Bugs in authentication procedure in smtpd.py

[standa4]

Hi, I found some bugs in smtpd.py file.

1. on line with code if 'LOGIN' == split_args[0]: is a bug in comparison. There is incorrectly compared uppercase 'LOGIN' although some clients can send this string in lowercase.
2. there is a bug in validate function. Specifically on line with code while i < len(password): There should by comparison with count of stored passwords (or usernames) not with length of actual password.
3. there is a bug in smtp_EHLO function (and maybe on other places) There are three push() calls in a row. It can cause error, if client receive these informations in more than one message. Some clients process only firts one and terminate with failure.

[ameygat]

We appriciate you pointing out the bug. Thank you. We will keep this issue open till fix is done. We will be more than appriciate if you come up with patch :-)

[RahulBinjve-zz]

Hi @standa4,

First of all, we really appreciate you looking into the source and reporting the bugs. I have fixed the bugs mentioned in your first and second points, please, have a look at the commits. Regarding the third bug, can you please elaborate and give us an example to reproduce the bug? Any help would be appreciated.

Once again, thanks for reporting and sincere apologies for delay in fix. Also, I'm keeping the issue open until the third point is not resolved.

Cheers.

[standa4]

Hi @RahulBinjve ,

thank you for fixing those bugs. I tried to reproduce third bug but I wasn't able to do it. I found this bug long time ago, so maybe it was bug in client and not it in Shiva and client was repaired since that time. I guess that this issue can be closed now.