From 7267f4fe1452d61f528da083308fbe38d5e1603a Mon Sep 17 00:00:00 2001 From: Mark Sapiro Date: Fri, 14 Nov 2008 14:09:30 -0800 Subject: Fixed a bug in AvoidDuplicates.py that caused it to fail if the address in the To: or Cc: header differed in case from the case-preserved member address. Bug #297795. --- Mailman/Handlers/AvoidDuplicates.py | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'Mailman') diff --git a/Mailman/Handlers/AvoidDuplicates.py b/Mailman/Handlers/AvoidDuplicates.py index fdcc49ca..038034c7 100644 --- a/Mailman/Handlers/AvoidDuplicates.py +++ b/Mailman/Handlers/AvoidDuplicates.py @@ -1,4 +1,4 @@ -# Copyright (C) 2002-2003 by the Free Software Foundation, Inc. +# Copyright (C) 2002-2008 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -40,34 +40,38 @@ def process(mlist, msg, msgdata): # Short circuit if not recips: return + # There is an issue with addresses in To: or Cc: that differ in + # case from the MemberCPAddresses in recips. We can't just + # lower-case everything because we still want CP addresses in + # the final recips list, so we lower case the keys. # Seed this set with addresses we don't care about dup avoiding explicit_recips = {} listaddrs = [mlist.GetListEmail(), mlist.GetBouncesEmail(), mlist.GetOwnerEmail(), mlist.GetRequestEmail()] for addr in listaddrs: - explicit_recips[addr] = True + explicit_recips[addr.lower()] = True # Figure out the set of explicit recipients ccaddrs = {} for header in ('to', 'cc', 'resent-to', 'resent-cc'): addrs = getaddresses(msg.get_all(header, [])) if header == 'cc': for name, addr in addrs: - ccaddrs[addr] = name, addr + ccaddrs[addr.lower()] = name, addr for name, addr in addrs: if not addr: continue # Ignore the list addresses for purposes of dup avoidance - explicit_recips[addr] = True + explicit_recips[addr.lower()] = True # Now strip out the list addresses for addr in listaddrs: - del explicit_recips[addr] + del explicit_recips[addr.lower()] if not explicit_recips: # No one was explicitly addressed, so we can't do any dup collapsing return newrecips = [] for r in recips: # If this recipient is explicitly addressed... - if explicit_recips.has_key(r): + if explicit_recips.has_key(r.lower()): send_duplicate = True # If the member wants to receive duplicates, or if the recipient # is not a member at all, just flag the X-Mailman-Duplicate: yes @@ -81,8 +85,8 @@ def process(mlist, msg, msgdata): if send_duplicate: msgdata.setdefault('add-dup-header', {})[r] = True newrecips.append(r) - elif ccaddrs.has_key(r): - del ccaddrs[r] + elif ccaddrs.has_key(r.lower()): + del ccaddrs[r.lower()] else: # Otherwise, this is the first time they've been in the recips # list. Add them to the newrecips list and flag them as having -- cgit v1.2.3 From f0d392172bb2400927948004d2dc66c264ca2aa5 Mon Sep 17 00:00:00 2001 From: Mark Sapiro Date: Thu, 20 Nov 2008 13:08:31 -0800 Subject: Fixed a problem in SecurityManager that caused it to not find the cookie when CheckCookie was not given a user and the user in the cookie had a %xx encoded character. Bug # 299220. --- Mailman/SecurityManager.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'Mailman') diff --git a/Mailman/SecurityManager.py b/Mailman/SecurityManager.py index 01610b43..572018e2 100644 --- a/Mailman/SecurityManager.py +++ b/Mailman/SecurityManager.py @@ -1,4 +1,4 @@ -# Copyright (C) 1998-2006 by the Free Software Foundation, Inc. +# Copyright (C) 1998-2008 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -299,7 +299,8 @@ class SecurityManager: usernames.append(k[len(prefix):]) # If any check out, we're golden. Note: `@'s are no longer legal # values in cookie keys. - for user in [Utils.UnobscureEmail(u) for u in usernames]: + for user in [Utils.UnobscureEmail(urllib.unquote(u)) + for u in usernames]: ok = self.__checkone(c, authcontext, user) if ok: return True -- cgit v1.2.3