Package: bugzilla3 Version: 3.2.0.1-1 Severity: important When enforce SSL is set to anything besides never (authenticated sessions or always), attempting to access bugzilla results in the following error (text copied from Konqueror, similar error messages in other browsers):
An error occurred while loading http://bugzilla.h3solution.com/editparams.cgi?section=admin: Found a cyclic link in https://bugzilla.h3solution.com/editparams.cgi?section=admin. If enforce SSL is set to never, everything works correctly (both http and https) with this one exception: When a user logs in using https://bugzilla.h3solution.com, upon clicking on the "Login" button, the following warning is given: Warning: This is a secure form but it is attempting to send your data back unencrypted. A third party may be able to intercept and view this information. Are you sure you wish to continue? The user is then directed to http. If, after the user is logged in, the URL is manually changed from http to https, then the entire site functions correctly using SSL. This appears to be a problem with the login function not working correctly. It redirects everything to http. If https is enforced, it creates a cyclic link. url_base is set to 'http://bugzilla.h3solution.com/' ssl_base is set to 'https://bugzilla.h3solution.com/' If I want to use SSL I can work around this problem my manually setting url_base to 'https://bugzilla.h3solution.com' in /etc/bugzilla3/params, removing the http bugzilla apache entries, and setting a redirect from http to https in apache, but that seems like a clunky workaround. Apache config files <VirtualHost *:80> ServerName bugzilla.h3solution.com DocumentRoot /usr/lib/cgi-bin/bugzilla3/ Alias /bugzilla3/ /usr/share/bugzilla3/web/ Alias /cgi-bin/bugzilla3/ /usr/lib/cgi-bin/bugzilla3/ <Directory "/usr/share/bugzilla3/web"> AllowOverride none Order allow,deny Allow from all </Directory> <Directory "/usr/lib/cgi-bin/bugzilla3"> AddHandler cgi-script cgi DirectoryIndex index.cgi Options +Indexes +ExecCGI -MultiViews +SymLinksIfOwnerMatch +FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory> <Directory "/var/lib/bugzilla3/data"> Options FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory> </VirtualHost> <VirtualHost *:443> ServerName bugzilla.h3solution.com DocumentRoot /usr/lib/cgi-bin/bugzilla3/ Alias /bugzilla3/ /usr/share/bugzilla3/web/ Alias /cgi-bin/bugzilla3/ /usr/lib/cgi-bin/bugzilla3/ <Directory "/usr/share/bugzilla3/web"> AllowOverride none Order allow,deny Allow from all </Directory> <Directory "/usr/lib/cgi-bin/bugzilla3"> AddHandler cgi-script cgi DirectoryIndex index.cgi Options +Indexes +ExecCGI -MultiViews +SymLinksIfOwnerMatch +FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory> <Directory "/var/lib/bugzilla3/data"> Options FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory> </VirtualHost> -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages bugzilla3 depends on: ii apache2 2.2.11-2 Apache HTTP Server metapackage ii apache2-mpm-prefork [ht 2.2.11-2 Apache HTTP Server - traditional n ii dbconfig-common 1.8.40 common framework for packaging dat ii debconf 1.5.26 Debian configuration management sy ii libappconfig-perl 1.56-2 Perl module for configuration file ii libcgi-pm-perl 3.42-1 Simple Common Gateway Interface Cl ii libdbd-mysql-perl 4.008-1 A Perl5 database interface to the ii libemail-mime-modifier- 1.443-1 module to modify Email::MIME objec ii libemail-send-perl 2.194-1 Simply Sending Email ii libtemplate-perl 2.19-1.1lenny1.1 template processing system written ii libtimedate-perl 1.1600-9 Time and date functions for Perl ii mysql-client 5.0.51a-24 MySQL database client (metapackage ii mysql-client-5.0 [mysql 5.0.51a-24 MySQL database client binaries ii patch 2.5.9-5 Apply a diff file to an original ii perl-modules [libcgi-pm 5.10.0-19 Core Perl modules ii postfix [mail-transport 2.5.5-1.1 High-performance mail transport ag ii ucf 3.0016 Update Configuration File: preserv Versions of packages bugzilla3 recommends: ii libchart-perl 2.4.1-5 Chart Library for Perl ii libxml-parser-perl 2.36-1.1+b1 Perl module for parsing XML files ii mysql-server 5.0.51a-24 MySQL database server (metapackage ii mysql-server-5.0 [mysq 5.0.51a-24 MySQL database server binaries ii perlmagick 7:6.3.7.9.dfsg2-1 Perl interface to the libMagick gr Versions of packages bugzilla3 suggests: pn bugzilla3-doc <none> (no description available) pn graphviz <none> (no description available) ii libgd-gd2-perl 1:2.39-2 Perl module wrapper for libgd - gd ii libgd-graph-perl 1.44-3 Graph Plotting Module for Perl 5 ii libgd-text-perl 0.86-5 Text utilities for use with GD ii libhtml-parser-perl 3.60-1 collection of modules that parse H pn libhtml-scrubber-perl <none> (no description available) ii libmailtools-perl 2.04-1 Manipulate email in perl programs ii libmime-tools-perl 5.427-2 Perl5 modules for MIME-compliant m ii libnet-ldap-perl 1:0.39-1 client interface to LDAP servers pn libsoap-lite-perl <none> (no description available) ii libwww-perl 5.825-1 WWW client/server library for Perl pn libxml-twig-perl <none> (no description available) -- debconf information: * bugzilla3/customized_values: false bugzilla3/database-type: mysql bugzilla3/remove-error: abort bugzilla3/dbconfig-remove: * bugzilla3/dbconfig-install: true bugzilla3/internal/reconfiguring: false bugzilla3/remote/newhost: bugzilla3/internal/skip-preseed: false bugzilla3/remote/host: bugzilla3/install-error: abort bugzilla3/upgrade-backup: true bugzilla3/db/dbname: bugzilla3 bugzilla3/missing-db-package-error: abort bugzilla3/passwords-do-not-match: bugzilla3/mysql/admin-user: root bugzilla3/upgrade-error: abort bugzilla3/db/app-user: bugzilla3 bugzilla3/dbconfig-reinstall: false bugzilla3/mysql/method: unix socket * bugzilla3/bugzilla_admin_real_name: Soren Stoutner bugzilla3/remote/port: * bugzilla3/bugzilla_admin_name: sor...@h3solution.com bugzilla3/dbconfig-upgrade: true bugzilla3/purge: false -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org