|Peter Burden||Mar 18, 2008 5:01 am|
|Gordon Messmer||Mar 18, 2008 8:17 am|
|Harry Duncan||Mar 18, 2008 8:48 am|
|Ben Kennedy||Mar 18, 2008 12:00 pm|
|Aidas Kasparas||Mar 18, 2008 12:13 pm|
|Harry Duncan||Mar 18, 2008 12:43 pm|
|Harry Duncan||Mar 18, 2008 12:56 pm|
|Norbert Schmidt||Mar 18, 2008 1:22 pm|
|Gordon Messmer||Mar 18, 2008 5:55 pm|
|Jerry Amundson||Mar 19, 2008 9:58 am|
|Gordon Messmer||Mar 19, 2008 11:47 am|
|Harry Duncan||Mar 20, 2008 12:02 am|
|Aidas Kasparas||Mar 20, 2008 2:19 am|
|Peter Burden||Mar 20, 2008 4:03 am|
|Enda||Mar 20, 2008 4:44 am|
|Harry Duncan||Mar 20, 2008 4:47 am|
|Gordon Messmer||Mar 20, 2008 9:04 am|
|Peter Burden||Apr 22, 2008 8:56 am|
|Peter Burden||Apr 22, 2008 8:57 am|
|Gordon Messmer||Apr 23, 2008 12:22 am|
|Peter Burden||Apr 23, 2008 2:14 am|
|Gordon Messmer||Apr 23, 2008 3:20 pm|
|Peter Burden||Apr 23, 2008 4:48 pm|
|Gordon Messmer||Apr 23, 2008 9:27 pm|
|Peter Burden||May 12, 2008 9:06 am|
|Aleksander Adamowski||May 15, 2008 10:53 am|
|Peter Burden||May 15, 2008 3:33 pm|
|Aleksander Adamowski||May 16, 2008 2:49 am|
|Peter Burden||Jun 18, 2008 9:00 am|
|Jeff Jansen||Jun 18, 2008 5:45 pm|
|Peter Burden||Jun 19, 2008 1:56 pm|
|Gordon Messmer||Jun 19, 2008 4:35 pm|
|Jeff Jansen||Jun 19, 2008 6:08 pm||.patch|
|Peter Burden||Jul 22, 2008 3:47 am|
|Subject:||Re: [courier-users] Standard Signatures|
|From:||Peter Burden (pete...@gmail.com)|
|Date:||Apr 23, 2008 2:14:35 am|
On 23/04/2008, Gordon Messmer <yiny...@eburg.com> wrote:
Peter Burden wrote:
Since then, I've cut some code and have a working signing filter. If anybody wants to have a look and let me know about any bugs (obvious or subtle), source code is at http://web.ptwol.net/sigfilter/sigfilter.c It's in standard C and uses a MySQL database. There are some explanations of how it works in the source code.
I don't like criticizing you twice in one evening, but there are some pretty serious problems with this code:
* Filter is threaded, but you're not taking the required steps to make mysql thread-safe: http://dev.mysql.com/doc/refman/5.0/en/threaded-clients.html
Since the filter doesn't try and share a connection between threads my interpretation of the reference is that, provided you link against libmysqlclient_r, you don't need to do anything further special.
* Filter uses global variables with no mutex protection. See above.
The global variables that are accessed by the threads are only read, not written to. They are set up as part of the initialisation, the filter does not start listening or launching threads until initialisation is complete. I have never found any need for mutexes to control access to read-only data. Read-write is, of course, a completely different matter.
* Filter doesn't handle shutdown (it needs to watch STDIN for EOF)
Good point. Will fix.
* Filter seems to treat any "AUTH: LOGIN" as if it were a header * AUTH header won't always say "AUTH: LOGIN"
Fair comment. For my server installation we currently only use LOGIN authentication but this should be easy to fix.
I don't think I'm treating AUTH:LOGIN as if it were a header, based on my observation of what Courier seems to do, it appears that AUTH:LOGIN is interposed amongst the parts of the "Received:" header - usually on a continuation line.
I would accept the criticism that the AUTH:LOGIN recognition code doesn't really understand headers and, worse, carries on looking for AUTH:LOGIN in the message body if it didn't find it in the headers.
Is there a definitive statement on the location/syntax of "AUTH:LOGIN" anywhere? I can't see it in RFC2822/2821.
* Filter doesn't free the "mime" variable, which creates a memory leak
Thanks for spotting that !
* Some variables aren't used at all
Left over debugging !
* I strongly recommend that you use a MIME library for message parsing rather than trying to write your own. It's complicated. See if "GMime" fits your needs.
Will investigate. Thanks for the reference.
* Finally, and most importantly IMO, you append a plaintext signature to any text part. It looks like this includes attached files. Regardless, by modifying the existing text parts, you invalidate PGP and SMIME signatures, which is bad.
The point about PGP and SMIME is a fair comment, but I find it difficult to imagine a signing system that would both satisfy end user requirements and not break such things.
Yes at the moment it signs any text/plain and text/html parts. The point about attached text files is a good one, I will investigate further.
There are probably other things, but that's what I noticed after looking at the code for ten minutes...
Once again thanks for your comments which have probably saved me a lot of time.
I've actually got a pythonfilter that does signatures sitting in CVS. A customer paid for it to be written, and I'm mostly waiting for them to confirm that it's working the way that they need it to before I release it.
------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________ courier-users mailing list cour...@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users