Red Hat Bugzilla – Bug 9926
Bugzilla cookies have Y2K bug ???
Last modified: 2008-05-01 11:37:54 EDT
Apparently, the bugzilla cookie generator is suffering from some form of
Y2K hangover, as all the cookies it's sending me are labelled as expiring
at "Thu Jan 1 01:00:01 1970" and, as a result, Linux Netscape promptly
Is this possibly the reason why it keeps asking for login and password, as so
many people have reported?
I am not able to reproduce this on a test machine. When logging in it will set
your cookies to
Fri Jun 29 20:10:50 2029
and if you click LogOut on the bottom the screen you will get the date that you
mentioned earlier but that is normal behaviour.
The other problems reported may be related to bug # 9598 and people should try
that to see if it solves there problem.
After removing all bugzilla cookies, I still get the problem where it says I am
not logged in. Starting from an empty cookie file using Netscape 4.51, glibc
2.1, linux 2.2.14, ix86. Bugzilla creates 3 cookies, Bugzilla_login,
Bugzilla_logincookie and Bugzilla_password. The first two expire in 2029, the
third expires 1970!
The reason that the third is set to 1970 is on purpose. The older versions of
bugzilla that were around use to store the user's password int he cookies file
which ended up being a bad idea. So now the password is stored inthe database
and the Bugzilla_password is set to blank with an 1970 (automatically expiring)
date to clear out any old passwords people might have still lurking around.
I've just checked, and the date it is setting for that third cookie as seen here
Jan 0 19:00:00 1970
Can I query that 0 for the day? I have to suspect that some sort of timezone
wrap problem is hitting here.
If you're using the 1st as the date, can I suggest you change it, and use
something that can wrap cleanly to at least bypass this problem. Setting it to
use Jan 15 12:00:00 1984 (for example) should still have the same result, but
prevents any wrap problems from occurring...