search

tanguilp / wax

WebAuthn for Elixir
https://hexdocs.pm/wax_
Apache License 2.0
184 stars 17 forks source link

Wax doesn't handle failures elegantly #11

Closed dfalling closed 4 years ago

dfalling commented 5 years ago

My current IP is flagged for spam from a number of domains (including CloudFlare). This causes this error from Wax unless I run through a VPN:

[error] GenServer Wax.Metadata terminating
** (FunctionClauseError) no function clause matching in Wax.Metadata.handle_info/2
    (wax) lib/wax/metadata.ex:101: Wax.Metadata.handle_info({:ssl_closed, {:sslsocket, {:gen_tcp, #Port<0.63>, :tls_connection, :undefined}, [#PID<0.631.0>, #PID<0.630.0>]}}, [serial_number: 0])
    (stdlib) gen_server.erl:637: :gen_server.try_dispatch/4
    (stdlib) gen_server.erl:711: :gen_server.handle_msg/6
    (stdlib) proc_lib.erl:249: :proc_lib.init_p_do_apply/3
Last message: {:ssl_closed, {:sslsocket, {:gen_tcp, #Port<0.63>, :tls_connection, :undefined}, [#PID<0.631.0>, #PID<0.630.0>]}}
State: [serial_number: 0]

The failure body is a HTML page with status 403.

I'm also getting this failure when starting up my server with my VPN enabled:

[error] GenServer Wax.Metadata terminating
** (stop) exited in: Task.await(%Task{owner: #PID<0.367.0>, pid: #PID<0.570.0>, ref: #Reference<0.2688299539.1131151361.214542>}, 5000)
    ** (EXIT) time out
    (elixir) lib/task.ex:577: Task.await/2
    (wax) lib/wax/metadata.ex:174: anonymous fn/1 in Wax.Metadata.process_metadata_toc/2
    (elixir) lib/enum.ex:769: Enum."-each/2-lists^foreach/1-0-"/2
    (elixir) lib/enum.ex:769: Enum.each/2
    (wax) lib/wax/metadata.ex:171: Wax.Metadata.process_metadata_toc/2
    (wax) lib/wax/metadata.ex:76: Wax.Metadata.handle_continue/2
    (stdlib) gen_server.erl:637: :gen_server.try_dispatch/4
    (stdlib) gen_server.erl:388: :gen_server.loop/7
    (stdlib) proc_lib.erl:249: :proc_lib.init_p_do_apply/3
Last message: {:continue, :update_metadata}
State: [serial_number: 0]

Wax then resumes update and everything seems to be working properly.

Let me know what other info would be helpful!

tanguilp commented 5 years ago

Thanks for your report.

I don't understand where the first error comes from: how can the handle_info/2 can be called with such a value?

I'll take a look in the following weeks.

dfalling commented 5 years ago

Here's the full output (with my FIDO token redacted) when I startup my local server without a VPN:

[info] Starting FIDO metadata update process
[info] Running IdoApiWeb.Endpoint with cowboy 2.6.3 at 0.0.0.0:4000 (http)
[info] Access IdoApiWeb.Endpoint at http://localhost:4000
[warn] Unable to download metadata ({:ok, %HTTPoison.Response{body: "<!DOCTYPE html>\n<!--[if lt IE 7]> <html class=\"no-js ie6 oldie\" lang=\"en-US\"> <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js ie7 oldie\" lang=\"en-US\"> <![endif]-->\n<!--[if IE 8]>    <html class=\"no-js ie8 oldie\" lang=\"en-US\"> <![endif]-->\n<!--[if gt IE 8]><!--> <html class=\"no-js\" lang=\"en-US\"> <!--<![endif]-->\n<head>\n<title>Attention Required! | Cloudflare</title>\n\n<meta charset=\"UTF-8\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=Edge,chrome=1\" />\n<meta name=\"robots\" content=\"noindex, nofollow\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1,maximum-scale=1\" />\n<link rel=\"stylesheet\" id=\"cf_styles-css\" href=\"/cdn-cgi/styles/cf.errors.css\" type=\"text/css\" media=\"screen,projection\" />\n<!--[if lt IE 9]><link rel=\"stylesheet\" id='cf_styles-ie-css' href=\"/cdn-cgi/styles/cf.errors.ie.css\" type=\"text/css\" media=\"screen,projection\" /><![endif]-->\n<style type=\"text/css\">body{margin:0;padding:0}</style>\n\n\n<!--[if gte IE 10]><!--><script type=\"text/javascript\" src=\"/cdn-cgi/scripts/zepto.min.js\"></script><!--<![endif]-->\n<!--[if gte IE 10]><!--><script type=\"text/javascript\" src=\"/cdn-cgi/scripts/cf.common.js\"></script><!--<![endif]-->\n\n\n\n\n</head>\n<body>\n  <div id=\"cf-wrapper\">\n    <div class=\"cf-alert cf-alert-error cf-cookie-error\" id=\"cookie-alert\" data-translate=\"enable_cookies\">Please enable cookies.</div>\n    <div id=\"cf-error-details\" class=\"cf-error-details-wrapper\">\n      <div class=\"cf-wrapper cf-header cf-error-overview\">\n        <h1 data-translate=\"challenge_headline\">One more step</h1>\n        <h2 class=\"cf-subheadline\"><span data-translate=\"complete_sec_check\">Please complete the security check to access</span> mds2.fidoalliance.org</h2>\n      </div><!-- /.header -->\n      \n      <div class=\"cf-section cf-highlight cf-captcha-container\">\n        <div class=\"cf-wrapper\">\n          <div class=\"cf-columns two\">\n            <div class=\"cf-column\">\n            \n              <div class=\"cf-highlight-inverse cf-form-stacked\">\n                <form class=\"challenge-form\" id=\"challenge-form\" action=\"/cdn-cgi/l/chk_captcha\" method=\"get\">\n  <input type=\"hidden\" name=\"s\" value=\"78ba257ddeb398886ee062c593e5744789f79412-1561649959-1800-AbaTJ5JWf/169Tm5tR8u+Zn0ABvRA2J41gXEBgjKuOiu8iKD6Hcc+K90KvLinGMLnJ7OtlueWZlXcmPqoBenARxkfA9jb5RM7j49I3K/gsNo7o1wK4fjUfuJN05+yrgRNIqmukrXvOhxFIphjygnDyKUu12clTr06Z0mCfSEhGaqpOJZa31TOoQ6ruXfAKvfd2KV9PA2RLiR6K0HOfgJ8oM=\"></input>\n  <script type=\"text/javascript\" src=\"/cdn-cgi/scripts/cf.challenge.js\" data-type=\"normal\"  data-ray=\"4ed8835859dc7d67\" async data-sitekey=\"6LfBixYUAAAAABhdHynFUIMA_sa4s-XsJvnjtgB0\"></script>\n  <div class=\"g-recaptcha\"></div>\n  <noscript id=\"cf-captcha-bookmark\" class=\"cf-captcha-info\">\n    <div><div style=\"width: 302px\">\n      <div>\n        <iframe src=\"https://www.google.com/recaptcha/api/fallback?k=6LfBixYUAAAAABhdHynFUIMA_sa4s-XsJvnjtgB0\" frameborder=\"0\" scrolling=\"no\" style=\"width: 302px; height:422px; border-style: none;\"></iframe>\n      </div>\n      <div style=\"width: 300px; border-style: none; bottom: 12px; left: 25px; margin: 0px; padding: 0px; right: 25px; background: #f9f9f9; border: 1px solid #c1c1c1; border-radius: 3px;\">\n        <textarea id=\"g-recaptcha-response\" name=\"g-recaptcha-response\" class=\"g-recaptcha-response\" style=\"width: 250px; height: 40px; border: 1px solid #c1c1c1; margin: 10px 25px; padding: 0px; resize: none;\"></textarea>\n        <input type=\"submit\" value=\"Submit\"></input>\n      </div>\n    </div></div>\n  </noscript>\n</form>\n\n                \n              </div>\n            </div>\n\n            <div class=\"cf-column\">\n              <div class=\"cf-screenshot-container\">\n              \n                <span class=\"cf-no-screenshot\"></span>\n              \n              </div>\n            </div>\n          </div><!-- /.columns -->\n        </div>\n      </div><!-- /.captcha-container -->\n\n      <div class=\"cf-section cf-wrapper\">\n        <div class=\"cf-columns two\">\n          <div class=\"cf-column\">\n            <h2 data-translate=\"why_captcha_headline\">W" <> ..., headers: [{"Date", "Thu, 27 Jun 2019 15:39:19 GMT"}, {"Content-Type", "text/html; charset=UTF-8"}, {"Transfer-Encoding", "chunked"}, {"Connection", "close"}, {"CF-Chl-Bypass", "1"}, {"Set-Cookie", "__cfduid=d9b82c41158fd0d40a77e6259eeff56b51561649959; expires=Fri, 26-Jun-20 15:39:19 GMT; path=/; domain=.fidoalliance.org; HttpOnly"}, {"Cache-Control", "max-age=2"}, {"Expires", "Thu, 27 Jun 2019 15:39:21 GMT"}, {"X-Frame-Options", "SAMEORIGIN"}, {"Expect-CT", "max-age=604800, report-uri=\"https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct\""}, {"Server", "cloudflare"}, {"CF-RAY", "4ed8835859dc7d67-LIM"}], request: %HTTPoison.Request{body: "", headers: [], method: :get, options: [], params: %{}, url: "https://mds2.fidoalliance.org/?token=REDACTED"}, request_url: "https://mds2.fidoalliance.org/?token=REDACTED", status_code: 403}})
[error] GenServer Wax.Metadata terminating
** (FunctionClauseError) no function clause matching in Wax.Metadata.handle_info/2
    (wax) lib/wax/metadata.ex:101: Wax.Metadata.handle_info({:ssl_closed, {:sslsocket, {:gen_tcp, #Port<0.27>, :tls_connection, :undefined}, [#PID<0.568.0>, #PID<0.567.0>]}}, [serial_number: 0])
    (stdlib) gen_server.erl:637: :gen_server.try_dispatch/4
    (stdlib) gen_server.erl:711: :gen_server.handle_msg/6
    (stdlib) proc_lib.erl:249: :proc_lib.init_p_do_apply/3
Last message: {:ssl_closed, {:sslsocket, {:gen_tcp, #Port<0.27>, :tls_connection, :undefined}, [#PID<0.568.0>, #PID<0.567.0>]}}
State: [serial_number: 0]

CloudFlare is serving a challenge page instead of returning the metadata. No big deal- I can workaround it and won't be behind this IP for long.

tanguilp commented 4 years ago

Looks like it is related to this bug: https://github.com/benoitc/hackney/issues/464

Closing this bug, hoping the HTTPoison version bump in v0.2.0 will fix this. Reopen if needed.