Airsonic-Advanced Server: can't login using DSUB

[Nykoshiro]

Recently built up a new airsonic-advanced server for testing. I am able to use the Subsonic app from Google Play to login. When using the DSub app I get 'Connection Failed: wrong username or password'.

The logs for airsonic say show:

INFO --- o.a.p.s GlobalSecurityConfig : Login failed from IP ADDRESS

[Nykoshiro]

I tested DSUB with an airsonic server & subsonic server, both of which seem to work.

[SteveDinn]

It's probably the password encryption you've chosen in Airsonic advanced. Pick AES instead of bcrypt and it should work.

On Thu, Oct 29, 2020, 16:11 Nykoshiro notifications@github.com wrote:

I tested DSUB with an airsonic server & subsonic server, both of which seem to work.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/daneren2005/Subsonic/issues/1029#issuecomment-718963246, or unsubscribe https://github.com/notifications/unsubscribe-auth/AA526U5VSY7JUXYMNUB2BKTSNG457ANCNFSM4TDPYG6Q .

[Nykoshiro]

Switching the PW to Encrypted AES worked; does DSUB not support any non-decodable encoders? I tried SHA256/SHA-256/scrypt, none of which worked...

[SteveDinn]

I believe you are correct. The original Airsonic never supported any, so most clients are in the same boat. I haven't seen one that works with bcrypt yet.

[daneren2005]

So this is due to standard Subsonic supporting passing a hashed version of your password via the API. I am guessing Airsonic Advanced is reporting a high version of the Subsonic API which supports this and so we are sending it and Airsonic is failing on it. Basically if Airsonic is hashing the password on it's end there is no way us hashing on our end is going to work since the two won't match.

[Nykoshiro]

Thank you for the info, it helps... This issue can be closed as I can just use aes for now. Appreciate all the help. 'N

---

From: Scott Jackson notifications@github.com Sent: Wednesday, November 4, 2020 8:41:19 PM To: daneren2005/Subsonic Subsonic@noreply.github.com Cc: Nykoshiro x69erx@hotmail.com; Author author@noreply.github.com Subject: Re: [daneren2005/Subsonic] Airsonic-Advanced Server: can't login using DSUB (#1029)

So this is due to standard Subsonic supporting passing a hashed version of your password via the API. I am guessing Airsonic Advanced is reporting a high version of the Subsonic API which supports this and so we are sending it and Airsonic is failing on it. Basically if Airsonic is hashing the password on it's end there is no way us hashing on our end as well is going to work.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/daneren2005/Subsonic/issues/1029#issuecomment-722137275, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AFTHRNJ57D6CXZHYQNZPLHLSOIUG7ANCNFSM4TDPYG6Q.

[daneren2005]

Took me a while to dig through the old documentation here to figure out what we need to do about this. So Subsonic already had the same issue with LDAP clients, and fixed it via returning an error code 41 when trying to send a hashed password with an LDAP client. Relevant docs: http://www.subsonic.org/pages/api.jsp. Airsonic Advanced can just implement the same error code and then DSub will automatically try to reconnect in the background without the user even being aware of the issue. I was able to find my old commit that originally took care of this issue: https://github.com/daneren2005/Subsonic/commit/328d80f0dfd9c6057e65b948b9bd9d52968cc4a8.

[daneren2005]

I am going to close this now since there is a path forward for the Airsonic Advanced devs if they want