homepage

Python 2.3.3 [GCC 3.2.2] on linux2
email version 2.5.5
Complex SMIME signed messages parsed and flattened
again do not pass SMIME verification. I have noticed
this with messages that have as message/rfc822
attachment another SMIME signed message.
A diff between an "original" SMIME signed messaged
passign openssl smime -verify verification and the same
message parsed (message_from_file) and flattened
(as_string(False)) by the email library:
diff -bB bugmsg_signed.eml bugmsg_signed_parsed.eml
2c2,3
< Content-Type: multipart/signed;
protocol="application/x-pkcs7-signature"; micalg=sha1;
boundary="----381546B4549948B9F93D885A82884C49"
---
> Content-Type: multipart/signed;
protocol="application/x-pkcs7-signature";
> micalg=sha1;
boundary="----381546B4549948B9F93D885A82884C49"
The email-parsed message splits the signature header
into two lines, thus rendering the message non-valid.
Attached to this bug a .zip archive with:
- msg #1: the non-signed message (with a signed message
as attachment)
- msg #2: message #1 signed by openssl
- msg #3: message #2 parsed and flattened as described
above
- the CA certificate file used for smime verification
openssl command used to verify #2 and #3:
openssl smime -verify -in bugmsg_signed.eml -CAfile
cacert.pem
openssl smime -verify -in bugmsg_signed_parsed.eml
-CAfile cacert.pem

Logged In: YES 
user_id=42389
I would like to add that I think this bug is quite
important, as mailman uses python. This means that many
mailing lists invalidate signatures when signed e-mails with
attachments are sent through them. As attachments are often
code patches, it is quite important that the signatures are
working correctly.

Logged In: YES 
user_id=42389
In case it is any help, I tried to find the problem in the
source. I don't speak python, so I can't fix anything, but
I do speak C, so it's quite readable. :-)
It seems to me that the problem is in Lib/email/Message.py,
in particular in _parseparam and _get_params_preserve. Both
these functions call strip() on the object several times
(which seems a bit overdone anyway ;-) ), which I presume
removes all whitespace around them.
I think the whitespace should somehow be saved (not
stripping will probably break many programs, so that's not a
good idea), so it can be used again when the header is
written. set_param should of course also fill this value,
so new params get a defined separation (although the empty
string is quite acceptable).
How this should be implemented I gladly leave to someone who
actually speaks Python. :-)

Logged In: YES 
user_id=12193
Adding my voice that the bug is important. 
This is now the chief culprit in breaking signed messages in my usage of 
signed email on the net; that "signtures are so often broken" is one 
argument people often use against using signed email. 
 

At least for the header wrapping issue, adding a new handler to the default Generator implementation should provide an easy solution. I just created patch 968430 http://tinyurl.com/2chhz6 for this.
From mailman bug report 815297 http://tinyurl.com/2a8dta I understand that there is a fix in mailman for this issue as well, but I believe this patch would be a fix any python program would want, not just mailman.
There remains an issue about leading space in headers, mentioned in that mailman problem report as well. The cause is an lstrip call in FeedParser. However removing that would probably break a lot of existing programs. And modifying all methods accessing the headers to remove or add leading space would be somewhat ugly. Right now I'm trying to figure out how to save the unmodified body for every multipart/signed message, so that it can be stored with the message and used without any modifications during generation.

Patch at #1670765.

I think if we can fix issue 1590744, this will be completely fixed.

This issue is not newcomer friendly, I remove the easy keyword.