Hi Oliver,
I'm afraid there is another spot in Session::Data.pm where validation fails, if
"cache: session" is active for a secret group.
It occurs when you click on "[clear secret]" in the management dialog for a
secret that has been added previously.
Best regards,
Dirk
2017/12/01 09:20:29 openxpki.system.ERROR:17722 The following parameter was
passed in the call to (eval) but was not listed in the validation options:
default
at /usr/share/perl5/MooseX/Params/Validate.pm line 67.
MooseX::Params::Validate::validated_hash(ARRAY(0x592c338), "group",
HASH(0x7afbd68), "MX_PARAMS_VALIDATE_NO_CACHE", 1) called at
/usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/MooseParams.pm line 59
eval {...} called at
/usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/MooseParams.pm line 58
OpenXPKI::MooseParams::named_args(ARRAY(0x592c338), "group",
HASH(0x7afbd68)) called at
/usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/Server/Session/Data.pm line 216
OpenXPKI::Server::Session::Data::clear_secret(undef, "default") called
at /usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/Crypto/TokenManager.pm line 422
OpenXPKI::Crypto::TokenManager::clear_secret_group(OpenXPKI::Crypto::TokenManager=HASH(0x6702720),
"default") called at
/usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/Server/API/Secret.pm line 81
OpenXPKI::Server::API::Secret::clear_secret("OpenXPKI::Server::API::Secret",
HASH(0x7b22f08)) called at
/usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/Server/API.pm line 1801
-----Ursprüngliche Nachricht-----
Von: Oliver Welter [mailto:[email protected]]
Gesendet: Donnerstag, 23. November 2017 16:55
An: [email protected]
Betreff: Re: [OpenXPKI-users] Secret group session error after update from 1.17
to 1.19
Hi Dirk,
have a look at this Pull Request if you want to patch it by yourself
https://github.com/openxpki/openxpki/pull/594/files
I will also create new packages (v.1.19.5)
Oliver
Am 21.11.2017 um 10:39 schrieb Dirk Heuvels:
> Hi everyone,
>
> I have been using OpenXPKI 1.17 on Debian Jessie as issuing CA and recently
> updated to 1.19.4.
>
> Since then my default secret group (realm.ca-one.crypto.secret.default)
> cannot be cached in the session anymore.
>
> The crucial setting in crypto.yaml:
> secret:
> default:
> label: Default secret group of this realm
> method: plain
> cache: daemon -> works vs. ..
> cache: session -> breaks
>
> openxpki.log says:
> 2017/11/21 09:50:50 openxpki.system.ERROR:32521 Mandatory parameter 'value'
> missing in call to (eval)
> at /usr/share/perl5/MooseX/Params/Validate.pm line 67.
> MooseX::Params::Validate::validated_hash(ARRAY(0x4eb27a0), "group",
> HASH(0x6fb38e0), "value", HASH(0x6fc8808), "MX_PARAMS_VALIDATE_NO_CACHE", 1)
> called at /usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/MooseParams.pm line 59
> eval {...} called at
> /usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/MooseParams.pm line 58
> OpenXPKI::MooseParams::named_args(ARRAY(0x4eb27a0), "group", HASH(0x6fb38e0),
> "value", HASH(0x6fc8808)) called at
> /usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/Server/Session/Data.pm line 190
> (..)
>
> I have noticed, that session handling has changed from 1.17 to 1.19 and have
> added "system.server.session.type: File", as advised by the warnings that
> come up otherwise.
> I also tried out the server.yaml that comes as default with 1.19 and that
> stores sessions in the database. This doesn't change the behavior either.
>
> Are there any other settings that must be set with the new session management
> or is this possibly a bug?
>
> Thanks in advance,
> Dirk
>
> ----------------------------------------------------------------------
> -------- Check out the vibrant tech community on one of the world's
> most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> OpenXPKI-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/openxpki-users
>
--
Protect your environment - close windows and adopt a penguin!
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
