From the error message, and what I've learned about base64, my best

guess about the transient errors (ie, some people get them, some
people do not) is that sometimes the base64 encoding can cause \n's to
get in the string, which the mime stuff will treat as a newline.  So I
replace \n w/ @ before putting it in the cookie, and do the reverse
before checking the cookie.  Hopefully we won't hear about this
problem again.

1 files changed, 4 insertions, 6 deletions

diff --git a/Mailman/Cgi/admin.py b/Mailman/Cgi/admin.py
index c9155c87e..e8e9a1d08 100644
--- a/Mailman/Cgi/admin.py
+++ b/Mailman/Cgi/admin.py
@@ -21,7 +21,7 @@
 To run stand-alone for debugging, set env var PATH_INFO to name of list
 and, optionally, options category."""
 
-__version__ = "$Revision: 734 $"
+__version__ = "$Revision: 741 $"
 
 import sys
 import os, cgi, string, crypt, types, time
@@ -102,7 +102,7 @@ def isAuthenticated(list, password=None, SECRET="SECRET"):
 
         token = md5.new(SECRET + list_name + SECRET).digest()
         token = base64.encodestring(token)
-        token = string.strip(token)
+        token = string.replace(token, "\n", "@")
         c = Cookie.Cookie()
         cookie_key = list_name + "-admin"
         c[cookie_key] = token
@@ -113,11 +113,9 @@ def isAuthenticated(list, password=None, SECRET="SECRET"):
         c = Cookie.Cookie( os.environ['HTTP_COOKIE'] )
         if c.has_key(list_name + "-admin"):
 	    try:
-               inp = base64.decodestring(c[list_name + "-admin"].value)
+               inp = base64.decodestring(string.replace(
+	              c[list_name + "-admin"].value, "@", "\n"))
                check = md5.new(SECRET+list_name+SECRET).digest()
-            except Error:  # the decodestring may return incorrect padding?
-               raise 'Decode failed'
-               return 0
             if inp == check:
                 return 1
             else: