header folding bug in lmtpd?
Jason Alderfer
alderfjh at emu.edu
Wed Sep 15 21:59:55 EDT 2004
Hi all,
I've discovered what appears to be a bug in the header folding code of
lmtpd. Cyrus-2.2.8 on Slackware Linux 9.1, 2.4 kernel. It occurs only
under the following specific conditions:
1. connections to lmtpd via TCP from a different server
2. remote server connects using TLS
3. remote server passes identity of authenticated sender (AUTH=foo)
Under the above conditions, the message header added by lmtpd looks like
this:
Received: from tcell2.emu.edu (tcell2.emu.edu [10.3.200.80])
(authenticated user=foo bits=0) by capybara.emu.edu (Cyrus v2.2.8) with
LMTPSA (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256/256 verify=YES);
Wed, 15 Sep 2004 12:48:15 +0000
(authenticated user=foo bits=0)
by capybara.emu.edu (Cyrus v2.2.8) with LMTPSA
Wed, 15 Sep 2004 12:48:15 +0000
It should be (with no wrapping before 'verify=YES'):
Received: from tcell2.emu.edu (tcell2.emu.edu [10.3.200.80])
(authenticated user=foo bits=0)
by capybara.emu.edu (Cyrus v2.2.8) with LMTPSA
(version=TLSv1/SSLv3 cipher=AES256-SHA bits=256/256 verify=YES);
Wed, 15 Sep 2004 21:02:59 +0000
I made a slight modification to the code lmtpengine.c which fixed the
problem for me, but I thought I'd ask if anyone else had noticed this
behavior before I submitted a patch.
--
Jason Alderfer
Information Systems
Eastern Mennonite University
Harrisonburg, VA 22802
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list