Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pam-login error #265

Closed
Ageman opened this issue Sep 12, 2022 · 6 comments
Closed

pam-login error #265

Ageman opened this issue Sep 12, 2022 · 6 comments
Labels
authentication HTTPAuthenticator middleware, WsgiDAVDomainController bug

Comments

@Ageman
Copy link

Ageman commented Sep 12, 2022
edited
Loading

Describe the bug
When I try to replace a file, I get an error with pam-login

To Reproduce
Start Server with pam-login
Using Mac Finder, replace a file

Expected behavior
Should work

Screenshots, Log-Files, Stacktrace

14:03:48.132 - DEBUG   : User 'dav' logged on.
14:03:48.132 - DEBUG   : Raising DAVError 404 Not Found: /._Bildschirmfoto 2021-11-19 um 08.25.31 9.png
14:03:48.132 - DEBUG   : Caught (404, '/._Bildschirmfoto 2021-11-19 um 08.25.31 9.png')
14:03:48.132 - INFO    : 192.168.100.189 - dav - [2022-09-12 12:03:48] "PROPFIND /._Bildschirmfoto 2021-11-19 um 08.25.31 9.png" length=179, depth=0, connection="keep-alive", agent="WebDAVFS/3.0.0 (03008000) Darwin/21.6.0 (x86_64)", elap=0.036sec -> 404 Not Found
14:03:48.202 - WARNING : pam.authenticate('dav', '***', 'login') failed with code 4: System error
14:03:48.206 - WARNING : Authentication (basic) failed for user 'dav', realm 'PAM(login)'.
14:03:48.206 - DEBUG   : 401 Not Authorized for realm 'PAM(login)' (basic)
14:03:48.206 - INFO    : 192.168.100.189 - (anonymous) - [2022-09-12 12:03:48] "PROPFIND /" length=179, depth=1, connection="keep-alive", agent="WebDAVFS/3.0.0 (03008000) Darwin/21.6.0 (x86_64)", elap=0.072sec -> 401 Not Authorized
14:03:48.206 - ERROR   : Traceback (most recent call last):
  File "/usr/local/lib/python3.9/dist-packages/wsgidav/error_printer.py", line 49, in __call__
    app_iter = self.next_app(environ, sub_app_start_response)
  File "/usr/local/lib/python3.9/dist-packages/wsgidav/http_authenticator.py", line 252, in __call__
    return self.handle_basic_auth_request(environ, start_response)
  File "/usr/local/lib/python3.9/dist-packages/wsgidav/http_authenticator.py", line 306, in handle_basic_auth_request
    if self.domain_controller.basic_auth_user(realm, user_name, password, environ):
  File "/usr/local/lib/python3.9/dist-packages/wsgidav/dc/pam_dc.py", line 45, in basic_auth_user
    is_ok = pam.authenticate(
  File "/usr/local/lib/python3.9/dist-packages/pam/__internals.py", line 371, in authenticate
    auth_success = self.pam_acct_mgmt(self.handle, 0)
ctypes.ArgumentError: argument 1: <class 'TypeError'>: expected PamHandle instance instead of NoneType

14:03:48.207 - DEBUG   : Caught 500
14:03:48.207 - DEBUG   : 401 Not Authorized for realm 'PAM(login)' (basic)
14:03:48.207 - INFO    : 192.168.100.189 - (anonymous) - [2022-09-12 12:03:48] "PROPFIND /" length=179, depth=1, connection="keep-alive", agent="WebDAVFS/3.0.0 (03008000) Darwin/21.6.0 (x86_64)", elap=0.000sec -> 401 Not Authorized
14:03:48.207 - ERROR   : Caught HTTPRequestException(HTTP_INTERNAL_ERROR)
Traceback (most recent call last):
  File "/usr/local/lib/python3.9/dist-packages/wsgidav/error_printer.py", line 49, in __call__
    app_iter = self.next_app(environ, sub_app_start_response)
  File "/usr/local/lib/python3.9/dist-packages/wsgidav/http_authenticator.py", line 252, in __call__
    return self.handle_basic_auth_request(environ, start_response)
  File "/usr/local/lib/python3.9/dist-packages/wsgidav/http_authenticator.py", line 306, in handle_basic_auth_request
    if self.domain_controller.basic_auth_user(realm, user_name, password, environ):
  File "/usr/local/lib/python3.9/dist-packages/wsgidav/dc/pam_dc.py", line 45, in basic_auth_user
    is_ok = pam.authenticate(
  File "/usr/local/lib/python3.9/dist-packages/pam/__internals.py", line 371, in authenticate
    auth_success = self.pam_acct_mgmt(self.handle, 0)
ctypes.ArgumentError: argument 1: <class 'TypeError'>: expected PamHandle instance instead of NoneType

Environment:

WsgiDAV/4.0.2 Python/3.9.2(64 bit) Linux-5.15.39-1-pve-x86_64-with-glibc2.31
Python from: /usr/bin/python3

Which WSGI server was used (cheroot, ext-wsgiutils, gevent, gunicorn, paste, uvicorn, wsgiref, ...)?
default, started with

 wsgidav --host=0.0.0.0 --port=8008 --root=/t --auth=pam-login -v

Which WebDAV client was used (MS File Explorer, MS Office, macOS Finder, WinSCP, Windows, file mapping, ...)?
OSX Finder
@Ageman Ageman added the bug label Sep 12, 2022
@mar10 mar10 added the authentication HTTPAuthenticator middleware, WsgiDAVDomainController label Sep 12, 2022
@mar10 mar10 closed this as completed in d676a8a Sep 14, 2022
@mar10 mar10 mentioned this issue Sep 14, 2022
Open
mar10 added a commit that referenced this issue Sep 14, 2022
@mar10
Update pam_dc.py
6c04339 
Update #265
@Ramel
Copy link

Ramel commented Oct 26, 2022

Hello, it seems I have the same error with multi thread pam logging, which end with a segmentation fault. The server use python3.7, should I test with a 3.9 before reopening this issue? If i use one connection instead of five in my client runs without any problem.

@mar10
Copy link
Owner

mar10 commented Oct 29, 2022

Does the stack trace indicate that the lock in pam_dc.py did not work, or did it happen outside?

@Ramel
Copy link

Ramel commented Nov 1, 2022

The segmentation fault disappear while upgrading to Python 3.9.2.

But now with multiple call to wsgidav, it hangs like that:

Nov  1 13:28:07 ns3151156 wsgidav_service[27302]: 13:28:07.732 - INFO    : ***.***.***.*** - username - [2022-11-01 12:28:07] "GET /backup/file.txt" depth=0, agent="***", elap=0.025sec -> 200 OK
Nov  1 13:28:12 ns3151156 wsgidav_service[27302]: 13:28:12.164 - DEBUG   : User 'username' logged on.
Nov  1 13:28:12 ns3151156 wsgidav_service[27302]: 13:28:12.196 - INFO    : ***.***.***.*** - username - [2022-11-01 12:28:12] "PROPFIND /backup/file2.txt" length=99, depth=0, agent="***", elap=0.055sec -> 207 Multi-Status
Nov  1 13:28:12 ns3151156 wsgidav_service[27302]: 13:28:12.228 - DEBUG   : User 'username' logged on.
Nov  1 13:28:12 ns3151156 wsgidav_service[27302]: 13:28:12.228 - INFO    : ***.***.***.*** - username - [2022-11-01 12:28:12] "PROPFIND /backup/file2.txt" length=99, depth=0, agent="***", elap=0.025sec -> 207 Multi-Status
Nov  1 13:28:12 ns3151156 wsgidav_service[27302]: 13:28:12.254 - WARNING : pam.authenticate('username', '***', 'login') failed with code 4: System error
Nov  1 13:28:12 ns3151156 wsgidav_service[27302]: 13:28:12.254 - WARNING : Authentication (basic) failed for user 'username', realm 'PAM(login)'.
Nov  1 13:28:12 ns3151156 wsgidav_service[27302]: 13:28:12.254 - DEBUG   : 401 Not Authorized for realm 'PAM(login)' (basic)
Nov  1 13:28:12 ns3151156 wsgidav_service[27302]: 13:28:12.254 - INFO    : ***.***.***.*** - (anonymous) - [2022-11-01 12:28:12] "PROPFIND /backup/file2.txt" length=99, depth=0, agent="***", elap=0.024sec -> 401 Not Authorized
Nov  1 13:28:12 ns3151156 wsgidav_service[27302]: 13:28:12.265 - WARNING : pam.authenticate('username', '***', 'login') failed with code 4: System error
Nov  1 13:28:12 ns3151156 wsgidav_service[27302]: 13:28:12.265 - WARNING : Authentication (basic) failed for user 'username', realm 'PAM(login)'.
Nov  1 13:28:12 ns3151156 wsgidav_service[27302]: 13:28:12.265 - DEBUG   : 401 Not Authorized for realm 'PAM(login)' (basic)
Nov  1 13:28:12 ns3151156 wsgidav_service[27302]: 13:28:12.265 - INFO    : ***.***.***.*** - (anonymous) - [2022-11-01 12:28:12] "PROPFIND /backup/file2.txt" length=99, depth=0, agent="***", elap=0.020sec -> 401 Not Authorized
Nov  1 13:28:12 ns3151156 wsgidav_service[27302]: malloc(): unsorted double linked list corrupted
Nov  1 13:28:17 ns3151156 wsgidav_service[27326]: Command line args:

@mar10
Copy link
Owner

mar10 commented Nov 1, 2022

@Ramel
The fix was commited, but is not yet offcially released. Did you try with the latest code from the repo?

@Ramel
Copy link

Ramel commented Nov 2, 2022

Not yet, I will try with latest code, thank you!

@Ramel
Copy link

Ramel commented Nov 2, 2022

It's ok with wsgidav 4.0.3-a1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
authentication HTTPAuthenticator middleware, WsgiDAVDomainController bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mar10 @Ramel @Ageman