From 1a8192b4bc2a801932154ba62f050deb9b616314 Mon Sep 17 00:00:00 2001
From: Thomas Waldmann <tw@waldmann-edv.de>
Date: Thu, 4 Apr 2019 00:13:34 +0200
Subject: [PATCH] catch exception for invalid http basic auth strings, fixes
 #401

---
 nsupdate/api/views.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/nsupdate/api/views.py b/nsupdate/api/views.py
index 8dd0f6f..f0e7f10 100644
--- a/nsupdate/api/views.py
+++ b/nsupdate/api/views.py
@@ -119,7 +119,11 @@ def basic_authenticate(auth):
     :return: username, password [unicode on py2, str on py3]
     """
     assert isinstance(auth, str)
-    authmeth, auth = auth.split(' ', 1)
+    try:
+        authmeth, auth = auth.split(' ', 1)
+    except ValueError:
+        # splitting failed, invalid auth string
+        return
     if authmeth.lower() != 'basic':
         return
     # we ignore bytes that do not decode. username (hostname) and password