Últimos Cambios
Blog personal: El hilo del laberinto
|
|
|
Últimos Cambios |
|
Blog personal: El hilo del laberinto
|
|
|
Última Actualización: 10 de Agosto de 1.998 - Lunes
Message-ID: <35B8C710.EAAA6067@argo.es>
Date: Fri, 24 Jul 1998 17:40:32 +0000
From: "Jesús Cea Avión" <jcea@argo.es>
Organization: Argo Redes y Servicios Telematicos, S.A.
To: Lista proveedores QMD <proveedores_qmd@syntax-error.org>,
Lista de Proveedores Internet <proveedores@listserv.rediris.es>,
hacking@argo.es, Lista IRCops ESNET <ircops@esnet.org>,
Lista IRC Hispano <irc-cop@catalunya.net>, qpopper@qualcomm.com,
Lista Bugtraq <BUGTRAQ@NETSPACE.ORG>,
"seg-l@securenetworks.com" <seg-l@securenetworks.com>
Subject: GDBM bug in Qpopper 2.52
The new (and possibly previous versions also) Qpopper 2.52 has the following bug:
Bulletin database is opened "EXCLUSIVELLY" while the user maildrop is copied and not-yet-read bulletins are appended (a subsecond time). If any other user checks its mail, the Bulletin Database would be already locked. The user is rejected with a "Unable to open Bulletin database, contact your administrator" message (the GDBM error is "can't be a writer").
If the user retries, DB could be unlocked, already, and he/she can progress. Nevertherless, most POP clients take the previous rejection as a "password failure" and they open a dialog box to query the correct password from the user. If you choose "cancel", usually, you lost your passwd, so users must retype passwords all along the day.
Working in SERVER MODE (no user maildrop copy) reduces the incidences, since critical section is shorter in time, but the problem do not vanish.
I attach a silly (*REALLY* *SILLY*) patch which retries again when the database opening fails. You can't open the database non exclusivelly because GDBM imposes exclusion when you open for write.
A more elegant patch could be:
As I said, the patch included is really fool, but it works in my configuration and phone helpdesk personnel is happiest with it };-)
Ah, "usleep()" sleeps microseconds. If you don't have that command, reduce the loop from 5000 to 5 and use "sleep(1)".
# diff -u *.old *drop*.c
--- pop_dropcopy.c.old Fri Jul 24 12:57:37 1998
+++ pop_dropcopy.c Fri Jul 24 16:45:53 1998
@@ -781,14 +781,27 @@
sprintf(bull_db, "%s/bulldb", p->bulldir);
#endif
#ifdef GDBM
- if ((p->bull_db = gdbm_open (bull_db, 512, GDBM_WRCREAT, 0600,0)) == NULL)
+
+{
+int i;
+
+ for(i=0;i<5000;i++) {
+ if((p->bull_db = gdbm_open (bull_db, 512, GDBM_WRCREAT, 0600, 0)) != NULL) break;
+ usleep(1000); /* Milisegundo de espera */
+ }
+}
+ if (p->bull_db == NULL)
+
#else
if ((p->bull_db = dbm_open (bull_db, O_RDWR | O_CREAT, 0600)) == NULL)
#endif
{
pop_log(p,POP_PRIORITY,"[g]dbm_open failed : %s (%d)",sys_errlist[errno],errno);
return(pop_msg(p, POP_FAILURE,
+ gdbm_strerror(gdbm_errno)));
+/*
"Unable to open Bulletin database, contact your administrator"));
+*/
}
}
#endif
--
Jesus Cea Avion _/_/ _/_/_/ _/_/_/
jcea@argo.es http://www.argo.es/~jcea/ _/_/ _/_/ _/_/ _/_/ _/_/
_/_/ _/_/ _/_/_/_/_/
PGP Key Available at KeyServ _/_/ _/_/ _/_/ _/_/ _/_/
"Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/
"My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibnitz
Más información sobre los OpenBadges
Donación BitCoin: 19niBN42ac2pqDQFx6GJZxry2JQSFvwAfS
