Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      request #31118 [EL9] Issue with SVN access
    Actions
    Infos
    #31118
    Florian KOZMIK (fkozmik)
    2023-03-22 17:18
    2023-03-06 15:56
    32706
    Details
    [EL9] Issue with SVN access

    /!\ EL9 Testing.

    After creating a SVN repo and reloading the page, an error traceback is shown in place of my revision log.
    See attachment

    Revision view is OK as siteadmin whereas we are in the same svn group.
    SVN usage works as intended though, as I can checkout, commit and update the repo locally (and my revisions are pushed to the repo on Tuleap).

    Traceback :

    Traceback (most recent call last): 
File "/usr/share/tuleap/plugins/svn/include/SVN/ViewVC/../../../bin/viewvc-master.cgi", line 49, in if tuleap_user_is_super_user != '1' and not svnaccess.check_read_access(username, repo_path, requested_path): File "/usr/share/tuleap/src/utils/svn/svnaccess.py", line 28, in check_read_access return __check_read_access_with_epel_viewvc(username, svnrepo, svnpath) File "/usr/share/tuleap/src/utils/svn/svnaccess.py", line 35, in __check_read_access_with_epel_viewvc return authorizer.check_path_access(svnrepo, requested_path_parts, None) File "/usr/lib/python3.9/site-packages/viewvc/lib/vcauth/svnauthz/__init__.py", line 280, in check_path_access parts = path_parts[:] TypeError: 'filter' object is not subscriptable

    Output from codendi_syslog:

    2023-03-06T15:12:19+01:00 [23211] [debug] SVN personal access key authentication rejected: secret does not look like a valid personal access key: The identifier does not match the expected format:
#0 /usr/share/tuleap/src/common/SVNCore/AccessControl/SVNPersonalAccessKeyBasedAuthenticationMethod.php(51): Tuleap\Authentication\SplitToken\PrefixedSplitTokenSerializer->getSplitToken()
#1 /usr/share/tuleap/src/common/SVNCore/AccessControl/SVNProjectAccessController.php(110): Tuleap\SVNCore\AccessControl\SVNPersonalAccessKeyBasedAuthenticationMethod->isAuthenticated()
#2 /usr/share/tuleap/src/common/Http/Server/RequestHandlerAsMiddleware.php(44): Tuleap\SVNCore\AccessControl\SVNProjectAccessController->handle()
#3 /usr/share/tuleap/src/common/Http/Server/MiddlewareDispatcher.php(52): Tuleap\Http\Server\RequestHandlerAsMiddleware->process()
#4 /usr/share/tuleap/src/common/Http/Server/ServiceInstrumentationMiddleware.php(46): Tuleap\Http\Server\MiddlewareDispatcher->handle()
#5 /usr/share/tuleap/src/common/Http/Server/MiddlewareDispatcher.php(52): Tuleap\Http\Server\ServiceInstrumentationMiddleware->process()
#6 /usr/share/tuleap/src/common/Http/Server/ForceDisableErrorDisplayMiddleware.php(35): Tuleap\Http\Server\MiddlewareDispatcher->handle()
#7 /usr/share/tuleap/src/common/Http/Server/MiddlewareDispatcher.php(52): Tuleap\Http\Server\ForceDisableErrorDisplayMiddleware->process()
#8 /usr/share/tuleap/src/common/Request/DispatchablePSR15Compatible.php(62): Tuleap\Http\Server\MiddlewareDispatcher->handle()
#9 /usr/share/tuleap/src/common/Request/FrontRouter.php(242): Tuleap\Request\DispatchablePSR15Compatible->process()
#10 /usr/share/tuleap/src/common/Request/FrontRouter.php(98): Tuleap\Request\FrontRouter->routeHandler()
#11 /usr/share/tuleap/src/www/index.php(50): Tuleap\Request\FrontRouter->route()
#12 {main}

    And output from Nginx's error.log :

    2023/03/06 15:24:32 [crit] 23172#23172: *219 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: MY_IP, server: 0.0.0.0:443
    SCM/Subversion
    Empty
    EL9 (RockyLinux|AlmaLinux|RHEL)
    • [ ] enhancement
    • [ ] internal improvement
    Manuel Vacelet (vaceletm)
    Stage
    Florian KOZMIK (fkozmik)
    Closed
    2023-03-22
    Attachments
    Artifact links

    Releases

    Fixed in

    Artifact ID Project Tracker Summary Status Last Update Date Submitted By Assigned to
    rel #30364 Tuleap Releases 14.7 Delivered 2023-29-03 16:16 Manuel Vacelet (vaceletm)
    By Florian KOZMIK (fkozmik)
    (86 kB)
    svn_issue.png
    References
    Referencing request #31118

    Git commit

    tuleap/tuleap/stable

    fix request #31118 [EL9] Issue with SVN access f53acf9c68
    User avatar Manuel Vacelet (vaceletm) , 2023-03-22 08:56
    Merge 'gerrit #28148' into stable/master 5ef0279ec6
    User avatar Thomas Gerbet (tgerbet) , 2023-03-22 17:14
    Display settings

    Follow-ups

    User avatar
    Manuel Vacelet (vaceletm)2023-03-21 15:39

    I managed to reproduce the issue. It's a python3 thing

    • Status changed from Blocked to Under implementation
    User avatar
    Thomas Gerbet (tgerbet)2023-03-08 16:48

    This is unlikely, this message is not related to what you see in the web UI and the Python code do not process user credentials.

    The message about the rejection of an SVN personal access key is expected when you are using a password to authenticate (notice this is a debug message).

    User avatar
    Florian KOZMIK (fkozmik)2023-03-08 16:34

    Based on SVN personal access key authentication rejected: secret does not look like a valid personal access key, I think the culprit might be a ViewVC dependency called Chardet.

    As mentioned in the Add support of Enterprise Linux 9 Artifact, some dependencies to ViewVC are not yet present in the Tuleap bundle.

    Blocked until the two dependencies integration

    • Status changed from New to Blocked
    • Assigned to changed from None to Florian KOZMIK (fkozmik)
    User avatar
    Florian KOZMIK (fkozmik)2023-03-08 11:27

    I can confirm the issue is on both Rocky and Alma 9.
    I haven't tried yet on RHEL 9. To be continued...

    User avatar
    Florian KOZMIK (fkozmik)2023-03-06 16:34

    It seems as if only the siteadmin is allowed to check a SVN repo. I've given myself platform administration rights through permission delegation and I can access the revision logs

    User avatar
    Florian KOZMIK (fkozmik)2023-03-06 16:05
    • Original Submission
      Something went wrong, the follow up content couldn't be loaded
      Only formatting have been changed, you should switch to markup to see the changes
    User avatar
    Florian KOZMIK (fkozmik)2023-03-06 15:57
    • Original Submission
      Something went wrong, the follow up content couldn't be loaded
      Only formatting have been changed, you should switch to markup to see the changes