FS#36159 - [calibre] web server broken with python2-cherrypy 3.2.3-1
Attached to Project:
Community Packages
Opened by Alfredo Amatriain (amatriain) - Monday, 15 July 2013, 12:00 GMT
Last edited by Balló György (City-busz) - Monday, 06 January 2014, 08:37 GMT
Opened by Alfredo Amatriain (amatriain) - Monday, 15 July 2013, 12:00 GMT
Last edited by Balló György (City-busz) - Monday, 06 January 2014, 08:37 GMT
|
Details
After the python2-cherrypy update from 3.2.2-2 to 3.2.3-1,
the Calibre web server stopped working. Trying to load the
page returns an HTTP 500 error page generated by
cherrypy.
Downgrading python2-cherrypy to 3.2.2-2 the server works again. This happens at least with calibre-0.9.38-1 and calibre-0.9.38-1. Attached the error log of Calibre when trying to access the web server. It seems to be some problem when trying to do digest authentication. Steps to reproduce: - Open the Calibre web server config from Preferences -> Sharing over the net - Set username "calibre" and set any non-blank password - Click on Start Server button - Open the calibre web server in a broser (e.g. http://localhost:8270) Expected result: the calibre web server interface should open. Instead an HTTP 500 error page is displayed. 
calibre_error_log.txt
(5.5 KiB)
|
This task depends upon
Calibre versions in which I've tested that the error happens:
calibre-0.9.38
calibre-0.9.39
When setting the old password again and restarting, the bug reappears: after the authentication prompt, an HTTP 500 error page generated by cherrypy is served, instead of the calibre page.
I'll make some more tests, maybe there's some character in the password that cherrypy can't handle? I haven't changed this password in years and it never gave me trouble before.
As a workaround I could leave authentication passwordless in the Calibre config and put Calibre behind an Apache reverse proxy with digest authentication enabled. But I still think there is a bug in the way recent cherrypy versions handle authentication.
However it seems setting any password in the calibre server configuration causes it to fail. Tried a simple password like "abc" to rule out any problems with charset handling and it still fails.
Unfortunately they do not support distro provided packages...
https://bugs.launchpad.net/calibre/+bug/1213138
http://calibre-ebook.com/download_linux
Last version is 0.9.44, the same as in the arch repos.
I've found that 0.9.44 from their binary installer in the VM works correctly. However 0.9.44-1 from the arch repos in my arch machine has this bug.
If I have time later I will install the official binary in an arch VM to see what happens, but right now it looks like a packaging problem.
If it is 3.2.2, then it is not surprising it works - it worked in Arch too.
version = "CherryPy/3.2.2"
so yes, I suppose the official calibre installer comes with cherrypy 3.2.2
Maybe we should report it in the cherrypy bugtracker?
Otherwise if it's an API change from 3.2.2 to 3.2.3 but the calibre dev insists on only supporting his installer, which comes with 3.2.2, I'm not sure what can we do.
cherrypy/lib/auth_digest.py: (please ignore : doesn't work for python 3)
from cherrypy._cpcompat import md5, ntob, tonative
md5_hex = lambda s: md5(ntob(tonative(s,encoding='UTF-8'))).hexdigest()
or in the calling code (calibre/library/server/utils.py):
see attached snippet.
https://bitbucket.org/cherrypy/cherrypy/issues