[Tickets #12970] Re: Don't override sticky OPTIONS values with default values.

noreply at bugs.horde.org noreply at bugs.horde.org
Wed Oct 29 14:46:46 UTC 2014


Ticket URL: https://bugs.horde.org/ticket/12970
  Ticket             | 12970
  Updated By         | Michael Rubinsky <mrubinsk at horde.org>
  Summary            | Don't override sticky OPTIONS values with default
                     | values.
  Queue              | Horde Framework Packages
  Version            | Git master
  Type               | Bug
  State              | Assigned
  Priority           | 1. Low
  Milestone          |
  Patch              |
  Owners             | Michael Rubinsky

Michael Rubinsky <mrubinsk at horde.org> (2014-10-29 14:46) wrote:

> After analysis, I found that the pkcs7 data is sent in one long line  
> and that throws off the OpenSSL parser.
> If I format the data using a max-length of 72 characters, then  
> OpenSSL can decrypt the data.

I am almost 100% positive that the encoded data has a maximum line  
length of 76 characters. This is almost certainly a BB bug.

> So, my guess is that Horde sends the msg to OpenSSL which can't  
> handle it as is. That's one half of the problem.

Yes, we use the PHP native openssl_pkcs7_decrypt() function.

> The other half is figuring out if Horde is doing something which  
> prevents the BB client from understanding the message it gets or if  
> the client only understands messages where the data is on one line.

Horde_ActiveSync passes all S/MIME messages UNTOUCHED to the client.

> I couldn't find a spec regarding the maximum amount of characters  
> per line allowed in pkcs7 data, so I'm guessing that what they're  
> doing is legal and one reason most clients can read it.

application/pcks7-mime, which is normally base64 transfer-encoded is  
limited to 76 characters per line.

More information about the bugs mailing list