qBittorrent Controller Pro not working anymore with qBittorrent v4.2.0

[Rouzax]

After the latest upgrade of qBittorrent v4.2.0 the Android controller only gives Authentication Errors. Already tried to add username and password again but to no avail.

[twosheds]

Same here with the free version.

[Rouzax]

Most likely has to do with either of these two changes

WEBUI: Bump Web API version WEBUI: Use PBKDF2 for the WebUI password. You will need to set your password again. (Chocobo1)

[nagysifa]

Same problem ... Setting the password again ( or completely changing it ) does not work

[sharkykh]

Actually, I believe it's most likely because v4.2.0 no longer has the legacy API. The qBT devs dropped it in favor of the new API.

Use PBKDF2 for the WebUI password. You will need to set your password again. (Chocobo1)

That just means you need to set it again in the qBT application settings.

[Rouzax]

@lgallard, is there any chance of doing an update to the Pro Controller?

[lgallard]

Version 4.2.0 changed the API. I need the API documentation for 4.2.0 and start working in the support. I opened a ticket at qBittorrent project to request the API documentation.

https://github.com/qbittorrent/qBittorrent/issues/11600

[sharkykh]

@lgallard The wiki is up to date. qBittorrent v4.2.0 shipped with API v2.3.0. https://github.com/qbittorrent/qBittorrent/wiki/Web-API-Documentation#api-v230 API v2 was introduced with qBittorrent v4.1.x, while keeping the legacy API available for backwards-compatibility until they fleshed-out the new API, and v4.2.0 made API v2 the only available API by removing the legacy API.

[lgallard]

@sharkykh thanks!! this what I was looking for!!

[lgallard]

Hi, version 4.7.0 supports 4.2.x (4.1.x are supported as well). Regards!

[nagysifa]

Thanx for the quick response! The new app works with 4.2.x !!!

[sharkykh]

Thanks @lgallard!

However, I can't seem to get HTTPS working. This is the first time I'm using qBittorrent on HTTPS, so it's possible I'm doing something wrong, but can anyone else confirm having an issue connecting using HTTPS?

I have a certificate+key created using mkcert, and I'm using KeyStore explorer to create a BKS-V1 keystore (also tried BKS). It works fine on the WebUI, but this app won't connect...

[Rouzax]

Mine does not work yet and I also have HTTPS. Nothing has changed and using valid and trusted certificate which before worked.

[lgallard]

@Rouzax @sharkykh did you follow these instructions to add the certificate in qBController?

[lgallard]

@Rouzax @sharkykh checking my code I realized I didn't implement HTTPS for Volley. I think it would take me some days until I can release a version that supports it. I create issue #183 to follow it there.

In the meantime, how are your setting your certificate on qBittorrent? I tried to configure a self-sign certificate but it seems version 4.2.0 has issues with that. I followed qBittorent documentation to set self-sign cert has explained here but got not lucky. Any clue?

[Rouzax]

I have a reverse proxy that connects back to qBittorrent. That reverse proxy get a certificate from let's Encrypt. So it is a trusted and valid web certificate.

[sharkykh]

did you follow these instructions to add the certificate in qBController?

I did, but not to the letter... I didn't need to create a certificate using openssl because I already have one, and I didn't want to install JDK just to convert to a BKS keystore - so I used a different program that supports BKS.

checking my code I realized I didn't implement HTTPS for Volley. I think it would take me some days until I can release a version that supports it. I create issue #183 to follow it there.

Thank you very much! 👍

In the meantime, how are your setting your certificate on qBittorrent? I tried to configure a self-sign certificate but it seems version 4.2.0 has issues with that. I followed qBittorent documentation to set self-sign cert has explained here but got not lucky. Any clue?

Well for me it was pretty straight-forward in qBittorrent v4.2.0. I'm on Windows so I'm using the GUI - just enabled HTTPS and pointed to the certificate and key files. BTW, no reverse proxy on my end.

[Rouzax]

Just to clarify my end qBittorrent does not have HTTPS configured that is done by the reverse proxy and the connection from the proxy to qBittorrent (internal network) is HTTP. This exact setup worked in the passed all up to qBittorrent 4.2.0, obviously my normal webgui still works through this setup.

[lgallard]

@sharkykh thanks, that's what I was doing but for some reason the self-signed certificate didn't work. I generate another one and worked with the WebUI

@Rouzax thanks for the screenshots. I need to implement and do some tests using a CA like LetsEncrypt.

[lgallard]

@sharkykh @Rouzax I just uploaded version 4.7.3 which includes support for https. Feedback is welcome!

[sharkykh]

Waiting for it to show up on Google Play Store. Will update.

[sharkykh]

v4.7.3 works great for me. Thank you very much @lgallard !

[Rouzax]

Just updated to latest version but still not working for me. Get authentication error when opening the app. Have tried to enter the credentials again but same result.

[sharkykh]

@Rouzax Just to be sure, did you also re-type your password on qBittorrent settings?

"Authentication error" sounds more like username/password error than a "SSL handshake error"

[Rouzax]

Yes typed it in again. I can use that same username password combo for the web GUI. This error is the same as I got earlier with to old controller version.

I don't use the default username.

[lgallard]

@Rouzax check your phone IP address is not banned.

On the other hand, you are using Let's Encrypt so maybe you need to generate the bks file and load it on qBController as a self-sign certificate. I know Let's Encrypt is a valid certificate but for browsers, for Android its CA might not be valid.

[Rouzax]

Nothing changed in my setup and previously it worked. When I upgraded qBittorrent the controller stopped working while everything else kept working. Is there any way for me to debug?

[sharkykh]

Is there any way for me to debug?

Anything in qBittorrent logs?

[Rouzax]

How does the controller connect? To the hostname or the resolved IP address?

[Rouzax]

Is there any way for me to debug?

Anything in qBittorrent logs? Nothing in the qbittorrent logs, it does not show up.

Logging in from external through the Web GUI (N) 2019-12-19T15:50:25 - WebAPI login success. IP: ::ffff:192.168.2.12

In IIS I also see log entries that the reverse proxy is working.

#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2019-12-19 14:54:22 192.168.2.12 GET / X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=999d6293-c01f-49bf-82f5-ef6c09f48bbd&SERVER-STATUS=200 443 - 192.168.2.254 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.79+Safari/537.36 - 200 0 0 8
2019-12-19 14:54:22 192.168.2.12 GET /css/dynamicTable.css v=9ecxnj&X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=3d8db964-e91c-4505-b871-adb6d47cb232&SERVER-STATUS=200 443 - 192.168.2.254 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.79+Safari/537.36 - 200 0 0 7
2019-12-19 14:54:22 192.168.2.12 GET /css/style.css v=9ecxnj&X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=c6b37d0a-0a49-4144-a37c-b5001d1aa7ed&SERVER-STATUS=200 443 - 192.168.2.254 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.79+Safari/537.36 - 200 0 0 7

When trying to connect from android it does not actually go through and gives a HTTP 403 error.

2019-12-19 14:54:54 192.168.2.12 GET /api/v2/torrents/info filter=all&X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=cfd23be9-d3c9-43b3-acca-718ae002fb99&SERVER-STATUS=403 443 - 192.168.2.254 qBittorrent+for+Android - 403 0 0 15
2019-12-19 14:54:54 192.168.2.12 GET /api/v2/torrents/info filter=all&X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=6af65210-ca30-460a-8884-04c13b4671c1&SERVER-STATUS=403 443 - 192.168.2.254 qBittorrent+for+Android - 403 0 0 62
2019-12-19 14:59:55 192.168.2.12 GET /api/v2/torrents/info filter=all&X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=52392953-1e09-4ed0-a746-24579857920f&SERVER-STATUS=403 443 - 192.168.2.254 qBittorrent+for+Android - 403 0 0 16
2019-12-19 14:59:55 192.168.2.12 GET /api/v2/torrents/info filter=all&X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=bdf984eb-2643-4d55-bd17-b1b1bb0bf1d9&SERVER-STATUS=403 443 - 192.168.2.254 qBittorrent+for+Android - 403 0 0 43
2019-12-19 15:00:07 192.168.2.12 GET /api/v2/torrents/info filter=all&X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=3c889701-413c-43a8-932f-74305464e0e1&SERVER-STATUS=403 443 - 192.168.2.254 qBittorrent+for+Android - 403 0 0 10

If directly connecting without HTTPS internally it does work

[sharkykh]

403 = Your IP is banned. Try restarting qBittorrent. https://github.com/qbittorrent/qBittorrent/wiki/Web-API-Documentation#login

[Rouzax]

That IP is the exact same one as my Web GUI is coming through. Which is my router since I'm at home so everything is routed directly back.

[sharkykh]

Sorry I'm on mobile and didn't see that:

If directly connecting without HTTPS internally it does work

[lgallard]

@Rouzax I don't have a letscencrypt cert to test on my environment. Any chance you give me access to your server or install another one in a different path and give me access?

[sharkykh]

I've been looking at qBittorrent's source code and it looks like if the session is non existent (I assume if the login failed) and you try to access an API route that requires authentication, you'll recieve a HTTP 403 error.

https://github.com/qbittorrent/qBittorrent/blob/release-4.2.0/src/webui/webapplication.cpp#L260-L261

I don't know how much this info is going to help though...

@Rouzax You posted logs from your reverse proxy or the actual qBittorrent application logs? I meant the latter.

[Rouzax]

@sharkykh Do you use authentication? I posted logs from the reverve proxy but there is no entry in the qBittorrent log when trying to connect from the controller. It does have entries when opening the Web GUI @lgallard let me take a look at that to give you access. Is there a way I can reach you private?

EDIT: Also tried resetting to the default admin username but same result

[sharkykh]

@sharkykh Do you use authentication? I posted logs from the reverve proxy but there is no entry in the qBittorrent log when trying to connect from the controller. It does have entries when opening the Web GUI

I do. Non-default username and password, no enabled bypass options (localhost clients / whitelisted subnets). When I try to connect using an incorrect credentials, I get this warning log message:

(W) 19/12/2019 18:07 - WebAPI login failure. Reason: invalid credentials, attempt count: 1, IP: x.x.x.x, username: test

To be fair, I just tried to GET /api/v2/torrents/info without logging in (got HTTP 403), and looks like qBittorrent doesn't log the 403 errors.

[Rouzax]

@lgallard I've setup a separate qBittorrent on a completely separate domain, and server with a valid Let's encrypt certificate. Let me know how I can give you the details in private.

@sharkykh I have the same, when logging in from the web GUI I do see successful or invalid, the API does not show anything

[sharkykh]

@Rouzax Can you find any calls to POST /api/v2/auth/login on your IIS logs after you open the Android app?

[Rouzax]

nope, the entries I posted are the only ones happening

[sharkykh]

Can you try clearing the cache for qBController on your device? (On Samsung it's Settings > Apps > qBController > Clear Cache)

If that doesn't work, I would try to close qBittorrent, then run (assuming you have Python 3 installed): python -m http.server [qbittorrent web ui port]. It creates a HTTP server on that port that will print out all the requests it receives to the console. My reasoning is, that way you should be able to tell which requests are actually getting through to the machine running qBT.

(Since you said qBT does not have HTTPS enabled and your reverse proxy handles it all, it should work with the current settings on Android, but obviously it won't actually get any data because it's just a mock server.)

[Rouzax]

Can you try clearing the cache for qBController on your device? (On Samsung it's Settings > Apps > qBController > Clear Cache)

If that doesn't work, I would try to close qBittorrent, then run (assuming you have Python 3 installed): python -m http.server [qbittorrent web ui port]. It creates a HTTP server on that port that will print out all the requests it receives to the console. My reasoning is, that way you should be able to tell which requests are actually getting through to the machine running qBT.

(Since you said qBT does not have HTTPS enabled and your reverse proxy handles it all, it should work with the current settings on Android, but obviously it won't actually get any data because it's just a mock server.)

Already cleared the entire app to factory defaults and set it up from scratch with the same result.

This is the Python webserver opening my Web GUI

C:\>python -m http.server 8080
Serving HTTP on 0.0.0.0 port 8080 (http://0.0.0.0:8080/) ...
192.168.2.12 - - [19/Dec/2019 19:00:24] "GET / HTTP/1.1" 200 -
192.168.2.12 - - [19/Dec/2019 19:00:24] code 404, message File not found
192.168.2.12 - - [19/Dec/2019 19:00:24] "GET /favicon.ico HTTP/1.1" 404 -

Python Webserver from Controller

192.168.2.12 - - [19/Dec/2019 19:02:18] code 404, message File not found
192.168.2.12 - - [19/Dec/2019 19:02:18] "GET /api/v2/torrents/info?filter=all HTTP/1.1" 404 -
192.168.2.12 - - [19/Dec/2019 19:02:18] code 404, message File not found
192.168.2.12 - - [19/Dec/2019 19:02:18] "GET /api/v2/transfer/speedLimitsMode HTTP/1.1" 404 -
192.168.2.12 - - [19/Dec/2019 19:02:18] code 404, message File not found
192.168.2.12 - - [19/Dec/2019 19:02:18] "GET /api/v2/torrents/info?filter=all HTTP/1.1" 404 -

Android app now say Host not found!

[sharkykh]

1. Is there a chance anything other than GET requests is blocked by your reverse proxy?
2. Maybe qBController doesn't send the login request at all? This sounds crazy to me, because it sends the login requests for me.

😕

[Rouzax]

No the get is send through but is responding back with a 403

[sharkykh]

I meant POST requests

[Rouzax]

I meant POST requests

No, just uploaded a torrent file through the Web GUI and see a post with a 200 code.

#Fields: date time s-sitename s-computername s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs-version cs(User-Agent) cs(Cookie) cs(Referer) cs-host sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2019-12-19 18:58:48 W3SVC1 WEB 192.168.2.12 GET /api/v2/sync/maindata rid=22&k4d388lq&X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=7d9dbb14-040f-4952-b17e-22fa0f783069&SERVER-STATUS=200 443 - 192.168.2.254 HTTP/2 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.79+Safari/537.36 - download:8080 200 0 0 2173 523 35
2019-12-19 18:58:50 W3SVC1 WEB 192.168.2.12 GET /api/v2/sync/maindata rid=23&k4d388lr&X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=ad179830-743c-4e9c-8e5f-22be6ecdf702&SERVER-STATUS=200 443 - 192.168.2.254 HTTP/2 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.79+Safari/537.36 - download:8080 200 0 0 1961 523 36
2019-12-19 18:58:51 W3SVC1 WEB 192.168.2.12 POST /api/v2/torrents/add X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=a329117c-2e45-42ff-a1db-a5be73094a1b&SERVER-STATUS=200 443 - 192.168.2.254 HTTP/2 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.79+Safari/537.36 - download:8080 200 0 0 496 21657 8
2019-12-19 18:58:51 W3SVC1 WEB 192.168.2.12 GET /api/v2/sync/maindata rid=24&k4d388ls&X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=d02f144a-7847-4866-95dd-a58034c462d7&SERVER-STATUS=200 443 - 192.168.2.254 HTTP/2 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.79+Safari/537.36 - download:8080 200 0 0 3232 523 39

[sharkykh]

Thank you for confirming. I'm out of ideas now, sorry.

[lgallard]

@Rouzax my email is at the app support contact, when you generate a report.

[Rouzax]

@lgallard just send you the details

[Mr-DeWitt]

Mine is working now! The problem was I've a server behind a reverse proxy like https://xydomain.com/qbit. So I set the "subfolder" option in the controller app, like "qbit", but the right setting is "/qbit". After I corrected it, the controller was able to connect through HTTPS with a valid letsencrypt certificate, which I didn't have to import into the app.

[Rouzax]

I don't use a subfolder. So that is not my problem. @Mr-DeWitt what reverse proxy are you using?