Re: FWD: cyrus 2.0.16/SIEVE
> On 07-Jan-2002 Abu @ Trabas Dot Com wrote:
> > i want apache run installsieve/sieveshell with exec command, example:
> > exec('installsieve -u user@domain -i file -a file server');
> >
> > -> how to supply password if apache has no password or know password.
> > the password fill from prompt shell?
>
Don't use installsieve/sieveshell, instead use websieve/easysieve:
http://sourceforge.net/projects/websieve
http://sourceforge.net/projects/cyrus-utils
These are perl cgi scripts that will ask the user for a password, and then
allow them to manage their sieve scripts in either basic or advanced script
creation.
Scot
Re: FWD: cyrus 2.0.16/SIEVE
Hai Again,
Yes I dont understand cyrus-2.xx running sieve more difficult than ver 1.,
and installsieve/sieveshell cannot running with cyrus admin.
if i have thousand of user, it is not secure to write password first to
file and pipe it to sieveshell/installsieve.
i dont have solution for this case, it is little tricky, i makee script to do:
1. if user want forward/vacation, script make a password to file first
2. make sieve script
3. run installsieve:
exec("installsieve -u $user -i $file.script -a $file < password")
4. delete user password file and script file.
5. i must have directory for apache to write file.
its to hard to understand why sieve tool to do it. or any better solution. :(
Noll Janos([EMAIL PROTECTED])@Mon, Jan 07, 2002 at 02:02:48PM +0100:
> Hi!
>
> On 07-Jan-2002 Abu @ Trabas Dot Com wrote:
> > i want apache run installsieve/sieveshell with exec command, example:
> > exec('installsieve -u user@domain -i file -a file server');
> >
> > -> how to supply password if apache has no password or know password.
> > the password fill from prompt shell?
>
> I think sieveshell would work, if you opened a pipe to it, and wrote the
> password, then the commands to it.
>
> The other way (example):
> 1. create a temp file, like /tmp/example1 that contains
> thepasswordhere
> list
> 2. use the command:
> cat /tmp/example1 | sieveshell -u usernamehere 127.0.0.1
>
> And voila!
>
> The first approach might be more secure.
>
> | Noll Janos <[EMAIL PROTECTED]> | http://www.johnzero.hu |
> | "Expect the unexpected!"| ICQ# 4547866 | Linux rulez! |
--
__
(oo) Open Solution Provider visit http://www.trabas.com
/ \/ \ GnuPg public information pub 1024/EBD26280
`V__V' A9A9 8F57 9E9D 14E3 05B4 3EDB C241 A313 EBD2 6280
Don't relax! It's only your tension that's holding you together.
Re: FWD: cyrus 2.0.16/SIEVE
Hi!
On 07-Jan-2002 Abu @ Trabas Dot Com wrote:
> i want apache run installsieve/sieveshell with exec command, example:
> exec('installsieve -u user@domain -i file -a file server');
>
> -> how to supply password if apache has no password or know password.
> the password fill from prompt shell?
I think sieveshell would work, if you opened a pipe to it, and wrote the
password, then the commands to it.
The other way (example):
1. create a temp file, like /tmp/example1 that contains
thepasswordhere
list
2. use the command:
cat /tmp/example1 | sieveshell -u usernamehere 127.0.0.1
And voila!
The first approach might be more secure.
| Noll Janos <[EMAIL PROTECTED]> | http://www.johnzero.hu |
| "Expect the unexpected!"| ICQ# 4547866 | Linux rulez! |
Re: FWD: cyrus 2.0.16/SIEVE bug
Why sieveshell or installsieve (deprecated) hard to use on web script.
i mean if someone want to autoforward/vacation himself, he must have shell to use
sieveshell/installsieve.
i want apache run installsieve/sieveshell with exec command, example:
exec('installsieve -u user@domain -i file -a file server');
-> how to supply password if apache has no password or know password.
the password fill from prompt shell?
i am still comfusing when upgrade from 1.xx to 2.00. on sieve on cyrus 1
i can supply autoforward/vacation with admin user but know i dont know exactly.
somebody help me!
Noll Janos([EMAIL PROTECTED])@Mon, Jan 07, 2002 at 03:01:05AM +0100:
> Hy!
>
> (Hope you're not seeing this mail twice.)
>
>
> I might have hit a bug.
>
> I tried a SIEVE script on a test mail that had a
> subject: "[Prim]xx" (without quotes, of course)
>
> The script's condition section:
>
> if header :matches "Subject" "[Prim]*"
>
> By common sense, this should match. But it doesn't.
>
> What does match:
>
> if header :matches "Subject" "\\[Prim]*"
>
>
> And the cause?
>
> Cyrus uses the unix fnmatch() function, which was made for matching filenames.
> And that is the reason it has one "side-effect": it interprets not only * and ?
> characters, but also [ ] chars.
> And from "our" point of view, that's bad.
>
> I've read the RFC, and it doesn't specify that you have to escape the [ char
> (and this is only logical).
>
> I've attached a fix, it should be good (also included below).
>
> There may be problems with the "*" characters escaped to "\\*" (that should
> instead be "\*", which is in a C source file "\\*"). The RFC is not really clear
> about this!
>
>
> *** comparator.c.original Fri Jan 4 00:49:34 2002
> --- comparator.cFri Jan 4 02:04:59 2002
> ***
> *** 38,43
> --- 38,70
> #include "tree.h"
> #include "sieve.h"
>
> + /* string_match added by Noll Janos <[EMAIL PROTECTED]> */
> + static int string_match(const char *pat, const char *text)
> + {
> + int ret,nt;
> + char *epat; /* will be the pattern, [-escaped */
> + char *p,*q;
> +
> + if (!strchr(pat,'[')) { /* no [ - no problem */
> + ret = !fnmatch(pat, text, 0);
> + } else {
> + /* count how many ['s there are */
> + for ( nt=-1, p=(char *)pat-1 ; p!=NULL ; p=strchr(p+1,'[') ) nt++;
> +
> + /* copy and escape ['s */
> + epat=(char *)malloc(strlen(pat)+nt+1);
> + for ( p=(char *)pat,q=epat ; *p ; p++ ) {
> + if (*p=='[') { *(q++)='\\'; }
> + *(q++)=*p;
> + }
> + *q=0;
> +
> + ret = !fnmatch(epat, text, 0);
> + free(epat);
> + }
> + return(ret);
> + }
> +
> /* --- i;octet comparators --- */
>
> /* just compare the two; these should be NULL terminated */
> ***
> *** 93,99
>
> static int octet_matches(const char *pat, const char *text)
> {
> ! return !fnmatch(pat, text, 0);
> }
>
> #ifdef ENABLE_REGEX
> --- 120,126
>
> static int octet_matches(const char *pat, const char *text)
> {
> ! return string_match(pat, text);
> }
>
> #ifdef ENABLE_REGEX
> ***
> *** 146,152
> for (i = 0; t[i] != '\0'; i++)
> t[i] = toupper(t[i]);
>
> ! ret = !fnmatch(p, t, 0);
> free(p); free(t);
>
> return ret;
> --- 173,179
> for (i = 0; t[i] != '\0'; i++)
> t[i] = toupper(t[i]);
>
> ! ret = string_match(p, t);
> free(p); free(t);
>
> return ret;
>
> -
>
>
> | Noll Janos <[EMAIL PROTECTED]> | http://www.johnzero.hu |
> | "Expect the unexpected!"| ICQ# 4547866 | Linux rulez! |
>
--
__
(oo) Open Solution Provider visit http://www.trabas.com
/ \/ \ GnuPg public information pub 1024/EBD26280
`V__V' A9A9 8F57 9E9D 14E3 05B4 3EDB C241 A313 EBD2 6280
You may be gone tomorrow, but that doesn't mean that you weren't here today.
FWD: cyrus 2.0.16/SIEVE bug
Hy!
(Hope you're not seeing this mail twice.)
I might have hit a bug.
I tried a SIEVE script on a test mail that had a
subject: "[Prim]xx" (without quotes, of course)
The script's condition section:
if header :matches "Subject" "[Prim]*"
By common sense, this should match. But it doesn't.
What does match:
if header :matches "Subject" "\\[Prim]*"
And the cause?
Cyrus uses the unix fnmatch() function, which was made for matching filenames.
And that is the reason it has one "side-effect": it interprets not only * and ?
characters, but also [ ] chars.
And from "our" point of view, that's bad.
I've read the RFC, and it doesn't specify that you have to escape the [ char
(and this is only logical).
I've attached a fix, it should be good (also included below).
There may be problems with the "*" characters escaped to "\\*" (that should
instead be "\*", which is in a C source file "\\*"). The RFC is not really clear
about this!
*** comparator.c.original Fri Jan 4 00:49:34 2002
--- comparator.cFri Jan 4 02:04:59 2002
***
*** 38,43
--- 38,70
#include "tree.h"
#include "sieve.h"
+ /* string_match added by Noll Janos <[EMAIL PROTECTED]> */
+ static int string_match(const char *pat, const char *text)
+ {
+ int ret,nt;
+ char *epat; /* will be the pattern, [-escaped */
+ char *p,*q;
+
+ if (!strchr(pat,'[')) { /* no [ - no problem */
+ ret = !fnmatch(pat, text, 0);
+ } else {
+ /* count how many ['s there are */
+ for ( nt=-1, p=(char *)pat-1 ; p!=NULL ; p=strchr(p+1,'[') ) nt++;
+
+ /* copy and escape ['s */
+ epat=(char *)malloc(strlen(pat)+nt+1);
+ for ( p=(char *)pat,q=epat ; *p ; p++ ) {
+ if (*p=='[') { *(q++)='\\'; }
+ *(q++)=*p;
+ }
+ *q=0;
+
+ ret = !fnmatch(epat, text, 0);
+ free(epat);
+ }
+ return(ret);
+ }
+
/* --- i;octet comparators --- */
/* just compare the two; these should be NULL terminated */
***
*** 93,99
static int octet_matches(const char *pat, const char *text)
{
! return !fnmatch(pat, text, 0);
}
#ifdef ENABLE_REGEX
--- 120,126
static int octet_matches(const char *pat, const char *text)
{
! return string_match(pat, text);
}
#ifdef ENABLE_REGEX
***
*** 146,152
for (i = 0; t[i] != '\0'; i++)
t[i] = toupper(t[i]);
! ret = !fnmatch(p, t, 0);
free(p); free(t);
return ret;
--- 173,179
for (i = 0; t[i] != '\0'; i++)
t[i] = toupper(t[i]);
! ret = string_match(p, t);
free(p); free(t);
return ret;
-
| Noll Janos <[EMAIL PROTECTED]> | http://www.johnzero.hu |
| "Expect the unexpected!"| ICQ# 4547866 | Linux rulez! |
sievebug.patch
Description: sievebug.patch
