* rfc2104 change on 2008-02-01
@ 2008-04-25 10:42 Simon Josefsson
2008-04-25 11:37 ` Reiner Steib
2008-04-25 14:28 ` Stefan Monnier
0 siblings, 2 replies; 6+ messages in thread
From: Simon Josefsson @ 2008-04-25 10:42 UTC (permalink / raw)
To: emacs-devel, ding, Kenichi Handa
Hi.
I have tracked down a problem sending authenticated e-mail that resulted
in randomly failed CRAM-MD5 authentication (it sometimes work, usually
after 2-3 retries). The cause is:
2008-02-01 Kenichi Handa <handa@m17n.org>
* rfc2104.el (rfc2104-hexstring-to-byte-list): Renamed from
rfc2104-hexstring-to-bitstring and changed to return a byte list.
(rfc2104-hash): Convert the result of concat to unibyte string.
The significant patch is:
- (funcall hash (concat k_opad (rfc2104-hexstring-to-bitstring
- ;; perform inner hash
- (funcall hash (concat k_ipad text)))))))
+ (funcall hash
+ (encode-coding-string
+ (concat k_opad (rfc2104-hexstring-to-byte-list
+ ;; perform inner hash
+ (funcall hash (concat k_ipad text))))
+ 'iso-latin-1))))
The data to be hashed contains binary data, printed it just looks like
garbage. Presumably, the reason the operation fails is because it can't
be encoded into latin-1 which as far as I recall have some reserved
parts. This would be consistent with only happening sometimes, since it
may happen that a string doesn't contain any reserved characters.
I have experimented with fixes, and changed the 'iso-latin-1 to 'binary
and that appears to work.
There is nothing iso-latin-1 specific about CRAM-MD5 so if that is the
right thing, I think there should be a comment to explain why.
Handa, could you explain the motivation for this change?
To resolve it, we can chose:
1) Revert the patch.
2) Change 'iso-latin-1 to 'binary.
There may be other options too.
I propose to change it to 'binary if I don't hear anything.
If there were mailing list discussions about this, I'd appreciate a
pointer to that. I don't think I was cc'ed, and I couldn't find any
discussion now that I search for it.
Thoughts?
Thanks,
Simon
^ permalink raw reply [flat|nested] 6+ messages in thread* Re: rfc2104 change on 2008-02-01
2008-04-25 10:42 rfc2104 change on 2008-02-01 Simon Josefsson
@ 2008-04-25 11:37 ` Reiner Steib
2008-04-25 13:40 ` Simon Josefsson
2008-04-25 14:28 ` Stefan Monnier
1 sibling, 1 reply; 6+ messages in thread
From: Reiner Steib @ 2008-04-25 11:37 UTC (permalink / raw)
To: Simon Josefsson; +Cc: Kenichi Handa, ding, emacs-devel
On Fri, Apr 25 2008, Simon Josefsson wrote:
> If there were mailing list discussions about this, I'd appreciate a
> pointer to that.
This change was mentioned (but not really discussed) in the thread
"Emacs unicode merge changes to Gnus", ...
,----[ http://thread.gmane.org/gmane.emacs.gnus.general/66251/focus=66259 ]
| > 2008-02-01 Kenichi Handa <handa@m17n.org>
| >
| > * rfc2104.el (rfc2104-hexstring-to-byte-list): Renamed from
| > rfc2104-hexstring-to-bitstring and changed to return a byte list.
| > (rfc2104-hash): Convert the result of concat to unibyte string.
|
| `rfc2104.el' is only used in mail/smtpmail.el and net/imap.el, AFAICS.
| Maybe Simon can comment on this.
`----
> I don't think I was cc'ed, and I couldn't find any discussion now
> that I search for it.
... but I failed to cc you.
Bye, Reiner.
--
,,,
(o o)
---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/
^ permalink raw reply [flat|nested] 6+ messages in thread* Re: rfc2104 change on 2008-02-01
2008-04-25 11:37 ` Reiner Steib
@ 2008-04-25 13:40 ` Simon Josefsson
2008-04-25 16:03 ` Thien-Thi Nguyen
0 siblings, 1 reply; 6+ messages in thread
From: Simon Josefsson @ 2008-04-25 13:40 UTC (permalink / raw)
To: emacs-devel; +Cc: ding, Kenichi Handa
Reiner Steib <reinersteib+gmane@imap.cc> writes:
> On Fri, Apr 25 2008, Simon Josefsson wrote:
>
>> If there were mailing list discussions about this, I'd appreciate a
>> pointer to that.
>
> This change was mentioned (but not really discussed) in the thread
> "Emacs unicode merge changes to Gnus", ...
>
> ,----[ http://thread.gmane.org/gmane.emacs.gnus.general/66251/focus=66259 ]
> | > 2008-02-01 Kenichi Handa <handa@m17n.org>
> | >
> | > * rfc2104.el (rfc2104-hexstring-to-byte-list): Renamed from
> | > rfc2104-hexstring-to-bitstring and changed to return a byte list.
> | > (rfc2104-hash): Convert the result of concat to unibyte string.
> |
> | `rfc2104.el' is only used in mail/smtpmail.el and net/imap.el, AFAICS.
> | Maybe Simon can comment on this.
> `----
Thanks for the pointer!
I just tried my proposed change with Emacs 23, and it didn't work.
Neither did the old code. So I think someone who understands how to
deal with binary data in emacs 23 needs to look at this...
>> I don't think I was cc'ed, and I couldn't find any discussion now
>> that I search for it.
>
> ... but I failed to cc you.
Not your fault, I should have paid attention to the mailing list.
/Simon
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: rfc2104 change on 2008-02-01
2008-04-25 10:42 rfc2104 change on 2008-02-01 Simon Josefsson
2008-04-25 11:37 ` Reiner Steib
@ 2008-04-25 14:28 ` Stefan Monnier
2008-04-26 6:59 ` Gabor Z. Papp
1 sibling, 1 reply; 6+ messages in thread
From: Stefan Monnier @ 2008-04-25 14:28 UTC (permalink / raw)
To: emacs-devel; +Cc: ding, Kenichi Handa
> I have tracked down a problem sending authenticated e-mail that resulted
> in randomly failed CRAM-MD5 authentication (it sometimes work, usually
> after 2-3 retries). The cause is:
> 2008-02-01 Kenichi Handa <handa@m17n.org>
> * rfc2104.el (rfc2104-hexstring-to-byte-list): Renamed from
> rfc2104-hexstring-to-bitstring and changed to return a byte list.
This might be the problem: why return a byte-list rather than
a unicode string?
How 'bout the patch below?
Stefan
--- rfc2104.el.~1.14.~ 2008-04-10 21:03:54.000000000 -0400
+++ rfc2104.el 2008-04-25 10:27:16.000000000 -0400
@@ -89,12 +89,12 @@
(rfc2104-hex-to-int (reverse (append str nil))))
0))
-(defun rfc2104-hexstring-to-byte-list (str)
+(defun rfc2104-hexstring-to-bitstring (str)
(let (out)
(while (< 0 (length str))
(push (rfc2104-hex-to-int (substring str -2)) out)
(setq str (substring str 0 -2)))
- out))
+ (apply (if (fboundp 'unibyte-string) 'unibyte-string 'string) out)))
(defun rfc2104-hash (hash block-length hash-length key text)
(let* (;; if key is longer than B, reset it to HASH(key)
@@ -111,12 +111,9 @@
(setq k_ipad (mapcar (lambda (c) (logxor c rfc2104-ipad)) k_ipad))
(setq k_opad (mapcar (lambda (c) (logxor c rfc2104-opad)) k_opad))
;; perform outer hash
- (funcall hash
- (encode-coding-string
- (concat k_opad (rfc2104-hexstring-to-byte-list
+ (funcall hash (concat k_opad (rfc2104-hexstring-to-bitstring
;; perform inner hash
- (funcall hash (concat k_ipad text))))
- 'iso-latin-1))))
+ (funcall hash (concat k_ipad text)))))))
(provide 'rfc2104)
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2008-04-26 6:59 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2008-04-25 10:42 rfc2104 change on 2008-02-01 Simon Josefsson
2008-04-25 11:37 ` Reiner Steib
2008-04-25 13:40 ` Simon Josefsson
2008-04-25 16:03 ` Thien-Thi Nguyen
2008-04-25 14:28 ` Stefan Monnier
2008-04-26 6:59 ` Gabor Z. Papp
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).