The mailing list for listmasters using Sympa

["Philip Crandall" <address@concealed>]

Serge,
Thanks so much for the response.

I tried the methodology I outlined to change the cookie secret; however, I 
began getting messages with "Message ignored because incorrect checksum".  I 
had to undo the change since I couldn't tell with certainty that the issue 
was 
just a queued message that now had a bad checksum.

I had sympa shutdown while I made the change to the cookie secret, why would 
there be a pending message with a "X-Sympa-Checksum" from the old cookie 
secret?  Is there a way to make sure all messages are delivered before I go 
about changing the secret?  Are there characters that are invalid for use in 
the cookie secret (i.e. does it have to be A-z,a-z,0-9 or can it include 
special characters $,!,+,etc.)?

Do I understand correctly that the checksum is created using the cookie 
secret 
when a message is created by a list for delivery?

Could you shine some light on this?

Thanks again,

Philip Crandall


-----Original Message-----
From: Serge Aumont [mailto:address@concealed]
Sent: Wednesday, October 15, 2008 1:17 AM
To: Philip Crandall
Cc: address@concealed
Subject: Re: [sympa-users] replacing cookie value for existing sympa
installation

Philip Crandall wrote:
>
> Hello,
>
> We need to replace the cookie secret value for our sympa installation.
> I know that the secret is used for passwords stored in the database as
> well as for generating session cookies. Most of our users are ldap
> users, and I've figured out how to decrypt and re-encrypt the
> passwords in the database manually. I also see that the cookie.history
> file would need to be changed to allow sympa to start with the new
> value. Is there anywhere else that the secret is used? Are there other
> caveats to changing this value?
>
You describe correctly the process for that. Existing session will be
break but everything else be ok.

Attachment: smime.p7s
Description: S/MIME cryptographic signature