• Do not register here on develop.twiki.org, login with your twiki.org account.
• Use
Item7848 for generic doc work for TWiki-6.1.1. Use Item7851 for doc work on extensions that are not part of a release. More... Close
• Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
• Does this site look broken?. Use the LitterTray web for test cases.
• Use
Item7848 for generic doc work for TWiki-6.1.1. Use Item7851 for doc work on extensions that are not part of a release. More... Close • Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
• Does this site look broken?. Use the LitterTray web for test cases.
Item6147: Rare race condition in registration - damaged .htpasswd file
Item Form Data
| AppliesTo: | Component: | Priority: | CurrentState: | WaitingFor: | TargetRelease | ReleasedIn |
|---|---|---|---|---|---|---|
| Engine | Normal | New | n/a |
Edit Form Data
Detail
The registration process has a race condition. Today the .htpasswd file of twiki.org got cut in half, stopping at K entries. We had two registrations at exactly the same time (names obfuscated) :
- 10 Dec 2008
FWIW, this was evident by inspection when I wrote X509Plugin.
It does the necessary locking, so you can take the code from there. (However, note that X509 stores a bit more in the file than the standared authentication code does.)
-- TWiki:Main.TimotheLitt - 11 Jan 2009
| 10 Dec 2008 - 10:29 | MattOne | register | Main.MattOne | matt@example.com | 1.2.3.4 | | 10 Dec 2008 - 10:29 | MartinTwo | register | Main.MartinTwo | martin@example.com | 5.6.7.8 |We need to add locking to the .htpasswd file update to prevent this (very rare) race condition. (Fortunately I did a backup just 30 min earlier, so nothing was lost except for one user's passwd entry.) -- TWiki:Main/PeterThoeny
- 10 Dec 2008
FWIW, this was evident by inspection when I wrote X509Plugin.
It does the necessary locking, so you can take the code from there. (However, note that X509 stores a bit more in the file than the standared authentication code does.)
-- TWiki:Main.TimotheLitt - 11 Jan 2009
| ItemTemplate | |
|---|---|
| Summary | Rare race condition in registration - damaged .htpasswd file |
| ReportedBy |
TWiki:Main.PeterThoeny
|
| Codebase | 4.2.4, ~twiki4 |
| SVN Range | TWiki-5.0.0, Wed, 22 Oct 2008, build 17677 |
| AppliesTo | Engine |
| Component | |
| Priority | Normal |
| CurrentState | New |
| WaitingFor | |
| Checkins | |
| TargetRelease | n/a |
| ReleasedIn | |
Edit | Attach | Raw edit | More topic actionsTopic revision: r2 - 2009-01-11 - TimotheLitt
Site map
Bugs web
Create New Report
Index
Search
Detailed Items Query
Changes
100
Notifications
RSS Feed
Statistics
Preferences
Bugs 
Items by urgency
My Reports
Recently Closed
Extensions
By Status 
Waiting for Feedback
Confirmed
Being Worked On
Waiting for Release
No Action Required
Lima 
Fixes for Rel.Notes
Create Feature Request
Account 
Copyright © 2008-2023 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback