[issue1053] bogus attributes reported in asyncore doc

2007-08-28 Thread billiejoex 

New submission from billiejoex:

http://docs.python.org/lib/module-asyncore.html

asyncore documentation erroneously report "ac_in_buffer_size" and
"ac_out_buffer_size" attributes which does not exist in
asyncore.dispatcher class. They're used in asynchat.async_chat class,
instead.
Moreover, asynchat documentation does not mention them.

--
components: Documentation
messages: 55396
nosy: billiejoex, josiahcarlson
severity: normal
status: open
title: bogus attributes reported in asyncore doc
versions: Python 2.5

__
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/issue1053>
__
___
Python-bugs-list mailing list 
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1745035] DoS smtpd vulnerability

2007-10-21 Thread billiejoex 

billiejoex added the comment:

> What does this do when a line longer than 4096 bytes 
> is found?  Does it report an error to the SMTP client?  
> That's my only concern.

Sorry for replying so late. 
No, it does not report the error and this is bad.
I've searched through RFCs and I found that RFC 821 and RFC 2821 at
chapter 4.2.2 say that a 500 "Syntax error, command unrecognized"
response could be used to report errors such as command lines too long.

Modified smtpd.py in attachment. It should be definitively fine for
inclusion now.

--
severity: normal -> urgent
type:  -> security
Added file: http://bugs.python.org/file8586/smtpd.py

_
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/issue1745035>
_#! /usr/bin/env python
"""An RFC 2821 smtp proxy.

Usage: %(program)s [options] [localhost:localport [remotehost:remoteport]]

Options:

--nosetuid
-n
This program generally tries to setuid `nobody', unless this flag is
set.  The setuid call will fail if this program is not run as root (in
which case, use this flag).

--version
-V
Print the version number and exit.

--class classname
-c classname
Use `classname' as the concrete SMTP proxy class.  Uses `PureProxy' by
default.

--debug
-d
Turn on debugging prints.

--help
-h
Print this message and exit.

Version: %(__version__)s

If localhost is not given then `localhost' is used, and if localport is not
given then 8025 is used.  If remotehost is not given then `localhost' is used,
and if remoteport is not given, then 25 is used.
"""


# Overview:
#
# This file implements the minimal SMTP protocol as defined in RFC 821.  It
# has a hierarchy of classes which implement the backend functionality for the
# smtpd.  A number of classes are provided:
#
#   SMTPServer - the base class for the backend.  Raises NotImplementedError
#   if you try to use it.
#
#   DebuggingServer - simply prints each message it receives on stdout.
#
#   PureProxy - Proxies all messages to a real smtpd which does final
#   delivery.  One known problem with this class is that it doesn't handle
#   SMTP errors from the backend server at all.  This should be fixed
#   (contributions are welcome!).
#
#   MailmanProxy - An experimental hack to work with GNU Mailman
#   .  Using this server as your real incoming smtpd, your
#   mailhost will automatically recognize and accept mail destined to Mailman
#   lists when those lists are created.  Every message not destined for a list
#   gets forwarded to a real backend smtpd, as with PureProxy.  Again, errors
#   are not handled correctly yet.
#
# Please note that this script requires Python 2.0
#
# Author: Barry Warsaw <[EMAIL PROTECTED]>
#
# TODO:
#
# - support mailbox delivery
# - alias files
# - ESMTP
# - handle error codes from the backend smtpd

import sys
import os
import errno
import getopt
import time
import socket
import asyncore
import asynchat

__all__ = ["SMTPServer","DebuggingServer","PureProxy","MailmanProxy"]

program = sys.argv[0]
__version__ = 'Python SMTP proxy version 0.2'


class Devnull:
def write(self, msg): pass
def flush(self): pass


DEBUGSTREAM = Devnull()
NEWLINE = '\n'
EMPTYSTRING = ''
COMMASPACE = ', '



def usage(code, msg=''):
print >> sys.stderr, __doc__ % globals()
if msg:
print >> sys.stderr, msg
sys.exit(code)



class SMTPChannel(asynchat.async_chat):
COMMAND = 0
DATA = 1

def __init__(self, server, conn, addr):
asynchat.async_chat.__init__(self, conn)
self.__server = server
self.__conn = conn
self.__addr = addr
self.__line = []
self.__in_buffer_len = 0
self.__state = self.COMMAND
self.__greeting = 0
self.__mailfrom = None
self.__rcpttos = []
self.__data = ''
self.__fqdn = socket.getfqdn()
self.__peer = conn.getpeername()
print >> DEBUGSTREAM, 'Peer:', repr(self.__peer)
self.push('220 %s %s' % (self.__fqdn, __version__))
self.set_terminator('\r\n')

# Overrides base class for convenience
def push(self, msg):
asynchat.async_chat.push(self, msg + '\r\n')

# Implementation of base class abstract method
def collect_incoming_data(self, data):
self.__line.append(data)
self.__in_buffer_len += len(data)
if self.__in_buffer_len > 998:
self.push('500 Line too long')
self.__line = []
self.__in_buffer_len = 0

# Implementation of base class abstract method
def found_t

[issue1745035] DoS smtpd vulnerability

2007-10-21 Thread billiejoex 

Changes by billiejoex:


Added file: http://bugs.python.org/file8587/smtpd.diff

_
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/issue1745035>
_
___
Python-bugs-list mailing list 
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1345] Fix for test_netrc on Windows

2007-10-30 Thread billiejoex 

Changes by billiejoex:


__
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/issue1345>
__
___
Python-bugs-list mailing list 
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1364] os.lstat documentation error

2007-10-30 Thread billiejoex 

New submission from billiejoex:

os module documentation says about lstat():

> lstat( path) 
> 
> Like stat(), but do not follow symbolic links. 
> Availability: Macintosh, Unix. 

This is not true since os.lstat() is also available under Windows
(tested under Win XP sp, Python 2.5).

Moreover, wouldn't it be better having os.lstat() available on all
platforms and turn it into an alias of os.stat on those platforms which
do not support symbolic links?

--
components: Documentation
messages: 56982
nosy: billiejoex
severity: normal
status: open
title: os.lstat documentation error
versions: Python 2.5

__
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/issue1364>
__
___
Python-bugs-list mailing list 
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1364] os.lstat documentation error

2007-11-01 Thread billiejoex 

billiejoex added the comment:

What about other platforms?
I think it should be an alias for all platforms which does not support
symbolic links, not only Windows.

__
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/issue1364>
__
___
Python-bugs-list mailing list 
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1364] os.lstat documentation error

2007-11-01 Thread billiejoex 

billiejoex added the comment:

Thanks.

__
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/issue1364>
__
___
Python-bugs-list mailing list 
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1376] uu module catches a wrong exception type

2007-11-02 Thread billiejoex 

New submission from billiejoex:

uu module on line 53 erroneously tries to catch an AttributeError
exception type.

try:
mode = os.stat(in_file).st_mode
except AttributeError:
pass

This is not correct since os.stat(), as far as I know, should raise
OSError exceptions only.
This would turn in an error in case we pass a "broken" symlink as
in_file argument.

--
components: Library (Lib)
messages: 57077
nosy: billiejoex
severity: normal
status: open
title: uu module catches a wrong exception type
type: behavior
versions: Python 2.5

__
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/issue1376>
__
___
Python-bugs-list mailing list 
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1736190] asyncore/asynchat patches

2007-11-15 Thread billiejoex 

billiejoex added the comment:

The current implementation of asynchat.async_chat.initiate_send method
doesn't look at what is specified in ac_out_buffer_size attribute which
represents the buffer size of the outgoing data defaulting to a maximum
of 4096 bytes to send in a single socket.send() call.

Note that this only happens when sending the data by using a producer
through the use of the push_with_producer method.
This happens because while the older asynchat version used slicing for
buffering:

> num_sent = self.send(self.ac_out_buffer[:obs]) # obs == ac_out_buffer_size

...the newer version just calls self.send using the entire data as
argument without caring of what ac_out_buffer_size thinks about it:

> num_sent = self.send(first)

What is specified in ac_out_buffer_size when using a producer is just
ignored and the only way to have control over the outgoing data buffer
is to operate directly on the producer.

_
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/issue1736190>
_
___
Python-bugs-list mailing list 
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1519] async_chat.__init__() parameters

2007-11-30 Thread billiejoex 

billiejoex added the comment:

+1.
Another inconsistency are the argument names used in __init__ methods,
one called "sock" and the other called "conn":

asyncore:
def __init__(self, sock=None, map=None):

asynchat:
def __init__ (self, conn=None):

--
nosy: +billiejoex

__
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/issue1519>
__
___
Python-bugs-list mailing list 
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1541] Bad OOB data management when using asyncore with select.poll()

2007-12-02 Thread billiejoex 

New submission from billiejoex:

asyncore's module readwrite() function, used when invoking
asyncore.loop(use_poll=1), erroneously calls handle_read_event() when
receiving OOB (Out Of Band) data. handle_expt_event() should be called
instead.
The patch in attachment does that.


In addition I strongly think that POLLERR, POLLHUP and POLLNVAL events
handling is incorrect too.
As far as I read from here:
http://www.squarebox.co.uk/cgi-squarebox/manServer/usr/share/man/man0p/poll.h.0p
...they refers to the following events:

POLLERR An error has occurred (revents only).
POLLHUP Device has been disconnected ( revents only).
POLLNVALInvalid fd member (revents only).

They are actually associated to handle_expt_event() and this is
incorrect since it should be called only when receiving OOB data.

if flags & (select.POLLERR | select.POLLHUP | select.POLLNVAL):
obj.handle_expt_event()

I'm not sure what should be called instead, if handle_read_event or
handle_read or handle_error.

I tried to take a look at how Twisted manages the thing but it seems
that OOB is not even supported.
Maybe someone with more experience in using select.poll could clarify that.

--
components: Library (Lib)
files: asyncore.diff
messages: 58093
nosy: billiejoex
severity: normal
status: open
title: Bad OOB data management when using asyncore with select.poll()
type: behavior
versions: Python 2.5
Added file: http://bugs.python.org/file8854/asyncore.diff

__
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/issue1541>
__

asyncore.diff
Description: Binary data
___
Python-bugs-list mailing list 
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com