Closed koitsu closed 2 years ago
mihaifm
commented
2 years ago Hi, I just tried this, I'm not getting any error. It could be a connection issue on your side. Can you check the proxy setting in KeePass and make sure it's set to "System":
Tools -> Options -> Advanced -> Proxy button at the bottom -> Use system proxy settingsYou can also try to query the API directly with curl, see if you get any response:
curl https://api.pwnedpasswords.com/range/4f0a1
koitsu
commented
2 years ago No proxy is in use (i.e. value set to "System" and I do not have a proxy set system-wide).
curl https://api.pwnedpasswords.com/range/4f0a1 from the same system works fine.
I'm looking closer now, and it seems that "HIBP API error" is consistently returned for some entries but not others. Re-trying ones with errors still results in the same error. In other words: the problem is very selective, and not something like rate-limiting. It's as if the HIBP API is failing on certain passwords or hashes (not sure what the plugin submits to their API).
I just ran a full check on 45 password entries; 5 of them consistently report "HIBP API error", while the remaining 40 are fine.
Sadly I cannot provide you an example password DB with such an entry because, well, it should be obvious. :)
How can I troubleshoot this further?
mihaifm
commented
2 years ago Yea I tried it again and indeed it replicates for some passwords and not others. It seems like the API sometimes sends a blank line at the end of the response, which is causing an exception when processing it. Not sure why the blank line is only sent for some passwords and not all of them.
Anyway it's an easy fix, I will release a new version shortly. Thanks for troubleshooting this.
mihaifm
commented
2 years ago Uploaded a new release that fixes the issue. Thank you again for reporting this.
koitsu
commented
2 years ago Thanks! I'll be working on getting an updated package pushed out for the Chocolatey package of your plugin as well.
mihaifm
commented
2 years ago Good stuff, thanks for that
Today while adding and updating some new entries in KeePass I noticed that all my modifications resulted in the "Have I been pwned?" field/column showing "HIBP API error".
I checked the official HIBP website and their Twitter feed and I did not see anything about an outage or API changes, so I'm confused as to what the issue is.
I am using the Online mode, obviously. (I have no interest in using the Offline mode, re: database is enormous and I am not going to put that on my systems. I rarely need to do HIBP checks anyway, so my API usage is certainly super low.)
Let me know what information I can provide for troubleshooting, and how I can provide it. (I do not know how to get debug information from a KeePass plugin).