jeremie-pierson
commented
12 months ago Hopefully fixes #40 .
Closed jeremie-pierson closed 11 months ago
jeremie-pierson
commented
12 months ago Hopefully fixes #40 .
jeremie-pierson
commented
11 months ago This bug was corrected 4 years ago. My local version was ancient and I didn't check this before filing a bug. Oops.
When an error occurs on unserializing a JSON session, the unserialize() sub in lib/Apache/Session/Serialize/JSON.pm calls die().
In other session stores (for example LDAP), when unserialize() is called in the context of get_key_from_all_sessions(), it uses eval{} to catch the error. But here in the Redis store, it does not and get_key_from_all_sessions() is interrupted.
It causes the purgeCentralCache script in lemonldap-ng to exit early and not purge any sessions, when it encounters an invalid/corrupted session.
Please keep in mind that, although this fix is very short, my knowledge of Perl is extremely thin :-)