From a0dcd46483bb9de591391b8c4c33846c96fd3975 Mon Sep 17 00:00:00 2001
From: Florent Daigniere <nextgens@freenetproject.org>
Date: Wed, 14 Jul 2021 09:25:04 +0200
Subject: [PATCH] fix #1861: Handle colons in passwords

---
 core/admin/mailu/internal/views/auth.py | 2 +-
 towncrier/newsfragments/1861.bugfix     | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)
 create mode 100644 towncrier/newsfragments/1861.bugfix

diff --git a/core/admin/mailu/internal/views/auth.py b/core/admin/mailu/internal/views/auth.py
index 8ff10aed..2baeddce 100644
--- a/core/admin/mailu/internal/views/auth.py
+++ b/core/admin/mailu/internal/views/auth.py
@@ -63,7 +63,7 @@ def basic_authentication():
     authorization = flask.request.headers.get("Authorization")
     if authorization and authorization.startswith("Basic "):
         encoded = authorization.replace("Basic ", "")
-        user_email, password = base64.b64decode(encoded).split(b":")
+        user_email, password = base64.b64decode(encoded).split(b":", 1)
         user = models.User.query.get(user_email.decode("utf8"))
         if nginx.check_credentials(user, password.decode('utf-8'), flask.request.remote_addr, "web"):
             response = flask.Response()
diff --git a/towncrier/newsfragments/1861.bugfix b/towncrier/newsfragments/1861.bugfix
new file mode 100644
index 00000000..1e28d1b6
--- /dev/null
+++ b/towncrier/newsfragments/1861.bugfix
@@ -0,0 +1 @@
+Fix a bug preventing colons from being used in passwords when using radicale/webdav.