[openssl.org #151] S/MIME implemementation doesn't follow MIME spec. Patch included.

John Viega via RT Mon, 15 Jul 2002 23:47:37 -0700

The OpenSSL S/MIME implementation doesn't follow the MIME
specification when writing out messages in that format.  As a result,
messages created with this library will choke when passed through
strictly compliant SMTP libraries.

A patch is below, against today's mid-afternoon CVS tree (EST).  The
problem was found and the patch created by Zachary Girouard
<[EMAIL PROTECTED]>.

diff --exclude=*Makefile* -ur openssl/apps/smime.c openssl-zakk/apps/smime.c
--- openssl/apps/smime.c        Wed May  8 11:12:59 2002
+++ openssl-zakk/apps/smime.c   Tue Jul 16 01:31:09 2002
@@ -530,9 +530,9 @@
        } else if(operation == SMIME_PK7OUT) {
                PEM_write_bio_PKCS7(out, p7);
        } else {
-               if(to) BIO_printf(out, "To: %s\n", to);
-               if(from) BIO_printf(out, "From: %s\n", from);
-               if(subject) BIO_printf(out, "Subject: %s\n", subject);
+               if(to) BIO_printf(out, "To: %s\r\n", to);
+               if(from) BIO_printf(out, "From: %s\r\n", from);
+               if(subject) BIO_printf(out, "Subject: %s\r\n", subject);
                if(outformat == FORMAT_SMIME) 
                        SMIME_write_PKCS7(out, p7, in, flags);
                else if(outformat == FORMAT_PEM) 
diff --exclude=*Makefile* -ur openssl/crypto/dso/dso_lib.c 
openssl-zakk/crypto/dso/dso_lib.c
--- openssl/crypto/dso/dso_lib.c        Mon Jul 15 11:35:39 2002
+++ openssl-zakk/crypto/dso/dso_lib.c   Mon Jul 15 16:59:53 2002
@@ -394,7 +394,7 @@
        {
        char *result = NULL;
 
-       if(dso == NULL || dir == NULL)
+       if(dso == NULL)
                {
                DSOerr(DSO_F_DSO_MERGE,ERR_R_PASSED_NULL_PARAMETER);
                return(NULL);
diff --exclude=*Makefile* -ur openssl/crypto/pkcs7/pk7_mime.c 
openssl-zakk/crypto/pkcs7/pk7_mime.c
--- openssl/crypto/pkcs7/pk7_mime.c     Tue Jan 30 08:38:59 2001
+++ openssl-zakk/crypto/pkcs7/pk7_mime.c        Mon Jul 15 16:57:29 2002
@@ -164,34 +164,34 @@
                        bound[i] = c;
                }
                bound[32] = 0;
-               BIO_printf(bio, "MIME-Version: 1.0\n");
+               BIO_printf(bio, "MIME-Version: 1.0\r\n");
                BIO_printf(bio, "Content-Type: multipart/signed;");
                BIO_printf(bio, " protocol=\"application/x-pkcs7-signature\";");
-               BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"\n\n", bound);
+               BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"\r\n\r\n", bound);
                BIO_printf(bio, "This is an S/MIME signed message\n\n");
                /* Now write out the first part */
                BIO_printf(bio, "------%s\n", bound);
-               if(flags & PKCS7_TEXT) BIO_printf(bio, "Content-Type: text/plain\n\n");
+               if(flags & PKCS7_TEXT) BIO_printf(bio, "Content-Type: 
+text/plain\r\n\r\n");
                while((i = BIO_read(data, linebuf, MAX_SMLEN)) > 0) 
                                                BIO_write(bio, linebuf, i);
-               BIO_printf(bio, "\n------%s\n", bound);
+               BIO_printf(bio, "\n------%s\r\n", bound);
 
                /* Headers for signature */
 
-               BIO_printf(bio, "Content-Type: application/x-pkcs7-signature; 
name=\"smime.p7s\"\n");
-               BIO_printf(bio, "Content-Transfer-Encoding: base64\n");
-               BIO_printf(bio, "Content-Disposition: attachment; 
filename=\"smime.p7s\"\n\n");
+               BIO_printf(bio, "Content-Type: application/x-pkcs7-signature; 
+name=\"smime.p7s\"\r\n");
+               BIO_printf(bio, "Content-Transfer-Encoding: base64\r\n");
+               BIO_printf(bio, "Content-Disposition: attachment; 
+filename=\"smime.p7s\"\r\n\r\n");
                B64_write_PKCS7(bio, p7);
-               BIO_printf(bio,"\n------%s--\n\n", bound);
+               BIO_printf(bio,"\r\n------%s--\r\n\r\n", bound);
                return 1;
        }
        /* MIME headers */
-       BIO_printf(bio, "MIME-Version: 1.0\n");
-       BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7m\"\n");
-       BIO_printf(bio, "Content-Type: application/x-pkcs7-mime; 
name=\"smime.p7m\"\n");
-       BIO_printf(bio, "Content-Transfer-Encoding: base64\n\n");
+       BIO_printf(bio, "MIME-Version: 1.0\r\n");
+       BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7m\"\r\n");
+       BIO_printf(bio, "Content-Type: application/x-pkcs7-mime; 
+name=\"smime.p7m\"\r\n");
+       BIO_printf(bio, "Content-Transfer-Encoding: base64\r\n\r\n");
        B64_write_PKCS7(bio, p7);
-       BIO_printf(bio, "\n");
+       BIO_printf(bio, "\r\n");
        return 1;
 }



______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]
[openssl.org #151] S/MIME implemementation doesn't follow MIME spec. Patch included.

Reply via email to
