Forum OpenACS Development: Re: refactoring acs-mail-lite for use with imap

Posted by Benjamin Brink on
Thank you, Gustaf,

I'm definitely interested in re-using code.

export_vars uses ns_set, which doesn't persist after a server restart. A reply may be expected to work for a period of time after a few restarts --at least for the deployments I'm considering using this in.

ad_set_signed_cookie would work if it could be used outside of cookies. And yet, it uses ns_sha1 which appears to be twice as slow as the work in progress (WIP) solution.

The WIP creates a unique id using ns_base64encode of a randomized big_int. Granted, the draft currently saves immediately to the database, which is much slower. The database write could be worked into a separate scheduled thread that batches values saved via ns_nsv similar to export_vars.

Is there another way that should be considered?


Posted by Gustaf Neumann on
Signed variables certainly work with restarting the server, it does not depend on the ns_sets, used for its construction. The ns_sets are just for temporary usage, like other local variables. Btw, the life-span of most ns_sets are per-request. Signed variables would be completely useless, if they could not be used across requests. You can specify e.g. the span of validity for a signed variable.
Posted by Benjamin Brink on
Thank you, Gustaf.

I should use it like this:

export_vars -sign -url <message_id> var1 var2 var3

And yet, how to retrieve?

As far as I can tell, to use ad_verify_signature, the data needs to be embedded in the email. And yet, the point is to *not* expose or publish the data external to the system.

Also, this grep doesn't find any examples besides docs to get hints from:
packages# grep -R " -sign" *

Posted by Gustaf Neumann on
OpenACS has multiple variants for signed value checking. The most basic one is the following, where ad_verify_signature_with_expr [1] returns either the expiration time or 0 if the validation fails
set value 123
set secret "secret phrase" 
set signature [ad_sign  -max_age 600 -secret $secret $value]
ad_verify_signature_with_expr -secret $secret $value $signature
Posted by Benjamin Brink on
I see how to use a signed variable for email now.

Where a url is supplied in an email for a user to get via a browser, standard export_vars -sign -url ... applies.

Where input requires authenticating a reply and obtaining associated form inputs, pass the uniqueID mapped to the inputs, where the uniqueID is signed using export_vars and adjusted to fit email message-id specs.

This keeps from leaking data, and message-id is re-generated using existing code.

Thank you, Gustaf!
That makes the implementation much cleaner.