IntegrityError and login as somebody else

[mehmet@…]

Sometimes, trying to login we get an error similar to below message

IntegrityError?: (1062, "Duplicate entry '19c3c13591ddaf8cfba741a3923d8600-88.250.85.216-mehmet' for key 1")

Also there are times when all of a sudden I realize that I am logged in as a colleague of mine. I try to log out and log back in as myself and get the above message or if I am successful this time my colleague switches to my username.

Trying to login while somebody else is logged in always produces this problem. We tried it with and without AccountManagerPlugin?. Looking at auth_cookie table, every logged in user has the same cookie value. Tried the sha patch mentioned in #2570 and that didn't fix, just changed the format of cookie values in auth_cookie table.

Thought might be related to how users are all coming from the same ip and using NAT, so I tried from different locations and problem remains.

Was using 0.11r1 and upgraded to 0.11r2 and no change.

Python 2.5.2 Apache 2.2.3 MySql? 5.0.22 CentOS 5

Python 2.5.2 is installed as a separate install under /usr/local/. This must be related to issues mentioned in #2570 but cannot figure out.

[mehmet@…]

For a temporary fix changed line 260 on trac/util/init.py

- return sha.new(str(random.random())).hexdigest()[:bytes] + return sha.new(str(time.time())).hexdigest()[:bytes]

It works now. Curious to see comments?

[mehmet@…]

For a temporary fix changed line 260 on trac/util/init.py

- return sha.new(str(random.random())).hexdigest()[:bytes] 
+ return sha.new(str(time.time())).hexdigest()[:bytes]

It works now. Curious to see comments?

[cmlenz]

I looks like random() is returning duplicate values here, which seems unlikely.

Please add some debug output to the hex_entropy function so we can see where it's going wrong:

def hex_entropy(bytes=32):
    import sha
    import random
    rval = str(random.random())
    digest = sha.new(rval).hexdigest()
    print>>sys.stderr, "Random: %r, Digest: %r'" % (rval, digest)
    return digest[:bytes]

If you're using mod_python or mod_wsgi this should show up in your Apache error log whenever someone logs in.

[mehmet@…]

Seems like random is broken. Getting the below values for everybody.

Random: '0.68964745653', Digest: '2c4c0fb938617dae1a318f5d5a2564633e3670cc'

Tried to execute your debug code multiple times on command line and every time we are getting values in the following order.

Random: '0.68964745653', Digest: '2c4c0fb938617dae1a318f5d5a2564633e3670cc'
Random: '0.48830073413', Digest: 'c8e405adcbc0051933a97825a94a164fe4359c7d'
Random: '0.263957988265', Digest: '55ac47740591c6c002ec2213d8ebd7acbdd9f985'
....

[mehmet@…]

OK. Looks like /dev/urandom was broken on this machine. Removed it and executed MAKEDEV urandom and that seems to have fixed it.

[cmlenz]

Cool, thanks for tracking this down! I'll close this as invalid then.