Page MenuHomePhorge

[pykolab] Command kolab acl-cleanup fails if mailboxes with non-7-bit characters exist
Open, Needs TriagePublic

Description

Affected version

pykolab 0.9.0.6-1~kolab1+1.2

Problem

When running the command

kolab acl-cleanup <some_subject>

the command fails with the exception:

Traceback (most recent call last):
  File "/usr/sbin/kolab", line 41, in <module>
    kolab = Cli()
  File "/usr/lib/python3/dist-packages/pykolab/cli/__init__.py", line 77, in __init__
    commands.execute('_'.join(to_execute))
  File "/usr/lib/python3/dist-packages/pykolab/cli/commands.py", line 135, in execute
    commands[cmd_name]['function'](conf.cli_args, kw)
  File "/usr/lib/python3/dist-packages/pykolab/cli/cmd_acl_cleanup.py", line 52, in execute
    acls = imap.list_acls(folder)
  File "/usr/lib/python3/dist-packages/pykolab/imap/__init__.py", line 1221, in list_acls
    return self.imap.lam(self.folder_utf7(folder))
  File "/usr/lib/python3/dist-packages/cyruslib.py", line 764, in lam
    res, acl = self.__docommand("getacl", self.decode(mailbox))
  File "/usr/lib/python3/dist-packages/cyruslib.py", line 580, in __docommand
    self.__doexception(function, msg[0], *args)
  File "/usr/lib/python3/dist-packages/cyruslib.py", line 548, in __doexception
    self.__doraise( function.upper(), msg )
  File "/usr/lib/python3/dist-packages/cyruslib.py", line 557, in __doraise
    raise CYRUSError( idError[0], mode, msg )
cyruslib.CYRUSError: (30, 'GETACL', b'Mailbox does not exist')

Tracking down the issue revealed that the problematic mailbox contains special characters (in particular the letter "Ö":

2024-04-19 11:05:49,693 pykolab.imap DEBUG [19807]  [GETACL "user/mailboxname/O&-ANY-@domain.name"] BAD: b'Mailbox does not exist'

Looking at the encoded mailbox name, it seems that the names is UTF7 encoded twice ("&-ANY-" instead of "&ANY-"). This originates from mixing commands from pykolab.imap that rely on UTF7 output with commands that rely on UTF8 input. Specifically on cmd_acl_cleanup.py:L49, imap.lm() is used with returns folder names in UTF7 encoding. These folder names are passed to imap_list_acls() on cmd_acl_cleanup.py:L52 which expects UTF8 input.

Possible solutions

  1. Replace cmd_acl_cleanup.py:L49 with imap.list_folders().
  2. While debugging, I found that there is already a method imap.cleanup_acls() (see here), which should likely be used instead of reimplementing this functionality in cmd_acl_cleanup.py.

Further discussion

After thinking about it for a while and reading the original cmd_acl_cleanup.py it seems to me that this CLI command was intended to be run without an aci_subject to find all dangling ACLs by querying the user list. Using option 2 above would not solve this. However, the original function also did not implement that part and works only if the aci_subject is provided.

Details

Ticket Type
Task