Modify

Opened 2 years ago

Last modified 20 months ago

#10777 assigned defect

TypeError: Incorrect padding after enabling the plugin

Reported by: rafael@… Owned by: txcraig
Priority: normal Component: HttpAuthPlugin
Severity: critical Keywords:
Cc: jbeilicke Trac Release: 1.0

Description

Activating the plugin, causes the following traceback, even if I just want to access the root of the Trac installation (e.g. /trac and not /trac/login/xmlrpc).

Traceback (most recent call last):
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/api.py", line 502, in send_error
    data, 'text/html')
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/chrome.py", line 955, in render_template
    message = req.session.pop('chrome.%s.%d' % (type_, i))
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/api.py", line 304, in __getattr__
    value = self.callbacks[name](self)
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/main.py", line 268, in _get_session
    return Session(self.env, req)
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/session.py", line 200, in __init__
    if req.authname == 'anonymous':
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/api.py", line 304, in __getattr__
    value = self.callbacks[name](self)
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/main.py", line 135, in authenticate
    authname = authenticator.authenticate(req)
  File "build/bdist.linux-x86_64/egg/httpauth/filter.py", line 65, in authenticate
    user = self._check_password(req)
  File "build/bdist.linux-x86_64/egg/httpauth/filter.py", line 76, in _check_password
    user, passwd = b64decode(token).split(':', 1)
  File "/usr/lib/python2.6/base64.py", line 76, in b64decode
    raise TypeError(msg)
TypeError: Incorrect padding

Shouldn’t the plugin just ignore folders that don’t match the path and return a proper HTTP error code on missing auth parameters instead of raising an exception?

Attachments (0)

Change History (6)

comment:1 Changed 2 years ago by chiefsucker

The error is gone when the user is already logged in or when I add a irrelevant user parameter to the URL, i.e. I can access http://user@foo.com/trac/login, log in and then continue to use the site. But when I go to http://foo.com/trac/login while logged out, I get the above error message. Shouldn’t the preprocess function ignore all paths except /trac/login/xmlrpc by default? I didn’t set anything in the trac.ini.

comment:2 Changed 22 months ago by txcraig

  • Owner changed from coderanger to txcraig
  • Status changed from new to assigned

I am adopting maintenance of this plugin

comment:3 Changed 21 months ago by jbeilicke

  • Cc jbeilicke added; anonymous removed

comment:4 Changed 21 months ago by jbeilicke

I have the same issue. Passing the auth credentials in the URL works.

comment:5 Changed 21 months ago by jbeilicke

Maybe related: #3549

There, the likely explanation is the usage of htdigest instead of basic authentication.

comment:6 Changed 20 months ago by anonymous

Tip for Digest Authentication users: Do not have the <Location /trac/login/rpc>... clause in your VirtualHost definition. Instead, let HTTPAuthPlugin send the authentication request to your XMLRPC client as a Basic Authentication request. HTTPAuthPlugin is designed to work with Basic Authentication which will return the user's credentials as in the form of "username:password" back to the server. This, in turn, gets passed to the AccountManagerPlugin, which will handle the the password checking properly, because the lower-level handlers will know how to parse the digest password file and do the proper MD5 hash.

My Trac site, which uses Apache 2.4 + mod_wsgi + SSL now works correctly for regular user interactivity as well as XMLRPC automation scripts.

Add Comment

Modify Ticket

Action
as assigned The owner will remain txcraig.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.