factor) extension"?

@n1am

This comment has been minimized.

Copy link
Author

@n1am n1am commented Jun 6, 2015

Problem solved =)
The issue is in the u2f-api.js. The "u2f.EXTENSION_ID" is incorrect.

Original:

u2f.EXTENSION_ID = 'kmendfapggjehodndflmmgagdbamhnfd';

Edited:

u2f.EXTENSION_ID = 'pfboblefjcgdjicmnffhdgionmgcdmne';

With this little modification when I press the register button no error get notified. A pop up ask me if I want allow or block the host to access my security key. Allow, tap the key and everything work just fine.

Great plugin ;)
Thank you ;)

@nProtect

This comment has been minimized.

Copy link

@nProtect nProtect commented Aug 22, 2015

@n1am

I have same problem too. But i try to change u2f.EXTENSION_ID when i push Register button its no error but nothing happened after I push the yubikey.

@matt-3

This comment has been minimized.

Copy link

@matt-3 matt-3 commented Oct 2, 2015

Same here. u2f.EXTENSION_ID change did not help either.

@n1am

This comment has been minimized.

Copy link
Author

@n1am n1am commented Oct 3, 2015

Hi, I've just tried on Windows 10 (x64) with Chrome 45.0.2454.101 m (64-bit) and it works, using a Yubikey U2F Security Key.

I use FIDO U2F (Universal 2nd Factor) extension version 0.9.31. The extension id is: pfboblefjcgdjicmnffhdgionmgcdmne

Some time ago I experienced issues with Chrome dev-channel.

Have you tried on a Vanilla Chrome (stable branch) version?

@gstammw

This comment has been minimized.

Copy link

@gstammw gstammw commented Oct 8, 2015

I'm having the same problem on Win10 x64 using Google Chrome Version 45.0.2454.101 m.
The plugin can neither register a Yubikey NEO nor a plug-up security key (http://puk1.fr/sk).

Other website like google are working fine with U2F.

Please provide a fix.

@shield-9

This comment has been minimized.

Copy link
Owner

@shield-9 shield-9 commented Oct 8, 2015

You need to use HTTPS to use U2F for Chrome. (This is not U2F spec.)
If your problems are reproduced:

  • using host name with valid TLD
  • using HTTPS
  • using the latest Chrome stable
    , please open new issue.
@shield-9 shield-9 closed this Oct 8, 2015
Repository owner locked and limited conversation to collaborators Oct 8, 2015
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
5 participants
You can’t perform that action at this time.