[prev in list] [next in list] [prev in thread] [next in thread]
List: fossil-users
Subject: Re: [fossil-users] Weird authorization error ... (fwd)
From: Andreas Kupries <akupries () shaw ! ca>
Date: 2010-02-20 16:10:35
Message-ID: E1Nirud-0005Ty-5G () bluepeak ! andreas ! kupries ! org
[Download RAW message or body]
> On Feb 19, 2010, at 5:58 PM, Andreas Kupries wrote:
> >
> > entered the password, and the push was OK.
> >
> > However, now I am asked every time for the password, whereas before
> > I wasn't.
>
>
> I think you might need to sync once (or using the "remote-url"
> command) with the password embedded in the URL:
>
> fossil remote http://userid:password@www.domain.org/path
>
> Probably we should fix this so that it remembers the password that is
> entered when prompted.
Ok, let me try that ... Well, that worked partially. Doing the embedded url
fixes the issue with <OLD>, however it does not help <NEW>, and using <NEW>
only once also forces <OLD> to use the embedded password again. (*). The full
session below, with the password obfuscated. Some closing remarks after it.
(*) Recap: <OLD> = 37f295c310 (2009 Sep 21)
<NEW> = 02f638a16f (2010 Feb 13), and the server runs <NEW>.
Session, with comments inlined:
% fossil remote
http://aku@174.6.6.164:8080/
First get saved url, for easier pasting
% fossil sync http://aku@174.6.6.164:8080/
Bytes Cards Artifacts Deltas
Send: 815 15 0 0
Server says: pull only - not authorized to push
Received: 647 14 0 0
Total network traffic: 634 bytes sent, 579 bytes received
<NEW> talks to <NEW>, fails to write.
% fossil sync http://aku:XXXX@174.6.6.164:8080/
Bytes Cards Artifacts Deltas
Send: 815 15 0 0
Server says: pull only - not authorized to push
Received: 647 14 0 0
Total network traffic: 636 bytes sent, 579 bytes received
Again <NEW> talking to <NEW>, embed the url. Still fails.
% ~/bin/fossil-37f295c310 sync http://aku:XXXX@174.6.6.164:8080/
Bytes Cards Artifacts Deltas
Send: 815 15 0 0
Received: 598 15 0 0
Total network traffic: 631 bytes sent, 525 bytes received
Now let <OLD> talk to <NEW>, using embedded password. WORKS.
% ~/bin/fossil-37f295c310 sync
Server: http://174.6.6.164:8080/
Bytes Cards Artifacts Deltas
Send: 815 15 0 0
Received: 598 15 0 0
Total network traffic: 635 bytes sent, 525 bytes received
<OLD> talking to <NEW>, again, without url or password. Still
works. Seems to have rembered everything.
% ~/bin/fossil-37f295c310 push
Server: http://174.6.6.164:8080/
Bytes Cards Artifacts Deltas
Send: 728 14 0 0
Received: 0 1 0 0
Total network traffic: 627 bytes sent, 193 bytes received
Now a push, again <OLD> talking to <NEW>. This is ok too.
% fossil sync
Server: http://aku@174.6.6.164:8080/
Bytes Cards Artifacts Deltas
Send: 815 15 0 0
Server says: pull only - not authorized to push
Received: 647 14 0 0
Total network traffic: 635 bytes sent, 579 bytes received
Lets try <NEW> talking to <NEW> ... And the authorization is not
recognized any longer. See the pull-only remark.
% ~/bin/fossil-37f295c310 push
Server: http://174.6.6.164:8080/
Bytes Cards Artifacts Deltas
Send: 728 14 0 0
password for aku: ^C
/home/andreask/bin/fossil-37f295c310: server says: not authorized to write
Switching back to <OLD> something has killed the password so that
<OLD> doesn't know it anymore either.
% ~/bin/fossil-37f295c310 sync http://aku:XXXX@174.6.6.164:8080/
Bytes Cards Artifacts Deltas
Send: 815 15 0 0
Received: 598 15 0 0
Total network traffic: 631 bytes sent, 525 bytes received
Embed the password again, and <OLD> is fine.
My feeling right now is that I am running into this change to the
password storage which was done a few weeks ago, with the hashing and
salting and what not. I remember it only vaguely.
It seems to me that the password is stored on the host A the old way,
allowing <OLD> on host B to authorize correctly, despite the server
running <NEW>. But when <NEW> on host B tries to talk to the server it
uses the new way for the password, which doesn't match the stored
data, so it fails to authorize, and due to that I assume that it
deletes the locally remembered password, as it is apparently
invalid. At which point I have to embed it again for <OLD> to work,
which then rembers it.
So, how or what do I have to do on the server side for the <NEW>
client to be able to authorize for writing ?
--
So long,
Andreas Kupries <akupries@shaw.ca>
<http://www.purl.org/NET/akupries/>
Developer @ <http://www.activestate.com/>
-------------------------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic