From luis.lopez at branelabs.com  Thu Nov 12 12:49:42 2009
From: luis.lopez at branelabs.com (Luis Lopez)
Date: Thu, 12 Nov 2009 18:49:42 +0100
Subject: [Tmail-talk] Addresses name ended with a dot don't work
Message-ID: <685632a80911120949x2ea50408g681ea798fbaff6a1@mail.gmail.com>

Hi all,

I have the same problem posted some time ago in this list (
http://rubyforge.org/pipermail/tmail-talk/2008-November/000127.html):
addresses ended with a dot are not parsed correctly. In that thread it was
acknowledged that it was a known bug and it was going to be fixed. Any new
about that?

I have downloaded the last version from svn to check it and the problem
remains (last from return nil):

/tmp/$ svn checkout http://tmail.rubyforge.org/svn/trunk/ tmail
/tmp$ irb -I tmail/lib/
irb(main):001:0> require 'tmail'
=> true
irb(main):013:0>
irb(main):014:0* test2 = TMail::Mail.parse <<MAIL
irb(main):015:0" From: test no error <test at test.test>
irb(main):016:0" To: test ok <test at test.test>
irb(main):017:0" Subject: Subject
irb(main):018:0"
irb(main):019:0" Hi all
irb(main):020:0"
irb(main):021:0" MAIL
=> #<TMail::Mail port=#<TMail::StringPort:id=0x..fdbcd5860> bodyport=nil>
irb(main):022:0>
irb(main):023:0* p test2.to
["test at test.test"]
=> nil
irb(main):024:0> p test2.from
["test at test.test"]
=> nil
irb(main):002:0> test1 = TMail::Mail.parse <<MAIL
irb(main):003:0" From: test error. <test at test.test>
irb(main):004:0" To: test ok <test at test.test>
irb(main):005:0" Subject: Subject
irb(main):006:0"
irb(main):007:0" Hi all
irb(main):008:0"
irb(main):009:0" MAIL
=> #<TMail::Mail port=#<TMail::StringPort:id=0x..fdbcdb954> bodyport=nil>
irb(main):010:0>
irb(main):011:0* p test1.to
["test at test.test"]
=> nil
irb(main):012:0> p test1.from
nil
=> nil


Cheers,
Luis
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rubyforge.org/pipermail/tmail-talk/attachments/20091112/b21a3627/attachment.html>

From samhall at riseup.net  Wed Nov 25 05:41:43 2009
From: samhall at riseup.net (Sam Hall)
Date: Wed, 25 Nov 2009 11:41:43 +0100
Subject: [Tmail-talk] additional newlines by decoded() invalidate
	pgp-signatures
Message-ID: <20091125104143.GA20617@viraljIpperying6>

Hi,

I'm having a problem with TMail breaking PGP-signatures. If this has
been discussed or solved elsewhere please redirect me, I didn't find
any hint on my own.

For the validity of pgp/mime-signatures it's crucial that the whole message is
never changed, including mime-headers, white-space, etc. (see RFC 3156[1]).
TMail#decoded() breaks this by adding newlines to the end of (some?)
mime-parts. 

This:

  --some_boundary
  Content-Type: text/plain; charset=UTF-8
  Content-Disposition: inline
  
  foo
  
  --some_boundary
  Content-Type: application/pgp-signature
  
  -----BEGIN PGP SIGNATURE-----
  Version: GnuPG v1.4.6 (GNU/Linux)


is changed to this:

  
  --some_other_boundary
  Content-Type: text/plain; charset=UTF-8
  Content-Disposition: inline
  
  foo
  

  --some_other_boundary
  Content-Type: application/pgp-signature
  
  -----BEGIN PGP SIGNATURE-----
  Version: GnuPG v1.4.6 (GNU/Linux)



The changing of boundaries is also a problem when verifying signed
multipart-mime-parts. I solved that one partly by pre-parsing the message if
its header is multipart/signed and verifying the signature "manually" with the
help of regexes.

I don't want to recurse into nested multipart-messages, though. So I already
gave up on nested multipart-messages that have a signed multipart-part
somewhere inside.

But I'd still like to preserve the validity of signatures over nested
non-multipart-parts, so that the recipients at least can verify those
signatures individually. This is where I'm stuck with the additional newlines
decoded() adds.

I experimented with decoded() but could only suppress any newline in general,
which invalidates the whole message-structure.


Has anybody got a hint for me on how to solve this?

And/or: I didn't try "Mail" concerning this problem, yet -- is there any
experience with it, already? A switch would be an option only long-term,
but it would be some (head?)light at the end of the tunnel.


Thank you for your time,
best wishes,

  /Sam


[1] http://www.ietf.org/rfc/rfc3156.txt

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://rubyforge.org/pipermail/tmail-talk/attachments/20091125/08b9ed60/attachment.bin>

From raasdnil at gmail.com  Wed Nov 25 19:55:58 2009
From: raasdnil at gmail.com (Mikel Lindsaar)
Date: Thu, 26 Nov 2009 11:55:58 +1100
Subject: [Tmail-talk] additional newlines by decoded() invalidate
	pgp-signatures
In-Reply-To: <20091125104143.GA20617@viraljIpperying6>
References: <20091125104143.GA20617@viraljIpperying6>
Message-ID: <57a815bf0911251655y756adb4fkf85f8cb789aab4a3@mail.gmail.com>

Hi there.

I am not sure I will be able to fix this.  I am the maintainer of Tmail, but
got so fed up with trying to fix it, that I re-wrote the entire mail library
into a new Mail gem.

Could you try mail and let me know if it is still a problem?

http://www.github.com/mikel/mail

sudo gem install mail

ARC

Mikel

On Wed, Nov 25, 2009 at 9:41 PM, Sam Hall <samhall at riseup.net> wrote:

> Hi,
>
> I'm having a problem with TMail breaking PGP-signatures. If this has
> been discussed or solved elsewhere please redirect me, I didn't find
> any hint on my own.
>
> For the validity of pgp/mime-signatures it's crucial that the whole message
> is
> never changed, including mime-headers, white-space, etc. (see RFC 3156[1]).
> TMail#decoded() breaks this by adding newlines to the end of (some?)
> mime-parts.
>
> This:
>
>  --some_boundary
>  Content-Type: text/plain; charset=UTF-8
>  Content-Disposition: inline
>
>  foo
>
>  --some_boundary
>  Content-Type: application/pgp-signature
>
>  -----BEGIN PGP SIGNATURE-----
>  Version: GnuPG v1.4.6 (GNU/Linux)
>
>
> is changed to this:
>
>
>  --some_other_boundary
>  Content-Type: text/plain; charset=UTF-8
>  Content-Disposition: inline
>
>  foo
>
>
>  --some_other_boundary
>  Content-Type: application/pgp-signature
>
>  -----BEGIN PGP SIGNATURE-----
>  Version: GnuPG v1.4.6 (GNU/Linux)
>
>
>
> The changing of boundaries is also a problem when verifying signed
> multipart-mime-parts. I solved that one partly by pre-parsing the message
> if
> its header is multipart/signed and verifying the signature "manually" with
> the
> help of regexes.
>
> I don't want to recurse into nested multipart-messages, though. So I
> already
> gave up on nested multipart-messages that have a signed multipart-part
> somewhere inside.
>
> But I'd still like to preserve the validity of signatures over nested
> non-multipart-parts, so that the recipients at least can verify those
> signatures individually. This is where I'm stuck with the additional
> newlines
> decoded() adds.
>
> I experimented with decoded() but could only suppress any newline in
> general,
> which invalidates the whole message-structure.
>
>
> Has anybody got a hint for me on how to solve this?
>
> And/or: I didn't try "Mail" concerning this problem, yet -- is there any
> experience with it, already? A switch would be an option only long-term,
> but it would be some (head?)light at the end of the tunnel.
>
>
> Thank you for your time,
> best wishes,
>
>  /Sam
>
>
> [1] http://www.ietf.org/rfc/rfc3156.txt
>
>
> _______________________________________________
> Tmail-talk mailing list
> Tmail-talk at rubyforge.org
> http://rubyforge.org/mailman/listinfo/tmail-talk
>
>


-- 
http://lindsaar.net/
Rails, RSpec and Life blog....
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rubyforge.org/pipermail/tmail-talk/attachments/20091126/f8ff412d/attachment.html>

From samhall at riseup.net  Thu Nov 26 12:51:17 2009
From: samhall at riseup.net (Sam Hall)
Date: Thu, 26 Nov 2009 18:51:17 +0100
Subject: [Tmail-talk] additional newlines by decoded() invalidate
 pgp-signatures
In-Reply-To: <57a815bf0911251655y756adb4fkf85f8cb789aab4a3@mail.gmail.com>
References: <20091125104143.GA20617@viraljIpperying6>
	<57a815bf0911251655y756adb4fkf85f8cb789aab4a3@mail.gmail.com>
Message-ID: <20091126175117.GC16612@yeHedAydbebKalj5>

Hi,

On Thu, Nov 26, 2009 at 11:55 (+1100), Mikel Lindsaar wrote:
> Could you try mail and let me know if it is still a problem?

The additional newline does not occur in a quick&dirty test. Also, the
mime-boundaries are not changed, which is very nice. But on the other hand the
mime-headers are changed even more, from this:

  --mimepart_4b097457413cd_6bd..fdbe843aa151
  Content-Type: text/plain; charset=UTF-8
  Content-Disposition: inline



to this:

  --mimepart_4b097457413cd_6bd..fdbe843aa151
  Date: Thu, 26 Nov 2009 17:00:31 +0100
  Mime-Version: 1.0
  Content-Type: text/plain;
          charset="UTF-8";
  Content-Transfer-Encoding: 8bit
  Content-Disposition: inline
  Content-ID: <4b0ea61f51f2_1b782459d7263745b at some.thing>


With TMail simple headers usually pass (or are re-written identically) which
gave a chance to have the signature stay valid. This chance seems to be lost
with Mail.

What we would need is a "don't change anything unless we explicitly tell you
so"-behaviour.

Do you see any chance to realize/implement this?

I'm not new to ruby, so maybe I could do a part of the work, if you could give
me a hint on where to look and what to take into account.


I think it would be great to push this. Signing and encrypting is becoming more
and more important nowadays and Mail being compatible to signing and maybe even
actively enabling it would be fantastic!


Thank you for your time and work!

  /Sam