This now happens on every request for a new account. I don't even see where the
"from_addr" is set.
Is the bug that the from_addr is never set? Or is that done in Mail.new?
######################################################################
# email root@ #
######################################################################
task "email r...@apache.org" do
# build mail from template
mail = Mail.new(template('acreq.erb'))
# adjust copy lists
cc = ["#{@pubname.inspect} <#{@email}>"]
cc << "private@#{@pmc.mail_list}.apache.org" if @pmc # copy pmc
cc << @podling.private_mail_list if @podling # copy podling
mail.cc = cc.uniq.map {|email| email.dup.untaint}
# untaint to email addresses
mail.to = mail.to.map {|email| email.dup.untaint}
# echo email
form do
_message mail.to_s
end
# deliver mail
complete do
mail.deliver!
end
end
#<SecurityError: tainted from_addr>
/usr/local/rvm/rubies/ruby-2.4.1/lib/ruby/2.4.0/net/smtp.rb:835:in `mailfrom'
/usr/local/rvm/rubies/ruby-2.4.1/lib/ruby/2.4.0/net/smtp.rb:658:in
`send_message'
/usr/local/rvm/gems/ruby-2.4.1/gems/mail-2.7.1/lib/mail/network/delivery_methods/smtp_connection.rb:54:in
`deliver!'
/usr/local/rvm/gems/ruby-2.4.1/gems/mail-2.7.1/lib/mail/network/delivery_methods/smtp.rb:101:in
`block in deliver!'
/usr/local/rvm/rubies/ruby-2.4.1/lib/ruby/2.4.0/net/smtp.rb:519:in `start'
/usr/local/rvm/gems/ruby-2.4.1/gems/mail-2.7.1/lib/mail/network/delivery_methods/smtp.rb:109:in
`start_smtp_session'
/usr/local/rvm/gems/ruby-2.4.1/gems/mail-2.7.1/lib/mail/network/delivery_methods/smtp.rb:100:in
`deliver!'
/usr/local/rvm/gems/ruby-2.4.1/gems/mail-2.7.1/lib/mail/message.rb:276:in
`deliver!'
/x1/srv/whimsy/www/secretary/workbench/views/actions/icla.json.rb:250:in
`block (2 levels) in _evaluate'
/x1/srv/whimsy/www/secretary/workbench/tasks.rb:47:in `complete'
/x1/srv/whimsy/www/secretary/workbench/views/actions/icla.json.rb:249:in
`block in _evaluate'
/x1/srv/whimsy/www/secretary/workbench/tasks.rb:12:in `task'
/x1/srv/whimsy/www/secretary/workbench/views/actions/icla.json.rb:230:in
`_evaluate'
/x1/srv/whimsy/www/secretary/workbench/server.rb:92:in `block in <top
(required)>'
/x1/srv/whimsy/lib/whimsy/asf/rack.rb:223:in `call'
/usr/local/rvm/gems/ruby-2.4.1/gems/passenger-5.1.12/src/ruby_supportlib/phusion_passenger/rack/out_of_band_gc.rb:48:in
`call'
/x1/srv/whimsy/lib/whimsy/asf/rack.rb:148:in `call'
/x1/srv/whimsy/lib/whimsy/asf/rack.rb:79:in `call'
/x1/srv/whimsy/lib/whimsy/asf/rack.rb:254:in `call'
/usr/local/rvm/gems/ruby-2.4.1/gems/passenger-5.1.12/src/ruby_supportlib/phusion_passenger/rack/thread_handler_extension.rb:97:in
`process_request'
/usr/local/rvm/gems/ruby-2.4.1/gems/passenger-5.1.12/src/ruby_supportlib/phusion_passenger/request_handler/thread_handler.rb:160:in
`accept_and_process_next_request'
/usr/local/rvm/gems/ruby-2.4.1/gems/passenger-5.1.12/src/ruby_supportlib/phusion_passenger/request_handler/thread_handler.rb:113:in
`main_loop'
/usr/local/rvm/gems/ruby-2.4.1/gems/passenger-5.1.12/src/ruby_supportlib/phusion_passenger/request_handler.rb:416:in
`block (3 levels) in start_threads'
/usr/local/rvm/gems/ruby-2.4.1/gems/passenger-5.1.12/src/ruby_supportlib/phusion_passenger/utils.rb:113:in
`block in create_thread_and_abort_on_exception'
Craig L Russell
Secretary, Apache Software Foundation
c...@apache.org http://db.apache.org/jdo
