You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@spamassassin.apache.org on 2021/10/25 00:31:02 UTC
[Bug 7938] New: spamd with SSL will wait for newline in body before
responding
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7938
Bug ID: 7938
Summary: spamd with SSL will wait for newline in body before
responding
Product: Spamassassin
Version: SVN Trunk (Latest Devel Version)
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: spamc/spamd
Assignee: dev@spamassassin.apache.org
Reporter: mjcaley@darkarctic.com
Target Milestone: Undefined
When spamd is running with SSL it will hang expecting a newline character at
the end of the body. If the client closes the connection, the logs says it
finishes processing the message.
I started the server with:
spamd --ssl --port 11783 --server-cert ./private_key_and_cert.pem --server-key
./private_key_and_cert.pem --timeout-tcp=30 --timeout-child=30
I was able to reproduce with the following command:
echo -n abc | spamc --ssl --port 11783
It looks like it's hanging on this line:
https://svn.apache.org/viewvc/spamassassin/trunk/spamd/spamd.raw?view=markup#l1807
@msglines = ();
$actual_length = 0;
>>>> while (defined($_ = $client->getline())) {
$actual_length += length($_);
push(@msglines, $_);
It's probably the call to getline. I'm not sure if there's a different call to
get the number of bytes, since at this point it knows the expected length from
the Content-length header.
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 7938] spamd with SSL will wait for newline in body before
responding
Posted by bu...@spamassassin.apache.org.
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7938
Bill Cole <bi...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |billcole@apache.org
--- Comment #1 from Bill Cole <bi...@apache.org> ---
I'm not convinced that this qualifies as a bug.
Actual email messages end with CRLF, as RFC5322 (like its ancestors) defines a
message body as a set of lines. What real-world circumstance would actually
result in sending spamd something without a trailing CRLF?
Also, "Content-Length" is not present in many messages, in part because it is
inherently risky to actually trust a number in a header written by a random
spammer.
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 7938] spamd with SSL will wait for newline in body before responding
Posted by bu...@spamassassin.apache.org.
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7938
Michael Caley <mj...@darkarctic.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |INVALID
CC| |mjcaley@darkarctic.com
--- Comment #2 from Michael Caley <mj...@darkarctic.com> ---
Ya, I must have misinterpreted the RFC. I thought there was an overall newline
at the end but it looks like each line in the body as a newline at the end.
I can close this, thanks!
--
You are receiving this mail because:
You are the assignee for the bug.