head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.8
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.6
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.4
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q2:1.2.0.2
	pkgsrc-2011Q2-base:1.2;
locks; strict;
comment	@# @;


1.2
date	2010.11.23.08.24.04;	author tron;	state dead;
branches;
next	1.1;

1.1
date	2010.11.17.18.44.07;	author tez;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Add fix for CVE-2010-3492 and update the fix for CVE-2010-3493. Both
fixes taken from the Python 2.7 branch in the Python SVN repository.
@
text
@$NetBSD: patch-aw,v 1.1 2010/11/17 18:44:07 tez Exp $

Fix for SA41968 (CVE-2010-3493) from the 2.7 branch repo
http://svn.python.org/view/python/branches/release27-maint/Lib/smtpd.py?r1=86084&r2=82503&view=patch

--- Lib/smtpd2.6.py.orig	2010-06-30 12:41:25.000000000 -0500
+++ Lib/smtpd2.6.py	2010-11-17 12:19:14.825489100 -0600
@@@@ -121,7 +121,15 @@@@
         self.__rcpttos = []
         self.__data = ''
         self.__fqdn = socket.getfqdn()
-        self.__peer = conn.getpeername()
+        try:
+            self.__peer = conn.getpeername()
+        except socket.error, err:
+            # a race condition  may occur if the other end is closing
+            # before we can get the peername
+            self.close()
+            if err[0] != errno.ENOTCONN:
+                raise
+            return
         print >> DEBUGSTREAM, 'Peer:', repr(self.__peer)
         self.push('220 %s %s' % (self.__fqdn, __version__))
         self.set_terminator('\r\n')
@@@@ -291,9 +299,11 @@@@
                 localaddr, remoteaddr)
 
     def handle_accept(self):
-        conn, addr = self.accept()
-        print >> DEBUGSTREAM, 'Incoming connection from %s' % repr(addr)
-        channel = SMTPChannel(self, conn, addr)
+        pair = self.accept()
+        if pair is not None:
+            conn, addr = pair
+            print >> DEBUGSTREAM, 'Incoming connection from %s' % repr(addr)
+            channel = SMTPChannel(self, conn, addr)
 
     # API for "doing something useful with the message"
     def process_message(self, peer, mailfrom, rcpttos, data):
@


1.1
log
@Add fix for SA41968 (CVE-2010-3493) from the 2.7 branch repo
http://svn.python.org/view/python/branches/release27-maint/Lib/smtpd.py?r1=86084
&r2=82503&view=patch
@
text
@d1 1
a1 1
$NetBSD$
@