@@ -58,13 +58,13 @@ def main():
5858 try :
5959 # Log page load
6060 mailman_log ('info' , 'admin: Page load started' )
61-
61+ print ( "DEBUG: Entered main()" , flush = True )
6262 # Initialize document early
6363 doc = Document ()
6464 doc .set_language (mm_cfg .DEFAULT_SERVER_LANGUAGE )
65-
6665 # Parse form data first since we need it for authentication
6766 try :
67+ print ("DEBUG: Parsing form data" , flush = True )
6868 if os .environ .get ('REQUEST_METHOD' ) == 'POST' :
6969 content_length = int (os .environ .get ('CONTENT_LENGTH' , 0 ))
7070 if content_length > 0 :
@@ -75,74 +75,68 @@ def main():
7575 else :
7676 query_string = os .environ .get ('QUERY_STRING' , '' )
7777 cgidata = urllib .parse .parse_qs (query_string , keep_blank_values = True )
78+ print (f"DEBUG: cgidata after parse: { cgidata } , flush = True )
7879 except Exception as e :
79- # Someone crafted a POST with a bad Content-Type
8080 print ('Status: 400 Bad Request' )
8181 print ('Content-type: text/html; charset=utf-8\n ' )
8282 doc .AddItem (Header (2 , _ ("Error" )))
8383 doc .AddItem (Bold (_ ('Invalid options to CGI script.' )))
8484 print (doc .Format ())
8585 mailman_log ('error' , 'admin: Invalid form data: %s\n %s' , str (e ), traceback .format_exc ())
8686 return
87-
8887 # Get the list name
8988 parts = Utils .GetPathPieces ()
89+ print (f"DEBUG: Path parts: { parts } , flush = True )
9090 if not parts :
9191 handle_no_list ()
9292 return
93-
9493 listname = parts [0 ].lower ()
9594 mailman_log ('info' , 'admin: Processing list "%s"' , listname )
95+ print (f"DEBUG: List name: { listname } , flush = True )
9696 if isinstance (listname , bytes ):
9797 listname = listname .decode ('utf-8' , 'replace' )
9898 try :
9999 mlist = MailList .MailList (listname , lock = 0 )
100+ print ("DEBUG: Loaded MailList" , flush = True )
100101 except Errors .MMListError as e :
101- # Avoid cross-site scripting attacks
102102 safelistname = Utils .websafe (listname )
103- # Send this with a 404 status.
104103 print ('Status: 404 Not Found' )
105104 admin_overview (_ ('No such list <em>%(safelistname)s</em>' ) % {
106105 'safelistname' : safelistname
107106 })
108107 mailman_log ('error' , 'admin: No such list "%s": %s\n %s' ,
109108 listname , e , traceback .format_exc ())
110109 return
111- # Now that we know what list has been requested, all subsequent admin
112- # pages are shown in that list's preferred language.
113110 i18n .set_language (mlist .preferred_language )
114111 # If the user is not authenticated, we're done.
115112 try :
113+ print ("DEBUG: Checking authentication" , flush = True )
116114 if os .environ .get ('REQUEST_METHOD' ) == 'POST' :
117115 content_length = int (os .environ .get ('CONTENT_LENGTH' , 0 ))
118116 if content_length > 0 :
119117 form_data = sys .stdin .buffer .read (content_length ).decode ('latin-1' )
120118 cgidata = urllib .parse .parse_qs (form_data , keep_blank_values = True )
121- # Ensure all form values are properly decoded
122119 for key in cgidata :
123120 cgidata [key ] = [v .decode ('latin-1' ) if isinstance (v , bytes ) else v for v in cgidata [key ]]
124121 else :
125122 cgidata = {}
126123 else :
127124 query_string = os .environ .get ('QUERY_STRING' , '' )
128125 cgidata = urllib .parse .parse_qs (query_string , keep_blank_values = True )
129- # Ensure all form values are properly decoded
130126 for key in cgidata :
131127 cgidata [key ] = [v .decode ('latin-1' ) if isinstance (v , bytes ) else v for v in cgidata [key ]]
128+ print (f"DEBUG: cgidata before auth: { cgidata } , flush = True )
132129 except Exception as e :
133- # Someone crafted a POST with a bad Content-Type:.
134130 doc = Document ()
135131 doc .set_language (mm_cfg .DEFAULT_SERVER_LANGUAGE )
136132 doc .AddItem (Header (2 , _ ("Error" )))
137133 doc .AddItem (Bold (_ ('Invalid options to CGI script.' )))
138134 doc .AddItem (Preformatted (Utils .websafe (str (e ))))
139135 doc .AddItem (Preformatted (Utils .websafe (traceback .format_exc ())))
140- # Send this with a 400 status.
141136 print ('Status: 400 Bad Request' )
142137 print (doc .Format ())
143138 mailman_log ('error' , 'admin: Invalid options: %s\n %s' , str (e ), traceback .format_exc ())
144139 return
145-
146140 # CSRF check
147141 safe_params = ['VARHELP' , 'adminpw' , 'admlogin' ,
148142 'letter' , 'chunk' , 'findmember' ,
@@ -153,16 +147,22 @@ def main():
153147 'admin' )
154148 else :
155149 csrf_checked = True
156- # if password is present, void cookie to force password authentication.
157150 if cgidata .get ('adminpw' , ['' ])[0 ]:
158151 os .environ ['HTTP_COOKIE' ] = ''
159152 csrf_checked = True
160-
161- if not mlist .WebAuthenticate ((mm_cfg .AuthListAdmin ,
153+ try :
154+ print ("DEBUG: Calling WebAuthenticate" , flush = True )
155+ auth_result = mlist .WebAuthenticate ((mm_cfg .AuthListAdmin ,
162156 mm_cfg .AuthSiteAdmin ),
163- cgidata .get ('adminpw' , ['' ])[0 ]):
157+ cgidata .get ('adminpw' , ['' ])[0 ])
158+ print (f"DEBUG: WebAuthenticate result: { auth_result } , flush = True )
159+ except Exception as e :
160+ mailman_log ('error' , 'admin: Exception during WebAuthenticate: %s\n %s' , str (e ), traceback .format_exc ())
161+ print ("DEBUG: Exception during WebAuthenticate" , flush = True )
162+ raise
163+ if not auth_result :
164+ print ("DEBUG: Not authenticated, calling loginpage" , flush = True )
164165 if 'adminpw' in cgidata :
165- # This is a re-authorization attempt
166166 msg = Bold (FontSize ('+1' , _ ('Authorization failed.' ))).Format ()
167167 remote = os .environ .get ('HTTP_FORWARDED_FOR' ,
168168 os .environ .get ('HTTP_X_FORWARDED_FOR' ,
@@ -174,8 +174,9 @@ def main():
174174 else :
175175 msg = ''
176176 Auth .loginpage (mlist , 'admin' , msg = msg )
177+ print ("DEBUG: Called Auth.loginpage" , flush = True )
177178 return
178-
179+ print ( "DEBUG: Authenticated, proceeding to admin page" , flush = True )
179180 # Which subcategory was requested? Default is `general'
180181 if len (parts ) == 1 :
181182 category = 'general'
@@ -186,14 +187,10 @@ def main():
186187 else :
187188 category = parts [1 ]
188189 subcat = parts [2 ]
189-
190- # Create the document
191190 doc = Document ()
192191 doc .set_language (mlist .preferred_language )
193-
194- # Create the form
195192 form = Form (mlist = mlist , contexts = AUTH_CONTEXTS )
196-
193+ print ( f"DEBUG: category= { category } , subcat= { subcat } " , flush = True )
197194 # Now dispatch to the appropriate handler
198195 if category == 'general' :
199196 show_variables (mlist , category , subcat , cgidata , doc )
@@ -210,19 +207,15 @@ def main():
210207 doc .AddItem (Bold (_ ('No such category: %(category)s' ) % {
211208 'category' : category
212209 }))
213-
214- # Format and print the document
210+ print ("DEBUG: About to print doc.Format()" , flush = True )
215211 print (doc .Format ())
216-
217212 except Exception as e :
218- # Catch any unhandled exceptions and display them properly
219213 doc = Document ()
220214 doc .set_language (mm_cfg .DEFAULT_SERVER_LANGUAGE )
221215 doc .AddItem (Header (2 , _ ("Error" )))
222216 doc .AddItem (Bold (_ ('An unexpected error occurred.' )))
223217 doc .AddItem (Preformatted (Utils .websafe (str (e ))))
224218 doc .AddItem (Preformatted (Utils .websafe (traceback .format_exc ())))
225- # Send this with a 500 status.
226219 print ('Status: 500 Internal Server Error' )
227220 print (doc .Format ())
228221 mailman_log ('error' , 'admin: Unexpected error: %s\n %s' , str (e ), traceback .format_exc ())
0 commit comments