search

restic / rest-server

Rest Server is a high performance HTTP server that implements restic's REST backend API.
BSD 2-Clause "Simplified" License
943 stars 140 forks source link

Auth with .htpasswd fails #168

Closed Phlogi closed 2 years ago

Phlogi commented 3 years ago

Output of rest-server --version

rest-server 0.10.0 compiled with go1.15.2 on windows/amd64

How did you run rest-server exactly?

rest-server.exe --listen ":9100" --append-only --path "D:\Backup" --tls --tls-cert "C:\restic\rest-server\public-key.txt" --tls-key "C:\restic\rest-server\private-key.txt" --debug

What backend/server/service did you use to store the repository?

File-based.

Expected behavior

Actual behavior

restic -r rest:https://test:hallo@domain.removed:9100/restic-repo list keys --cacert public_key Fatal: unable to open config file: unexpected HTTP response (401): 401 Unauthorized Is there a repository at the following location? rest:https://test:***@domain.removed:9100/restic-repo/

Steps to reproduce the behavior

  1. Remove --no-auth flag from server
  2. Add .htaccess with htpasswd -n -b -B test hallo
  3. Put file on the rest host (windows), see attached file, maybe it's wrong for some reason?! htpasswd.txt
  4. Try to list repo from remove --> Error as above

Do you have any idea what may have caused this?

An issue with the .htaccess file on windows? I changed EOL to Unix already without any luck. Update: I added a garbage line 2 in the file at then rest-server is complaining, so it seems that the file is read: Authentication enabled error: cannot load .htpasswd (use --no-auth to disable): record on line 2: wrong number of fields

Do you have an idea how to solve the issue?

N/A

Did rest-server help you today? Did it make you happy in any way?

Yeah it's great but i'd feel better using it with .htaccess :)

MichaelEischer commented 2 years ago

The problem is probably that the htpasswd file starts with a UTF8 BOM (Byte-Order Marker). rest-server expects this file to be plain UTF8. Both windows and unix line ending should work.

rawtaz commented 2 years ago

@Phlogi Can you verify that the BOM was the culprit so that we can close this issue?

MichaelEischer commented 2 years ago

@jswinner what did you reproduce exactly? The provided htpasswd.txt doesn't work due to the BOM. Just remove it and then the authentication works as expected.

MichaelEischer commented 2 years ago

@jswinner I don't see how the problem you've just described is related to this issue.

jswinner commented 2 years ago

Sorry for the noise

Phlogi commented 2 years ago

@Phlogi Can you verify that the BOM was the culprit so that we can close this issue?

Not yet, but i'll try to do it soon.

rawtaz commented 2 years ago

I'm closing this issue now. Feel perfectly free to re-open it if you discover that it wasn't the BOM that was the cause.