The mailing list for listmasters using Sympa

[Muhammed Sameer <address@concealed>]

Salaam

Hey, I have found what is breaking my session

For the logo I have set up a image file directi.

Now whenever someone surfs the web interface this image file tends to disrupt 
stuff. here are the logs that may help you understand the info better.

The main::check_param_in() function tries to verify this and returns unknown 
list directi, this when it is not any list, just a image file that I intend 
to use as a logo.

I am quite aware that I am prolly putting things in the wrong place and 
probably this is causing the problem.

But surprisingly the patch that you sent me has worked and fixed this 
situation, Thanks!

Regards
Muhammed Sameer

Sep 17 09:26:35 extranet wwsympa[14065]: [robot intranet.directi.com] [client 
192.168.1.3] [user address@concealed] main::check_param_in() check_param_in: 
unknown list directi
Sep 17 09:26:35 extranet wwsympa[14065]: [robot intranet.directi.com] [client 
192.168.1.3] [user address@concealed] Wrong parameters
Sep 17 09:26:38 extranet wwsympa[14065]: [robot intranet.directi.com] [client 
192.168.1.3] [user address@concealed] [list prj-skenzo-emergency] 
main::do_editsubscriber() do_editsubscriber(address@concealed)
Sep 17 09:26:39 extranet wwsympa[14065]: [robot intranet.directi.com] [client 
192.168.1.3] [user address@concealed] [list prj-skenzo-emergency] 
main::do_editsubscriber() do_editsubscriber(address@concealed)
Sep 17 09:26:55 extranet wwsympa[14065]: [robot intranet.directi.com] [client 
192.168.1.3] [user address@concealed] [list prj-skenzo-emergency] 
main::do_set() do_set(mail, noconceal)
Sep 17 09:26:55 extranet wwsympa[14065]: [robot intranet.directi.com] [client 
192.168.1.3] [user address@concealed] [list prj-skenzo-emergency] 
main::do_suboptions() do_suboptions()
Sep 17 09:26:55 extranet wwsympa[14065]: [robot intranet.directi.com] [client 
192.168.1.3] [user address@concealed] [list prj-skenzo-emergency] 
main::do_suboptions() do_suboptions: address@concealed not subscribed to 
prj-skenzo-emergency


--- On Tue, 9/16/08, Serge Aumont <address@concealed> wrote:

> From: Serge Aumont <address@concealed>
> Subject: Re: [sympa-users] AUTHORIZATION REJECT (set) This action is 
> restricted
> To: address@concealed
> Cc: address@concealed
> Date: Tuesday, September 16, 2008, 2:49 AM
> Muhammed Sameer wrote:
> > SAlaam,
> >
> > Hey these are the logs that are generated once I try
> to edit a user.
> >
> >
> > Sep 16 17:56:22 extranet wwsympa[29783]:
> SympaSession::new() SympaSession::new ignoring unknown
> session cookie
> > Sep 16 17:56:22 extranet wwsympa[29783]: [robot
> intranet.directi.com] [client 192.168.1.3] [list
> prj-obox-devalerts] main::do_editsubscriber()
> do_editsubscriber(address@concealed)
> > Sep 16 17:56:22 extranet wwsympa[29783]: [robot
> intranet.directi.com] [client 192.168.1.3] [list
> prj-obox-devalerts] main::do_editsubscriber()
> do_editsubscriber: may not edit
> >   
> Salaam
> 
> Your session is broken so a new session is started as
> anonymous user. 
> Sympa session uses several session hijacking prevention
> method that can 
> be the reason why your session is broken. (doc about
> session hijacking : 
> http://en.wikipedia.org/wiki/Session_hijacking#Prevention )
> 
> Two method used by Sympa can break  sessions :
> 
> -for each clic the session id is renewed.  You can remove
> this by 
> changing the following line in SympaSession.pm (subroutine
> store) :
>     ## Renew the session ID in order to prevent session
> hijacking
>     my $new_id = &get_random();
> 
>     to be changed by
> 
>     my $new_id = $self->{'id_session'}
> 
> This is not a patch we will include in Sympa release until
> we have some 
> technical description of a problem solved by this method.
> 
> The second reason that can break sessions is that Sympa
> check that the 
> client IP adress is unchanged during the session. This may
> be a problem 
> if you are using NAT, multiple proxy or any other method
> that may change 
> the @IP of the client.
> In such case Sympa logs : "SympaSession::new ignoring
> session cookie 
> because remote host X.X.X.X is not the original host".
> 
> This can be solved applying the following patch : 
> http://sourcesup.cru.fr/cgi/viewvc.cgi/trunk/wwsympa/SympaSession.pm?r1=5107&r2=5142
> 
> Let us known what solve your problem. If not anyone of
> thoses two method 
> solve the problem, please could you check that the value of
> client 
> cookie sympasession is registered as id_session in
> session_table.
> 
> Serge
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> Could you look for "ignoring session cookie because
> remote host..." in 
> you logs. If this record is logued this mean probably that
> you are using 
> a configuration with proxy, reverse proxy, nat or any other
> system that 
> chenge the client remotehost so the session is broken and
> the service is 
> requested as anomymous user.
> 
> In order to solve that problem, you may apply the following
> patch :
> http://sourcesup.cru.fr/cgi/viewvc.cgi/trunk/wwsympa/SympaSession.pm?r1=5107&r2=5142
> 
> 
> 
> If this is not the problem. You should try to understand
> the raison why 
> the session broken ("new ignoring unknown session
> cookie"). If this 
> problem can be reproduced, we would be pleased if you could
> look at you 
> client cookie "sympa_session" and search it's
> value in Sympa database, 
> table "session_table" as field
> "id_session".
> > Regards,
> > Muhammed Sameer
> >
> >
> > --- On Mon, 9/15/08, address@concealed
> <address@concealed> wrote:
> >
> >   
> >> From: address@concealed
> <address@concealed>
> >> Subject: [sympa-users] AUTHORIZATION REJECT (set)
> This action is restricted to list owners.
> >> To: address@concealed
> >> Date: Monday, September 15, 2008, 11:50 PM
> >> Salaam,
> >>
> >> Hey everyone, I get this error when i try to set
> the
> >> reception mode of a user
> >> to 'No Mail'
> >>
> >> This is the error
> >> AUTHORIZATION REJECT (set) This action is
> restricted to
> >> list owners. 
> >>
> >> This even after me being the listmaster, the same
> thing
> >> happens even if I am
> >> the list owner.
> >>
> >> Not just do I get this, but also, sympa logs me
> out from
> >> the interface.
> >>
> >> Any help will be appreciated.
> >>
> >> Thanks in advance,
> >> Regards
> >> Muhammed Sameer
> >> Sysad
> >> directi
> >>     
> >
> >
> >       
> >