Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

authentication via LDAP is still broken #7038

Closed
git-minix opened this issue Mar 4, 2020 · 3 comments
Closed

authentication via LDAP is still broken #7038

git-minix opened this issue Mar 4, 2020 · 3 comments

Comments

@git-minix
Copy link

git-minix commented Mar 4, 2020
edited
Loading

Description

Also with matrix-synapse version 1.11.0+stretch1 the LDAP auth is broken

see closed issue #6772 and the hotfix from erikjohnston

Steps to reproduce

Open Riot Web
Log in with any existing user
Error message: Fehler: Problem bei der Kommunikation mit dem angegebenen Home-Server. (M_UNKNOWN)

Version information

matrix-synapse version 1.11.0+stretch1
Debian 9.12

  • Install method:
    apt install

The old Hotfix works

diff --git a/synapse/module_api/__init__.py b/synapse/module_api/__init__.py
index d680ee95e..80298ecee 100644
--- a/synapse/module_api/__init__.py
+++ b/synapse/module_api/__init__.py
@@ -37,6 +37,7 @@ class ModuleApi(object):
 
     def __init__(self, hs, auth_handler):
         self._hs = hs
+        self.hs = hs
 
         self._store = hs.get_datastore()
         self._auth = hs.get_auth()

Is there a permanent solution? I have expected that this old critical bug (since version 1.9) is fixed in the recent versions.
@git-minix
Copy link
Author

git-minix commented Mar 4, 2020
edited
Loading 

2020-03-04 20:40:02,240 - synapse.http.server - 110 - ERROR - POST-13853 - Failed handle request via 'LoginRestServlet': <SynapseRequest at 0x7f6b72eb1400 method='POST' uri='/_matrix/client/r0/login' clientproto='HTTP/1.1' site=8008>
Traceback (most recent call last):
  File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/internet/defer.py", line 1418, in _inlineCallbacks
    result = g.send(result)
StopIteration: {}

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/internet/defer.py", line 1418, in _inlineCallbacks
    result = g.send(result)
StopIteration: {}

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/internet/defer.py", line 1418, in _inlineCallbacks
    result = g.send(result)
StopIteration: ('@xxxxxxx', '')

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/internet/defer.py", line 1418, in _inlineCallbacks
    result = g.send(result)
StopIteration: @xxxxxxx

...

Traceback (most recent call last):
  File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/synapse/http/server.py", line 78, in wrapped_request_handler
    await h(self, request)
  File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/synapse/http/server.py", line 331, in _async_render
    callback_return = await callback_return
  File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/synapse/rest/client/v1/login.py", line 150, in on_POST
    result = await self._do_other_login(login_submission)
  File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/synapse/rest/client/v1/login.py", line 281, in _do_other_login
    identifier["user"], login_submission
  File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/internet/defer.py", line 1416, in _inlineCallbacks
    result = result.throwExceptionIntoGenerator(g)
  File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/python/failure.py", line 512, in throwExceptionIntoGenerator
    return g.throw(self.type, self.value, self.tb)
  File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/synapse/handlers/auth.py", line 622, in validate_login
    is_valid = yield provider.check_password(qualified_user_id, password)
  File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/internet/defer.py", line 1418, in _inlineCallbacks
    result = g.send(result)
  File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/rest_auth_provider.py", line 82, in check_password
    store = yield self.account_handler.hs.get_profile_handler().store
AttributeError: 'ModuleApi' object has no attribute 'hs'

@richvdh
Copy link
Member

richvdh commented Mar 4, 2020
edited
Loading

As #6772 explained, the permanent fix is for the external password providers to stop using internal parts of synapse: this is a bug in ma1sd, not synapse.

as #6772 also explains, it looks like a temporary patch has been made in ma1sd's master branch, but that has not been released yet. Also note that it's still using internal parts of the synapse, so it is likely to break again as synapse evolves.

@richvdh richvdh closed this as completed Mar 4, 2020
@eMPee584
Copy link

eMPee584 commented Mar 22, 2020
edited
Loading

Also note that it's still using internal parts of the synapse, so it is likely to break again as synapse evolves.

Any ideas how to bend that proper?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@eMPee584 @richvdh @git-minix