search

bitwarden / clients

Bitwarden client apps (web, browser extension, desktop, and cli).
https://bitwarden.com
Other
9.08k stars 1.2k forks source link

RESTful API sync and unlock function breaks after the server has been up "for a while" #9306

Open eebette opened 4 months ago

eebette commented 4 months ago

Steps To Reproduce

  1. Run bw serve
  2. Run curl http://localhost:8087/unlock -d '{"password": "***"}' --header "Content-Type: application/json" <----- This works
  3. Run curl http://localhost:8087/sync -d '{}' --header "Content-Type: application/json" <----- This works
  4. Run curl http://localhost:8087/lock -d '{"password": "***"}' --header "Content-Type: application/json" <----- This works
  5. Wait some time (my loop runs every 3 hours and ALWAYS fails on the 2nd loop through)
  6. Run curl http://localhost:8087/unlock -d '{"password": "***"}' --header "Content-Type: application/json" <----- This works
  7. Run curl http://localhost:8087/sync -d '{}' --header "Content-Type: application/json" <----- This returns Internal Server Error
  8. curl http://localhost:8087/unlock -d '{"password": "***"}' --header "Content-Type: application/json" <----- Suddenly, this now also returns Internal Server Error

Expected Result

Expected sync command to return normal success value: 

{"success":true,"data":{"noColor":false,"object":"message","title":"Syncing complete.","message":null}}

And also not to break the unlock command.

Actual Result

Status code: 500 Internal Server Error

From stderr after running the sync command:

  TypeError: Cannot read properties of null (reading 'toString')
      at SyncCommand.<anonymous> (/snapshot/clients/apps/cli/build/bw.js:48171:62)
      at Generator.throw (<anonymous>)
      at rejected (/snapshot/clients/apps/cli/build/bw.js:48146:65)

From stderr after running the unlock command after the system-breaking sync command:

  TypeError [ERR_INVALID_ARG_TYPE]: The first argument must be of type string or an instance of Buffer, ArrayBuffer, or Array or an Array-like Object. Received undefined
      at new NodeError (node:internal/errors:388:5)
      at Function.from (node:buffer:326:9)
      at NodeCryptoFunctionService.toNodeBuffer (/snapshot/clients/apps/cli/build/bw.js:41828:23)
      at NodeCryptoFunctionService.toNodeValue (/snapshot/clients/apps/cli/build/bw.js:41823:30)
      at NodeCryptoFunctionService.pbkdf2 (/snapshot/clients/apps/cli/build/bw.js:41608:31)
      at KeyGenerationService.<anonymous> (/snapshot/clients/apps/cli/build/bw.js:19662:56)
      at Generator.next (<anonymous>)
      at /snapshot/clients/apps/cli/build/bw.js:19622:71
      at new Promise (<anonymous>)
      at /snapshot/clients/apps/cli/build/bw.js:19618:12

Screenshots or Videos

No response

Additional Context

I've discovered that logging out and logging back in does not fix this issue.

However, killing the bw serve process successfully fixes the issue.

i.e.

kill -9 $(pgrep -f "bw serve")

Operating System

Linux

Operating System Version

Debian GNU/Linux trixie/sid

Shell

Bash

Build Version

2024.4.1

Issue Tracking Info

mitrovda commented 4 months ago

Same issue here, but on version 2024.4.0.

cbbit commented 4 months ago

Hi there,

Thank you for your report!

This has been flagged to our engineering team.

If you wish to add any further information/screenshots/recordings etc., please feel free to do so at any time - our engineering team will be happy to review these.

Thanks once again!

Misterbabou commented 4 months ago

Same issue with version 2024.4.1 on Ubuntu 20.04.6 LTS using those commands on self host server.

TypeError: Cannot read properties of null (reading 'toString') at SyncCommand. (/snapshot/clients/apps/cli/build/bw.js:48171:62) at Generator.throw () at rejected (/snapshot/clients/apps/cli/build/bw.js:48146:65)

Node.js v18.5.0

- bw unlock --raw `You are not logged in.`
- in "~/.config/Bitwarden CLI/data.json"

"authenticatedAccounts": [],



It seems that the failed sync disconnect the user