Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error 500 after successfull TFA and LDAP #5288

Closed
2 of 7 tasks
arodier opened this issue Jun 11, 2018 · 1 comment
Closed
2 of 7 tasks

Error 500 after successfull TFA and LDAP #5288

arodier opened this issue Jun 11, 2018 · 1 comment

Comments

@arodier
Copy link

arodier commented Jun 11, 2018

  • Gogs version (or commit ref): 0.11.34-1525806056.7ecf5f71.stretch
  • Git version: git version 2.11.0
  • Operating system: Debian stretch
  • Database (use [x]):
    • PostgreSQL
    • MySQL
    • MSSQL
    • SQLite
  • Can you reproduce the bug at https://try.gogs.io:
    • Yes (provide example URL)
    • No
    • Not relevant
  • Log gist (usually found in log/gogs.log):

2018/06/11 21:59:33 [ INFO] Listen: http://0.0.0.0:6000
2018/06/11 21:59:36 [TRACE] Log Mode: File (Trace)
2018/06/11 21:59:36 [ INFO] Gogs 0.11.48.0426
2018/06/11 21:59:36 [ INFO] Cache Service Enabled
2018/06/11 21:59:36 [ INFO] Session Service Enabled
2018/06/11 21:59:36 [ INFO] Mail Service Enabled
2018/06/11 21:59:36 [ INFO] Notify Mail Service Enabled
2018/06/11 21:59:37 [ INFO] Git Version: 2.11.0
2018/06/11 21:59:37 [ INFO] Run Mode: Production
2018/06/11 21:59:37 [TRACE] Doing: CheckRepoStats
2018/06/11 21:59:38 [ INFO] Listen: http://0.0.0.0:6000
2018/06/11 21:59:42 [TRACE] Session ID: 77ae09c30910c4b5
2018/06/11 21:59:42 [TRACE] CSRF Token: eDUzS0hvek3XNYNd8pjGwBonQbA6MTUyODc0ODYyMjUyNTA2NDg5OQ==
2018/06/11 21:59:42 [TRACE] Template: home
2018/06/11 21:59:45 [TRACE] Session ID: 77ae09c30910c4b5
2018/06/11 21:59:45 [TRACE] CSRF Token: eDUzS0hvek3XNYNd8pjGwBonQbA6MTUyODc0ODYyMjUyNTA2NDg5OQ==
2018/06/11 21:59:45 [TRACE] Template: user/auth/login
2018/06/11 21:59:51 [TRACE] Session ID: 77ae09c30910c4b5
2018/06/11 21:59:51 [TRACE] CSRF Token: eDUzS0hvek3XNYNd8pjGwBonQbA6MTUyODc0ODYyMjUyNTA2NDg5OQ==
2018/06/11 21:59:51 [TRACE] LDAP: Dialing with security protocol '2' without verifying: false
2018/06/11 21:59:51 [TRACE] LDAP will use BindDN
2018/06/11 21:59:51 [TRACE] Search for LDAP user: andre@rodier.me
2018/06/11 21:59:51 [TRACE] LDAP: Bound as BindDN: cn=readonly account,ou=users, dc=rodier,dc=me
2018/06/11 21:59:51 [TRACE] LDAP: Searching for DN using filter '(&(objectClass=posixAccount)(|(uid=andre@rodier.me)(mail=andre@rodier.me)))' and base 'dc=rodier,dc=me'
2018/06/11 21:59:51 [TRACE] Binding with userDN: cn=André Rodier,ou=users,dc=rodier,dc=me
2018/06/11 21:59:51 [TRACE] Bound successfully with userDN: cn=André Rodier,ou=users,dc=rodier,dc=me
2018/06/11 21:59:51 [TRACE] Fetching attributes 'uid', 'givenName', 'sn', 'mail', 'uid' with filter '(&(objectClass=posixAccount)(|(uid=andre@rodier.me)(mail=andre@rodier.me)))' and base 'cn=André Rodier,ou=users,dc=rodier,dc=me'
2018/06/11 21:59:51 [TRACE] Checking admin with filter '(uid=postmaster)' and base 'cn=André Rodier,ou=users,dc=rodier,dc=me'
2018/06/11 21:59:51 [ERROR] [...kg/auth/ldap/ldap.go:303 SearchEntry()] LDAP: Admin search failed: 0 entries
2018/06/11 21:59:51 [TRACE] Session ID: 77ae09c30910c4b5
2018/06/11 21:59:51 [TRACE] CSRF Token: eDUzS0hvek3XNYNd8pjGwBonQbA6MTUyODc0ODYyMjUyNTA2NDg5OQ==
2018/06/11 21:59:51 [TRACE] Template: user/auth/two_factor
2018/06/11 22:00:05 [TRACE] Session ID: 77ae09c30910c4b5
2018/06/11 22:00:05 [TRACE] CSRF Token: eDUzS0hvek3XNYNd8pjGwBonQbA6MTUyODc0ODYyMjUyNTA2NDg5OQ==
2018/06/11 22:00:05 [ERROR] [...g/context/context.go:171 ServerError()] ValidateTOTP: AESGCMDecrypt: cipher: message authentication failed
2018/06/11 22:00:05 [TRACE] Template: status/500
2018/06/11 22:00:30 [TRACE] Session ID: 77ae09c30910c4b5
2018/06/11 22:00:30 [TRACE] CSRF Token: eDUzS0hvek3XNYNd8pjGwBonQbA6MTUyODc0ODYyMjUyNTA2NDg5OQ==
2018/06/11 22:00:30 [TRACE] Template: user/auth/login
2018/06/11 22:00:34 [TRACE] Session ID: 77ae09c30910c4b5
2018/06/11 22:00:34 [TRACE] CSRF Token: eDUzS0hvek3XNYNd8pjGwBonQbA6MTUyODc0ODYyMjUyNTA2NDg5OQ==
2018/06/11 22:00:34 [TRACE] Template: user/auth/login
2018/06/11 22:00:40 [TRACE] Session ID: 77ae09c30910c4b5
2018/06/11 22:00:40 [TRACE] CSRF Token: eDUzS0hvek3XNYNd8pjGwBonQbA6MTUyODc0ODYyMjUyNTA2NDg5OQ==

Description

I have a 500 error message, once I am successfully authenticated against an LDAP server, just after the TFA pass.
@unknwon
Copy link
Member

unknwon commented Jun 12, 2018
edited

Hi,

2018/06/11 22:00:05 [ERROR] [...g/context/context.go:171 ServerError()] ValidateTOTP: AESGCMDecrypt: cipher: message authentication failed

AFA I can tell this is the error caused 500, it could be caused by you/someone recently changed your SECRET_KEY which breaks all current 2FA because it depends on it.

Currently, the only way to fix it is to disable all current 2FA by deleting all records from TwoFactor
and TwoFactorRecoveryCode tables. Or, you have backup of your custom/conf/app.ini and restore this value.

@unknwon unknwon closed this as completed Jun 12, 2018
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 31, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@arodier @unknwon