On 23/04/2008, Gordon Messmer <[EMAIL PROTECTED]> wrote: > Peter Burden wrote: > > Since then, I've cut some code and have a working signing filter. > > If anybody wants to have a look and let me know about any bugs > > (obvious or subtle), source code is at > > http://web.ptwol.net/sigfilter/sigfilter.c > > It's in standard C and uses a MySQL database. > > There are some explanations of how it works in the source code. > > > > > I don't like criticizing you twice in one evening, but there are some > pretty serious problems with this code: > > * Filter is threaded, but you're not taking the required steps to make > mysql thread-safe: > http://dev.mysql.com/doc/refman/5.0/en/threaded-clients.html
Since the filter doesn't try and share a connection between threads my interpretation of the reference is that, provided you link against libmysqlclient_r, you don't need to do anything further special. > * Filter uses global variables with no mutex protection. See above. The global variables that are accessed by the threads are only read, not written to. They are set up as part of the initialisation, the filter does not start listening or launching threads until initialisation is complete. I have never found any need for mutexes to control access to read-only data. Read-write is, of course, a completely different matter. > * Filter doesn't handle shutdown (it needs to watch STDIN for EOF) Good point. Will fix. > * Filter seems to treat any "AUTH: LOGIN" as if it were a header > * AUTH header won't always say "AUTH: LOGIN" Fair comment. For my server installation we currently only use LOGIN authentication but this should be easy to fix. I don't think I'm treating AUTH:LOGIN as if it were a header, based on my observation of what Courier seems to do, it appears that AUTH:LOGIN is interposed amongst the parts of the "Received:" header - usually on a continuation line. I would accept the criticism that the AUTH:LOGIN recognition code doesn't really understand headers and, worse, carries on looking for AUTH:LOGIN in the message body if it didn't find it in the headers. Is there a definitive statement on the location/syntax of "AUTH:LOGIN" anywhere? I can't see it in RFC2822/2821. > * Filter doesn't free the "mime" variable, which creates a memory leak Thanks for spotting that ! > * Some variables aren't used at all Left over debugging ! > * I strongly recommend that you use a MIME library for message parsing > rather than trying to write your own. It's complicated. See if "GMime" > fits your needs. Will investigate. Thanks for the reference. > * Finally, and most importantly IMO, you append a plaintext signature to > any text part. It looks like this includes attached files. Regardless, > by modifying the existing text parts, you invalidate PGP and SMIME > signatures, which is bad. The point about PGP and SMIME is a fair comment, but I find it difficult to imagine a signing system that would both satisfy end user requirements and not break such things. Yes at the moment it signs any text/plain and text/html parts. The point about attached text files is a good one, I will investigate further. > > There are probably other things, but that's what I noticed after looking > at the code for ten minutes... Once again thanks for your comments which have probably saved me a lot of time. > > I've actually got a pythonfilter that does signatures sitting in CVS. A > customer paid for it to be written, and I'm mostly waiting for them to > confirm that it's working the way that they need it to before I release it. > > ------------------------------------------------------------------------- > This SF.net email is sponsored by the 2008 JavaOne(SM) Conference > Don't miss this year's exciting event. There's still time to save $100. > Use priority code J8TL2D2. > > http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone > > _______________________________________________ > courier-users mailing list > [email protected] > Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users > ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
