Does not report logon failure



  • I yesterday tried to assist some of my users to set up caldav / carddav sync to our nextcloud server with davdroid. What was a bit frustrating is that while I saw logon failures in the Nextcloud server log, none of those failures was reported by DAVdroid, it just kept on trying to connect. At some point Nextcloud's brute force detection kicked in, so that it would block the IP from which the failed logon attempts came, and everybody behind the IP was locked out.
    I am not sure whether this is in fact DAVdroid's intended behaviour or if something else went wrong, but if this is indeed davdroid's fault, the behaviour should be changed.


  • developer

    DAVdroid shows a notification for 401 responses (just tested). For more information, please provide steps to reproduce and verbose logs.



  • For now I can only give you the server logs. The nextcloud log looks like this:

    :46+00:00","method":"PROPFIND","url":"/","user":"--","version":"11.0.3.2"}
    {"reqId":"8sbepKQdp1Yg+17Gj+r+","remoteAddr":"xxx.xxx.xxx.254","app":"core","message":"Login failed: 'anne' (Remote IP: 'xxx.xxx.xxx.254')","level":2,"time":"2017-07-19T18:39
    :47+00:00","method":"PROPFIND","url":"/remote.php/dav","user":"--","version":"11.0.3.2"}
    {"reqId":"8sbepKQdp1Yg+17Gj+r+","remoteAddr":"xxx.xxx.xxx.254","app":"core","message":"Login failed: 'anne' (Remote IP: 'xxx.xxx.xxx.254')","level":2,"time":"2017-07-19T18:39
    :47+00:00","method":"PROPFIND","url":"/remote.php/dav","user":"--","version":"11.0.3.2"}
    {"reqId":"LcBdEc+Y+SseeYMY7UzF","remoteAddr":"xxx.xxx.xxx.254","app":"core","message":"Login failed: 'anne' (Remote IP: 'xxx.xxx.xxx.254')","level":2,"time":"2017-07-19T18:39
    :48+00:00","method":"PROPFIND","url":"/remote.php/dav","user":"--","version":"11.0.3.2"}
    {"reqId":"LcBdEc+Y+SseeYMY7UzF","remoteAddr":"xxx.xxx.xxx.254","app":"core","message":"Login failed: 'anne' (Remote IP: 'xxx.xxx.xxx.254')","level":2,"time":"2017-07-19T18:39
    :50+00:00","method":"PROPFIND","url":"/remote.php/dav","user":"--","version":"11.0.3.2"}
    {"reqId":"gUHWa9lgQta+K8N37uDO","remoteAddr":"xxx.xxx.xxx.254","app":"core","message":"Login failed: 'anne' (Remote IP: 'xxx.xxx.xxx.254')","level":2,"time":"2017-07-19T18:39
    :54+00:00","method":"PROPFIND","url":"/","user":"--","version":"11.0.3.2"}
    {"reqId":"/V1paethWYZqim3WogXJ","remoteAddr":"xxx.xxx.xxx.254","app":"core","message":"Login failed: 'anne' (Remote IP: 'xxx.xxx.xxx.254')","level":2,"time":"2017-07-19T18:4
    0:00+00:00","method":"PROPFIND","url":"/remote.php/dav","user":"--","version":"11.0.3.2"}
    {"reqId":"/V1paethWYZqim3WogXJ","remoteAddr":"xxx.xxx.xxx.254","app":"core","message":"Login failed: 'anne' (Remote IP: 'xxx.xxx.xxx.254')","level":2,"time":"2017-07-19T18:4
    0:13+00:00","method":"PROPFIND","url":"/remote.php/dav","user":"--","version":"11.0.3.2"}
    {"reqId":"LF0gEigRISZmaAqpwO7O","remoteAddr":"xxx.xxx.xxx.254","app":"core","message":"Login failed: 'anne' (Remote IP: 'xxx.xxx.xxx.254')","level":2,"time":"2017-07-19T18:40
    :40+00:00","method":"PROPFIND","url":"/remote.php/dav","user":"--","version":"11.0.3.2"}
    {"reqId":"LF0gEigRISZmaAqpwO7O","remoteAddr":"xxx.xxx.xxx.254","app":"core","message":"Login failed: 'anne' (Remote IP: 'xxx.xxx.xxx.254')","level":2,"time":"2017-07-19T18:4

    And it goes on like this at least 20 more times until nextcloud blocks us.

    And here is the nginx log (not the time difference, because on logs in UTC and the other in local time:

    xxx.xxx.xxx.254 - anne [19/Jul/2017:20:39:46 +0200]    "PROPFIND / HTTP/1.1" 405 1150    "-" "DAVdroid/1.6.3-gplay (2017/07/06; dav4android; okhttp3) Android/4.4.4"    "-"
      xxx.xxx.xxx.254 - anne [19/Jul/2017:20:39:46 +0200]    "PROPFIND /.well-known/carddav HTTP/1.1" 301 616    "-" "DAVdroid/1.6.3-gplay (2017/07/06; dav4android; okhttp3) Android/4.4.4"    "-"
      xxx.xxx.xxx.254 - anne [19/Jul/2017:20:39:47 +0200]    "PROPFIND /remote.php/dav HTTP/1.1" 401 903    "-" "DAVdroid/1.6.3-gplay (2017/07/06; dav4android; okhttp3) Android/4.4.4"    "-"
      xxx.xxx.xxx.254 - anne [19/Jul/2017:20:39:47 +0200]    "PROPFIND /.well-known/carddav HTTP/1.1" 301 616    "-" "DAVdroid/1.6.3-gplay (2017/07/06; dav4android; okhttp3) Android/4.4.4"    "-"
      2003:45:4a0b:2900:4191:64ea:85ad:c2df - olaf [19/Jul/2017:20:39:49 +0200]    "PROPFIND /remote.php/dav/files/olaf/ HTTP/1.1" 207 1184    "-" "Mozilla/5.0 (Windows) mirall/2.3.2 (build 6928)"    "-"
      xxx.xxx.xxx.254 - anne [19/Jul/2017:20:39:50 +0200]    "PROPFIND /remote.php/dav HTTP/1.1" 401 903    "-" "DAVdroid/1.6.3-gplay (2017/07/06; dav4android; okhttp3) Android/4.4.4"    "-"
      xxx.xxx.xxx.254 - anne [19/Jul/2017:20:39:54 +0200]    "PROPFIND / HTTP/1.1" 405 701    "-" "DAVdroid/1.6.3-gplay (2017/07/06; dav4android; okhttp3) Android/4.4.4"    "-"
      xxx.xxx.xxx.254 - anne [19/Jul/2017:20:39:54 +0200]    "PROPFIND /.well-known/caldav HTTP/1.1" 301 616    "-" "DAVdroid/1.6.3-gplay (2017/07/06; dav4android; okhttp3) An


  • developer

    Ah, you talk about the account setup, not synchronization.

    You can always have a look into the logs by clicking "View logs" in the "No service found" dialog and see the reason(s) there.



  • OK, but since it is not my device we are talking about, I don't know when I will next have the change to get my hands on it.



  • The problem is, that DAVdroid just went on and on. As you can see from the nextcloud log, it tried about 20 times in a row to log in with the wrong password without reporting it to the user or giving her the chance to interrupt the process (short of killing the app through android's app manager)


Log in to reply
 

Looks like your connection to Bitfire App Forums was lost, please wait while we try to reconnect.