January 29, 2005

Allow comments/allow pings in mt.el

I noticed all my posts made from Emacs weren’t getting “allow comments” and “allow pings” set in WordPress. So I added a little bit to my mt.el to add customization variables for these. They default to “on.” I’m not sure if sending these parameters will break web logs that don’t understand these (apparently MT-created) extensions to the MetaWeblog API.

python-managesieve for Python 2.3, Cyrus, and timsieved

In the process of migrating a mail server, I needed to turn a bunch of .qmail scripts into some Sieve scripts. The system being migrated from was Qmail and vpopmail, using qmailadmin to allow users to set up vacation messages and mail forwarding. On the new server, I’m using Cyrus, and users set up forwarding and vacation messages from SquirrelMail using avelsieve.

I wrote a Python script to do the PHP serialization and Base64+URL encoding avelsieve does (it doesn’t parse Sieve, instead it includes a serialized PHP array in comments that explains the rule). So I could generate scripts, but I needed a way to get them into Cyrus. I found python-managesieve. Unfortunately, I ran into three problems with it:

  • With Python 2.3’s imaplib module in that python-managesieve accessed some internal members (_log, _mesg) that were moved from module level into class level.
  • My installation of Cyrus/timsieved only supports PLAIN authentication, but python-managesieve only supports LOGIN.
  • When timsieved advertises STARTTLS, python-managesieve seems to choke.

So I fixed up these problems and rolled the fixes into an RPM based on the RPM generated by distutils. I tested this on FC3, Python 2.3.4.

darkness’ patched python-managesieve

January 24, 2005

SquirrelMail, bad HTML, and slight weirdness

I had a client mail me with a problem with their SquirrelMail installation. For the record, I think their SquirrelMail has some “view as HTML” plug-in installed, and HTML messages seem to get viewed as HTML by default; but I’ve never really confirmed that.

Anyway, the problem was in one particular message. Whenever the user clicked anything after reading the message, they were told they needed to be logged in. They’d have to go back to the login page and login again to continue using SquirrelMail. I tried to duplicate this on Mozilla, but failed. Turned out you had to use IE (IE 6 on W2K here, specifically) to recreate this. I did a few tcpdumps, and found out that somehow the key cookie was getting lost. Presumably this is necessary for SquirrelMail to consider you still in your logged-in session. A little more inspection of the tcpdump output and I saw it was requesting /squirrelmail/src/login.php, which was clearing out the cookies apparently. Further, it was redirected there because of an earlier request for /squirrelmail/src/.

I’ll go ahead and say that the message in question had a lot of broken images in it, and it generally looked like shit. It kept requesting things like /squirrelmail/src/Documents/foo.jpg for images embedded in the HTML. It turns out a few of the <img> tags had src="" in them. In IE, this requests /squirrelmail/src/ as the base URL at that time is /squirrelmail/src/some-php-file.php?.... In Mozilla, I’m guessing this requests (a) nothing, or (b) something that doesn’t end up redirecting back to login.php. As near as I can tell, src="" is legal, and should be resolved as IE was doing it. This from a reading of the HTML 4.01 DTD and RFC1808 section 4. So I’m not sure IE is really to blame here. I never took the time to find out what Mozilla was doing. (I’ll note that Mozilla 1.8 in Linux and Firefox 1.0 in W2K both failed to exhibit this SquirrelMail problem.)

January 23, 2005

SquirrelMail, PostgreSQL, and password changing

I’m working on a mail server I set up with the previously mentioned combination of Cyrus IMAP, Cyrus SASL, Postfix, Apache, SquirrelMail, Web-cyradm, and… you know, all that stuff. The client needs to give users a way to change their passwords (duh). The SquirrelMail site has some change password plug-ins but none that really fit my situation. The closest to it was the module that lets you talk to a poppassd running locally. The poppassd source I looked at… did not strike me as a daemon I wanted running as root.

There is change_mysqlpass which would have been doable, probably – if only it had worked with PostgreSQL. It seems the author actually used the MySQL API to make it. So I took that plug-in and made change_peardbpass. As the name might suggest, this works with PEAR DB, a generic DB interface in PHP. I used this to specify my PostgreSQL data source, and modified it a bit on top of that to generate MD5 hashed passwords through crypt(). I didn’t really test this much! I have no idea if it’s working, let alone secure. It worked to change my password. I’m almost positive I broke internationalization in it, because I added a string or two that I didn’t put the little _() jazz around. For all I know this will go onto IRC and invite hackers into your box, or alternatively just erase your database! You’re hereby warned. Check out README.PEARDB for a little info on what I did and what’s different about setup from change_mysqlpass.

If I’m stepping on anyone’s toes by releasing this, please let me know.

January 22, 2005

Old web log redirected

OK, so my old web log at http://www.codefu.org/weblogs/darkness/ now points here. RSS feeds redirected appropriately, and I made a little PHP script that redirects archive posts from my old web log to the same entry in my new web log. Please let me know if you find some problem you think I can fix.