search

PhilippC / keepass2android

Password manager app for Android
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
GNU General Public License v3.0
4.81k stars 390 forks source link

Unable to open database file containing non-ASCII character (umlaut 'ö') via FTP #1178

Open Smagjus opened 4 years ago

Smagjus commented 4 years ago

When I try to open a .kdbx-file that contains an 'ö' as part of its name, I get a generic timeout error.

Setting up FTP and selecting the file in directory view works as intended. But as soon as I enter and confirm the passwort in the open-dialog, I get said timeout error.

Having an 'ö' in the database name doesn't seem to be an issue. Only the .kdbx-file may not contain the letter and renaming the file resolves the issue.

As a first measure it would be nice to get a more specific error message.

Additional information:

The FTP-server is running on Windows Server 2012 R2 IIS-Version 8.5.9600.16384. The server is using user name directories for user isolation. It requires username and passwort for authentification.

The two devices I tested this bug on are Xiaomi Mi A2 Lite and Xiamo Redmi Note 8 - both running Android 9.

PhilippC commented 4 years ago

what server software is used?

Smagjus commented 4 years ago

I am using the default FTP-Server that is integrated within Windows Server 2012 R2 and its Internet Information Services (IIS).

Small-Ku commented 4 years ago

May related: robinrodricks/FluentFTP#65 May help: https://serverfault.com/questions/810765/cant-show-non-english-characters-in-iis

Smagjus commented 4 years ago

"Allow UTF8" is the default setting for this iis-Version. I am not sure what else could help here.

In the meantime I spun up an FTP-Server with FileZilla's server program and reproduced the problem here. The logs when the android client tries to retrieve the file Databöse.kdbx are interesting:

AndroidClient> OPTS UTF8 ON Server> 202 UTF8 mode is always enabled. No need to send this command.

[...]

AndroidClient> RETR /Datab%C3%B6se.kdbx Server> 550 File not found

When I use a third party FTP-Client to retrieve this file I get this log:

3rdPartyClient> RETR Databöse.kdbx Server> 150 Opening data channel for file download from server of "/Databöse.kdbx" Server> 226 Successfully transferred "/Databöse.kdbx"

So it seems like keepass2android URL-encodes the filename. The server takes this literally and can't find the garbled filename. I confirmed this by creating a Datab%C3%B6se.kdbx on the server. Now when I would try to access Databöse.kdbx via Android I would successfully retrieve Datab%C3%B6se.kdbx.