[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: authentication problem after upgrade to 0.18

From: Dominik Westner <lists_at_logicunited.com>
Date: 2003-02-22 12:38:59 CET

Ok, here are some more details. First off I should mention that when I
upgrade subversion, I also use the latest apr and httpd from CVS (that
has been required some time ago, but I don't know if this still holds).
Digest Authentication works with a browser though.

I can reliably reproduce the error. It seems to happen in this case:

cd working copy
svn ci

also it happens when I do:

svn ci <directory>

svn ci <file1> <file2>

where directory is a directory within the working copy

It does work with:

svn ci <file>

where file is just a single file.

Server config:

loki conf # svn --version
svn, version 0.18.0 (dev build)
    compiled Feb 19 2003, 20:43:31

This is Revision: 4963

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++

<VirtualHost *>
    DocumentRoot /home/subversion/repository
    ServerName svn.home.nikwest.de
    ServerAlias svn
    <Location / >
       Order Allow,Deny
       Allow from all
       AuthName Subversion
       AuthType Digest
       AuthDigestFile /home/subversion/conf/htdigest
       DAV svn
       SVNAutoversioning on
       SVNPath /home/subversion/repository
       AllowOverride none
       Options None
       <LimitExcept GET PROPFIND OPTIONS REPORT>
           Require valid-user
       </LimitExcept>
    </Location>
</VirtualHost>

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++

loki conf # ../bin/httpd -V
Server version: Apache/2.0.45-dev
Server built: Feb 19 2003 20:35:58
Server's Module Magic Number: 20020903:0
Architecture: 32-bit
Server compiled with....
  -D APACHE_MPM_DIR="server/mpm/prefork"
  -D APR_HAS_SENDFILE
  -D APR_HAS_MMAP
  -D APR_HAVE_IPV6
  -D APR_USE_SYSVSEM_SERIALIZE
  -D APR_USE_PTHREAD_SERIALIZE
  -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
  -D APR_HAS_OTHER_CHILD
  -D AP_HAVE_RELIABLE_PIPED_LOGS
  -D HTTPD_ROOT="/home/subversion"
  -D SUEXEC_BIN="/home/subversion/bin/suexec"
  -D DEFAULT_PIDLOG="logs/httpd.pid"
  -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
  -D DEFAULT_LOCKFILE="logs/accept.lock"
  -D DEFAULT_ERRORLOG="logs/error_log"
  -D AP_TYPES_CONFIG_FILE="conf/mime.types"
  -D SERVER_CONFIG_FILE="conf/httpd.conf"

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++

and here is the neon debug output from the client.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++

[icebox:~/Developer/test] dominik% svn ci -m test
ah_create, for WWW-Authenticate
Not handling session.
ah_post_send (#0), code is 200 (want 401), WWW-Authenticate is null
ah_create, for WWW-Authenticate
Not handling session.
ah_post_send (#0), code is 401 (want 401), WWW-Authenticate is Digest
realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
algorithm=MD5, qop="auth"
Got challenge with code 401.
Got new auth challenge: Digest realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
algorithm=MD5, qop="auth"
New challenge for scheme [Digest]
Digest scheme.
Got pair: [realm] = [Subversion]
Got pair: [nonce] =
[fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34]
Got pair: [algorithm] = [MD5]
Got pair: [qop] = [auth]
Finished parsing parameters.
Looking for Digest challenges.
In digest challenge.
Got qop directive.
Calculating H(A1).
H(A1) is [26aeec1254db978e64fec244661dbc0c]
I like this Digest challenge.
Handling.Nonce count is 1, nc is [00000001]
H(A2): adf17ed341be51eb574fe49363accf58
Calculating Request-Digest.
Have qop directive, digesting:
[00000001:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/!svn/act/cc6af4a7-40b7-0310-9abd-e9e3ec667f90",
response="94c8f4c3a798ff60357941994b857317", algorithm="MD5",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000001,
qop="auth"

ah_post_send (#1), code is 201 (want 401), WWW-Authenticate is null
Auth-Info header: rspauth="1e6eda3acb66a656b353e31cee790069",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000001, qop=auth
Pair: [rspauth] = [1e6eda3acb66a656b353e31cee790069]
Pair: [cnonce] = [U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=]
Pair: [nc] = [00000001]
Got nonce_count: 1
Pair: [qop] = [auth]
Calculating response-digest.
Digesting qop-value [auth:].
Calculated response-digest of: [1e6eda3acb66a656b353e31cee790069]
Given response-digest of: [1e6eda3acb66a656b353e31cee790069]
Matched: YES!
ah_create, for WWW-Authenticate
Handling.Nonce count is 2, nc is [00000002]
H(A2): 5ac4ae23f1180981299a6413bb78af05
Calculating Request-Digest.
Have qop directive, digesting:
[00000002:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/trunk/test", response="12ef3f74d38e3ac29ae36a9ab0c60c28",
algorithm="MD5", cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=",
nc=00000002, qop="auth"

ah_post_send (#0), code is 207 (want 401), WWW-Authenticate is null
ah_create, for WWW-Authenticate
Handling.Nonce count is 3, nc is [00000003]
H(A2): fb972f8220976b9708e51ddc6faddc51
Calculating Request-Digest.
Have qop directive, digesting:
[00000003:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/!svn/vcc/default", response="b785a48fa0b84b07bfa79b7b04429cc4",
algorithm="MD5", cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=",
nc=00000003, qop="auth"

ah_post_send (#0), code is 207 (want 401), WWW-Authenticate is null
ah_create, for WWW-Authenticate
Handling.Nonce count is 4, nc is [00000004]
H(A2): 37d4202146015b01897d2c8c671c0525
Calculating Request-Digest.
Have qop directive, digesting:
[00000004:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/!svn/bln/110", response="7f934e2b8a7d18e4abbc5113b444b25c",
algorithm="MD5", cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=",
nc=00000004, qop="auth"

ah_post_send (#0), code is 201 (want 401), WWW-Authenticate is null
Auth-Info header: rspauth="02c1b5c999dcc386d6e0343a8c94f413",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000004, qop=auth
Pair: [rspauth] = [02c1b5c999dcc386d6e0343a8c94f413]
Pair: [cnonce] = [U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=]
Pair: [nc] = [00000004]
Got nonce_count: 4
Pair: [qop] = [auth]
Calculating response-digest.
Digesting qop-value [auth:].
Calculated response-digest of: [02c1b5c999dcc386d6e0343a8c94f413]
Given response-digest of: [02c1b5c999dcc386d6e0343a8c94f413]
Matched: YES!
ah_create, for WWW-Authenticate
Handling.Nonce count is 5, nc is [00000005]
H(A2): 9a1726a8a037ec788c497595bef1f340
Calculating Request-Digest.
Have qop directive, digesting:
[00000005:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="//!svn/wbl/cc6af4a7-40b7-0310-9abd-e9e3ec667f90/110",
response="a33889426716438aaee1a8fb9cb99eb7", algorithm="MD5",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000005,
qop="auth"

ah_post_send (#0), code is 207 (want 401), WWW-Authenticate is null
Auth-Info header: rspauth="e5a7df45e4a866b9dd1120f994b32137",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000005, qop=auth
Pair: [rspauth] = [e5a7df45e4a866b9dd1120f994b32137]
Pair: [cnonce] = [U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=]
Pair: [nc] = [00000005]
Got nonce_count: 5
Pair: [qop] = [auth]
Calculating response-digest.
Digesting qop-value [auth:].
Calculated response-digest of: [e5a7df45e4a866b9dd1120f994b32137]
Given response-digest of: [e5a7df45e4a866b9dd1120f994b32137]
Matched: YES!
ah_create, for WWW-Authenticate
Handling.Nonce count is 6, nc is [00000006]
H(A2): 5ac4ae23f1180981299a6413bb78af05
Calculating Request-Digest.
Have qop directive, digesting:
[00000006:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/trunk/test", response="023ac1a411e5230269b68327843edbfe",
algorithm="MD5", cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=",
nc=00000006, qop="auth"

ah_post_send (#0), code is 207 (want 401), WWW-Authenticate is null
ah_create, for WWW-Authenticate
Handling.Nonce count is 7, nc is [00000007]
H(A2): cf2656d845b0cebbac8ae57de6602d2d
Calculating Request-Digest.
Have qop directive, digesting:
[00000007:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/trunk/test/dir1", response="2d67463c6b75a6c6b0bd8cec79c36681",
algorithm="MD5", cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=",
nc=00000007, qop="auth"

ah_post_send (#0), code is 207 (want 401), WWW-Authenticate is null
Sending dir1/file1
ah_create, for WWW-Authenticate
Handling.Nonce count is 8, nc is [00000008]
H(A2): 53eb8fb3165e42bb5509cea482df01aa
Calculating Request-Digest.
Have qop directive, digesting:
[00000008:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/!svn/ver/97/trunk/test/dir1/file1",
response="6faa6859ae772b6b6b2b73437651d512", algorithm="MD5",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000008,
qop="auth"

ah_post_send (#0), code is 201 (want 401), WWW-Authenticate is null
Auth-Info header: rspauth="d8735156e09b659f8761af31fba5d7c0",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000008, qop=auth
Pair: [rspauth] = [d8735156e09b659f8761af31fba5d7c0]
Pair: [cnonce] = [U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=]
Pair: [nc] = [00000008]
Got nonce_count: 8
Pair: [qop] = [auth]
Calculating response-digest.
Digesting qop-value [auth:].
Calculated response-digest of: [d8735156e09b659f8761af31fba5d7c0]
Given response-digest of: [d8735156e09b659f8761af31fba5d7c0]
Matched: YES!
Sending dir1/file5
ah_create, for WWW-Authenticate
Handling.Nonce count is 9, nc is [00000009]
H(A2): 78eebe395198d1e532773e62f9a21ab6
Calculating Request-Digest.
Have qop directive, digesting:
[00000009:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/!svn/ver/53/trunk/test/dir1/file5",
response="58046061cdaa490c23f47559ea480cb3", algorithm="MD5",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000009,
qop="auth"

ah_post_send (#0), code is 201 (want 401), WWW-Authenticate is null
Auth-Info header: rspauth="f7916da80d435b9fe20dc6516d946501",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=00000009, qop=auth
Pair: [rspauth] = [f7916da80d435b9fe20dc6516d946501]
Pair: [cnonce] = [U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=]
Pair: [nc] = [00000009]
Got nonce_count: 9
Pair: [qop] = [auth]
Calculating response-digest.
Digesting qop-value [auth:].
Calculated response-digest of: [f7916da80d435b9fe20dc6516d946501]
Given response-digest of: [f7916da80d435b9fe20dc6516d946501]
Matched: YES!
Sending file12
ah_create, for WWW-Authenticate
Handling.Nonce count is 10, nc is [0000000a]
H(A2): e7783ed0112819fcf23d4fde5f377eec
Calculating Request-Digest.
Have qop directive, digesting:
[0000000a:U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=:auth]
Digest request header is Digest username="dominik", realm="Subversion",
nonce="fTUGrUC3AwA=0e249a7def3810e6b594cfd2ea8303453ee1ef34",
uri="/!svn/ver/110/trunk/test/file12",
response="48dd16c6716496cabbc23b750cb0a665", algorithm="MD5",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=0000000a,
qop="auth"

ah_post_send (#0), code is 201 (want 401), WWW-Authenticate is null
Auth-Info header: rspauth="e609804234a05a90f4b06d4522b29a47",
cnonce="U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=", nc=0000000a, qop=auth
Pair: [rspauth] = [e609804234a05a90f4b06d4522b29a47]
Pair: [cnonce] = [U2F0LCAyMiBGZWIgMjAwMyAxMToyNzozMyBHTVQ=]
Pair: [nc] = [0000000a]
Got nonce_count: 0
Pair: [qop] = [auth]
Response nonce count doesn't match.
Response authentication invalid.
Closing connection.
Connection closed.
svn: RA layer request failed
svn: Commit failed (details follow):
svn: CHECKOUT of /!svn/ver/110/trunk/test/file12: Server was not
authenticated correctly.
[icebox:~/Developer/test] dominik%

Hope this helps, thanks

Dominik

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Feb 22 12:39:47 2003

This is an archived mail posted to the Subversion Dev mailing list.