Item567: LoginManager not working with IP matching because of code error in Foswiki's interface to CGI::Session
Priority: Urgent
Current State: Closed
Released In: 1.0.0
Target Release: patch
Applies To: Engine
Component:
Branches:
Transferred from
TWikibug:Item6158 by
KennethLavrsen
I'm in the process of upgrading from TWiki 4.0.4 to TWiki 4.2.4 and ran into an error when testing the
PublishContrib. Note that although I only see problems with
PublishContrib I don't think it's actually related to the code in there. The error I see is:
ERROR: WebHome not published: "-ip_match" is
not exported by the CGI::Session module
Can't continue after import errors at (eval 125) line 1
BEGIN failed--compilation aborted at (eval 125) line 1. at (eval 125)
line 1 eval 'use CGI::Session qw(-ip_match); use CGI::Cookie
;' called at /var/www/html/twiki/lib/TWiki/LoginManager.pm line 123
TWiki::LoginManager::makeLoginManager('TWiki=HASH(0x1cfd2b0)') called
at /var/www/html/twiki/lib/TWiki/Users.pm line 110
TWiki::Users::new('TWiki::Users', 'TWiki=HASH(0x1cfd2b0)') called at
/var/www/html/twiki/lib/TWiki.pm line 1294 TWiki::new('TWiki',
'TWikiAdminUser', 'CGI=HASH(0x518e90)') called at
/var/www/html/twiki/lib/TWiki/Contrib/Publish.pm line 605
TWiki::Contrib::Publish::publishTopic('TWiki::Contrib::Publish=HASH(0x19e6eb0)',
'WebHome', '.html', 'view',
'\x{a}%TEXT%\x{a}---\x{a}%META{"form}%\x{a}---\x{a}%META{"attachments"}%\x{a}',
'HASH(0xac0760)') called at
/var/www/html/twiki/lib/TWiki/Contrib/Publish.pm line 548
TWiki::Contrib::Publish::__ANON__() called at
/var/www/html/twiki/lib/CPAN/lib//Error.pm line 379 eval {...} called
at /var/www/html/twiki/lib/CPAN/lib//Error.pm line 371
Error::subs::try('CODE(0x1ce2280)', 'HASH(0x1ce4280)') called at
/var/www/html/twiki/lib/TWiki/Contrib/Publish.pm line 556
TWiki::Contrib::Publish::publishUsingTemplate('TWiki::Contrib::Publish=HASH(0x19e6eb0)',
'view') called at /var/www/html/twiki/lib/TWiki/Contrib/Publish.pm line
424
TWiki::Contrib::Publish::publishWeb('TWiki::Contrib::Publish=HASH(0x19e6eb0)',
'WebHome') called at /var/www/html/twiki/lib/TWiki/Contrib/Publish.pm
line 61 TWiki::Contrib::Publish::publish('TWiki=HASH(0x523c10)') called
at /var/www/html/twiki/lib/TWiki/UI.pm line 159 TWiki::UI::__ANON__()
called at /var/www/html/twiki/lib/CPAN/lib//Error.pm line 379 eval
{...} called at /var/www/html/twiki/lib/CPAN/lib//Error.pm line 371
Error::subs::try('CODE(0x506410)', 'HASH(0x19e6cb0)') called at
/var/www/html/twiki/lib/TWiki/UI.pm line 197
TWiki::UI::run('CODE(0x781bf0)') called
My new web server is a clone of the existing system and is running RHEL 4 Update 7. I have the CGI::Session from perl-CGI-Session-4.00_08-1.2.el4.rf installed from
http://dag.wieers.com/rpm/packages/perl-CGI-Session/ (like others I've fallen foul of the fact that later versions require postrgres....)
Observations/Issues:
- The error goes away if I remove the perl-CGI-Session RPM and drop back to the version of CGI::Session distributed with 4.2.4 I don't see anything in the Upgrade guides documenting the fact that CGI::Session is distributed with 4.2.4 and that people might like to review their usage of older CGI::Session installations
- The installation guide implies that any version of CGI::Session >= 3.95 is usable, however, the use of -ip_match doesn't appear to be in the version of CGI::Session that I'm using (4.00_08); hence the requirement appears to be at least that
- There is a typo in the use of ip_match in LoginManager.pm - the code has -ip-match, not -ip_match as expected by CGI::Session
- LoginManager.pm does a test for the version of CG::Session (ca. line 304). This generates many errors when I have the RPM version installed as it complains that the argument 4.00_08 is not numeric
Clearly I have a straightforward resolution for my current problems. However, I definitely think there are some issues with the documentation and there is at least one bug in
LoginManager.pm which will stop the IP match check working as advertised (BTW, I don't see any documentation of or any way of changing the other session related variables in
LocalSite.cfg)
--
TWiki:Main/MarkLoveridge - 24 Dec 2008
An old buggy CGI-Session we cannotg do much about but we should at least fix the code error he talks about.
Need to verify that he is right naturally
He is right
I will fix.
I will also find out when -ip_match was introduced in CGI::Session so we get the right version dependency.
On CGI::Session versions. 3.95 had -ip_match.
His 4.00_08 is a development version and in that it appears missing.
In the real 4.00 it was back. So running with a dev version of a CPAN lib seems to be something we should not trouble ourselves with documenting.
I will check in the code fix and set waiting for release.