You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@subversion.apache.org by Dominik Westner <li...@logicunited.com> on 2003/02/22 01:24:20 UTC
authentication problem after upgrade to 0.18
Hi,
I am having problems checking in after I upgraded both the client and
the server (DAV).
I get the following error when trying to commit:
[icebox:~/Developer/Sven18] dominik% svn ci --file
../Sven/svn-commit.tmp
dominik's password:
Sending SVNBrowserCell.m
Sending SVNDocument.m
Sending svn/SVNClient.h
svn: RA layer request failed
svn: Commit failed (details follow):
svn: CHECKOUT of /!svn/ver/102/trunk/sven/svn/SVNClient.h: Server was
not authenticated correctly.
Any ideas what that could be? Could this be related to the
authentication cache stuff fixed in 5006 or do I have a faulty setup?
Everything used to work with 0.17 though.
Thanks
Dominik
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: authentication problem after upgrade to 0.18
Posted by Dominik Westner <we...@logicunited.com>.
Hi Joe,
well, what can I say ... it just works now ;-)
Thanks
Dominik
On Samstag, Februar 22, 2003, at 12:46 PM, Joe Orton wrote:
> --- src/ne_auth.c 16 Jan 2003 21:55:18 -0000 1.74.2.1
> +++ src/ne_auth.c 22 Feb 2003 11:45:31 -0000
> @@ -582,7 +582,7 @@
> cnonce = val;
> } else if (strcasecmp(key, "nc") == 0) {
> nc = val;
> - if (sscanf(val, "%d", &nonce_count) != 1) {
> + if (sscanf(val, "%x", &nonce_count) != 1) {
> NE_DEBUG(NE_DBG_HTTPAUTH, "Couldn't find nonce count.\n");
> } else {
> NE_DEBUG(NE_DBG_HTTPAUTH, "Got nonce_count: %d\n", nonce_count);
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: authentication problem after upgrade to 0.18
Posted by Joe Orton <jo...@manyfish.co.uk>.
On Sat, Feb 22, 2003 at 12:38:59PM +0100, Dominik Westner wrote:
> Ok, here are some more details. First off I should mention that when I
> upgrade subversion, I also use the latest apr and httpd from CVS (that
> has been required some time ago, but I don't know if this still holds).
> Digest Authentication works with a browser though.
>
> I can reliably reproduce the error. It seems to happen in this case:
Thanks - can you try this neon patch?
--- src/ne_auth.c 16 Jan 2003 21:55:18 -0000 1.74.2.1
+++ src/ne_auth.c 22 Feb 2003 11:45:31 -0000
@@ -582,7 +582,7 @@
cnonce = val;
} else if (strcasecmp(key, "nc") == 0) {
nc = val;
- if (sscanf(val, "%d", &nonce_count) != 1) {
+ if (sscanf(val, "%x", &nonce_count) != 1) {
NE_DEBUG(NE_DBG_HTTPAUTH, "Couldn't find nonce count.\n");
} else {
NE_DEBUG(NE_DBG_HTTPAUTH, "Got nonce_count: %d\n", nonce_count);
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: authentication problem after upgrade to 0.18
Posted by Dominik Westner <li...@logicunited.com>.
Ok, here are some more details. First off I should mention that when I
upgrade subversion, I also use the latest apr and httpd from CVS (that
has been required some time ago, but I don't know if this still holds).
Digest Authentication works with a browser though.
I can reliably reproduce the error. It seems to happen in this case:
cd working copy
svn ci
also it happens when I do:
svn ci <directory>
svn ci <file1> <file2>
where directory is a directory within the working copy
It does work with:
svn ci <file>
where file is just a single file.
Server config:
loki conf # svn --version
svn, version 0.18.0 (dev build)
compiled Feb 19 2003, 20:43:31
This is Revision: 4963
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++
<VirtualHost *>
DocumentRoot /home/subversion/repository
ServerName svn.home.nikwest.de
ServerAlias svn
<Location / >
Order Allow,Deny
Allow from all
AuthName Subversion
AuthType Digest
AuthDigestFile /home/subversion/conf/htdigest
DAV svn
SVNAutoversioning on
SVNPath /home/subversion/repository
AllowOverride none
Options None
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
</LimitExcept>
</Location>
</VirtualHost>
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++
loki conf # ../bin/httpd -V
Server version: Apache/2.0.45-dev
Server built: Feb 19 2003 20:35:58
Server's Module Magic Number: 20020903:0
Architecture: 32-bit
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D HTTPD_ROOT="/home/subversion"
-D SUEXEC_BIN="/home/subversion/bin/suexec"
-D DEFAULT_PIDLOG="logs/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="logs/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++
and here is the neon debug output from the client.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++
[icebox:~/Developer/test] dominik% svn ci -m test
ah_create, for WWW-Authenticate
Not handling session.
ah_post_send (#0), code is 200 (want 401), WWW-Authenticate is null
ah_create, for WWW-Authenticate
Not handling session.
ah_post_send (#0), code is 401 (want 401), WWW-Authenticate is Digest
realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
algorithm=MD5, qop="auth"
Got challenge with code 401.
Got new auth challenge: Digest realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
algorithm=MD5, qop="auth"
New challenge for scheme [Digest]
Digest scheme.
Got pair: [realm] = [Subversion]
Got pair: [nonce] =
[fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34]
Got pair: [algorithm] = [MD5]
Got pair: [qop] = [auth]
Finished parsing parameters.
Looking for Digest challenges.
In digest challenge.
Got qop directive.
Calculating H(A1).
H(A1) is [26aeec1254db978e64fec244661dbc0c]
I like this Digest challenge.
Handling.Nonce count is 1, nc is [00000001]
H(A2): adf17ed341be51eb574fe49363accf58
Calculating Request-Digest.
Have qop directive, digesting:
[00000001:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/!svn/act/cc6af4a7-40b7-0310-9abd-e9e3ec667f90",
response="94c8f4c3a798ff60357941994b857317", algorithm="MD5",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000001,
qop="auth"
ah_post_send (#1), code is 201 (want 401), WWW-Authenticate is null
Auth-Info header: rspauth="1e6eda3acb66a656b353e31cee790069",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000001, qop=auth
Pair: [rspauth] = [1e6eda3acb66a656b353e31cee790069]
Pair: [cnonce] = [U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=]
Pair: [nc] = [00000001]
Got nonce_count: 1
Pair: [qop] = [auth]
Calculating response-digest.
Digesting qop-value [auth:].
Calculated response-digest of: [1e6eda3acb66a656b353e31cee790069]
Given response-digest of: [1e6eda3acb66a656b353e31cee790069]
Matched: YES!
ah_create, for WWW-Authenticate
Handling.Nonce count is 2, nc is [00000002]
H(A2): 5ac4ae23f1180981299a6413bb78af05
Calculating Request-Digest.
Have qop directive, digesting:
[00000002:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/trunk/test", response="12ef3f74d38e3ac29ae36a9ab0c60c28",
algorithm="MD5", cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=",
nc=00000002, qop="auth"
ah_post_send (#0), code is 207 (want 401), WWW-Authenticate is null
ah_create, for WWW-Authenticate
Handling.Nonce count is 3, nc is [00000003]
H(A2): fb972f8220976b9708e51ddc6faddc51
Calculating Request-Digest.
Have qop directive, digesting:
[00000003:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/!svn/vcc/default", response="b785a48fa0b84b07bfa79b7b04429cc4",
algorithm="MD5", cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=",
nc=00000003, qop="auth"
ah_post_send (#0), code is 207 (want 401), WWW-Authenticate is null
ah_create, for WWW-Authenticate
Handling.Nonce count is 4, nc is [00000004]
H(A2): 37d4202146015b01897d2c8c671c0525
Calculating Request-Digest.
Have qop directive, digesting:
[00000004:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/!svn/bln/110", response="7f934e2b8a7d18e4abbc5113b444b25c",
algorithm="MD5", cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=",
nc=00000004, qop="auth"
ah_post_send (#0), code is 201 (want 401), WWW-Authenticate is null
Auth-Info header: rspauth="02c1b5c999dcc386d6e0343a8c94f413",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000004, qop=auth
Pair: [rspauth] = [02c1b5c999dcc386d6e0343a8c94f413]
Pair: [cnonce] = [U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=]
Pair: [nc] = [00000004]
Got nonce_count: 4
Pair: [qop] = [auth]
Calculating response-digest.
Digesting qop-value [auth:].
Calculated response-digest of: [02c1b5c999dcc386d6e0343a8c94f413]
Given response-digest of: [02c1b5c999dcc386d6e0343a8c94f413]
Matched: YES!
ah_create, for WWW-Authenticate
Handling.Nonce count is 5, nc is [00000005]
H(A2): 9a1726a8a037ec788c497595bef1f340
Calculating Request-Digest.
Have qop directive, digesting:
[00000005:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="//!svn/wbl/cc6af4a7-40b7-0310-9abd-e9e3ec667f90/110",
response="a33889426716438aaee1a8fb9cb99eb7", algorithm="MD5",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000005,
qop="auth"
ah_post_send (#0), code is 207 (want 401), WWW-Authenticate is null
Auth-Info header: rspauth="e5a7df45e4a866b9dd1120f994b32137",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000005, qop=auth
Pair: [rspauth] = [e5a7df45e4a866b9dd1120f994b32137]
Pair: [cnonce] = [U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=]
Pair: [nc] = [00000005]
Got nonce_count: 5
Pair: [qop] = [auth]
Calculating response-digest.
Digesting qop-value [auth:].
Calculated response-digest of: [e5a7df45e4a866b9dd1120f994b32137]
Given response-digest of: [e5a7df45e4a866b9dd1120f994b32137]
Matched: YES!
ah_create, for WWW-Authenticate
Handling.Nonce count is 6, nc is [00000006]
H(A2): 5ac4ae23f1180981299a6413bb78af05
Calculating Request-Digest.
Have qop directive, digesting:
[00000006:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/trunk/test", response="023ac1a411e5230269b68327843edbfe",
algorithm="MD5", cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=",
nc=00000006, qop="auth"
ah_post_send (#0), code is 207 (want 401), WWW-Authenticate is null
ah_create, for WWW-Authenticate
Handling.Nonce count is 7, nc is [00000007]
H(A2): cf2656d845b0cebbac8ae57de6602d2d
Calculating Request-Digest.
Have qop directive, digesting:
[00000007:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/trunk/test/dir1", response="2d67463c6b75a6c6b0bd8cec79c36681",
algorithm="MD5", cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=",
nc=00000007, qop="auth"
ah_post_send (#0), code is 207 (want 401), WWW-Authenticate is null
Sending dir1/file1
ah_create, for WWW-Authenticate
Handling.Nonce count is 8, nc is [00000008]
H(A2): 53eb8fb3165e42bb5509cea482df01aa
Calculating Request-Digest.
Have qop directive, digesting:
[00000008:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/!svn/ver/97/trunk/test/dir1/file1",
response="6faa6859ae772b6b6b2b73437651d512", algorithm="MD5",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000008,
qop="auth"
ah_post_send (#0), code is 201 (want 401), WWW-Authenticate is null
Auth-Info header: rspauth="d8735156e09b659f8761af31fba5d7c0",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000008, qop=auth
Pair: [rspauth] = [d8735156e09b659f8761af31fba5d7c0]
Pair: [cnonce] = [U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=]
Pair: [nc] = [00000008]
Got nonce_count: 8
Pair: [qop] = [auth]
Calculating response-digest.
Digesting qop-value [auth:].
Calculated response-digest of: [d8735156e09b659f8761af31fba5d7c0]
Given response-digest of: [d8735156e09b659f8761af31fba5d7c0]
Matched: YES!
Sending dir1/file5
ah_create, for WWW-Authenticate
Handling.Nonce count is 9, nc is [00000009]
H(A2): 78eebe395198d1e532773e62f9a21ab6
Calculating Request-Digest.
Have qop directive, digesting:
[00000009:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/!svn/ver/53/trunk/test/dir1/file5",
response="58046061cdaa490c23f47559ea480cb3", algorithm="MD5",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000009,
qop="auth"
ah_post_send (#0), code is 201 (want 401), WWW-Authenticate is null
Auth-Info header: rspauth="f7916da80d435b9fe20dc6516d946501",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000009, qop=auth
Pair: [rspauth] = [f7916da80d435b9fe20dc6516d946501]
Pair: [cnonce] = [U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=]
Pair: [nc] = [00000009]
Got nonce_count: 9
Pair: [qop] = [auth]
Calculating response-digest.
Digesting qop-value [auth:].
Calculated response-digest of: [f7916da80d435b9fe20dc6516d946501]
Given response-digest of: [f7916da80d435b9fe20dc6516d946501]
Matched: YES!
Sending file12
ah_create, for WWW-Authenticate
Handling.Nonce count is 10, nc is [0000000a]
H(A2): e7783ed0112819fcf23d4fde5f377eec
Calculating Request-Digest.
Have qop directive, digesting:
[0000000a:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/!svn/ver/110/trunk/test/file12",
response="48dd16c6716496cabbc23b750cb0a665", algorithm="MD5",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=0000000a,
qop="auth"
ah_post_send (#0), code is 201 (want 401), WWW-Authenticate is null
Auth-Info header: rspauth="e609804234a05a90f4b06d4522b29a47",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=0000000a, qop=auth
Pair: [rspauth] = [e609804234a05a90f4b06d4522b29a47]
Pair: [cnonce] = [U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=]
Pair: [nc] = [0000000a]
Got nonce_count: 0
Pair: [qop] = [auth]
Response nonce count doesn't match.
Response authentication invalid.
Closing connection.
Connection closed.
svn: RA layer request failed
svn: Commit failed (details follow):
svn: CHECKOUT of /!svn/ver/110/trunk/test/file12: Server was not
authenticated correctly.
[icebox:~/Developer/test] dominik%
Hope this helps, thanks
Dominik
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: authentication problem after upgrade to 0.18
Posted by Joe Orton <jo...@manyfish.co.uk>.
On Sat, Feb 22, 2003 at 02:24:20AM +0100, Dominik Westner wrote:
> Hi,
>
> I am having problems checking in after I upgraded both the client and
> the server (DAV).
>
> I get the following error when trying to commit:
>
> [icebox:~/Developer/Sven18] dominik% svn ci --file
> ../Sven/svn-commit.tmp
> dominik's password:
> Sending SVNBrowserCell.m
> Sending SVNDocument.m
> Sending svn/SVNClient.h
> svn: RA layer request failed
> svn: Commit failed (details follow):
> svn: CHECKOUT of /!svn/ver/102/trunk/sven/svn/SVNClient.h: Server was
> not authenticated correctly.
That's an interesting error - does this happen reproducibly? What is
your auth config on the server? Can you add to ~/.subversion/servers:
[default]
neon-debug-mask = 9
then capture stderr from the failing command, and send that in?
> Any ideas what that could be? Could this be related to the
> authentication cache stuff fixed in 5006 or do I have a faulty setup?
> Everything used to work with 0.17 though.
This is an error from neon saying that one of the response verification
checks failed in the Digest auth code.
Regards,
joe
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org