TracAccountManager htpasswd file handling clobbers symlinks

[Leo]

I'm using TracAccountManager 0.2.1dev-r5273 on Ubuntu and had it pointed at a symlink of an htpasswd file (since I'm reusing the file for apache).

What happened was when the user passwords were changed in Trac, the symlink would get replaced by an actual file. This turned into all sorts of badness since there were now two htpasswd files that diverged.

The original htpasswd file was set to be readable and writable by trac, however the directory it was in wasn't. That may have had to do with this failure case. Both the directory the symlink was in and the symlink itself were read/write accessible by trac.

[Steffen Hoffmann]

See #4276 for a related issue. I'm working on a patch, that is already tested and proven to fix both issues.

[Steffen Hoffmann]

(In [9272]) AccountManagerPlugin: Improve password file handling, closes #4276 and #4897.

htpasswd.bak files are not deleted anymore when updating htpasswd file in the same directory and it's ownership is preserved as well, preventing a DoS by inaccessible user file in shared use. Furthermore we use universal newline support, if build-in, so line endings are always seen as '\n' by our code regardless of real formatting (Macintosh convention '\r', Windows convention '\r\n'). However the actual end-of-line style is probed and preserved on file updates. Finally the file is not left open for an indeterminated amount of time after file access, what wasn't reported but deduced by own code studies to be a potential issue and therefor fixed as a precaution.