Error in _check_userline for HtDigestStore

[bjoern.wolf@…]

The method "_check_userline" (on line 176) in class HtDigestStore (file htfile.py) seems to reference a global variable "user" which is not there. This error prevents users from logging in if the environment has been set to use HtDigestStore.

[David Sharp]

I think this is a case of a missing parameter. Bug was introduced in [2120].

Here's a pretty minimal patch for the 0.10 branch that just adds user as a parameter where needed.

acct_mgr/htfile.py

@@ -68 +68 @@
         try:
             for line in fd:
                 if line.startswith(prefix):
-                    return self._check_userline(password, prefix,
+                    return self._check_userline(user, password, prefix,
                                                 line[len(prefix):].rstrip('\n'))
         finally:
             fd.close()
@@ -134 +134 @@
     def userline(self, user, password):
         return self.prefix(user) + htpasswd(password)
 
-    def _check_userline(self, password, prefix, suffix):
+    def _check_userline(self, user, password, prefix, suffix):
         return suffix == htpasswd(password, suffix)
 
     def _get_users(self, filename):
@@ -172 +172 @@
     def userline(self, user, password):
         return self.prefix(user) + htdigest(user, self.realm, password)
 
-    def _check_userline(self, password, prefix, suffix):
+    def _check_userline(self, user, password, prefix, suffix):
         return suffix == htdigest(user, self.realm, password)
 
     def _get_users(self, filename):

[brendan@…]

An even smaller fix:

acct_mgr/htfile.py

@@ -173 +173 @@
         return self.prefix(user) + htdigest(user, self.realm, password)
 
     def _check_userline(self, password, prefix, suffix):
+        user = prefix.split(':')[0]
         return suffix == htdigest(user, self.realm, password)
 
     def _get_users(self, filename):

[Matt Good]

(In [2171]) fix bug in r2120 with checking htdigest passwords (fixes #1410)