CloudMe WebDAV: HTTP 401 Unauthorized

jdr85 · January 9, 2022, 4:34pm

What is the problem you are having with rclone?

Hi,
I cannot access CloudMe via WebDAV with rclone. It works with the Windows 10 integrated WebDAV client and also with WinSCP. It also does not work with Duplicity, Duplicacy or plain curl.

I suspect a shitty WebDAV implementation on server side but it's strange that Windows and WinSCP work.

Run the command 'rclone version' and share the full output of the command.

rclone v1.57.0

os/version: ubuntu 20.04 (64 bit)
os/kernel: 5.4.0-92-generic (x86_64)
os/type: linux
os/arch: amd64
go/version: go1.17.2
go/linking: static
go/tags: none

Which cloud storage system are you using? (eg Google Drive)

CloudMe via WebDAV

The command you were trying to run (eg `rclone copy /tmp remote:tmp`)

rclone -vv lsd CloudMe:

The rclone config contents with secrets removed.

[CloudMe]
type = webdav
url = https://webdav.cloudme.com/myusername/CloudDrive
vendor = other
user = myusername
pass = mypassword

A log from the command with the `-vv` flag

2022/01/09 17:33:11 DEBUG : rclone: Version "v1.57.0" starting with parameters ["rclone" "-vv" "ls" "CloudMe:"]
2022/01/09 17:33:11 DEBUG : Creating backend with remote "CloudMe:"
2022/01/09 17:33:11 DEBUG : Using config file from "/root/.config/rclone/rclone.conf"
2022/01/09 17:33:11 DEBUG : found headers:
2022/01/09 17:33:12 ERROR : : error listing: couldn't list files: 401 Unauthorized
2022/01/09 17:33:12 DEBUG : 4 go routines active
2022/01/09 17:33:12 Failed to ls with 2 errors: last error was: couldn't list files: 401 Unauthorized

asdffdsa · January 9, 2022, 4:49pm

did a quick test, could not connect windows to https://webdav.cloudme.com/myusername/CloudDrive
note: i changed the username to my username

you do not have permission to access...

are you sure that is the correct url?

jdr85 · January 9, 2022, 5:09pm

URL should be correct as it works for me.
Here is an excerpt from my WinSCP session log (only the parts that could be interesting). WinSCP also gets a 401 Unauthorized first and then succeeds with digest authentication.

Rclone does not seem to support digest authentication, so maybe this could be the reason?

2022-01-09 17:52:38.025 Host: webdav.cloudme.com
2022-01-09 17:52:38.025 Sending request-line and headers:
2022-01-09 17:52:38.025 Doing DNS lookup on webdav.cloudme.com...
2022-01-09 17:52:38.037 req: Connecting to 83.140.241.10:443
2022-01-09 17:52:38.086 Doing SSL negotiation.
2022-01-09 17:52:38.143 ssl: Verify callback @ 3 => 19
2022-01-09 17:52:38.143 ssl: Verify failures |= 8 => 8
2022-01-09 17:52:38.260 Chain depth: 4
2022-01-09 17:52:38.260 ssl: Match common name '*.cloudme.com' against ''
2022-01-09 17:52:38.261 ssl: Match common name 'cloudme.com' against ''
2022-01-09 17:52:38.261 Identity match for '': bad
2022-01-09 17:52:38.261 ssl: Match common name 'Go Daddy Secure Certificate Authority - G2' against ''
2022-01-09 17:52:38.261 Identity match for '': bad
2022-01-09 17:52:38.261 ssl: Match common name 'Go Daddy Root Certificate Authority - G2' against ''
2022-01-09 17:52:38.261 Identity match for '': bad
2022-01-09 17:52:38.261 ssl: Match common name '*.cloudme.com' against 'webdav.cloudme.com'
2022-01-09 17:52:38.261 Identity match for 'webdav.cloudme.com': good
2022-01-09 17:52:38.262 Verifying certificate for "Domain Control Validated" with fingerprint 54:40:44:b3:d8:f6:de:49:c4:37:bb:59:90:4f:7d:fb:3a:1d:4b:bb:c1:12:93:12:c2:e9:26:fd:8c:8e:94:58 and 08 failures
2022-01-09 17:52:38.332 Certificate verified against Windows certificate store
2022-01-09 17:52:38.332 Using TLSv1.2, cipher TLSv1.2: ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
2022-01-09 17:52:38.332 Request sent; retry is 0.
2022-01-09 17:52:38.381 [status-line] < HTTP/1.1 401 Unauthorized
2022-01-09 17:52:38.381 [hdr] Server: nginx/1.1.19
2022-01-09 17:52:38.381 Header Name: [server], Value: [nginx/1.1.19]
2022-01-09 17:52:38.382 [hdr] Date: Sun, 09 Jan 2022 16:52:37 GMT
2022-01-09 17:52:38.382 Header Name: [date], Value: [Sun, 09 Jan 2022 16:52:37 GMT]
2022-01-09 17:52:38.382 [hdr] Content-Type: text/html;charset=ISO-8859-1
2022-01-09 17:52:38.382 Header Name: [content-type], Value: [text/html;charset=ISO-8859-1]
2022-01-09 17:52:38.382 [hdr] Content-Length: 1290
2022-01-09 17:52:38.382 Header Name: [content-length], Value: [1290]
2022-01-09 17:52:38.382 [hdr] Connection: keep-alive
2022-01-09 17:52:38.382 Header Name: [connection], Value: [keep-alive]
2022-01-09 17:52:38.382 [hdr] WWW-Authenticate: Digest realm="os@xcerion.com", qop="auth",nonce="xxxxx=", algorithm=MD5
2022-01-09 17:52:38.382 Header Name: [www-authenticate], Value: [Digest realm="os@xcerion.com", qop="auth",nonce="xxxxx=", algorithm=MD5]
2022-01-09 17:52:38.382 [hdr] Cache-Control: must-revalidate,no-cache,no-store
2022-01-09 17:52:38.382 Header Name: [cache-control], Value: [must-revalidate,no-cache,no-store]
2022-01-09 17:52:38.382 [hdr]
2022-01-09 17:52:38.382 End of headers.
2022-01-09 17:52:38.382 Running post_headers hooks
2022-01-09 17:52:38.426 Reading 1290 bytes of response body.
2022-01-09 17:52:38.426 Got 1290 bytes.
2022-01-09 17:52:38.426 Read block (1290 bytes):
2022-01-09 17:52:38.426 [<html>
2022-01-09 17:52:38.426 <head>
2022-01-09 17:52:38.426 <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/>
2022-01-09 17:52:38.426 <title>Error 401 Unauthorized</title>
2022-01-09 17:52:38.426 </head>
2022-01-09 17:52:38.426 <body>
2022-01-09 17:52:38.426 <h2>HTTP ERROR: 401</h2>
2022-01-09 17:52:38.426 <p>Problem accessing /myusername/CloudDrive/Reason:
2022-01-09 17:52:38.426 <pre>    Unauthorized</pre></p>
2022-01-09 17:52:38.426 <hr /><i><small>Powered by Jetty://</small></i>
2022-01-09 17:52:38.426                                                 
2022-01-09 17:52:38.426                                                 
2022-01-09 17:52:38.426                                                 
2022-01-09 17:52:38.426                                                 
2022-01-09 17:52:38.426                                                 
2022-01-09 17:52:38.426                                                 
2022-01-09 17:52:38.426                                                 
2022-01-09 17:52:38.426                                                 
2022-01-09 17:52:38.426                                                 
2022-01-09 17:52:38.426                                                 
2022-01-09 17:52:38.427                                                 
2022-01-09 17:52:38.427                                                 
2022-01-09 17:52:38.427                                                 
2022-01-09 17:52:38.427                                                 
2022-01-09 17:52:38.427                                                 
2022-01-09 17:52:38.427                                                 
2022-01-09 17:52:38.427                                                 
2022-01-09 17:52:38.427                                                 
2022-01-09 17:52:38.427                                                 
2022-01-09 17:52:38.427                                                 
2022-01-09 17:52:38.427 </body>
2022-01-09 17:52:38.427 </html>
2022-01-09 17:52:38.427 ]
2022-01-09 17:52:38.427 Running post_send hooks
2022-01-09 17:52:38.427 ah_post_send (#0), code is 401 (want 401), WWW-Authenticate is Digest realm="os@xcerion.com", qop="auth",nonce="xxxxx=", algorithm=MD5
2022-01-09 17:52:38.427 auth: Got challenge (code 401).
2022-01-09 17:52:38.427 auth: Got 'Digest' challenge.
2022-01-09 17:52:38.427 auth: Trying Digest challenge...
2022-01-09 17:52:38.428 auth: Got qop, using 2617-style.
2022-01-09 17:52:38.428 auth: H(A1) is [e7b8b953dc338b11bc00f6d20815272e]
2022-01-09 17:52:38.428 auth: Accepting digest challenge.
2022-01-09 17:52:38.428 auth: Accepted Digest challenge.
2022-01-09 17:52:38.428 Running pre_send hooks
2022-01-09 17:52:38.428 auth: Sending 'Digest' response.
2022-01-09 17:52:38.428 auth: H(A2): 37949d8f6faf6191709c1c0564873053
2022-01-09 17:52:38.428 Sending request headers:
2022-01-09 17:52:38.428 OPTIONS /myusername/CloudDrive/ HTTP/1.1

2022-01-09 17:52:38.428 User-Agent: WinSCP/5.19 neon/0.31.1

2022-01-09 17:52:38.428 Keep-Alive: 

2022-01-09 17:52:38.428 Connection: TE, Keep-Alive

2022-01-09 17:52:38.429 TE: trailers

2022-01-09 17:52:38.429 Host: webdav.cloudme.com

2022-01-09 17:52:38.429 Authorization: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
2022-01-09 17:52:38.429 Sending request-line and headers:
2022-01-09 17:52:38.429 Request sent; retry is 1.
2022-01-09 17:52:38.481 [status-line] < HTTP/1.1 200 OK
2022-01-09 17:52:38.481 [hdr] Server: nginx/1.1.19

asdffdsa · January 9, 2022, 5:31pm

let's ask @albertony......

albertony · January 9, 2022, 5:44pm

Yes, I think that is spot on.

jdr85 · January 11, 2022, 4:51pm

Thanks for the prompt response. Seems like this is being worked on.

system · February 10, 2022, 4:52pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.