`rbw unlock` not working.

[BartSte]

Hey,

My appologies when the following issue is already know to you. It searched through the docs and the issues and could not find anything that explains my issue.

When running 1.9.0 everything is fine: I can unlock the database on my Arch linux machine using pinentry. When I upgrade to 1.10.1, and use the exact same password, I am not able to unlock the database, as it prompts me that the password is incorrect.

The issue might be explained by the title op het pinentry window. On 1.9.0 it says:

• Unlock the local database for 'rbw'

On 1.10.1 it says:

• Log in to api.bitwarden.com

Which explains why the password fails. Do you know why this behavior differs from both versions?

Thanks!

[raffomania]

I can confirm that this happens on 1.10.0 after the following steps:

• rbw purge
• rbw stop-agent
• Change PBKDF2 rounds, rotate API Key
• rbw register successfully
• rbw login on api.bitwarden.com fails

The error is

rbw login: failed to log in to bitwarden instance: Username or password is incorrect. Try again.

[itsjfx]

I'm unable to login on 1.9.0, 1.10.0, and 1.10.1 on both Debian and Arch, even after using rbw register which exits OK

Is there any trace logging we can turn on to help provide more information?

[Nietzschemon]

Had the same problem with 1.10.0 on Manjaro after a systems upgrade. Worked downgrading to 1.9.0 with no additional steps.

[oranenj]

Echoing the problem, login seem to be broken.

I tried downgrading to 1.9.0, but it doesn't work either.

[BartSte]

Echoing the problem, login seem to be broken.

I tried downgrading to 1.9.0, but it doesn't work either.

I had the same problem but after a reboot 1.9.0 was working.

[oranenj]

I had the same problem but after a reboot 1.9.0 was working.

That's weird. Maybe you were running an old version of the agent?

I made sure to kill the agent, but it's not working. Maybe the problem is that I switched to Argon KDF; I'll try switching back

[BartSte]

I had the same problem but after a reboot 1.9.0 was working.

That's weird. Maybe you were running an old version of the agent?

I made sure to kill the agent, but it's not working. Maybe the problem is that I switched to Argon KDF; I'll try switching back

Oke nevermind, now 1.9.0 also stopped working... No idea why...

[glaeqen]

Requests to https://identity.bitwarden.com/connect/token apparently started failing recently. I compared the network calls between the official Bitwarden Firefox Extension and rbw. I narrowed it down to two extra headers that makes the server happy. This is a diff that seems to fix the issue although it makes rbw pretend something that it is not I guess. I'd be good if @doy or someone more clever than me took a look.

diff --git a/src/api.rs b/src/api.rs
index 9a58f9e..39aa5c0 100644
--- a/src/api.rs
+++ b/src/api.rs
@@ -895,6 +895,8 @@ impl Client {
         let res = client
             .post(&self.identity_url("/connect/token"))
             .form(&connect_req)
+            .header("Bitwarden-Client-Name", "browser")
+            .header("Bitwarden-Client-Version", "2024.4.1")
             .header(
                 "auth-email",
                 crate::base64::encode_url_safe_no_pad(email),

[oranenj]

Can confirm, that fix works.

[sedlund]

"cli" is a valid "Bitwarden-Client-Name" per the official cli

[MariusHerget]

Can confirm the fix works with "cli" as client name. @glaeqen can you create a PR for @doy ?

[sedlund]

Here is a Nix override that builds @glaeqen 's PR -- Works great -- Thanks!

rbw = pkgs.rbw.override (super: {
  rustPlatform =
    super.rustPlatform
    // {
      buildRustPackage = args:
        super.rustPlatform.buildRustPackage (args
          // {
            version = "1.10.1+fixlogin";
            src = pkgs.fetchFromGitHub {
              owner = "glaeqen";
              repo = "rbw";
              rev = "fix-login";
              hash = "sha256-T6kn33R8FipJtfI599oc8VbQFhdI4NYef8fO6Ixaqos=";
            };
            cargoHash = "sha256-R0MT3AZLhHMPS7JPkYsI7p+Hhty6aVi2cTPeg6pqEm8=";
          });
    };
});

[srhb]

@sedlund gitlab exposes auto patches on PRs if you append .patch :)

  (self: super: {
    rbw = super.rbw.overrideAttrs (oa: {
      patches = oa.patches or [] ++ [
        (self.fetchpatch {
          url = "https://github.com/doy/rbw/pull/175.patch";
          hash = "sha256-WjyvDrghbMYHF8MIPVj7I6WWJJXPEDXfBlZpw2lJaCs=";
        })
      ];
    });
  })

[itsjfx]

thanks, this has unblocked my workflow ive built a version here: https://github.com/itsjfx/rbw/releases/download/1.10.2-rc.1/rbw_1.10.2-rc.1_linux_amd64.tar.gz you can build it yourself here: https://github.com/itsjfx/rbw/blob/main/build.sh

installed in a dev container looks like this

wget https://github.com/itsjfx/rbw/releases/download/1.10.2-rc.1/rbw_1.10.2-rc.1_linux_amd64.tar.gz
mkdir rbw
tar -xvf rbw_1.10.2-rc.1_linux_amd64.tar.gz -C rbw/
install -vDm755 -t /usr/bin rbw/rbw{,-agent}
install -vDm644 rbw/completions/bash-completions /usr/share/bash-completion/completions/rbw
install -vDm644 rbw/completions/fish-completions /usr/share/fish/vendor_completions.d/rbw.fish
install -vDm644 rbw/completions/zsh-completions /usr/share/zsh/site-functions/_rbw