naftoli@aecom.yu.edu (Robert N. Berlinger) (05/26/89)
I've stumbled upon what I think are two more bugs in mush.
The first is related to setting hostname to the host.domain
name. If, for example a message is received from joe@pc.abc.edu
by joe@abc.edu, and joe@abc.edu has hostname set to abc.edu when
he replies to the message (note that alts is not set), the reply
is sent to "joe" (unqualified) instead of joe@pc.abc.edu. This
is because the take_me_off routine considers joe@pc.abc.edu to be
the same person as joe@abc.edu.
In addrs.c line 701 (take_me_off) mush does a comparison of the
two addresses after having converted them into ! format and
reversing them. However, the comparison is only done for the
length of abc.edu (reversed) rather than the length of
pc.abc.edu, and since abc.edu is a substring of pc.abc.edu, the
comparison succeeds and the addresses are considered equivalent.
The fix (I think) would be to change
if (!lcase_strncmp(tmp, addr, strlen(tmp))) {
to
if (!lcase_strncmp(tmp, addr, strlen(addr))) {
I didn't check the part of the code that deals with alts so there
may be something else there that needs looking at too.
Also, because of the way take_me_off is written, this is only a problem
if metoo is not set.
The second bug is that the headers routine (compose_hdr) seems to
consider only login (mailbox) name when deciding whether it should show the
the TO: type header (the recipients) or the normal header (the sender).
On line 373 of hdrs.c there is just this simple test:
if (!strncmp(p, login, strlen(login))) {
where p points to (in the domain style case) the address in the
'From:' line (in the case of ! style it will put p after the last
!, i.e., the login name). That means that any mail coming in
with the same login name as your own will be considered by the header
routine to have been sent by you even if it was sent from a different
machine. The setting of alts also seems to have no effect.
This one is a bit hard to believe so maybe I'm off base.
--
Robert N. Berlinger |Domain: naftoli@aecom.yu.edu
Supervisor of Systems Support |UUCP: {uunet}!aecom!naftoli
Scientific Computing Center |CompuServe: 73047,741 GEnie: R.Berlinger
Albert Einstein College of Medicine |Pan: berlinger AppleLink: U0995schaefer@ogccse.ogc.edu (Barton E. Schaefer) (05/27/89)
In article <2270@aecom.yu.edu> naftoli@aecom.yu.edu (Robert N. Berlinger) writes: } } If, for example a message is received from joe@pc.abc.edu } by joe@abc.edu, and joe@abc.edu has hostname set to abc.edu when } he replies to the message (note that alts is not set), the reply } is sent to "joe" (unqualified) instead of joe@pc.abc.edu. This } is because the take_me_off routine considers joe@pc.abc.edu to be } the same person as joe@abc.edu. } } The fix (I think) would be to change } } if (!lcase_strncmp(tmp, addr, strlen(tmp))) { } to } if (!lcase_strncmp(tmp, addr, strlen(addr))) { Nope, can't do that, because then "sys1!sys2!joe" != "sys2!joe". The fix is to test that addr[strlen(tmp)] is either '\0' or '!', that is, that the lcase_strncmp examined a full host/domain and not just part of one. Look for this in Patch #4. } The second bug is that the headers routine (compose_hdr) seems to } consider only login (mailbox) name when deciding whether it should show the } the TO: type header (the recipients) or the normal header (the sender). } This one is a bit hard to believe so maybe I'm off base. Yes, this is a known shortcoming. Because compose_hdr() is heavily used, the very simple test you described was employed in the name of efficiency. You are about the third person to complain about this, so it appears that something should be done, but short of omitting the test entirely I'm not sure what. -- Bart Schaefer "And if you believe that, you'll believe anything." -- DangerMouse CSNET / Internet schaefer@cse.ogc.edu UUCP ...{sequent,tektronix,verdix}!ogccse!schaefer
naftoli@aecom.yu.edu (Robert N. Berlinger) (05/30/89)
In article <2952@ogccse.ogc.edu>, schaefer@ogccse.ogc.edu (Barton E. Schaefer) writes: > In article <2270@aecom.yu.edu> naftoli@aecom.yu.edu (Robert N. Berlinger) > writes: > } The second bug is that the headers routine (compose_hdr) seems to > } consider only login (mailbox) name when deciding whether it should show the > } the TO: type header (the recipients) or the normal header (the sender). > > Yes, this is a known shortcoming. Because compose_hdr() is heavily used, > the very simple test you described was employed in the name of efficiency. Well I can understand that you want MUSH to be efficient, so maybe the additional code that is needed could be conditionally compiled, or yet another runtime option. I don't know exactly what's needed to get this to work, but I would think it wouldn't slow things down all that much anyway. If I find some time, perhaps I'll try doing it myself. -- Robert N. Berlinger |Domain: naftoli@aecom.yu.edu Supervisor of Systems Support |UUCP: {uunet}!aecom!naftoli Scientific Computing Center |CompuServe: 73047,741 GEnie: R.Berlinger Albert Einstein College of Medicine |Pan: berlinger AppleLink: U0995