	cosign-discuss at umich.edu
	general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Another quick question and possible bug report

To: "Brett Lomas" <b.lomas@xxxxxxxxxxxxxx>
Subject: Re: Another quick question and possible bug report
From: johanna bromberg craig <canna@xxxxxxxxx>
Date: Mon, 29 Mar 2004 11:13:11 -0500
Cc: <cosign-discuss@xxxxxxxxx>, "'kevin mcgowan'" <clunis@xxxxxxxxx>
In-reply-to: <20040329021739.3000133F70@smtp1.ec.auckland.ac.nz>
References: <20040329021739.3000133F70@smtp1.ec.auckland.ac.nz>

On Mar 28, 2004, at 9:17 PM, Brett Lomas wrote:

Also, I think I have found a bug in the CoSign package. If the client isn’t in the /usr/local/etc/cosign.conf mod_cosign gets a return of 1 from cosign_cookie_valid (ie cv = 1) which cause it to fall through to the set_cookie label, which causes an infinite loop (it set the cookie and attempt to access the CGI, and then goes back to the web resource and does it all again J ).

Good call! We've made a change to the daemon and both filters that will more gracefully handle such a configuration error.

I've checked it into CVS and, pending testing here at UMich, will roll it into the next release. If you could also test this that would be great.

thanks,
Johanna

References:
- Another quick question and possible bug report
  - From: Brett Lomas

Prev by Date: Re: friend functionality
Next by Date: Re: Another quick question and possible bug report
Previous by thread: Another quick question and possible bug report
Next by thread: Re: Another quick question and possible bug report
Index(es):
- Date
- Thread