On 12/14/22 09:41, Mark Sapiro wrote:
I don't have more time to look at this now, but I think it's a bug. This patch ``` --- a/src/mailman/rules/approved.py +++ b/src/mailman/rules/approved.py @@ -140,6 +140,7 @@ class Approved: mpw = mlist.moderator_password else: mpw = mlist.moderator_password.decode('utf-8') + mpw = config.password_context.encrypt(mpw) is_valid, new_hash = config.password_context.verify(password, mpw) if is_valid and new_hash: # Hash algorithm migration. ``` may fix it.
It is a bug, but that isn't the correct fix. The list's moderator_password attribute should already be encrypted. The bug is we don't catch the passlib.exc.UnknownHashError. It appears you either have not set the lists moderator_password or you have not set it to a properly encrypted value. Did you set it and if so, how? -- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan