Bug#266218: marked as done (apache-ssl: Basic Auth fails)

To: Fabio Massimo Di Nitto <fabbione@fabbione.net>
Cc: Debian Apache Maintainers <debian-apache@lists.debian.org>
Subject: Bug#266218: marked as done (apache-ssl: Basic Auth fails)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Tue, 17 Aug 2004 00:48:57 -0700
Message-id: <[🔎] handler.266218.D266218.10927285803399.ackdone@bugs.debian.org>
In-reply-to: <[🔎] Pine.LNX.4.58.0408170941520.4829@trider-g7.ext.fabbione.net>
References: <[🔎] Pine.LNX.4.58.0408170941520.4829@trider-g7.ext.fabbione.net> <[🔎] 20040817025523.3302E4C198@mail.fasttrack.net.au>

Your message dated Tue, 17 Aug 2004 09:42:51 +0200 (CEST)
with message-id <[🔎] Pine.LNX.4.58.0408170941520.4829@trider-g7.ext.fabbione.net>
and subject line Bug#266218: apache-ssl: Basic Auth fails
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 17 Aug 2004 02:55:59 +0000
>From lewis@mail.fasttrack.net.au Mon Aug 16 19:55:59 2004
Return-path: <lewis@mail.fasttrack.net.au>
Received: from adsl-135-120.swiftdsl.com.au (mail.fasttrack.net.au) [218.214.135.120] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1Bwu8i-000451-00; Mon, 16 Aug 2004 19:55:56 -0700
Received: from localhost (fatswan [127.0.0.1])
	by mail.fasttrack.net.au (Postfix) with ESMTP id 3E4484C030;
	Tue, 17 Aug 2004 12:55:27 +1000 (EST)
Received: from mail.fasttrack.net.au ([127.0.0.1])
	by localhost (fatswan [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 29258-03; Tue, 17 Aug 2004 12:55:24 +1000 (EST)
Received: by mail.fasttrack.net.au (Postfix, from userid 1000)
	id 3302E4C198; Tue, 17 Aug 2004 12:55:23 +1000 (EST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: administrator <ls@fasttrack.net.au>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: apache-ssl: Basic Auth fails
X-Mailer: reportbug 2.64
Date: Tue, 17 Aug 2004 12:55:23 +1000
Message-Id: <[🔎] 20040817025523.3302E4C198@mail.fasttrack.net.au>
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at fasttrack.net.au
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
	autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

Package: apache-ssl
Version: 1.3.31-3
Severity: grave
Justification: user security hole

Basic Auth no longer works.  Worked for years prior to upgrade.  Auth module is loaded correctly from modules.conf

LoadModule auth_module /usr/lib/apache/1.3/mod_auth_ssl.so

regeneration of users & passwords using htpasswd also has no effect.  apache-utils is also Version: 1.3.31-3
permissions appear to have no effect. 

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.7
Locale: LANG=C, LC_CTYPE=C

Versions of packages apache-ssl depends on:
ii  apache-common               1.3.31-3     Support files for all Apache webse
ii  debconf                     1.4.30       Debian configuration management sy
ii  dpkg                        1.10.23      Package maintenance system for Deb
ii  libc6                       2.3.2.ds1-13 GNU C Library: Shared libraries an
ii  libdb4.2                    4.2.52-16    Berkeley v4.2 Database Libraries [
ii  libexpat1                   1.95.6-8     XML parsing C library - runtime li
ii  libkeynote0                 2.3-10       Decentralized Trust-Management sys
ii  libmagic1                   4.10-2       File type determination library us
ii  libpam0g                    0.76-22      Pluggable Authentication Modules l
ii  libssl0.9.7                 0.9.7d-5     SSL shared libraries
ii  logrotate                   3.7-2        Log rotation utility
ii  mime-support                3.28-1       MIME files 'mime.types' & 'mailcap
ii  openssl                     0.9.7d-5     Secure Socket Layer (SSL) binary a
ii  perl                        5.8.4-2      Larry Wall's Practical Extraction 
ii  ssl-cert                    1.0-8        Simple debconf wrapper for openssl

-- debconf information:
  apache-ssl/server-name: localhost
  apache-ssl/server-admin: webmaster@mail.fasttrack.net.au
* apache-ssl/enable-suexec: false
  apache-ssl/init: true
  apache-ssl/document-root: /var/www

---------------------------------------
Received: (at 266218-done) by bugs.debian.org; 17 Aug 2004 07:43:00 +0000
>From fabbione@fabbione.net Tue Aug 17 00:43:00 2004
Return-path: <fabbione@fabbione.net>
Received: from port1845.ds1-khk.adsl.cybercity.dk (trider-g7.fabbione.net) [212.242.190.82] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1BwycW-0000se-00; Tue, 17 Aug 2004 00:43:00 -0700
Received: from localhost (localhost [127.0.0.1])
	by trider-g7.fabbione.net (Postfix) with ESMTP id 8A6A0333D;
	Tue, 17 Aug 2004 09:42:57 +0200 (CEST)
Received: from trider-g7.fabbione.net ([127.0.0.1])
	by localhost (trider-g7 [127.0.0.1]) (amavisd-new, port 10024)
	with LMTP id 14233-01-10; Tue, 17 Aug 2004 09:42:52 +0200 (CEST)
Received: from trider-g7.ext.fabbione.net (port1845.ds1-khk.adsl.cybercity.dk [212.242.190.82])
	by trider-g7.fabbione.net (Postfix) with ESMTP id F41DA3231;
	Tue, 17 Aug 2004 09:42:51 +0200 (CEST)
Date: Tue, 17 Aug 2004 09:42:51 +0200 (CEST)
From: Fabio Massimo Di Nitto <fabbione@fabbione.net>
Sender: fabbione@fabbione.net
To: administrator <ls@fasttrack.net.au>, 266218-done@bugs.debian.org
Cc: Debian Apache Maintainers <debian-apache@lists.debian.org>
Subject: Re: Bug#266218: apache-ssl: Basic Auth fails
In-Reply-To: <[🔎] 20040817025523.3302E4C198@mail.fasttrack.net.au>
Message-ID: <[🔎] Pine.LNX.4.58.0408170941520.4829@trider-g7.ext.fabbione.net>
References: <[🔎] 20040817025523.3302E4C198@mail.fasttrack.net.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at fabbione.net
Delivered-To: 266218-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
	autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

On Tue, 17 Aug 2004, administrator wrote:

> Package: apache-ssl
> Version: 1.3.31-3
> Severity: grave
> Justification: user security hole
>
> Basic Auth no longer works.  Worked for years prior to upgrade.  Auth module is loaded correctly from modules.conf
>
> LoadModule auth_module /usr/lib/apache/1.3/mod_auth_ssl.so
>
> regeneration of users & passwords using htpasswd also has no effect.  apache-utils is also Version: 1.3.31-3
> permissions appear to have no effect.

This upstream behaviour change has been documented in
/usr/share/doc/apache-ssl/README.Debian and reported already other times.

Fabio

-- 
<user> fajita: step one
<fajita> Whatever the problem, step one is always to look in the error log.
<user> fajita: step two
<fajita> When in danger or in doubt, step two is to scream and shout.

Reply to:

References:
- Re: Bug#266218: apache-ssl: Basic Auth fails
  - From: Fabio Massimo Di Nitto <fabbione@fabbione.net>
- Bug#266218: apache-ssl: Basic Auth fails
  - From: administrator <ls@fasttrack.net.au>

Prev by Date: Re: Bug#266218: apache-ssl: Basic Auth fails
Next by Date: Bug#266230: pache2-mpm-prefork: apache2 is down during connection.
Previous by thread: Re: Bug#266218: apache-ssl: Basic Auth fails
Next by thread: Bug#266230: apache2-mpm-prefork: apache2 is down during connection.
Index(es):
- Date
- Thread