Merge branch 'master' into Item13525

foswiki · Jul 30, 2015 · 49374a6 · 49374a6
2 parents e588ede + 8eeffef
commit 49374a6
Show file tree

Hide file tree

Showing 3 changed files with 44 additions and 20 deletions.
diff --git a/core/data/System/ReleaseNotes02x00.txt b/core/data/System/ReleaseNotes02x00.txt
@@ -1,4 +1,4 @@
-%META:TOPICINFO{author="ProjectContributor" date="1438012719" format="1.1"  version="1"}%
+%META:TOPICINFO{author="ProjectContributor" date="1438198562" format="1.1"  version="1"}%
 %META:TOPICPARENT{name="ReleaseHistory"}%
 ---+!! Foswiki Release 2.0.1 RC1 
 
@@ -57,6 +57,22 @@ Foswiki 2.0 is shipped with the following: ( __New to Foswiki 2.0__ )
    * *Compatibility support* - TWikiCompatibilityPlugin
 </noautolink>
 #Release02x00Changes
+
+---++ Important changes in 2.0.1
+
+Foswiki 2.0.1 has changed how the =working/tmp/cgisess_*= files are stored.
+This is needed to better accommodate user names with international
+characters. If old files exist and users still have a matching session cookie,
+then their access attempts will fail with a 500 internal server error.
+
+<div class="foswikiHelp">%X% *ACTION REQUIRED:*  After applying the changes in
+Foswiki 2.0.1, *you must delete all =cgisess_*= files from the =working/tmp= directory.* </div>
+
+If you are unable to access the server to do this, users will have to clear
+their cookies to gain access to Foswiki.
+
+This change addresses [[%BUGS%/Item13563][Item13563]]
+
 ---++ Changes in requirements
 
 <div class='foswikiHelp'>

diff --git a/core/lib/Foswiki/LoginManager.pm b/core/lib/Foswiki/LoginManager.pm
@@ -54,6 +54,7 @@ use Assert;
 use Error qw( :try );
 
 use Foswiki::Sandbox ();
+use CGI::Session     ();
 
 BEGIN {
     if ( $Foswiki::cfg{UseLocale} ) {
@@ -74,6 +75,8 @@ our %readOnlySK = ( %secretSK, AUTHUSER => 1, SUDOFROMAUTHUSER => 1 );
 
 use constant TRACE => $Foswiki::cfg{Trace}{LoginManager} || 0;
 
+use constant CGIDRIVER => 'driver:File;serializer:Storable';
+
 # GusestSessions should default to enabled, since much of Foswiki depends on
 # having a valid session.
 my $guestSessions =
@@ -1095,8 +1098,11 @@ sub _loadCreateCGISession {
         oct(777) - ( ( $Foswiki::cfg{Session}{filePermission} + 0 ) ) &
           oct(777) );
 
-    my $newsess = Foswiki::LoginManager::Session->new(
-        undef, $sid,
+    my $newsess;
+
+    $newsess = Foswiki::LoginManager::Session->new(
+        CGIDRIVER,
+        $sid,
         {
             Directory => $sessionDir,
             UMask     => $Foswiki::cfg{Session}{filePermission}
@@ -1562,32 +1568,34 @@ sub removeUserSessions {
     ASSERT($user) if DEBUG;
 
     my $msg = '';
+    CGI::Session->find(
+        CGIDRIVER,
+        sub { purge_user( @_, $user, $msg ) },
+        {
+            Directory => "$Foswiki::cfg{WorkingDir}/tmp",
+            UMask     => $Foswiki::cfg{Session}{filePermission},
+        }
+    );
 
-    opendir( my $tmpdir, "$Foswiki::cfg{WorkingDir}/tmp" ) || return '';
-    foreach my $fn ( grep( /^cgisess_/, readdir($tmpdir) ) ) {
-        my ($file) = $fn =~ m/^(cgisess_.*)$/;
-
-        open my $sessfile, '<', "$Foswiki::cfg{WorkingDir}/tmp/$file"
-          or next;
-        while (<$sessfile>) {
-            if (m/'AUTHUSER' => '$user'/) {
-                close $sessfile;
-                unlink "$Foswiki::cfg{WorkingDir}/tmp/$file";
-                $msg .= $file . ', ';
-                last;
-            }
+    sub purge_user {
+
+        #my ($session, $user, $msg) = @_;
+        next if $_[0]->is_empty;    # <-- already expired?!
+        if ( $_[0]->param('AUTHUSER') && $_[0]->param('AUTHUSER') eq $_[1] ) {
+            $_[2] .= 'cgisess_' . $_[0]->id() . ',';
+            $_[0]->delete();
+            $_[0]->flush()
+              ;    # Recommended practice says use flush() after delete().
         }
-        close $sessfile if $sessfile;
     }
-    closedir $tmpdir;
     return $msg;
 }
 
 1;
 __END__
 Foswiki - The Free and Open Source Wiki, http://foswiki.org/
 
-Copyright (C) 2008-2014 Foswiki Contributors. Foswiki Contributors
+Copyright (C) 2008-2015 Foswiki Contributors. Foswiki Contributors
 are listed in the AUTHORS file in the root of this distribution.
 NOTE: Please extend that file, not this notice.
 

diff --git a/core/lib/Foswiki/Plugin.pm b/core/lib/Foswiki/Plugin.pm
@@ -100,7 +100,7 @@ sub new {
         push(
             @{ $this->{errors} },
 "$p has been guessed. '\$Foswiki::cfg{Plugins}{$name}{Module}' should be defined in LocalSite.cfg"
-        );
+        ) if DEBUG;
     }
 
     eval "use $p";