I've got a big problem. I was accessing my database over WebDav like I always do. I had just added a new entry. When I tried to save it it came up with an error message along the lines: 'Could not save. Server returned 404 not found'. When I investigated I realised that it really did not exist. KeePass had deleted it from the server, and it had not even created a temporary or backup file first!!!!
I am hugely disappointed that that is even possible. Unfortunately my last backup is one month old.
My server log details the list of transactions that KeePass went through up to the point and which my KeePass database was deleted. Is there someone that I can send it to to help with debugging. (I'd rather not post it online.) It's really important that this is fixed to help prevent it happening to others.
Here's some more info that may be of use to anyone working on fixing this.
This "delete the database on save" behaviour happens consistently for me - but only when running KeePass 2.16 from Ubuntu (32 bit and 64 bit) via mono and using it to access a database file stored on a webdav server (https, with authentication). Accessing and saving the same database on the same webdav server using KeePass on Windows works just fine.
I have now switched from using plain webdav to using Apache subversion + webdav. I still get the same database deletion problem on Ubuntu, but at least if KeePass ever deletes my database in future I can just roll back to the previous revision and recover it. The save problem effectively means that I can only use KeePass in read only mode from Ubuntu, which is a pain, but I guess I'll just have to live with it for the time being.
I hope that helps. Regards.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
thanks for narrowing this issue down. If I recall correctly webdav +https did not work at all with keepass < 2.16. Some very weird mono bugs had to be worked around to get it to work, possibly there are more hidden or some mistake was made.
can you provide the exact steps to reproduce it?
Does it happen with any database?
Which mono version (mono -version) are you using and which ubuntu version (lsb_release -a)?
If possible can you test it with ubuntu oneiric 11.10 which has the considerably newer mono 2.10.
Can you maybe provide me with restricted access to your webdav storage where it happens?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I have tried it with several databases (each in kdbx format) and in all cases the database was deleted, but when on a plain dav server I just got a 404 not found error and then couldn't save the database, whereas on a dav svn server the error message was different and I had the opportunity to save the database to a different location after it was deleted on the server. Sorry I didn't write the exact messages down. I will do next time…
Steps to reproduce:
1. File>Open>Open URL…
2. Enter URL of .kdbx file on remote webdav server and credentials.
3. Enter password for database when prompted. Database then opens normally.
4. Add new entry.
5. File>Save
6. Get an error (404 not found, or or other). If you are lucky, you will get given the option to save the database to a different location. The first time this happened to me I didn't.
7. Check the server and its logs to see that the database was deleted from the server.
I'm currently accessing KeePass on a system with:
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 11.04
Release: 11.04
Codename: natty
$ mono -version
Mono JIT compiler version 2.6.7 (Debian 2.6.7-5ubuntu3)
Copyright (C) 2002-2010 Novell, Inc and Contributors. www.mono-project.com
TLS: __thread
GC: Included Boehm (with typed GC and Parallel Mark)
SIGSEGV: altstack
Notifications: epoll
Architecture: x86
Disabled: none
The keepass database is stored on a remote server with:
Apache/2.2.17 (Ubuntu) DAV/2 SVN/1.6.12 mod_ssl/2.2.17 OpenSSL/0.9.8o
According to the release schedule, Oneiric 11.10 will not be released until 13 October, but I see that beta 2 is available.I guess I could try that from a live CD\USB. I'll let you know how it goes.
I've created a restricted account on my webdav-svn server that you can experiment with. I'll send you the details separately.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I have the same problem on a Debian Squeeze host. After disabling the use of transaction as suggested in the related issue mentioned in the first post, it worked.
Here is an extract of my Apache logs, when not working (with MultiViews disabled):
As you can see the POST for test.kdbx.tmp fails with a 404 error and the error is not caught by keepass so the original file is deleted and the copy for kdbx.tmp to .kdbx does not work as obviously the file was never copied in the first place.
It seems the POST to a non existing file does not work (a PUT does work as tested with cadaver).
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I figured out the problem and probably found a solution. See the patch below for details.
I'll apply it to my packages as soon as possible.
many thanks to poruko for providing me storage and philm for the logs which showed the problem.
From: Julian Taylor <jtaylor.debian@googlemail.com>
Date: Thu, 6 Oct 2011 21:59:57 +0200
Subject: explicitly PUT for webdav writes
mono does not set HttpRequets.Method to POST for writes so the changing
to from POST to PUT is not done ConfigureWebRequest leading to failed
saving and deletion of the database on the webdav storage when
transactions are enabled
--
KeePassLib/Serialization/IOConnection.cs | 10 ++++++++-
1 files changed, 8 insertions(+), 2 deletions(-)
- return CreateWebClient(ioc).OpenWrite(new Uri(ioc.Path));
+ Uri uri = new Uri(ioc.Path);
+ // mono does not set HttpRequest.Method to POST for writes
+ // so one needs to set method to PUT explicitly
+ if (NativeLib.IsUnix() &&
+ (uri.Scheme == Uri.UriSchemeHttp || uri.Scheme == Uri.UriSchemeHttps))
+ return CreateWebClient(ioc).OpenWrite(uri, "PUT");
+ else
+ return CreateWebClient(ioc).OpenWrite(uri);
}
#else
public static Stream OpenWrite(IOConnectionInfo ioc)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I've got a big problem. I was accessing my database over WebDav like I always do. I had just added a new entry. When I tried to save it it came up with an error message along the lines: 'Could not save. Server returned 404 not found'. When I investigated I realised that it really did not exist. KeePass had deleted it from the server, and it had not even created a temporary or backup file first!!!!
I am hugely disappointed that that is even possible. Unfortunately my last backup is one month old.
My server log details the list of transactions that KeePass went through up to the point and which my KeePass database was deleted. Is there someone that I can send it to to help with debugging. (I'd rather not post it online.) It's really important that this is fixed to help prevent it happening to others.
(I found the following possibly related issue on the forums)
Cheers.
KeePass attempts to ensure your database is saved before the original copy is deleted, but nothing is infallible. That's why you backup every day.
cheers, Paul
Here's some more info that may be of use to anyone working on fixing this.
This "delete the database on save" behaviour happens consistently for me - but only when running KeePass 2.16 from Ubuntu (32 bit and 64 bit) via mono and using it to access a database file stored on a webdav server (https, with authentication). Accessing and saving the same database on the same webdav server using KeePass on Windows works just fine.
I have now switched from using plain webdav to using Apache subversion + webdav. I still get the same database deletion problem on Ubuntu, but at least if KeePass ever deletes my database in future I can just roll back to the previous revision and recover it. The save problem effectively means that I can only use KeePass in read only mode from Ubuntu, which is a pain, but I guess I'll just have to live with it for the time being.
I hope that helps. Regards.
KeePass uses transactions to save the database so I suspect the function does not work correctly in mono.
To test this try saving in a Windows PC.
cheers, Paul
thanks for narrowing this issue down. If I recall correctly webdav +https did not work at all with keepass < 2.16. Some very weird mono bugs had to be worked around to get it to work, possibly there are more hidden or some mistake was made.
can you provide the exact steps to reproduce it?
Does it happen with any database?
Which mono version (mono -version) are you using and which ubuntu version (lsb_release -a)?
If possible can you test it with ubuntu oneiric 11.10 which has the considerably newer mono 2.10.
Can you maybe provide me with restricted access to your webdav storage where it happens?
I have tried it with several databases (each in kdbx format) and in all cases the database was deleted, but when on a plain dav server I just got a 404 not found error and then couldn't save the database, whereas on a dav svn server the error message was different and I had the opportunity to save the database to a different location after it was deleted on the server. Sorry I didn't write the exact messages down. I will do next time…
Steps to reproduce:
1. File>Open>Open URL…
2. Enter URL of .kdbx file on remote webdav server and credentials.
3. Enter password for database when prompted. Database then opens normally.
4. Add new entry.
5. File>Save
6. Get an error (404 not found, or or other). If you are lucky, you will get given the option to save the database to a different location. The first time this happened to me I didn't.
7. Check the server and its logs to see that the database was deleted from the server.
I'm currently accessing KeePass on a system with:
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 11.04
Release: 11.04
Codename: natty
$ mono -version
Mono JIT compiler version 2.6.7 (Debian 2.6.7-5ubuntu3)
Copyright (C) 2002-2010 Novell, Inc and Contributors. www.mono-project.com
TLS: __thread
GC: Included Boehm (with typed GC and Parallel Mark)
SIGSEGV: altstack
Notifications: epoll
Architecture: x86
Disabled: none
The keepass database is stored on a remote server with:
Apache/2.2.17 (Ubuntu) DAV/2 SVN/1.6.12 mod_ssl/2.2.17 OpenSSL/0.9.8o
According to the release schedule, Oneiric 11.10 will not be released until 13 October, but I see that beta 2 is available.I guess I could try that from a live CD\USB. I'll let you know how it goes.
I've created a restricted account on my webdav-svn server that you can experiment with. I'll send you the details separately.
Hi,
I have the same problem on a Debian Squeeze host. After disabling the use of transaction as suggested in the related issue mentioned in the first post, it worked.
Here is an extract of my Apache logs, when not working (with MultiViews disabled):
"GET /webdav/test.kdbx HTTP/1.1" 200 74680 "-" "-"
"DELETE /webdav/test.kdbx.tmp HTTP/1.1" 404 506 "-" "-"
"POST /webdav/test.kdbx.tmp HTTP/1.1" 404 559 "-" "-"
"GET /webdav/test.kdbx HTTP/1.1" 200 33241 "-" "-"
"DELETE /webdav/test.kdbx HTTP/1.1" 204 165 "-" "-"
"MOVE /webdav/test.kdbx.tmp HTTP/1.1" 404 506 "-" "-"
As you can see the POST for test.kdbx.tmp fails with a 404 error and the error is not caught by keepass so the original file is deleted and the copy for kdbx.tmp to .kdbx does not work as obviously the file was never copied in the first place.
It seems the POST to a non existing file does not work (a PUT does work as tested with cadaver).
I figured out the problem and probably found a solution. See the patch below for details.
I'll apply it to my packages as soon as possible.
many thanks to poruko for providing me storage and philm for the logs which showed the problem.
From: Julian Taylor <jtaylor.debian@googlemail.com>
Date: Thu, 6 Oct 2011 21:59:57 +0200
Subject: explicitly PUT for webdav writes
mono does not set HttpRequets.Method to POST for writes so the changing
to from POST to PUT is not done ConfigureWebRequest leading to failed
saving and deletion of the database on the webdav storage when
transactions are enabled
--
KeePassLib/Serialization/IOConnection.cs | 10 ++++++++-
1 files changed, 8 insertions(+), 2 deletions(-)
diff -git a/KeePassLib/Serialization/IOConnection.cs b/KeePassLib/Serialization/IOConnection.cs
index 5a93b76..67daefc 100644
-- a/KeePassLib/Serialization/IOConnection.cs
+++ b/KeePassLib/Serialization/IOConnection.cs
@@ -242,8 +242,14 @@ namespace KeePassLib.Serialization
if(ioc == null) { Debug.Assert(false); return null; }
if(ioc.IsLocalFile()) return OpenWriteLocal(ioc);
+ Uri uri = new Uri(ioc.Path);
+ // mono does not set HttpRequest.Method to POST for writes
+ // so one needs to set method to PUT explicitly
+ if (NativeLib.IsUnix() &&
+ (uri.Scheme == Uri.UriSchemeHttp || uri.Scheme == Uri.UriSchemeHttps))
+ return CreateWebClient(ioc).OpenWrite(uri, "PUT");
+ else
+ return CreateWebClient(ioc).OpenWrite(uri);
}
#else
public static Stream OpenWrite(IOConnectionInfo ioc)