crypt.crypt() changed in Xenial causing incorrectly generated .htpasswd entries

Bug #1722209 reported by Haw Loeung
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Launchpad itself
Colin Watson

Bug Description


Private PPAs are locked down using htaccess/htpassword. The server hosting Private PPAs, haetae, was recently upgraded to Xenial.

Unfortunately, it seems that crypt.crypt() has changed and if the salt used contains dashes ('-'), it would return None where previously it would be allowed. The salt LP uses is usually the first two characters of the username.

| >>> crypt.crypt('foobar', 'j-')
| >>>

Thanks to cjwatson for discovering and confirming this.

Related branches

Revision history for this message
Colin Watson (cjwatson) wrote :
tags: added: lp-soyuz ppa regression soyuz-publish
Changed in launchpad:
status: New → Triaged
importance: Undecided → Critical
Haw Loeung (hloeung)
description: updated
Colin Watson (cjwatson)
Changed in launchpad:
assignee: nobody → Colin Watson (cjwatson)
status: Triaged → In Progress
Revision history for this message
Launchpad QA Bot (lpqabot) wrote :
tags: added: qa-needstesting
Changed in launchpad:
status: In Progress → Fix Committed
Colin Watson (cjwatson)
tags: added: qa-ok
removed: qa-needstesting
Revision history for this message
Colin Watson (cjwatson) wrote :

Fixed on production, though there'll have to be some change to the authentication tokens associated with the small number of affected PPAs (creating/revoking a token would do it) in order to force Launchpad to regenerate the incorrect .htpasswd files.

Changed in launchpad:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers