On 11/12/21 1:06 PM, Joel Lord wrote:
I'm not sure if this is a bug or something about the new CSRF fix doesn't get along with something I have (mis)configured, but this definitely seems to be related. Sadly the script I use to backup mailman before upgrading I recently stopped backing up the lists themselves, so going back to 2.1.35 doesn't seem to be an option due to the .pck file version bump. Here's the trace I get:
Traceback (most recent call last): File "/mailman/mailman-${domainslug}/scripts/driver", line 117, in run_main main() File "/mailman/mailman-${domainslug}/Mailman/Cgi/admindb.py", line 342, in main print doc.Format() File "/mailman/mailman-${domainslug}/Mailman/htmlformat.py", line 352, in Format output.append(Container.Format(self, indent)) File "/mailman/mailman-${domainslug}/Mailman/htmlformat.py", line 267, in Format output.append(HTMLFormatObject(item, indent)) File "/mailman/mailman-${domainslug}/Mailman/htmlformat.py", line 53, in HTMLFormatObject return item.Format(indent) File "/mailman/mailman-${domainslug}/Mailman/htmlformat.py", line 445, in Format % csrf_token(self.mlist, self.contexts, self.user) File "/mailman/mailman-${domainslug}/Mailman/CSRFcheck.py", line 53, in csrf_token mac = sha_new(secret +
issued).hexdigest() TypeError: unsupported operand type(s) for +: 'NoneType' and 'str'Running Python 2.7.5 .
Thanks for the report. I think the issue is caused by the fix for https://bugs.launchpad.net/mailman/+bug/1949403 and can occur when a list admin is trying to handle moderator requests on a list that has no moderator password. I'll investigate and try to put out another fix later today.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan