search

timvisee / ffsend

:mailbox_with_mail: Easily and securely share files from the command line. A fully featured Firefox Send client.
https://gitlab.com/timvisee/ffsend
GNU General Public License v3.0
6.92k stars 182 forks source link

Download failure caused by authentication incompatibility #145

Closed cxm95 closed 1 year ago

cxm95 commented 2 years ago

Hi, many thanks for maintaining the project!

However, an error triggered when I am using ffsend to download from an instance (which is setup with newest docker image from mozilla).

I traced the ffsend client and found the following issue. The trace would be like this:

[pid 3391031] writev(11, [{iov_base="GET /api/download/896696c373e5113a HTTP/1.1\r\nauthorization: send-v1 sn7CVyk-B_ePNG8__4fRX6tzX6skHfWTcM_oYK7JHrc\r\naccept: */*\r\nhost: THIS_IS_IP_ADDR:PORT\r\n\r\n", iov_len=156}], 1) = 156
[pid 3391031] epoll_pwait(7, [{EPOLLIN|EPOLLOUT, {u32=0, u64=0}}], 1024, -1, NULL, 8) = 1
[pid 3391031] recvfrom(11, "HTTP/1.1 401 Unauthorized\r\nX-DNS-Prefetch-Control: off\r\nX-Frame-Options: SAMEORIGIN\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Download-Options: noopen\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src 'self'; connect-src 'self' wss://send.firefox.com; img-src 'self'; script-src 'self' 'nonce-d76f0c2ee26c3a535b8244fdd947e028'; form-action 'none'; frame-ancestors 'none'; object-src 'none'; report-uri /__cspreport__\r\nX-Content-Security-Policy: default-src 'self'; connect-src 'self' wss://send.firefox.com; img-src 'self'; script-src 'self' 'nonce-d76f0c2ee26c3a535b8244fdd947e028'; form-action 'none'; frame-ancestors 'none'; object-src 'none'; report-uri /__cspreport__\r\nX-WebKit-CSP: default-src 'self'; connect-src 'self' wss://send.firefox.com; img-src 'self'; script-src 'self' 'nonce-d76f0c2ee26c3a535b8244fdd947e028'; form-action 'none'; frame-ancestors 'none'; object-src 'none'; report-uri /__cspreport__\r\nPrag"..., 8192, 0, NULL, NULL) = 1286

I checked the code, and found server want the field authorization to start with Bearer,

https://github.com/mozilla/send/blob/master/server/middleware/auth.js#L79

However ffsend seems to want the field to start with send-v1.

What should I do to make the authentication compatibility with the newest version of mozilla/send?

Thanks again!

timvisee commented 2 years ago

I'm not quite sure what happens here. Note that Mozilla's image has been outdated for a while now, as it's not maintained anymore.

I recommend to use the fork I host: https://github.com/timvisee/send

You can find information about the Docker image at: https://github.com/timvisee/send/blob/master/docs/docker.md

Does that solve the issue?

cxm95 commented 1 year ago

Great! I'll try your image and thanks again!