Your message dated Tue, 17 Dec 2019 21:25:14 -0500 with message-id <20191218022514.4bqr4c7akh5audjc@localhost> and subject line Re: Bug#403686: libapache2-svn: Authorization file reader fails on whitespace has caused the Debian Bug report #403686, regarding libapache2-svn: Authorization file reader fails on whitespace to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 403686: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=403686 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: libapache2-svn Version: 1.4.2dfsg1-2 Severity: important The apache2 module for SVN DAV access has an unusual problem regarding whitespace at the beginning of a username in the authorization file. The conditions are as such: 1: A valid authz file is present and apache is freshly restarted 2: A line is added to some group, anywhere in the file, with a space at the beggining, eg. " user=rw". * Apache will now disallow all users access to any repository 3: The line is altered to remove the offending space, eg. change line to "user=rw" * Apache will now allow normal access to all users/repositories 4: Re-add the space at the beginning of the formerly-bad line, eg. change back to " user=rw" * Apache will now allow normal access, although the file is in an identical state to step #2 The error given is: Failed to load the AuthzSVNAccessFile: The character '=' in rule 'abcd' is not allowed in authz rules where "abcd" is the username preceding the offending line " user=rw". The important nature of this bug is that it disallows all repository access when in step #2, which is how I found it. It is some stateful nature of the file parser, which is certainly confusing to users. -- System Information: Debian Release: 4.0 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-2-686 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages libapache2-svn depends on: ii apache2.2-common 2.2.3-3.1 Next generation, scalable, extenda ii libc6 2.3.6.ds1-7 GNU C Library: Shared libraries ii libsvn1 1.4.2dfsg1-2 Shared libraries used by Subversio libapache2-svn recommends no packages. -- no debconf information
--- End Message ---
--- Begin Message ---On Mon, Dec 18, 2006 at 07:19:38PM -0500, Brian Sipos wrote: > The apache2 module for SVN DAV access has an unusual problem regarding > whitespace at the beginning of a username in the authorization file. The > conditions are as such: There have been numerous changes to the authz parser since 1.4.2. I'm closing this for now. Please reopen in the unlikely case this problem still exists. Cheers, -- James GPG Key: 4096R/91BF BF4D 6956 BD5D F7B7 2D23 DFE6 91AE 331B A3DB
--- End Message ---
