Context Navigation

Modify ↓

#5247 closed defect (fixed)

[patch] Stack trace escapes to user when htdigest file is not writeable

Reported by:	reallifesim@…	Owned by:	Steffen Hoffmann
Priority:	normal	Component:	AccountManagerPlugin
Severity:	minor	Keywords:	needinfo htpasswd file
Cc:		Trac Release:	0.11

Description

The set_password api function can throw a TracError that web_ui._create_user fails to check for.

This will happen if the HtDigest file used for authentication is not writable by the apache user.

Attached patch with a fix.

Attachments (1)

acctmgr_exception.patch (181 bytes) - added by reallifesim@… 16 years ago.: patch for web_ui.py

Download all attachments as: .zip

Change History (5)

Changed 16 years ago by reallifesim@…

Attachment:	acctmgr_exception.patch added

patch for web_ui.py

comment:1 Changed 16 years ago by anonymous

Hmm, that patch seems to be empty/unreadable. Here it is inline:

70c70,74 < mgr.set_password(user, password) ---

try:

mgr.set_password(user, password)

except TracError, e:

e.acctmgr = acctmgr raise e

It's against web_ui.py

comment:2 Changed 14 years ago by Steffen Hoffmann

Keywords:	htpasswd file added
Owner:	changed from Matt Good to Steffen Hoffmann
Summary:	Stack trace escapes to user when htdigest file is not writeable → [patch] Stack trace escapes to user when htdigest file is not writeable

Actually there is just an issue with parsing certain diff files by the internal viewer. However I doubt that this will be an problem, as soon as #4276 get's fixed. And this will be really soon. The extra code shouldn't be needed then.

comment:3 Changed 14 years ago by Steffen Hoffmann

Keywords:	needinfo added

Could you please check trunk code, if this issue persists after [9272]?

We should get a proper error already at the time of opening the file for writing (in htfile.py, lin1 149), so this should be obsolete by now. Correct?

comment:4 Changed 14 years ago by Steffen Hoffmann

Resolution:	→ fixed
Status:	new → closed

(In [9347]) AccountManagerPlugin: Improve error handling when writing to password files, closes #4040 and #5247, refs #6803.

Some messages without i18n markup were found while examining the code, so corresponding additions and updates to message catalogs are included as well.

Modify Ticket

Change Properties

Summary:
Type:	Priority:
Component:	Severity:
Keywords:	Cc:	Set your email in Preferences
Trac Release:

Action

leave as closed The owner will remain Steffen Hoffmann.

reopen The resolution will be deleted. Next status will be 'reopened'.

Add Comment

Your email or username:

E-mail address and name can be saved in the Preferences.

You may use WikiFormatting here.

Attachments ↑ Description ↑

Note: See TracTickets for help on using tickets.

Download in other formats: