https://www.redmine.org/https://www.redmine.org/favicon.ico?16793021292020-10-20T00:14:02ZRedmineRedmine - Patch #34071: Handle AuthSourceExceptions in User.try_to_loginhttps://www.redmine.org/issues/34071?journal_id=994652020-10-20T00:14:02ZGo MAEDA
<ul><li><strong>Category</strong> set to <i>Accounts / authentication</i></li><li><strong>Target version</strong> set to <i>Candidate for next major release</i></li></ul> Redmine - Patch #34071: Handle AuthSourceExceptions in User.try_to_loginhttps://www.redmine.org/issues/34071?journal_id=995252020-10-23T08:39:24ZGo MAEDA
<ul></ul><p>The patch also fixes an issue that Redmine might return 500 error and HTML body against an API request.</p>
<pre>
$ curl -v --user dlopper:foo http://localhost:3000/issues/1.json
* Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 3000 (#0)
* Server auth using Basic with user 'dlopper'
> GET /issues/1.json HTTP/1.1
> Host: localhost:3000
> Authorization: Basic ZGxvcHBlcjpmb28=
> User-Agent: curl/7.64.1
> Accept: */*
>
< HTTP/1.1 500 Internal Server Error
< Content-Type: text/html; charset=utf-8
< X-Request-Id: 96e3f1a3-256f-4b0e-a570-b60a8a767ba6
< X-Runtime: 0.205900
< Content-Length: 93450
<
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Action Controller: Exception caught</title>
<style>
body {
background-color: #FAFAFA;
.
.
.
</pre> Redmine - Patch #34071: Handle AuthSourceExceptions in User.try_to_loginhttps://www.redmine.org/issues/34071?journal_id=995282020-10-24T01:41:39ZGo MAEDA
<ul><li><strong>Target version</strong> changed from <i>Candidate for next major release</i> to <i>4.2.0</i></li></ul><p>Setting the target version to 4.2.0.</p> Redmine - Patch #34071: Handle AuthSourceExceptions in User.try_to_loginhttps://www.redmine.org/issues/34071?journal_id=995712020-10-27T23:42:36ZGo MAEDA
<ul></ul><p>After applying the patch, deprecation warnings are displayed during a test.</p>
<pre>
$ ruby test/unit/user_test.rb
Deprecation warning: Net::LDAP::ConnectionRefused will be deprecated. Use Errno::ECONNREFUSED instead.
Skipping LDAP tests.
Run options: --seed 11608
# Running:
..........................Deprecation warning: Net::LDAP::ConnectionRefused will be deprecated. Use Errno::ECONNREFUSED instead.
Deprecation warning: Net::LDAP::ConnectionRefused will be deprecated. Use Errno::ECONNREFUSED instead.
...................................................Deprecation warning: Net::LDAP::ConnectionRefused will be deprecated. Use Errno::ECONNREFUSED instead.
Deprecation warning: Net::LDAP::ConnectionRefused will be deprecated. Use Errno::ECONNREFUSED instead.
..............................................Deprecation warning: Net::LDAP::ConnectionRefused will be deprecated. Use Errno::ECONNREFUSED instead.
Deprecation warning: Net::LDAP::ConnectionRefused will be deprecated. Use Errno::ECONNREFUSED instead.
.............
Finished in 9.026865s, 15.0661 runs/s, 34.6743 assertions/s.
136 runs, 313 assertions, 0 failures, 0 errors, 0 skips
</pre> Redmine - Patch #34071: Handle AuthSourceExceptions in User.try_to_loginhttps://www.redmine.org/issues/34071?journal_id=997032020-11-12T02:16:47ZGo MAEDA
<ul></ul><p>The deprecation warning is displayed after executing <a class="source" href="https://www.redmine.org/projects/redmine/repository/svn/entry/branches/4.1-stable/app/models/auth_source_ldap.rb#L101">source:branches/4.1-stable/app/models/auth_source_ldap.rb#L101</a>.</p>
<pre><code class="ruby syntaxhl"> <span class="n">ldap_con</span><span class="p">.</span><span class="nf">search</span><span class="p">(</span><span class="ss">:base</span> <span class="o">=></span> <span class="nb">self</span><span class="p">.</span><span class="nf">base_dn</span><span class="p">,</span>
<span class="ss">:filter</span> <span class="o">=></span> <span class="n">search_filter</span><span class="p">,</span>
<span class="ss">:attributes</span> <span class="o">=></span> <span class="p">[</span><span class="s1">'dn'</span><span class="p">,</span> <span class="nb">self</span><span class="p">.</span><span class="nf">attr_login</span><span class="p">,</span> <span class="nb">self</span><span class="p">.</span><span class="nf">attr_firstname</span><span class="p">,</span> <span class="nb">self</span><span class="p">.</span><span class="nf">attr_lastname</span><span class="p">,</span> <span class="nb">self</span><span class="p">.</span><span class="nf">attr_mail</span><span class="p">],</span>
<span class="ss">:size</span> <span class="o">=></span> <span class="mi">10</span><span class="p">)</span> <span class="k">do</span> <span class="o">|</span><span class="n">entry</span><span class="o">|</span>
<span class="n">attrs</span> <span class="o">=</span> <span class="n">get_user_attributes_from_ldap_entry</span><span class="p">(</span><span class="n">entry</span><span class="p">)</span>
<span class="n">attrs</span><span class="p">[</span><span class="ss">:login</span><span class="p">]</span> <span class="o">=</span> <span class="no">AuthSourceLdap</span><span class="p">.</span><span class="nf">get_attr</span><span class="p">(</span><span class="n">entry</span><span class="p">,</span> <span class="nb">self</span><span class="p">.</span><span class="nf">attr_login</span><span class="p">)</span>
<span class="n">results</span> <span class="o"><<</span> <span class="n">attrs</span>
<span class="k">end</span>
</code></pre>
<pre>
[1] pry(main)> AuthSourceLdap.first.authenticate('admin', 'admin')
AuthSourceLdap Load (0.2ms) SELECT "auth_sources".* FROM "auth_sources" WHERE "auth_sources"."type" IN ('AuthSourceLdap') ORDER BY "auth_sources"."id" ASC LIMIT ? [["LIMIT", 1]]
Deprecation warning: Net::LDAP::ConnectionRefused will be deprecated. Use Errno::ECONNREFUSED instead.
Deprecation warning: Net::LDAP::ConnectionRefused will be deprecated. Use Errno::ECONNREFUSED instead.
AuthSourceException: Connection refused - connect(2) for 0.0.0.0:389
from /path/to/redmine/app/models/auth_source_ldap.rb:66:in `rescue in authenticate'
Caused by Net::LDAP::ConnectionRefusedError: Connection refused - connect(2) for 0.0.0.0:389
from /path/to/gems/ruby/2.7.0/gems/net-ldap-0.16.3/lib/net/ldap/connection.rb:72:in `open_connection'
</pre> Redmine - Patch #34071: Handle AuthSourceExceptions in User.try_to_loginhttps://www.redmine.org/issues/34071?journal_id=997072020-11-12T06:50:45ZGo MAEDA
<ul><li><strong>Target version</strong> changed from <i>4.2.0</i> to <i>Candidate for next major release</i></li></ul><p>I have confirmed that using the master branch of net-ldap fixes the deprecation warning. Probably it will be fixed in the feature version of net-ldap.</p>
<p>I will await new releases of net-ldap.</p>
<pre><code class="diff syntaxhl"><span class="gh">diff --git a/Gemfile b/Gemfile
index c6edcf370..193dfb0a8 100644
</span><span class="gd">--- a/Gemfile
</span><span class="gi">+++ b/Gemfile
</span><span class="p">@@ -28,7 +28,7 @@</span> gem 'rqrcode'
# Optional gem for LDAP authentication
group :ldap do
<span class="gd">- gem "net-ldap", "~> 0.16.0"
</span><span class="gi">+ gem "net-ldap", git: 'https://github.com/ruby-ldap/ruby-net-ldap'
</span> end
# Optional gem for OpenID authentication
</code></pre> Redmine - Patch #34071: Handle AuthSourceExceptions in User.try_to_loginhttps://www.redmine.org/issues/34071?journal_id=999002020-11-30T04:37:50ZGo MAEDA
<ul><li><strong>Blocked by</strong> <i><a class="issue tracker-3 status-5 priority-4 priority-default closed" href="/issues/34339">Patch #34339</a>: Update net-ldap to 0.17</i> added</li></ul> Redmine - Patch #34071: Handle AuthSourceExceptions in User.try_to_loginhttps://www.redmine.org/issues/34071?journal_id=999132020-11-30T14:02:47ZGo MAEDA
<ul><li><strong>Target version</strong> changed from <i>Candidate for next major release</i> to <i>4.2.0</i></li></ul><p>The deprecation warning was fixed by updating net-ldap to 0.17.0.</p>
<p>Setting the target version to 4.2.0.</p> Redmine - Patch #34071: Handle AuthSourceExceptions in User.try_to_loginhttps://www.redmine.org/issues/34071?journal_id=999502020-12-02T13:56:27ZGo MAEDA
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Closed</i></li><li><strong>Assignee</strong> set to <i>Go MAEDA</i></li></ul><p>Committed the patch. Thank you for your contribution.</p> Redmine - Patch #34071: Handle AuthSourceExceptions in User.try_to_loginhttps://www.redmine.org/issues/34071?journal_id=1026182021-05-31T04:51:19ZGo MAEDA
<ul><li><strong>Subject</strong> changed from <i>handle AuthSourceExceptions in User.try_to_login</i> to <i>Handle AuthSourceExceptions in User.try_to_login</i></li></ul>