[ mailman-Bugs-1085651 ] Broken PGP/MIME signature of messages with attachments
Bugs item #1085651, was opened at 2004-12-15 10:54
Message generated for change (Comment added) made by xkr47
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100103&aid=1085651&group_id=103
Category: mail delivery
Group: 2.1 (stable)
Status: Open
Resolution: None
Priority: 5
Submitted By: Etienne M. Gagnon (egagnon)
Assigned to: Nobody/Anonymous (nobody)
Summary: Broken PGP/MIME signature of messages with attachments
Initial Comment:
Hi,
When I send a PGP/MIME signed message *with*
attachments (in addition to the PGP signature) to a
Mailman-based mailing list, Firefox/Enigmail fails to
verify the signature of the message forwarded by mailman.
I have uploaded an example message with a broken
signature as attachment to this bug.
You can also see how Mailman's automatic archives don't
even handle such messages correctly by looking at how
it archived that message at:
http://sablecc.org/lists/sablecc-user/2004-December/000159.html
I've looked in the bugs database and found that a
somewhat related problem was reported a while ago, but
note that the current bug is different. The original
bug was about PGP/MIME signed messages without
attachments that were handled incorrectly by Enigmail.
This one is about messages with attachments, and it is
likely that the bug is Mailman's, at least accroding to
the reply I got in:
http://bugzilla.mozdev.org/show_bug.cgi?id=8466
Thanks for your help (and for the magnificient software)!
Etienne
----------------------------------------------------------------------
Comment By: Jonas Berlin (xkr47)
Date: 2005-03-19 14:21
Message:
Logged In: YES
user_id=66259
from python's Message.py:
def _get_params_preserve(self, failobj, header):
# Like get_params() but preserves the quoting of values. BAW:
# should this be part of the public interface?
According to my analysis of the comment, the function in question does _not_
guarantee to preserve the header as-is, it only preserves _quoting_. Thus, I
don't think we can call this a bug in python. If there's more official
documentation elsewhere that states that it should preserve everything as-is,
then ignore this comment altogether :).
I didn't have time to grasp how mailman actually uses that Message class,
but I think mailman should be changed to use functions that don't alter the
message, and/or re-implement that work according to the requirements of
mailman (or, users of mailman :).
Anyway, an alternative could be to continue to use the Message.py functions
to parse the values while analyzing the contents of the message, and then
copypaste the original headers as-is after checking.
- xkr47
----------------------------------------------------------------------
Comment By: Etienne M. Gagnon (egagnon)
Date: 2005-01-29 19:08
Message:
Logged In: YES
user_id=15365
Dear Bas,
Thanks a lot for identifying the source of this bug and
flagging an upstream bug on Python.
Etienne
----------------------------------------------------------------------
Comment By: Bas Wijnen (shevek)
Date: 2005-01-24 13:35
Message:
Logged In: YES
user_id=42389
I checked the source, and this appears to be a bug in
Python. It can read and write e-mails, including headers,
and they are interpreted. However, it doesn't preserve
their whitespace, which is of course fatal for pgp signatures.
The bug is filed for python here:
http://sourceforge.net/tracker/index.php?func=detail&aid=968430&group_id=5470&atid=105470
----------------------------------------------------------------------
Comment By: Etienne M. Gagnon (egagnon)
Date: 2005-01-18 19:30
Message:
Logged In: YES
user_id=15365
I am attaching a screen shot of the content filtering
settings (see the options.png attachment I have added to
this bug report). In short, content filtering is disabled,
so I don't think it is the cause of the problem. :-/
Etienne
----------------------------------------------------------------------
Comment By: Brad Knowles (shub)
Date: 2005-01-17 02:37
Message:
Logged In: YES
user_id=18417
Look at your content filter settings. What MIME-types are you configured
to pass? At the very least, you should be configured to pass the
following:
multipart/mixed
multipart/alternative
text/plain
application/pgp-signature
multipart/signed
----------------------------------------------------------------------
Comment By: Toni Willberg (toniw)
Date: 2005-01-08 03:23
Message:
Logged In: YES
user_id=190645
I can reproduce this bug also.
Here's a diff what happened to me:
diff -u mail.valid mail.invalid
Content-Disposition: attachment;
filename=configure.in.pre-pkgconfig.patch
-Content-Type: text/x-patch;
name=configure.in.pre-pkgconfig.patch; charset=UTF-8
+Content-Type: text/x-patch;
name=configure.in.pre-pkgconfig.patch;
+ charset=UTF-8
Content-Transfer-Encoding: base64
And this was _inside_ gpg-signed block.
Mailman should not alter that section at all, right?
X-Mailman-Version: 2.1.4
Yours,
Toni Willberg
participants (1)
-
SourceForge.net