[BUG]: Timeout returns 503 when creating password

JimmyBaize commented 1 year ago

⚠️ This issue respects the following points: ⚠️

[X] This is a single bug, not a question or a configuration/webserver/proxy issue.
[X] This is not a bug in the browser extension or another client.
[X] This issue is not already reported on Github (I've searched it).
[X] Nextcloud Server and the Passwords App is up to date. See Nextcloud Apps.
[X] There are no warnings and errors reported in the Passwords App settings in the admin area
[X] The following apps are not installed: Rainloop

Server Information

{
    "version": {
        "server": "26.0.1.1",
        "app": "2023.5.30",
        "lsr": false,
        "php": "8.1.18",
        "cronPhp": "8.1.18"
    },
    "environment": {
        "os": "Linux",
        "architecture": "x86_64",
        "bits": 64,
        "database": "mysql",
        "cron": "cron",
        "proxy": false,
        "sslProxy": true,
        "subdirectory": false
    },
    "services": {
        "images": "imagick",
        "favicons": "default",
        "previews": "default",
        "security": "hibp",
        "words": "auto",
        "previewApi": false,
        "faviconApi": false
    },
    "status": {
        "autoBackupRestored": false
    },
    "settings": {
        "channel": "stable",
        "nightlies": false,
        "handbook": false,
        "performance": 5
    },
    "encryption": {
        "sse": {
            "SSEv1r1": false,
            "SSEv1r2": true,
            "SSEv2r1": false,
            "SSEv3r1": false,
            "none": false,
            "default": "SSEv1r2"
        },
        "cse": {
            "CSEv1r1": false,
            "none": true,
            "default": "none"
        }
    }
}

Client Information

Browser and Version: Microsoft Edge Version 113.0.1774.50 (64 bits) Client OS and Version: Windows10

Bug description

Timeout returns 503 when creating password

Steps to reproduce

open nextcloud website
open password app
create a password
When creating a password, some requests will time out, and some can be created successfully. The same request to create a failed password, retries many times have always failed, no pattern found

Expected behavior

open nextcloud website
open password app
create a password
The password was successfully created

Nextcloud Logs

[passwords] Error: Error "HIBP API returned invalid responsecURL error 28: Operation timed out after 30001 milliseconds with 1378 bytes received (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://api.pwnedpasswords.com/range/ddbf6" in OCA\Passwords\Controller\Api\PasswordApiController::create

POST /index.php/apps/passwords/api/1.0/password/create

[passwords] fatal: OCA\Passwords\Exception\SecurityCheck\InvalidHibpApiResponseException: HIBP API returned invalid responsecURL error 28: Operation timed out after 30001 milliseconds with 1378 bytes received (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://api.pwnedpasswords.com/range/ddbf6 at <<closure>>

 0. /var/www/html/custom_apps/passwords/lib/Helper/SecurityCheck/HaveIBeenPwnedHelper.php line 100
    OCA\Passwords\Helper\SecurityCheck\HaveIBeenPwnedHelper->executeApiRequest("ddbf6")
 1. /var/www/html/custom_apps/passwords/lib/Helper/SecurityCheck/HaveIBeenPwnedHelper.php line 48
    OCA\Passwords\Helper\SecurityCheck\HaveIBeenPwnedHelper->isHashInHibpDb("*** sensitive parameters replaced ***")
 2. /var/www/html/custom_apps/passwords/lib/Helper/SecurityCheck/AbstractSecurityCheckHelper.php line 108
    OCA\Passwords\Helper\SecurityCheck\HaveIBeenPwnedHelper->isHashSecure("*** sensitive parameters replaced ***")
 3. /var/www/html/custom_apps/passwords/lib/EventListener/Password/AbstractPasswordListener.php line 96
    OCA\Passwords\Helper\SecurityCheck\AbstractSecurityCheckHelper->getRevisionSecurityLevel(["OCA\\Passwords ... 9])
 4. /var/www/html/custom_apps/passwords/lib/EventListener/Password/BeforePasswordSetRevisionListener.php line 42
    OCA\Passwords\EventListener\Password\AbstractPasswordListener->checkSecurityStatus(["OCA\\Passwords ... 9])
 5. /var/www/html/lib/private/EventDispatcher/ServiceEventListener.php line 86
    OCA\Passwords\EventListener\Password\BeforePasswordSetRevisionListener->handle(["OCA\\Passwords ... "])
 6. /var/www/html/3rdparty/symfony/event-dispatcher/EventDispatcher.php line 251
    OC\EventDispatcher\ServiceEventListener->__invoke(["OCA\\Passwords ... "], "OCA\\Passwords\ ... t", ["Symfony\\Compo ... "])
 7. /var/www/html/3rdparty/symfony/event-dispatcher/EventDispatcher.php line 73
    Symfony\Component\EventDispatcher\EventDispatcher->callListeners([["Closure"]], "OCA\\Passwords\ ... t", ["OCA\\Passwords ... "])
 8. /var/www/html/lib/private/EventDispatcher/EventDispatcher.php line 87
    Symfony\Component\EventDispatcher\EventDispatcher->dispatch(["OCA\\Passwords ... "], "OCA\\Passwords\ ... t")
 9. /var/www/html/lib/private/EventDispatcher/EventDispatcher.php line 99
    OC\EventDispatcher\EventDispatcher->dispatch("OCA\\Passwords\ ... t", ["OCA\\Passwords ... "])
10. /var/www/html/custom_apps/passwords/lib/Services/Object/AbstractService.php line 224
    OC\EventDispatcher\EventDispatcher->dispatchTyped(["OCA\\Passwords ... "])
11. /var/www/html/custom_apps/passwords/lib/Services/Object/AbstractModelService.php line 92
    OCA\Passwords\Services\Object\AbstractService->fireEvent("beforeSetRevision", ["OCA\\Passwords\\Db\\Password",null], ["OCA\\Passwords ... 9])
12. /var/www/html/custom_apps/passwords/lib/Controller/Api/PasswordApiController.php line 153
    OCA\Passwords\Services\Object\AbstractModelService->setRevision(["OCA\\Passwords\\Db\\Password",null], ["OCA\\Passwords ... 9])
13. /var/www/html/lib/private/AppFramework/Http/Dispatcher.php line 230
    OCA\Passwords\Controller\Api\PasswordApiController->create("*** sensitive parameters replaced ***")
14. /var/www/html/lib/private/AppFramework/Http/Dispatcher.php line 137
    OC\AppFramework\Http\Dispatcher->executeController(["OCA\\Passwords ... "], "create")
15. /var/www/html/lib/private/AppFramework/App.php line 183
    OC\AppFramework\Http\Dispatcher->dispatch(["OCA\\Passwords ... "], "create")
16. /var/www/html/lib/private/Route/Router.php line 315
    OC\AppFramework\App::main("PasswordApiController", "create", ["OC\\AppFramewo ... "], ["passwords.password_api.create"])
17. /var/www/html/lib/base.php line 1056
    OC\Route\Router->match("/apps/passwords/api/1.0/password/create")
18. /var/www/html/index.php line 36
    OC::handleRequest()

Caused by:

GuzzleHttp\Exception\ConnectException: cURL error 28: Operation timed out after 30001 milliseconds with 1378 bytes received (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://api.pwnedpasswords.com/range/ddbf6 at <<closure>>

 0. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/CurlFactory.php line 158
    GuzzleHttp\Handler\CurlFactory::createRejection("*** sensitive parameters replaced ***")
 1. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/CurlFactory.php line 110
    GuzzleHttp\Handler\CurlFactory::finishError(["GuzzleHttp\\Handler\\CurlHandler"], "*** sensitive parameters replaced ***", ["GuzzleHttp\\Handler\\CurlFactory"])
 2. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/CurlHandler.php line 47
    GuzzleHttp\Handler\CurlFactory::finish(["GuzzleHttp\\Handler\\CurlHandler"], "*** sensitive parameters replaced ***", ["GuzzleHttp\\Handler\\CurlFactory"])
 3. /var/www/html/lib/private/Http/Client/DnsPinMiddleware.php line 114
    GuzzleHttp\Handler\CurlHandler->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
 4. /var/www/html/3rdparty/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php line 35
    OC\Http\Client\DnsPinMiddleware->OC\Http\Client\{closure}("*** sensitive parameters replaced ***")
 5. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Middleware.php line 31
    GuzzleHttp\PrepareBodyMiddleware->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
 6. /var/www/html/3rdparty/guzzlehttp/guzzle/src/RedirectMiddleware.php line 71
    GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
 7. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Middleware.php line 63
    GuzzleHttp\RedirectMiddleware->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
 8. /var/www/html/3rdparty/guzzlehttp/guzzle/src/HandlerStack.php line 75
    GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
 9. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php line 331
    GuzzleHttp\HandlerStack->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
10. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php line 168
    GuzzleHttp\Client->transfer("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
11. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php line 187
    GuzzleHttp\Client->requestAsync("*** sensitive parameters replaced ***")
12. /var/www/html/lib/private/Http/Client/Client.php line 226
    GuzzleHttp\Client->request("*** sensitive parameters replaced ***", "https://api.pwn ... 6", ["/mnt/bigdata1/ ... e])
13. /var/www/html/custom_apps/passwords/lib/Helper/SecurityCheck/HaveIBeenPwnedHelper.php line 150
    OC\Http\Client\Client->get("https://api.pwn ... 6", [["Passwords App for Nextcloud"]])
14. /var/www/html/custom_apps/passwords/lib/Helper/SecurityCheck/HaveIBeenPwnedHelper.php line 100
    OCA\Passwords\Helper\SecurityCheck\HaveIBeenPwnedHelper->executeApiRequest("ddbf6")
15. /var/www/html/custom_apps/passwords/lib/Helper/SecurityCheck/HaveIBeenPwnedHelper.php line 48
    OCA\Passwords\Helper\SecurityCheck\HaveIBeenPwnedHelper->isHashInHibpDb("*** sensitive parameters replaced ***")
16. /var/www/html/custom_apps/passwords/lib/Helper/SecurityCheck/AbstractSecurityCheckHelper.php line 108
    OCA\Passwords\Helper\SecurityCheck\HaveIBeenPwnedHelper->isHashSecure("*** sensitive parameters replaced ***")
17. /var/www/html/custom_apps/passwords/lib/EventListener/Password/AbstractPasswordListener.php line 96
    OCA\Passwords\Helper\SecurityCheck\AbstractSecurityCheckHelper->getRevisionSecurityLevel(["OCA\\Passwords ... 9])
18. /var/www/html/custom_apps/passwords/lib/EventListener/Password/BeforePasswordSetRevisionListener.php line 42
    OCA\Passwords\EventListener\Password\AbstractPasswordListener->checkSecurityStatus(["OCA\\Passwords ... 9])
19. /var/www/html/lib/private/EventDispatcher/ServiceEventListener.php line 86
    OCA\Passwords\EventListener\Password\BeforePasswordSetRevisionListener->handle(["OCA\\Passwords ... "])
20. /var/www/html/3rdparty/symfony/event-dispatcher/EventDispatcher.php line 251
    OC\EventDispatcher\ServiceEventListener->__invoke(["OCA\\Passwords ... "], "OCA\\Passwords\ ... t", ["Symfony\\Compo ... "])
21. /var/www/html/3rdparty/symfony/event-dispatcher/EventDispatcher.php line 73
    Symfony\Component\EventDispatcher\EventDispatcher->callListeners([["Closure"]], "OCA\\Passwords\ ... t", ["OCA\\Passwords ... "])
22. /var/www/html/lib/private/EventDispatcher/EventDispatcher.php line 87
    Symfony\Component\EventDispatcher\EventDispatcher->dispatch(["OCA\\Passwords ... "], "OCA\\Passwords\ ... t")
23. /var/www/html/lib/private/EventDispatcher/EventDispatcher.php line 99
    OC\EventDispatcher\EventDispatcher->dispatch("OCA\\Passwords\ ... t", ["OCA\\Passwords ... "])
24. /var/www/html/custom_apps/passwords/lib/Services/Object/AbstractService.php line 224
    OC\EventDispatcher\EventDispatcher->dispatchTyped(["OCA\\Passwords ... "])
25. /var/www/html/custom_apps/passwords/lib/Services/Object/AbstractModelService.php line 92
    OCA\Passwords\Services\Object\AbstractService->fireEvent("beforeSetRevision", ["OCA\\Passwords\\Db\\Password",null], ["OCA\\Passwords ... 9])
26. /var/www/html/custom_apps/passwords/lib/Controller/Api/PasswordApiController.php line 153
    OCA\Passwords\Services\Object\AbstractModelService->setRevision(["OCA\\Passwords\\Db\\Password",null], ["OCA\\Passwords ... 9])
27. /var/www/html/lib/private/AppFramework/Http/Dispatcher.php line 230
    OCA\Passwords\Controller\Api\PasswordApiController->create("*** sensitive parameters replaced ***")
28. /var/www/html/lib/private/AppFramework/Http/Dispatcher.php line 137
    OC\AppFramework\Http\Dispatcher->executeController(["OCA\\Passwords ... "], "create")
29. /var/www/html/lib/private/AppFramework/App.php line 183
    OC\AppFramework\Http\Dispatcher->dispatch(["OCA\\Passwords ... "], "create")
30. /var/www/html/lib/private/Route/Router.php line 315
    OC\AppFramework\App::main("PasswordApiController", "create", ["OC\\AppFramewo ... "], ["passwords.password_api.create"])
31. /var/www/html/lib/base.php line 1056
    OC\Route\Router->match("/apps/passwords/api/1.0/password/create")
32. /var/www/html/index.php line 36
    OC::handleRequest()

POST /index.php/apps/passwords/api/1.0/password/create

Browser Logs

/index.php/apps/passwords/api/1.0/password/create
responeCode 503

marius-wieschollek commented 1 year ago

The stack trace shows timeouts when using HIBP. Check your servers internet connection.

JimmyBaize commented 1 year ago

The stack trace shows timeouts when using HIBP. Check your servers internet connection.

It may be that the interface timed out due to poor server performance. The timeout of this interface is 5S, so it cannot be processed I deployed version 26.0.1-Apache in a docker way,Are there any configuration parameters to improve the performance of Nextcloud applications？ Thanks

marius-wieschollek commented 1 year ago

I doubt it's the server performance and think it's more a spotty internet connection or a firewall that drops the packages.

You can influence the client side performance behavior with the occ command occ config:app:set passwords performance --value=<number> where the number is a value between 0 (server with bad performance) and 6 (extremely good server). Usually it's 1 for ARM and 5 for AMD64 processors.

If the issue continues, you can try setting a different service for password security checks in the admin settings for the passwords app.

If you need more general help to improve NC performance, try asking here: https://help.nextcloud.com/

marius-wieschollek / passwords