Setting private_roster to list admin only causes subscriptions to break
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
GNU Mailman |
Invalid
|
Undecided
|
Mark Sapiro |
Bug Description
This is an odd one, seen on https:/
The Pycon Pune list was set up such that private_roster was set to list admin only, whereupon all subscribers got a message "The hidden token didn't match. Did your IP change?" after they entered their email address and were sent to the standard page at https:/
I reset the private_roster to "List members" and for some reason, this solved the problem and would-be subscribers get the usual "Your subscription request has been received, and will soon be acted upon." message.
Not sure if this is a mail.python.org specific bug or a mailman 2.1 issue in general, but I figure Mark's equipped to handle either one so filing here is the right choice regardless.
I just tried subscribing to <email address hidden> from the page at <https:/ /mail.python. org/mailman/ listinfo/ mailman- users>. This list has private rosters and the subscription process went completely normally. Upon submitting the form, I was sent to the subscribe results page and all was as expected.
There is in issue with load balancers and perhaps proxies. The IPv4 address that submits the form has to match the address that did the GET of the form. It used to have to match exactly, but because of load balancer issues we've seen it now only has to match the first 3 octets <https:/ /bugs.launchpad .net/bugs/ 1447445>.
Maybe there is some IP change issue and changing private_roster was just a coincidence.
I've looked at logs and I see
Jun 05 11:15:42 2017 (21148) pycon-pune: pending Anwesha ...
Jun 05 11:25:35 2017 (23837) pycon-pune: pending Kushal ...
Jun 05 20:42:26 2017 (18559) pycon-pune: pending Kushal ...
Jun 06 07:32:48 2017 (9267) pycon-pune: pending Sayan ...
Jun 06 14:13:45 2017 (5012) pycon-pune: pending Terri Test ...
Associated with some of those, I see successful GETs of the listinfo and POSTs of the form. I also see these GETs and posts shortly before the successful Terri Test subscribe.
/var/log/ apache2/ mail.python. org-ssl_ access. log:134. 134.139. 75 - - [06/Jun/ 2017:14: 06:21 -0400] "GET /mailman/ listinfo/ pycon-pune HTTP/2.0" 200 2292 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/ 58.0.3029. 110 Chrome/ 58.0.3029. 110 Safari/537.36" apache2/ mail.python. org-ssl_ access. log:192. 55.55.41 - - [06/Jun/ 2017:14: 08:31 -0400] "GET /mailman/ listinfo/ pycon-pune HTTP/2.0" 200 2291 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/ 58.0.3029. 110 Chrome/ 58.0.3029. 110 Safari/537.36" apache2/ mail.python. org-ssl_ access. log:134. 134.139. 75 - - [06/Jun/ 2017:14: 08:42 -0400] "POST /mailman/ subscribe/ pycon-pune HTTP/2.0" 200 546 "https:/ /mail.python. org/mailman/ listinfo/ pycon-pune" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/ 58.0.3029. 110 Chrome/ 58.0.3029. 110 Safari/537.36" apache2/ mail.python. org-ssl_ access. log:134. 134.139. 75 - - [06/Jun/ 2017:14: 09:15 -0400] "GET /mailman/ listinfo/ pycon-pune HTTP/2.0" 200 2293 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/ 58.0.3029. 110 Chrome/ 58.0.3029. 110 Safari/537.36" apache2/ mail.python. org-ssl_ access. log:192. 55.55.41 - - [06/Jun/ 2017:14: 09:24 -0400] "POST /mailman/ subscribe/ pycon-pune HTTP/2.0" 200 546 "https:/ /mail.python. org/mailman/ listinfo/ pycon-pune" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/ 58.0.3029. 110 Chrome/ 58.0.3029. 110 Safari/537.36" apache2/ mail.python. org-ssl_ access. log:192. 55.55.41 - - [06/Jun/ 2017:14: 12:02 -0400] "GET /mailman/ listinfo/ pycon-pune HTTP/2.0" 200 2292 "https:/ /mail.python. org/mailman/ admin/pycon- pune/digest" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/ 58.0.3029. 110 Chrome/ 58.0.3029. 110 Safari/537.36" apache2/ mail.python. org-ssl_ access. log:134. 134.139. 75 - - [06/Jun/2...
/var/log/
/var/log/
/var/log/
/var/log/
/var/log/
/var/log/