'Re: [fossil-users] Weird authorization error ... (fwd)'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fossil-users
Subject:    Re: [fossil-users] Weird authorization error ... (fwd)
From:       Andreas Kupries <akupries () shaw ! ca>
Date:       2010-02-20 16:10:35
Message-ID: E1Nirud-0005Ty-5G () bluepeak ! andreas ! kupries ! org
[Download RAW message or body]


> On Feb 19, 2010, at 5:58 PM, Andreas Kupries wrote:
> >
> > entered the password, and the push was OK.
> >
> > However, now I am asked every time for the password, whereas before  
> > I wasn't.
> 
> 
> I think you might need to sync once (or using the "remote-url"  
> command) with the password embedded in the URL:
> 
>      fossil remote http://userid:password@www.domain.org/path
> 
> Probably we should fix this so that it remembers the password that is  
> entered when prompted.

Ok, let me try that ... Well, that worked partially. Doing the embedded url 
fixes the issue with <OLD>, however it does not help <NEW>, and using <NEW> 
only once also forces <OLD> to use the embedded password again. (*). The full 
session below, with the password obfuscated. Some closing remarks after it.

(*) Recap: <OLD> = 37f295c310 (2009 Sep 21)
           <NEW> = 02f638a16f (2010 Feb 13), and the server runs <NEW>.

Session, with comments inlined:

	% fossil remote
	http://aku@174.6.6.164:8080/

First get saved url, for easier pasting

	% fossil sync http://aku@174.6.6.164:8080/
	                Bytes      Cards  Artifacts     Deltas
	Send:             815         15          0          0
	Server says: pull only - not authorized to push
	Received:         647         14          0          0
	Total network traffic: 634 bytes sent, 579 bytes received

<NEW> talks to <NEW>, fails to write.

	% fossil sync http://aku:XXXX@174.6.6.164:8080/
	                Bytes      Cards  Artifacts     Deltas
	Send:             815         15          0          0
	Server says: pull only - not authorized to push
	Received:         647         14          0          0
	Total network traffic: 636 bytes sent, 579 bytes received

Again <NEW> talking to <NEW>, embed the url. Still fails.

	% ~/bin/fossil-37f295c310 sync http://aku:XXXX@174.6.6.164:8080/
	                Bytes      Cards  Artifacts     Deltas
		Send:             815         15          0          0
		Received:         598         15          0          0
		Total network traffic: 631 bytes sent, 525 bytes received

Now let <OLD> talk to <NEW>, using embedded password. WORKS.

	% ~/bin/fossil-37f295c310 sync                                      
	Server:    http://174.6.6.164:8080/
	                Bytes      Cards  Artifacts     Deltas
	Send:             815         15          0          0
	Received:         598         15          0          0
	Total network traffic: 635 bytes sent, 525 bytes received

<OLD> talking to <NEW>, again, without url or password. Still
works. Seems to have rembered everything.

	% ~/bin/fossil-37f295c310 push
	Server:    http://174.6.6.164:8080/
	                Bytes      Cards  Artifacts     Deltas
	Send:             728         14          0          0
	Received:           0          1          0          0
	Total network traffic: 627 bytes sent, 193 bytes received

Now a push, again <OLD> talking to <NEW>. This is ok too.

	% fossil sync                             
	Server:    http://aku@174.6.6.164:8080/
	                Bytes      Cards  Artifacts     Deltas
	Send:             815         15          0          0
	Server says: pull only - not authorized to push
	Received:         647         14          0          0
	Total network traffic: 635 bytes sent, 579 bytes received

Lets try <NEW> talking to <NEW> ... And the authorization is not
recognized any longer. See the pull-only remark.

	% ~/bin/fossil-37f295c310 push
	Server:    http://174.6.6.164:8080/
	                Bytes      Cards  Artifacts     Deltas
	Send:             728         14          0          0
	password for aku: ^C
	/home/andreask/bin/fossil-37f295c310: server says: not authorized to write

Switching back to <OLD> something has killed the password so that
<OLD> doesn't know it anymore either.

	% ~/bin/fossil-37f295c310 sync http://aku:XXXX@174.6.6.164:8080/
	                Bytes      Cards  Artifacts     Deltas
		Send:             815         15          0          0
		Received:         598         15          0          0
		Total network traffic: 631 bytes sent, 525 bytes received

Embed the password again, and <OLD> is fine.



My feeling right now is that I am running into this change to the
password storage which was done a few weeks ago, with the hashing and
salting and what not. I remember it only vaguely.

It seems to me that the password is stored on the host A the old way,
allowing <OLD> on host B to authorize correctly, despite the server
running <NEW>. But when <NEW> on host B tries to talk to the server it
uses the new way for the password, which doesn't match the stored
data, so it fails to authorize, and due to that I assume that it
deletes the locally remembered password, as it is apparently
invalid. At which point I have to embed it again for <OLD> to work,
which then rembers it.


So, how or what do I have to do on the server side for the <NEW>
client to be able to authorize for writing ?

-- 
So long,
	Andreas Kupries <akupries@shaw.ca>
			<http://www.purl.org/NET/akupries/>
	Developer @	<http://www.activestate.com/>
-------------------------------------------------------------------------------





[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic