| ID: |
6606
|
Fixed in: |
|
| Issue Date: |
2012-10-26 04:50 AEST
|
Owner: | CVS Support
|
| Last Modified: | 2014-07-16 02:27 AEST | Reporter: | Glen Starrett
|
| Current Est. | 0.0 hours
| % Complete: | 0.0
|
| Status: | NEW /
|
Severity: | normal
|
| Affected: | 2.8.02
|
| Description: | extnt passes OS username, not specified username
|
|
Actions:
|
2012-10-26 04:50 AEST by Glen Starrett - New bug to Suite version: 2.8.01 (Soolin) Build 4669 (verified it does NOT
happen with 4588):
If a user specifies a username and is using extnt to route the protocol (e.g. to
SSPI or sserver) then the operating system username is sent to the server, not
the specified username.
In this example, the username sent to Eclipse was "lusera" with the
corresponding password, but the client gets a "server w7x64 rejected access to
/myrepo" and the server trace reveals the original OS username instead of the
passed "lusera":
10:01:19: S -> Authentication protocol :sserver: returned user Glen Starrett
10:01:19: S -> (2)Authentication protocol returned user(Glen Starrett)
I suspect this was broken with the enhancement done with bug 4589. |
|
|
2012-10-26 04:51 AEST by Glen Starrett - Created an attachment (id=2600)
Server trace of login attempt
|
|
|
2012-10-26 05:40 AEST by Glen Starrett - I also noticed this behavior on Suite 2010 test ver 2.8.02 (Cally) Build 4668
(RC 4)
|
|
|
2012-10-26 11:51 AEST by Arthur Barrett - Created an attachment (id=2601)
diff of all changes between 4588 and 4669
I've attached a diff between 4588 and 4669 - as you can see there is only the
bug 6596 fix for the memory leak.
Initial report references bug 4589 - but I think bug 6589 was the intended
reference. You can tell from the 'keywords' on bug 6589 'NEWAGB8, 2.8.02' that
it was not done in 2.8.01.
So why can this problem be reproduced in 4669 but not 4588? Could it have been
environmental in any way? Now you have it working with 4588 you should be able
to upgrade to 4669 and change nothing else and it should continue to work OK.
My guesses are (from least likely to most likely):
1) sserver ignores the –l "{user}" setting and uses whatever username is in
CVSROOT instead (unlikely)
2) the Eclipse settings for 'Ext Connection Method' parameters was maybe just
set to: {host} instead of: {host} –l "{user}"
3) Eclipse performs the string substitution {user} to whatever username - I
don't know its rules - I guess it could use the OS username if no username is
specified in the repository connection wizard...
The server trace shows what the client sent, but not why. If you set
ClientTraceFile then extnt will do it's own tracing... The first line will be
"EXTNT trace started.". Unfortunately the trace doesn't print the username or
any other useful diagnostics about what parameters are passed to it, so but
when it calls lib.LoadProtocol() sserver (client) will trace that info out (it
does look like it traces username before it sets it though, so it may be of
limited value). The eclipse trace may show more.
The only way I know for the Windows Username to end up there is for it to
happen in the sserver.dll - the logic there seems a bit confused to me.
Basically it extracts the username from the CVSROOT string - if that is NULL
then it uses the system userid, otherwise the one from CVSROOT. The CVSROOT
doesn't come from Eclipse - it is constructed by EXTNT using the information
from the extnt.ini file and then passed to the sserver.dll when it is loaded.
The CVSROOT that is passed is not a long string like you and I would expect to
see it, but five fields:
root.method=protocol;
root.hostname=hostname;
root.directory=directory;
root.username=username;
root.password=password;
All those fields come from extnt.ini except for username which comes from the
command line parameter –l "username"
Another bug should be created to trace the username info better in extnt and to
trace username in sserver after it is set (not before it is extracted from
CVSROOT). Maybe sserver should trace all the elements of CVSROOT?
|
|
|
2014-07-16 03:27 AEST by Glen Starrett - This isn't an issue with the current CVS Suite 2009R2 (CVSNT 2.8.01 (Soolin)
Build 5261). The Windows username shows up in the trace at the very top, but
the authenticating user is clearly the user that was passed and intended.
...
11:00:03: -> User name is Glen Starrett
...
11:00:04: -> Parsing local C:\Users\Glen Starrett/.cvsrc started
...
11:00:03: -> CLibraryAccess::Load loading
C:\PROGRA~2\CVSSUI~1\CVSNT/protocols/ext.dll
11:00:03: -> main loop with CVSROOT=:ext:kstarret@pluto-ss:/test
...
11:00:04: -> Transcode E 11:00:05: S -> Checking admin file
/var/repositories/test2/CVSROOT/admin for user kstarret
11:00:04: -> Transcode returned E 11:00:05: S -> Checking admin file
/var/repositories/test2/CVSROOT/admin for user kstarret
11:00:05: S -> Checking admin file /var/repositories/test2/CVSROOT/admin for
user kstarret
...
etc.
I haven't checked the server trace, but it's working properly (and it wouldn't
with the windows username). |
|