Mailing List Archive

https://bugs.exim.org/show_bug.cgi?id=2687

earl_chew@yahoo.com changed:

What |Removed |Added
----------------------------------------------------------------------------
Attachment #1356|0 |1
is obsolete| |

--- Comment #2 from earl_chew@yahoo.com ---
Created attachment 1357
--> https://bugs.exim.org/attachment.cgi?id=1357&action=edit
Test program illustrating defect, and a revised proposed solution

After additional testing, I modified the rules to add another to support a
transform from ^^^~ -> ^.

This is useful so that the credentials can be written unambiguously by using
^^^@ as a separator that will be replaced by a single nul, and spelling each
circumflex as ^^^~.


1. Two consecutive circumflexes followed by ^@ are replaced by a
single nul. (^^^@ -> \0)
2. Two consecutive circumflexes followed by ^~ are replaced by a
single circumflex. (^^^~ -> ^)
3. Two consecutive circumflexes followed by ^^ are replaced by a
pair of circumflexes. (^^^^ -> ^^)
4. Three consecutive circumflexes followed by x, where is
neither @ nor ^, are replaced by a single circumflex, a single nul,
and x. (^^^x -> ^\0x)
5. Two consecutive circumflexes are replaced by a single
circumflex. (^^ -> ^)
6. A single circumflex is replaced by a single nul. (^ -> \0) */



-----
# In this proof of concept, nuls are shown as dots for legibility:


^^^@one^^^@two
Current ^^@one^^@two
Proposed .one.two

^^^@^^^~one^^^~^^^@^^^~two^^^~
Current ^^@^^~one^^~^^@^^~two^^~
Proposed .^one^.^two^

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

https://bugs.exim.org/show_bug.cgi?id=2687

--- Comment #3 from earl_chew@yahoo.com ---
> Instead, I propose to take option 1 above, and document the "leading ^" problem.

I agree that this improves the situation. Given how long the defect has been in
place, it seems that passwords and usernames that start or end with a
circumflex are at most very rare.

I do think the proposed use of ^^^@ and ^^^~ as replacement means to specify
the separator and quote a circumflex, respectively, could work, but agree the
syntax is rather unwieldy.

Hmm ... on reflection, probably the only way to address the issue completely is
to introduce AUTH PLAIN2 (or similar).

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

https://bugs.exim.org/show_bug.cgi?id=2687

Git Commit <git@exim.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |git@exim.org

--- Comment #4 from Git Commit <git@exim.org> ---
Git commit:
https://git.exim.org/exim.git/commitdiff/ca22cc0abe93c28f3d296d99c239413bb0d079c4

commit ca22cc0abe93c28f3d296d99c239413bb0d079c4
Author: Jeremy Harris <jgh146exb@wizmail.org>
AuthorDate: Tue Jan 12 15:36:09 2021 +0000
Commit: Jeremy Harris <jgh146exb@wizmail.org>
CommitDate: Tue Jan 12 15:36:09 2021 +0000

auths: in plaintext authenticator, fix parsing of consecutive circuflex.
bug 2687
----
doc/doc-docbook/spec.xfpt | 9 ++++++++-
doc/doc-txt/ChangeLog | 7 +++++++
src/src/auths/get_data.c | 10 ++++++++--
3 files changed, 23 insertions(+), 3 deletions(-)

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

https://bugs.exim.org/show_bug.cgi?id=2687

--- Comment #5 from earl_chew@yahoo.com ---
> +Note that due to the ambiguity of parsing three consectutive circumflex characters
> +there is no way to provide a password having a leading circumflex.

For completeness:

https://tools.ietf.org/html/rfc4616

The issue exists for both words starting with circumflex, and words ending with
circumflex. This affects authorization identity (authzid), authentication
identity (authcid), and password (passwd).

> message = [authzid] UTF8NUL authcid UTF8NUL passwd

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

https://bugs.exim.org/show_bug.cgi?id=2687

--- Comment #6 from Jeremy Harris <jgh146exb@wizmail.org> ---
A word with a doubled circumflex, even at the end of a word, should be parsed
as having a single one (even at the end of a word). Whatever any
subsequent characters are. Following the commit applied (comment 4) are
you seeing different?

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

https://bugs.exim.org/show_bug.cgi?id=2687

--- Comment #7 from earl_chew@yahoo.com ---
(In reply to Jeremy Harris from comment #6)
> Following the commit applied (comment 4) are you seeing different?

Of course you are right. I was confusing the fixed state with the previous
broken state.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##