[pkg-horde] Bug#445406: Bug#445406: login to horde3 fails due to wrong cookie path
Gregory Colpart
reg at evolix.fr
Sun Oct 14 11:47:48 UTC 2007
Hello,
On Sat, Oct 13, 2007 at 08:13:40PM +0200, tom wrote:
>
> > horde3/etch won't be fixed (it is not a security bug and it is
>
> ?? So you mean that the common debian user (who wants stable) will not
> be able to use horde because he will not find this info?
I say that horde3/etch is concerned by the bug #391493 (fixed in sid).
It's a "minor" bug and won't be fixed in horde3/etch. Yes, I say
that horde3/etch will be partially broken for users who don't read
original conf.php or Debian BTS or upstream FAQ. Note that it
will partially broken *only* during first web configuration...
> [...]
> I did not remove it, I added it. But I totally messed-up the patch.
> Sorry about that. I could send you a correct one. Just tell me if you
> want to fix this bug.
> [snipped...]
Ok then send us a valid patch for README.Debian in horde3/sid.
> >> + Make sure to use a fqdn as HOSTNAME (eg localhost.localdomain instead of
> >> + just localhost) or you might not be able to log into horde.
> >
> > Is it related to this bug? I don't think so, then you should open
> > a new bug for this with more explanation (I don't known what you
> > want to say here).
>
> Yes it is. If you use firefox to connect to "localhost/horde3", it still
> doesn't work. You have to connect to "localhost.localdomain/horde3".
> Otherwise, the session cookie is not presented to the server. And
> session cookies are the issue of this bug report.
Ok, it's for $conf['cookie']['domain'] parameter, not for
$conf['cookie']['path']. Add it in your valid patch.
> >> --- conf.php.old 2007-10-05 15:56:41.000000000 +0200
> >> +++ conf.php 2007-10-05 15:56:30.000000000 +0200
> >
> > There is no conf.php file in horde3 package.
>
> borg:~# dpkg-query -S /etc/horde/horde3/conf.php
> horde3: /etc/horde/horde3/conf.php
I speak of *source* package (a patch is for source package, not
for binary one). And there is no conf.php in source package :-)
/tmp/horde3-3.1.4% find ./ -name conf.php
/tmp/horde3-3.1.4%
Regards,
--
Gregory Colpart <reg at evolix.fr> GnuPG:1024D/C1027A0E
Evolix - Informatique et Logiciels Libres http://www.evolix.fr/
More information about the pkg-horde-hackers
mailing list