PS: Somehow I screwed up the news.pod file. Attached are better patches. Harri
Index: inn2-2.6.1/doc/pod/news.pod
===================================================================
--- inn2-2.6.1.orig/doc/pod/news.pod
+++ inn2-2.6.1/doc/pod/news.pod
@@ -29,6 +29,13 @@ field body. Thanks to Kamil Jonca for t
=item *
+Fixed a bug in B<inews> that was rejecting articles containing header
+fields whose length exceeded 998 bytes. This limitation is for the
+length of a single line of a header field, not for the whole header
+field.
+
+=item *
+
The default value for the I<tlscompression> parameter in F<inn.conf>
has changed. TLS-level compression is now disabled by default, to comply
with the best current practices for a secure use of TLS in application
Index: inn2-2.6.1/frontends/inews.c
===================================================================
--- inn2-2.6.1.orig/frontends/inews.c
+++ inn2-2.6.1/frontends/inews.c
@@ -34,7 +34,6 @@
#define HEADER_DELTA 20
#define GECOSTERM(c) \
((c) == ',' || (c) == ';' || (c) == ':' || (c) == LPAREN)
-#define HEADER_STRLEN 998
typedef enum _HEADERTYPE {
HTobs,
@@ -122,7 +121,7 @@ static HEADER Table[] = {
static void
QuitServer(int x)
{
- char buff[HEADER_STRLEN];
+ char buff[MED_BUFFER];
char *p;
if (Spooling)
@@ -196,13 +195,22 @@ TrimSpaces(char *p)
static char *
NextHeader(char *p)
{
- for ( ; ; p++) {
- if ((p = strchr(p, '\n')) == NULL)
+ char *q;
+ for (q = p; ; p++) {
+ if ((p = strchr(p, '\n')) == NULL) {
die("article is all headers");
- if (!ISWHITE(p[1])) {
- *p = '\0';
- return p + 1;
- }
+ }
+ /* Check the maximum length of a single line. */
+ if (p - q + 1 > MAXARTLINELENGTH) {
+ die("header line too long");
+ }
+ /* Check if there is a continuation line for the header. */
+ if (ISWHITE(p[1])) {
+ q = p + 1;
+ continue;
+ }
+ *p = '\0';
+ return p + 1;
}
}
@@ -796,7 +804,7 @@ OfferArticle(char *buff, bool Authorized
{
fprintf(ToServer, "post\r\n");
SafeFlush(ToServer);
- if (fgets(buff, HEADER_STRLEN, FromServer) == NULL)
+ if (fgets(buff, MED_BUFFER, FromServer) == NULL)
sysdie(Authorized ? "Can't offer article to server (authorized)"
: "Can't offer article to server");
return atoi(buff);
@@ -866,8 +874,8 @@ main(int ac, char *av[])
struct passwd *pwp;
char *article;
char *deadfile;
- char buff[HEADER_STRLEN];
- char SpoolMessage[HEADER_STRLEN];
+ char buff[MED_BUFFER];
+ char SpoolMessage[MED_BUFFER];
bool DoSignature;
bool AddOrg;
size_t Length;
@@ -987,7 +995,7 @@ main(int ac, char *av[])
setbuf(ToServer, xmalloc(BUFSIZ));
fprintf(ToServer, "mode reader\r\n");
SafeFlush(ToServer);
- if (fgets(buff, HEADER_STRLEN, FromServer) == NULL)
+ if (fgets(buff, MED_BUFFER, FromServer) == NULL)
sysdie("cannot tell server we're reading");
if ((j = atoi(buff)) != NNTP_ERR_COMMAND)
i = j;
@@ -1024,13 +1032,6 @@ main(int ac, char *av[])
/* Do final checks. */
if (i == 0 && HDR(_control) == NULL)
die("article is empty");
- for (hp = Table; hp < ARRAY_END(Table); hp++)
- if (hp->Value && (int)strlen(hp->Value) + hp->Size > HEADER_STRLEN)
- die("%s header is too long", hp->Name);
- for (i = 0; i < OtherCount; i++)
- if ((int)strlen(OtherHeaders[i]) > HEADER_STRLEN)
- die("header too long (maximum length is %d): %.40s...",
- HEADER_STRLEN, OtherHeaders[i]);
if (Dump) {
/* Write the headers and a blank line. */
Index: inn2-2.6.1/doc/pod/news.pod
===================================================================
--- inn2-2.6.1.orig/doc/pod/news.pod
+++ inn2-2.6.1/doc/pod/news.pod
@@ -23,6 +23,12 @@ authentication credentials are concerned
=item *
+B<mailpost> now removes empty header fields before attempting to post
+articles, and keeps trace of them in the X-Mailpost-Empty-Hdrs: header
+field body. Thanks to Kamil Jonca for the bug report.
+
+=item *
+
The default value for the I<tlscompression> parameter in F<inn.conf>
has changed. TLS-level compression is now disabled by default, to comply
with the best current practices for a secure use of TLS in application
Index: inn2-2.6.1/frontends/mailpost.in
===================================================================
--- inn2-2.6.1.orig/frontends/mailpost.in
+++ inn2-2.6.1/frontends/mailpost.in
@@ -84,6 +84,8 @@ die "Directory $Tmpdir is not writable\n
if ($debugging || $opt_n) {
$Sendmail = "cat" ;
$WhereTo = "cat" ;
+} else {
+ $Sendmail = sprintf($Sendmail, $Maintainer);
}
#
@@ -150,6 +152,8 @@ my $hdr = undef;
my $txt = undef;
my $message_id ;
my $subject = "(NONE)";
+my @emptyHdrs = ();
+my $emptyHdrsString;
$_ = <STDIN>;
if (!$_) {
@@ -213,6 +217,13 @@ for (;;) {
next if /^Approved:\s/sio && defined($approved);
next if /^Distribution:\s/sio && defined($distribution);
+ # Collect empty header field names.
+ if (/^([^:]+):\s*$/) {
+ # 975 = 998 - length("X-Mailpost-Empty-Hdrs: ")
+ push(@emptyHdrs, $1) if length($1) < 975;
+ next;
+ }
+
if (/^($exclude):\s*/sio) {
$real_news_hdrs .= "$_\n";
next;
@@ -314,6 +325,11 @@ $real_news_hdrs .= "Distribution: ${dist
$real_news_hdrs .= "Approved: ${approved}\n" if defined($approved);
$real_news_hdrs .= "References: ${references}\n" if defined($references);
+# Keep trace of empty header fields.
+$emptyHdrsString = join("\n\t", @emptyHdrs);
+$real_news_hdrs .= "X-Mailpost-Empty-Hdrs: $emptyHdrsString\n"
+ if (length($emptyHdrsString) > 0);
+
# Remove duplicate headers.
my %headers = ();
$real_news_hdrs =~ s/((.*?:) .*?($|\n)([ \t]+.*?($|\n))*)/$headers{lc$2}++?"":"$1"/ges;
@@ -329,7 +345,7 @@ if (!open TMPFILE,">$tmpfile") {
if ($use_syslog) {
syslog("err", "$msg") unless $debugging || -t STDERR;
}
- open(TMPFILE, "|" . sprintf ($Sendmail, $Maintainer)) ||
+ open(TMPFILE, "|" . $Sendmail) ||
die "die(no tmpfile): sendmail: $!\n" ;
print TMPFILE <<"EOF";
To: $Maintainer
@@ -516,7 +532,7 @@ sub mailArtAndDie {
syslog("err", "$msg") if $use_syslog;
print STDERR $msg,"\n" if -t STDERR ;
- open(SENDMAIL, "|" . sprintf ($Sendmail,$Maintainer)) ||
+ open(SENDMAIL, "|" . $Sendmail) ||
die "die($msg): sendmail: $!\n" ;
print SENDMAIL <<"EOF" ;
To: $Maintainer
Index: inn2-2.6.1/doc/pod/news.pod
===================================================================
--- inn2-2.6.1.orig/doc/pod/news.pod
+++ inn2-2.6.1/doc/pod/news.pod
@@ -29,6 +29,13 @@ field body. Thanks to Kamil Jonca for t
=item *
+Fixed a bug in B<inews> that was rejecting articles containing header
+fields whose length exceeded 998 bytes. This limitation is for the
+length of a single line of a header field, not for the whole header
+field.
+
+=item *
+
The default value for the I<tlscompression> parameter in F<inn.conf>
has changed. TLS-level compression is now disabled by default, to comply
with the best current practices for a secure use of TLS in application
Index: inn2-2.6.1/frontends/inews.c
===================================================================
--- inn2-2.6.1.orig/frontends/inews.c
+++ inn2-2.6.1/frontends/inews.c
@@ -34,7 +34,6 @@
#define HEADER_DELTA 20
#define GECOSTERM(c) \
((c) == ',' || (c) == ';' || (c) == ':' || (c) == LPAREN)
-#define HEADER_STRLEN 998
typedef enum _HEADERTYPE {
HTobs,
@@ -122,7 +121,7 @@ static HEADER Table[] = {
static void
QuitServer(int x)
{
- char buff[HEADER_STRLEN];
+ char buff[MED_BUFFER];
char *p;
if (Spooling)
@@ -196,13 +195,22 @@ TrimSpaces(char *p)
static char *
NextHeader(char *p)
{
- for ( ; ; p++) {
- if ((p = strchr(p, '\n')) == NULL)
+ char *q;
+ for (q = p; ; p++) {
+ if ((p = strchr(p, '\n')) == NULL) {
die("article is all headers");
- if (!ISWHITE(p[1])) {
- *p = '\0';
- return p + 1;
- }
+ }
+ /* Check the maximum length of a single line. */
+ if (p - q + 1 > MAXARTLINELENGTH) {
+ die("header line too long");
+ }
+ /* Check if there is a continuation line for the header. */
+ if (ISWHITE(p[1])) {
+ q = p + 1;
+ continue;
+ }
+ *p = '\0';
+ return p + 1;
}
}
@@ -796,7 +804,7 @@ OfferArticle(char *buff, bool Authorized
{
fprintf(ToServer, "post\r\n");
SafeFlush(ToServer);
- if (fgets(buff, HEADER_STRLEN, FromServer) == NULL)
+ if (fgets(buff, MED_BUFFER, FromServer) == NULL)
sysdie(Authorized ? "Can't offer article to server (authorized)"
: "Can't offer article to server");
return atoi(buff);
@@ -866,8 +874,8 @@ main(int ac, char *av[])
struct passwd *pwp;
char *article;
char *deadfile;
- char buff[HEADER_STRLEN];
- char SpoolMessage[HEADER_STRLEN];
+ char buff[MED_BUFFER];
+ char SpoolMessage[MED_BUFFER];
bool DoSignature;
bool AddOrg;
size_t Length;
@@ -987,7 +995,7 @@ main(int ac, char *av[])
setbuf(ToServer, xmalloc(BUFSIZ));
fprintf(ToServer, "mode reader\r\n");
SafeFlush(ToServer);
- if (fgets(buff, HEADER_STRLEN, FromServer) == NULL)
+ if (fgets(buff, MED_BUFFER, FromServer) == NULL)
sysdie("cannot tell server we're reading");
if ((j = atoi(buff)) != NNTP_ERR_COMMAND)
i = j;
@@ -1024,13 +1032,6 @@ main(int ac, char *av[])
/* Do final checks. */
if (i == 0 && HDR(_control) == NULL)
die("article is empty");
- for (hp = Table; hp < ARRAY_END(Table); hp++)
- if (hp->Value && (int)strlen(hp->Value) + hp->Size > HEADER_STRLEN)
- die("%s header is too long", hp->Name);
- for (i = 0; i < OtherCount; i++)
- if ((int)strlen(OtherHeaders[i]) > HEADER_STRLEN)
- die("header too long (maximum length is %d): %.40s...",
- HEADER_STRLEN, OtherHeaders[i]);
if (Dump) {
/* Write the headers and a blank line. */
pgp7GIOZWntaO.pgp
Description: OpenPGP digital signature
