View Issue Details

IDProjectCategoryView StatusLast Update
0003668SOGoBackend Generalpublic2016-05-11 12:58
Reporterjkanefendt Assigned Toludovic  
PrioritynormalSeveritycrashReproducibilityalways
Status resolvedResolutionfixed 
Platformamd64OSUnuntu ServerOS Version16.04
Fixed in Version3.1.0 
Summary0003668: XSRF validation breaks proxy authentication
Description

When enabling SOGoTrustProxyAuthentication and SOGoXSRFValidationEnabled in SOGo 3.0.2 (commit 7bd7272), an exception occurs at SOGoDirectAction.m:231:

value = [[context request]
cookieValueForKey: [auth cookieNameInContext: context]];

auth (class SOGoProxyAuthenticator) doesn't respond to selector cookieNameInContext:

Steps To Reproduce

Set SOGoTrustProxyAuthentication and SOGoTrustProxyAuthentication to YES

Additional Information

Stacktrace excerpt

#0 -[NSException raise] (self=0x555555f257d0, _cmd=0x7ffff587bb60 <_OBJC_SELECTOR_TABLE+384>) at NSException.m:960
0000001 0x00007ffff5395bc3 in +[NSException raise:format:] (self=0x7ffff587be20 <_OBJC_Class_NSException>, _cmd=<optimized out>, name=0x7ffff587c490 <_OBJC_INSTANCE_4>, format=0x7ffff58ab110 <_OBJC_INSTANCE_10>) at NSException.m:840
0000002 0x00007ffff53e8c16 in -[NSObject doesNotRecognizeSelector:] (self=0x555555e53620, _cmd=<optimized out>, aSelector=<optimized out>) at NSObject.m:1765
0000003 0x00007ffff54a6edb in GSFFIInvocationCallback (cif=0x555556211820, retp=0x7fffffffb240, args=<optimized out>, user=0x5555561a77f0) at GSFFIInvocation.m:629
0000004 0x00007ffff1ceac2f in ffi_closure_unix64_inner () from /usr/lib/x86_64-linux-gnu/libffi.so.6
0000005 0x00007ffff1ceafa8 in ffi_closure_unix64 () from /usr/lib/x86_64-linux-gnu/libffi.so.6
0000006 0x00007fffe94e70fd in -[SOGoDirectAction performActionNamed:] (self=0x555555f1eae0, _cmd=0x7ffff6ff1c80, _actionName=0x555555be7750) at SOGoDirectAction.m:231
...

TagsNo tags attached.

Activities

ludovic

ludovic

2016-05-11 10:42

administrator   ~0010099

Set SOGoXSRFValidationEnabled = NO; in your sogo.conf in the mean time while we elaborate the correct fix.

ludovic

ludovic

2016-05-11 12:58

administrator   ~0010102

An other issue should be created to support XSRF validation when using proxy auth or CAS.

Related Changesets

sogo: master a30d6205

2016-05-11 08:55

ludovic


Details Diff
(fix) avoid using for now the XSRF code for proxy-auth (fixes 0003668) Affected Issues
0003668
mod - UI/SOGoUI/SOGoDirectAction.m Diff File
mod - UI/SOGoUI/UIxComponent.h Diff File
mod - UI/SOGoUI/UIxComponent.m Diff File

Issue History

Date Modified Username Field Change
2016-05-11 10:16 jkanefendt New Issue
2016-05-11 10:42 ludovic Note Added: 0010099
2016-05-11 12:57 ludovic Changeset attached => sogo master a30d6205
2016-05-11 12:57 ludovic Assigned To => ludovic
2016-05-11 12:57 ludovic Resolution open => fixed
2016-05-11 12:58 ludovic Note Added: 0010102
2016-05-11 12:58 ludovic Status new => resolved
2016-05-11 12:58 ludovic Fixed in Version => 3.1.0