aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBarry Warsaw <barry@python.org>2008-11-29 18:46:03 -0500
committerBarry Warsaw <barry@python.org>2008-11-29 18:46:03 -0500
commitb7c826ff010b4350f861bd7d90a3b81c0bae626a (patch)
tree6243c934281ed1140f68e60fe7eadb00b0e96b54
parent5c21f02b0d2f4de7cf99b4b0bd8b522853156eac (diff)
parentf0d392172bb2400927948004d2dc66c264ca2aa5 (diff)
downloadmailman2-b7c826ff010b4350f861bd7d90a3b81c0bae626a.tar.gz
mailman2-b7c826ff010b4350f861bd7d90a3b81c0bae626a.tar.xz
mailman2-b7c826ff010b4350f861bd7d90a3b81c0bae626a.zip
trunk
-rw-r--r--Mailman/Handlers/AvoidDuplicates.py20
-rw-r--r--Mailman/SecurityManager.py3
-rw-r--r--NEWS8
3 files changed, 22 insertions, 9 deletions
diff --git a/Mailman/Handlers/AvoidDuplicates.py b/Mailman/Handlers/AvoidDuplicates.py
index fdcc49ca..038034c7 100644
--- a/Mailman/Handlers/AvoidDuplicates.py
+++ b/Mailman/Handlers/AvoidDuplicates.py
@@ -1,4 +1,4 @@
-# Copyright (C) 2002-2003 by the Free Software Foundation, Inc.
+# Copyright (C) 2002-2008 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -40,34 +40,38 @@ def process(mlist, msg, msgdata):
# Short circuit
if not recips:
return
+ # There is an issue with addresses in To: or Cc: that differ in
+ # case from the MemberCPAddresses in recips. We can't just
+ # lower-case everything because we still want CP addresses in
+ # the final recips list, so we lower case the keys.
# Seed this set with addresses we don't care about dup avoiding
explicit_recips = {}
listaddrs = [mlist.GetListEmail(), mlist.GetBouncesEmail(),
mlist.GetOwnerEmail(), mlist.GetRequestEmail()]
for addr in listaddrs:
- explicit_recips[addr] = True
+ explicit_recips[addr.lower()] = True
# Figure out the set of explicit recipients
ccaddrs = {}
for header in ('to', 'cc', 'resent-to', 'resent-cc'):
addrs = getaddresses(msg.get_all(header, []))
if header == 'cc':
for name, addr in addrs:
- ccaddrs[addr] = name, addr
+ ccaddrs[addr.lower()] = name, addr
for name, addr in addrs:
if not addr:
continue
# Ignore the list addresses for purposes of dup avoidance
- explicit_recips[addr] = True
+ explicit_recips[addr.lower()] = True
# Now strip out the list addresses
for addr in listaddrs:
- del explicit_recips[addr]
+ del explicit_recips[addr.lower()]
if not explicit_recips:
# No one was explicitly addressed, so we can't do any dup collapsing
return
newrecips = []
for r in recips:
# If this recipient is explicitly addressed...
- if explicit_recips.has_key(r):
+ if explicit_recips.has_key(r.lower()):
send_duplicate = True
# If the member wants to receive duplicates, or if the recipient
# is not a member at all, just flag the X-Mailman-Duplicate: yes
@@ -81,8 +85,8 @@ def process(mlist, msg, msgdata):
if send_duplicate:
msgdata.setdefault('add-dup-header', {})[r] = True
newrecips.append(r)
- elif ccaddrs.has_key(r):
- del ccaddrs[r]
+ elif ccaddrs.has_key(r.lower()):
+ del ccaddrs[r.lower()]
else:
# Otherwise, this is the first time they've been in the recips
# list. Add them to the newrecips list and flag them as having
diff --git a/Mailman/SecurityManager.py b/Mailman/SecurityManager.py
index 7d32b370..fc2ffd92 100644
--- a/Mailman/SecurityManager.py
+++ b/Mailman/SecurityManager.py
@@ -298,7 +298,8 @@ class SecurityManager:
usernames.append(k[len(prefix):])
# If any check out, we're golden. Note: `@'s are no longer legal
# values in cookie keys.
- for user in [Utils.UnobscureEmail(u) for u in usernames]:
+ for user in [Utils.UnobscureEmail(urllib.unquote(u))
+ for u in usernames]:
ok = self.__checkone(c, authcontext, user)
if ok:
return True
diff --git a/NEWS b/NEWS
index f364d41a..91418076 100644
--- a/NEWS
+++ b/NEWS
@@ -27,6 +27,14 @@ Here is a history of user visible changes to Mailman.
certain errors that can be caused by configuration of a particular list.
Bug #265941 (sf775100).
+ - Fixed a bug in AvoidDuplicates.py that caused it to fail if the address
+ in the To: or Cc: header differed in case from the case-preserved member
+ address. Bug #297795.
+
+ - Fixed a problem in SecurityManager that caused it to not find the
+ cookie when CheckCookie was not given a user and the user in the cookie
+ had a %xx encoded character. Bug # 299220.
+
2.1.11 (30-Jun-2008)
New Features