[PATCH] BUG10963: implement a better email verification

[PATCH] BUG10963: implement a better email verification

[Alexander Marx]

[-- Attachment #1: Type: text/plain, Size: 2548 bytes --]

With this patch the new domains with german umlauts are checked. In
addition we check all allowed chars in the address before the @ sign.

To check the fqdn of an email the function validfqdn has been adapted as
well.

Signed-off-by: Alexander Marx <alexander.marx(a)ipfire.org>
---
 config/cfgroot/general-functions.pl | 33 ++++++++++++++++++++++-----------
 1 file changed, 22 insertions(+), 11 deletions(-)

diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl
index 2b5cd19..55ea5b6 100644
--- a/config/cfgroot/general-functions.pl
+++ b/config/cfgroot/general-functions.pl
@@ -662,13 +662,13 @@ sub validfqdn
 		if (length ($part) < 1 || length ($part) > 63) {
 			return 0;}
 		# Only valid characters are a-z, A-Z, 0-9 and -
-		if ($part !~ /^[a-zA-Z0-9-]*$/) {
+		if ($part !~ /^[a-zA-ZöäüÖÄÜ0-9-]*$/) {
 			return 0;}
 		# First character can only be a letter or a digit
-		if (substr ($part, 0, 1) !~ /^[a-zA-Z0-9]*$/) {
+		if (substr ($part, 0, 1) !~ /^[a-zA-ZöäüÖÄÜ0-9]*$/) {
 			return 0;}
 		# Last character can only be a letter or a digit
-		if (substr ($part, -1, 1) !~ /^[a-zA-Z0-9]*$/) {
+		if (substr ($part, -1, 1) !~ /^[a-zA-ZöäüÖÄÜ0-9]*$/) {
 			return 0;}
 	}
 	return 1;
@@ -747,14 +747,25 @@ sub ipcidr2msk {
 }
 
 sub validemail {
-    my $mail = shift;
-    return 0 if ( $mail !~ /^[0-9a-zA-Z\.\-\_]+\@[0-9a-zA-Z\.\-]+$/ );
-    return 0 if ( $mail =~ /^[^0-9a-zA-Z]|[^0-9a-zA-Z]$/);
-    return 0 if ( $mail !~ /([0-9a-zA-Z]{1})\@./ );
-    return 0 if ( $mail !~ /.\@([0-9a-zA-Z]{1})/ );
-    return 0 if ( $mail =~ /.\.\-.|.\-\..|.\.\..|.\-\-./g );
-    return 0 if ( $mail =~ /.\.\_.|.\-\_.|.\_\..|.\_\-.|.\_\_./g );
-    return 0 if ( $mail !~ /\.([a-zA-Z]{2,4})$/ );
+    my $address = shift;
+    my @positionen = split( /\@/, $address );
+    my $anz=@positionen;
+
+    #check if we have one part before and after '@'
+    return 0 if ( $anz != 2 );
+
+    #check if one of the parts starts or ends with a dot
+    return 0 if ( substr($positionen[0],0,1) eq '.' );
+    return 0 if ( substr($positionen[0],-1,1) eq '.' );
+    return 0 if ( substr($positionen[1],0,1) eq '.' );
+    return 0 if ( substr($positionen[1],-1,1) eq '.' );
+
+    #check first addresspart (before '@' sign)
+    return 0 if  ( $positionen[0] !~ m/^[a-zA-Z0-9\.!\-\+#]+$/ );
+
+    #check second addresspart (after '@' sign)
+    return 0 if  ( !&validfqdn( $positionen[1] ) );
+
     return 1;
 }
 
-- 
1.9.1

Re: [PATCH] BUG10963: implement a better email verification

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 3151 bytes --]

Hi,

On Thu, 2015-11-12 at 16:27 +0100, Alexander Marx wrote:
> With this patch the new domains with german umlauts are checked. In
> addition we check all allowed chars in the address before the @ sign.
> 
> To check the fqdn of an email the function validfqdn has been adapted
> as
> well.
> 
> Signed-off-by: Alexander Marx <alexander.marx(a)ipfire.org>
> ---
>  config/cfgroot/general-functions.pl | 33 ++++++++++++++++++++++-----
> ------
>  1 file changed, 22 insertions(+), 11 deletions(-)
> 
> diff --git a/config/cfgroot/general-functions.pl
> b/config/cfgroot/general-functions.pl
> index 2b5cd19..55ea5b6 100644
> --- a/config/cfgroot/general-functions.pl
> +++ b/config/cfgroot/general-functions.pl
> @@ -662,13 +662,13 @@ sub validfqdn
>  		if (length ($part) < 1 || length ($part) > 63) {
>  			return 0;}
>  		# Only valid characters are a-z, A-Z, 0-9 and -
> -		if ($part !~ /^[a-zA-Z0-9-]*$/) {
> +		if ($part !~ /^[a-zA-ZöäüÖÄÜ0-9-]*$/) {
>  			return 0;}
>  		# First character can only be a letter or a digit
> -		if (substr ($part, 0, 1) !~ /^[a-zA-Z0-9]*$/) {
> +		if (substr ($part, 0, 1) !~ /^[a-zA-ZöäüÖÄÜ0-9]*$/)
> {
>  			return 0;}
>  		# Last character can only be a letter or a digit
> -		if (substr ($part, -1, 1) !~ /^[a-zA-Z0-9]*$/) {
> +		if (substr ($part, -1, 1) !~ /^[a-zA-ZöäüÖÄÜ0-9]*$/)
> {
>  			return 0;}
>  	}
>  	return 1;

There can't be any of those special characters in the domain name.
These must be escaped by using the IDN standard.

> @@ -747,14 +747,25 @@ sub ipcidr2msk {
>  }
>  
>  sub validemail {
> -    my $mail = shift;
> -    return 0 if ( $mail !~ /^[0-9a-zA-Z\.\-\_]+\@[0-9a-zA-Z\.\-]+$/
> );
> -    return 0 if ( $mail =~ /^[^0-9a-zA-Z]|[^0-9a-zA-Z]$/);
> -    return 0 if ( $mail !~ /([0-9a-zA-Z]{1})\@./ );
> -    return 0 if ( $mail !~ /.\@([0-9a-zA-Z]{1})/ );
> -    return 0 if ( $mail =~ /.\.\-.|.\-\..|.\.\..|.\-\-./g );
> -    return 0 if ( $mail =~ /.\.\_.|.\-\_.|.\_\..|.\_\-.|.\_\_./g );
> -    return 0 if ( $mail !~ /\.([a-zA-Z]{2,4})$/ );
> +    my $address = shift;
> +    my @positionen = split( /\@/, $address );
> +    my $anz=@positionen;

The variables in this code are not English.

> +
> +    #check if we have one part before and after '@'
> +    return 0 if ( $anz != 2 );
> +
> +    #check if one of the parts starts or ends with a dot
> +    return 0 if ( substr($positionen[0],0,1) eq '.' );
> +    return 0 if ( substr($positionen[0],-1,1) eq '.' );
> +    return 0 if ( substr($positionen[1],0,1) eq '.' );
> +    return 0 if ( substr($positionen[1],-1,1) eq '.' );
> +
> +    #check first addresspart (before '@' sign)
> +    return 0 if  ( $positionen[0] !~ m/^[a-zA-Z0-9\.!\-\+#]+$/ );

In this part may be special characters. I don't think that this is a
good thing though, but some mailboxes allow unicode.

> +
> +    #check second addresspart (after '@' sign)
> +    return 0 if  ( !&validfqdn( $positionen[1] ) );
> +

You could write this easier as:

  return &validfqdn(...);

If the validfqdn() method finds an invalid domain name, the return code
would be false. Otherwise it would be true.

>      return 1;
>  }
>  

-Michael

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

[PATCH] BUG10963: implement a better email verification

[Alexander Marx]

[-- Attachment #1: Type: text/plain, Size: 2192 bytes --]

We now check all allowed chars in the address before the @ sign.
The domainpart after the '@' sign is just checked for valid chars, so that user(a)ipfire is valid, too

Signed-off-by: Alexander Marx <alexander.marx(a)ipfire.org>
---
 config/cfgroot/general-functions.pl | 29 ++++++++++++++++++++---------
 1 file changed, 20 insertions(+), 9 deletions(-)

diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl
index 2b5cd19..f3a2e47 100644
--- a/config/cfgroot/general-functions.pl
+++ b/config/cfgroot/general-functions.pl
@@ -655,7 +655,7 @@ sub validfqdn
 	my @parts = split (/\./, $fqdn);	# Split hostname at the '.'
 	if (scalar(@parts) < 2) {		# At least two parts should
 		return 0;}			# exist in a FQDN
-						# (i.e. hostname.domain)
+						# (i.e.hostname.domain)
 	foreach $part (@parts) {
 		# Each part should be at least one character in length
 		# but no more than 63 characters
@@ -747,14 +747,25 @@ sub ipcidr2msk {
 }
 
 sub validemail {
-    my $mail = shift;
-    return 0 if ( $mail !~ /^[0-9a-zA-Z\.\-\_]+\@[0-9a-zA-Z\.\-]+$/ );
-    return 0 if ( $mail =~ /^[^0-9a-zA-Z]|[^0-9a-zA-Z]$/);
-    return 0 if ( $mail !~ /([0-9a-zA-Z]{1})\@./ );
-    return 0 if ( $mail !~ /.\@([0-9a-zA-Z]{1})/ );
-    return 0 if ( $mail =~ /.\.\-.|.\-\..|.\.\..|.\-\-./g );
-    return 0 if ( $mail =~ /.\.\_.|.\-\_.|.\_\..|.\_\-.|.\_\_./g );
-    return 0 if ( $mail !~ /\.([a-zA-Z]{2,4})$/ );
+    my $address = shift;
+    my @parts = split( /\@/, $address );
+    my $count=@parts;
+
+    #check if we have one part before and after '@'
+    return 0 if ( $count != 2 );
+
+    #check if one of the parts starts or ends with a dot
+    return 0 if ( substr($parts[0],0,1) eq '.' );
+    return 0 if ( substr($parts[0],-1,1) eq '.' );
+    return 0 if ( substr($parts[1],0,1) eq '.' );
+    return 0 if ( substr($parts[1],-1,1) eq '.' );
+
+    #check first addresspart (before '@' sign)
+    return 0 if  ( $parts[0] !~ m/^[a-zA-Z0-9\.!\-\+#]+$/ );
+
+    #check second addresspart (after '@' sign)
+    return 0 if  ( $parts[1] !~ m/^[a-zA-Z0-9\.\-]+$/ );
+
     return 1;
 }
 
-- 
1.9.1

Re: [PATCH] BUG10963: implement a better email verification

[R. W. Rodolico]

[-- Attachment #1: Type: text/plain, Size: 4156 bytes --]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sorry to jump in here since I really don't contribute much to this
except testing. But, has anyone simply considered one regex to
validate the e-mail? I remembered reading Jeffrey Friedl's book
"Mastering Regular Expressions" a long, long time ago, and then Jan
Goyvaert/Steve Levithans "Regular Expressions Cookbook" so I went and
looked at Goyvaerts web site,
http://www.regular-expressions.info/email.html.

Goyvaert's "99% matching" e-mail regex is simple:

\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}\b

If anyone wants to look at it, it is discussed at
http://www.regular-expressions.info/email.html. He has much more
inclusive regex's that will even match some edge cases the above
simple one won't, but really, if you just warn when an invalid address
is entered (instead of erroring), that might be the simplest solution,
and will really simplify the checking.

Rod

On 11/16/2015 08:12 AM, Michael Tremer wrote:
> Hi,
> 
> okay, this looks better, but I still would like to request a 
> change:
> 
> On Mon, 2015-11-16 at 11:53 +0100, Alexander Marx wrote:
>> We now check all allowed chars in the address before the @ sign.
>> 
>> To check the fqdn of an email the function validfqdn has been 
>> adapted as well. Here a valid domain part is for example: 
>> user(a)ipfire or user(a)localhost.localdomain
>> 
>> Signed-off-by: Alexander Marx <alexander.marx(a)ipfire.org> --- 
>> config/cfgroot/general-functions.pl | 30 
>> +++++++++++++++++++-------- --- 1 file changed, 19
>> insertions(+), 11 deletions(-)
>> 
>> diff --git a/config/cfgroot/general-functions.pl 
>> b/config/cfgroot/general-functions.pl index 2b5cd19..564a904 
>> 100644 --- a/config/cfgroot/general-functions.pl +++ 
>> b/config/cfgroot/general-functions.pl @@ -653,9 +653,6 @@ sub 
>> validfqdn # Checks a fully qualified domain name against RFC1035
>>  my $fqdn = $_[0]; my @parts = split (/\./, $fqdn);	# Split 
>> hostname at the '.' -	if (scalar(@parts) < 2) {		# At least two 
>> parts should -		return 0;}			# exist in a FQDN -						# (i.e. 
>> hostname.domain) foreach $part (@parts) { # Each part should be 
>> at least one character in length # but no more than 63 characters
>> @@ -747,14 +744,25 @@ sub ipcidr2msk { }
> 
> This function above is called validfqdn and is supposed (according 
> to the comment) to check for a FQDN as defined in RFC1035. You 
> change changes that. Therefore I think this function should be
> left as it is so other things that use this function don't break.
> 
>> sub validemail { -    my $mail = shift; -    return 0 if ( $mail 
>> !~ /^[0-9a-zA-Z\.\-\_]+\@[0-9a-zA-Z\.\-]+$/ ); -    return 0 if
>> ( $mail =~ /^[^0-9a-zA-Z]|[^0-9a-zA-Z]$/); -    return 0 if (
>> $mail !~ /([0-9a-zA-Z]{1})\@./ ); -    return 0 if ( $mail !~ 
>> /.\@([0-9a-zA-Z]{1})/ ); -    return 0 if ( $mail =~ 
>> /.\.\-.|.\-\..|.\.\..|.\-\-./g ); -    return 0 if ( $mail =~ 
>> /.\.\_.|.\-\_.|.\_\..|.\_\-.|.\_\_./g ); -    return 0 if (
>> $mail !~ /\.([a-zA-Z]{2,4})$/ ); +    my $address = shift; +
>> my @parts = split( /\@/, $address ); +    my $count=@parts; + + 
>> #check if we have one part before and after '@' +    return 0 if 
>> ( $count != 2 ); + +    #check if one of the parts starts or
>> ends with a dot +    return 0 if ( substr($parts[0],0,1) eq '.'
>> ); + return 0 if ( substr($parts[0],-1,1) eq '.' ); +    return 0
>> if ( substr($parts[1],0,1) eq '.' ); +    return 0 if ( 
>> substr($parts[1],-1,1) eq '.' ); + +    #check first addresspart 
>> (before '@' sign) +    return 0 if  ( $parts[0] !~ 
>> m/^[a-zA-Z0-9\.!\-\+#]+$/ ); + +    #check second addresspart 
>> (after '@' sign) +    return 0 if  ( !&validfqdn( $parts[1] ) );
> 
> If the FQDN function is not amended, the domain name should just be
> checked for invalid characters.
> 
>> + return 1; }
>> 
> 
> -Michael
> 

- -- 
Rod Rodolico
Daily Data, Inc.
POB 140465
Dallas TX 75214-0465
214.827.2170
http://www.dailydata.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlZKoC0ACgkQuVY3UpYMlTSUUwCaAgQ3r7Yj/vguzrIi+EMYbugf
BqAAoIIFz7NfAwUhNKVHJKWKpXsjZaQh
=KFEn
-----END PGP SIGNATURE-----

Re: [PATCH] BUG10963: implement a better email verification

[Alexander Marx]

[-- Attachment #1: Type: text/plain, Size: 3373 bytes --]

Well, according to your last mail regarding this patch, you stated that 
we *should* use the validfqdn function to check the domainpart... (The 
reason was, that i just checked for valid chars in the domainpart already)?!
As we earlier discussed, a valid domain could be "user(a)ipfire", if we 
own a top-level domain...

I am a little bit confused now...


  Am 16.11.2015 um 15:12 schrieb Michael Tremer:
> Hi,
>
> okay, this looks better, but I still would like to request a change:
>
> On Mon, 2015-11-16 at 11:53 +0100, Alexander Marx wrote:
>> We now check all allowed chars in the address before the @ sign.
>>
>> To check the fqdn of an email the function validfqdn has been adapted
>> as
>> well. Here a valid domain part is for example: user(a)ipfire or
>> user(a)localhost.localdomain
>>
>> Signed-off-by: Alexander Marx <alexander.marx(a)ipfire.org>
>> ---
>>   config/cfgroot/general-functions.pl | 30 +++++++++++++++++++--------
>> ---
>>   1 file changed, 19 insertions(+), 11 deletions(-)
>>
>> diff --git a/config/cfgroot/general-functions.pl
>> b/config/cfgroot/general-functions.pl
>> index 2b5cd19..564a904 100644
>> --- a/config/cfgroot/general-functions.pl
>> +++ b/config/cfgroot/general-functions.pl
>> @@ -653,9 +653,6 @@ sub validfqdn
>>   	# Checks a fully qualified domain name against RFC1035
>>           my $fqdn = $_[0];
>>   	my @parts = split (/\./, $fqdn);	# Split hostname at
>> the '.'
>> -	if (scalar(@parts) < 2) {		# At least two
>> parts should
>> -		return 0;}			# exist in a FQDN
>> -						# (i.e.
>> hostname.domain)
>>   	foreach $part (@parts) {
>>   		# Each part should be at least one character in
>> length
>>   		# but no more than 63 characters
>> @@ -747,14 +744,25 @@ sub ipcidr2msk {
>>   }
> This function above is called validfqdn and is supposed (according to
> the comment) to check for a FQDN as defined in RFC1035. You change
> changes that. Therefore I think this function should be left as it is
> so other things that use this function don't break.
>
>>   sub validemail {
>> -    my $mail = shift;
>> -    return 0 if ( $mail !~ /^[0-9a-zA-Z\.\-\_]+\@[0-9a-zA-Z\.\-]+$/
>> );
>> -    return 0 if ( $mail =~ /^[^0-9a-zA-Z]|[^0-9a-zA-Z]$/);
>> -    return 0 if ( $mail !~ /([0-9a-zA-Z]{1})\@./ );
>> -    return 0 if ( $mail !~ /.\@([0-9a-zA-Z]{1})/ );
>> -    return 0 if ( $mail =~ /.\.\-.|.\-\..|.\.\..|.\-\-./g );
>> -    return 0 if ( $mail =~ /.\.\_.|.\-\_.|.\_\..|.\_\-.|.\_\_./g );
>> -    return 0 if ( $mail !~ /\.([a-zA-Z]{2,4})$/ );
>> +    my $address = shift;
>> +    my @parts = split( /\@/, $address );
>> +    my $count=@parts;
>> +
>> +    #check if we have one part before and after '@'
>> +    return 0 if ( $count != 2 );
>> +
>> +    #check if one of the parts starts or ends with a dot
>> +    return 0 if ( substr($parts[0],0,1) eq '.' );
>> +    return 0 if ( substr($parts[0],-1,1) eq '.' );
>> +    return 0 if ( substr($parts[1],0,1) eq '.' );
>> +    return 0 if ( substr($parts[1],-1,1) eq '.' );
>> +
>> +    #check first addresspart (before '@' sign)
>> +    return 0 if  ( $parts[0] !~ m/^[a-zA-Z0-9\.!\-\+#]+$/ );
>> +
>> +    #check second addresspart (after '@' sign)
>> +    return 0 if  ( !&validfqdn( $parts[1] ) );
> If the FQDN function is not amended, the domain name should just be
> checked for invalid characters.
>
>> +
>>       return 1;
>>   }
>>   
> -Michael

Re: [PATCH] BUG10963: implement a better email verification

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 2869 bytes --]

Hi,

okay, this looks better, but I still would like to request a change:

On Mon, 2015-11-16 at 11:53 +0100, Alexander Marx wrote:
> We now check all allowed chars in the address before the @ sign.
> 
> To check the fqdn of an email the function validfqdn has been adapted
> as
> well. Here a valid domain part is for example: user(a)ipfire or 
> user(a)localhost.localdomain
> 
> Signed-off-by: Alexander Marx <alexander.marx(a)ipfire.org>
> ---
>  config/cfgroot/general-functions.pl | 30 +++++++++++++++++++--------
> ---
>  1 file changed, 19 insertions(+), 11 deletions(-)
> 
> diff --git a/config/cfgroot/general-functions.pl
> b/config/cfgroot/general-functions.pl
> index 2b5cd19..564a904 100644
> --- a/config/cfgroot/general-functions.pl
> +++ b/config/cfgroot/general-functions.pl
> @@ -653,9 +653,6 @@ sub validfqdn
>  	# Checks a fully qualified domain name against RFC1035
>          my $fqdn = $_[0];
>  	my @parts = split (/\./, $fqdn);	# Split hostname at
> the '.'
> -	if (scalar(@parts) < 2) {		# At least two
> parts should
> -		return 0;}			# exist in a FQDN
> -						# (i.e.
> hostname.domain)
>  	foreach $part (@parts) {
>  		# Each part should be at least one character in
> length
>  		# but no more than 63 characters
> @@ -747,14 +744,25 @@ sub ipcidr2msk {
>  }

This function above is called validfqdn and is supposed (according to
the comment) to check for a FQDN as defined in RFC1035. You change
changes that. Therefore I think this function should be left as it is
so other things that use this function don't break.

>  sub validemail {
> -    my $mail = shift;
> -    return 0 if ( $mail !~ /^[0-9a-zA-Z\.\-\_]+\@[0-9a-zA-Z\.\-]+$/
> );
> -    return 0 if ( $mail =~ /^[^0-9a-zA-Z]|[^0-9a-zA-Z]$/);
> -    return 0 if ( $mail !~ /([0-9a-zA-Z]{1})\@./ );
> -    return 0 if ( $mail !~ /.\@([0-9a-zA-Z]{1})/ );
> -    return 0 if ( $mail =~ /.\.\-.|.\-\..|.\.\..|.\-\-./g );
> -    return 0 if ( $mail =~ /.\.\_.|.\-\_.|.\_\..|.\_\-.|.\_\_./g );
> -    return 0 if ( $mail !~ /\.([a-zA-Z]{2,4})$/ );
> +    my $address = shift;
> +    my @parts = split( /\@/, $address );
> +    my $count=@parts;
> +
> +    #check if we have one part before and after '@'
> +    return 0 if ( $count != 2 );
> +
> +    #check if one of the parts starts or ends with a dot
> +    return 0 if ( substr($parts[0],0,1) eq '.' );
> +    return 0 if ( substr($parts[0],-1,1) eq '.' );
> +    return 0 if ( substr($parts[1],0,1) eq '.' );
> +    return 0 if ( substr($parts[1],-1,1) eq '.' );
> +
> +    #check first addresspart (before '@' sign)
> +    return 0 if  ( $parts[0] !~ m/^[a-zA-Z0-9\.!\-\+#]+$/ );
> +
> +    #check second addresspart (after '@' sign)
> +    return 0 if  ( !&validfqdn( $parts[1] ) );

If the FQDN function is not amended, the domain name should just be
checked for invalid characters.

> +
>      return 1;
>  }
>  

-Michael

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

[PATCH] BUG10963: implement a better email verification

[Alexander Marx]

[-- Attachment #1: Type: text/plain, Size: 2304 bytes --]

We now check all allowed chars in the address before the @ sign.

To check the fqdn of an email the function validfqdn has been adapted as
well. Here a valid domain part is for example: user(a)ipfire or user(a)localhost.localdomain

Signed-off-by: Alexander Marx <alexander.marx(a)ipfire.org>
---
 config/cfgroot/general-functions.pl | 30 +++++++++++++++++++-----------
 1 file changed, 19 insertions(+), 11 deletions(-)

diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl
index 2b5cd19..564a904 100644
--- a/config/cfgroot/general-functions.pl
+++ b/config/cfgroot/general-functions.pl
@@ -653,9 +653,6 @@ sub validfqdn
 	# Checks a fully qualified domain name against RFC1035
         my $fqdn = $_[0];
 	my @parts = split (/\./, $fqdn);	# Split hostname at the '.'
-	if (scalar(@parts) < 2) {		# At least two parts should
-		return 0;}			# exist in a FQDN
-						# (i.e. hostname.domain)
 	foreach $part (@parts) {
 		# Each part should be at least one character in length
 		# but no more than 63 characters
@@ -747,14 +744,25 @@ sub ipcidr2msk {
 }
 
 sub validemail {
-    my $mail = shift;
-    return 0 if ( $mail !~ /^[0-9a-zA-Z\.\-\_]+\@[0-9a-zA-Z\.\-]+$/ );
-    return 0 if ( $mail =~ /^[^0-9a-zA-Z]|[^0-9a-zA-Z]$/);
-    return 0 if ( $mail !~ /([0-9a-zA-Z]{1})\@./ );
-    return 0 if ( $mail !~ /.\@([0-9a-zA-Z]{1})/ );
-    return 0 if ( $mail =~ /.\.\-.|.\-\..|.\.\..|.\-\-./g );
-    return 0 if ( $mail =~ /.\.\_.|.\-\_.|.\_\..|.\_\-.|.\_\_./g );
-    return 0 if ( $mail !~ /\.([a-zA-Z]{2,4})$/ );
+    my $address = shift;
+    my @parts = split( /\@/, $address );
+    my $count=@parts;
+
+    #check if we have one part before and after '@'
+    return 0 if ( $count != 2 );
+
+    #check if one of the parts starts or ends with a dot
+    return 0 if ( substr($parts[0],0,1) eq '.' );
+    return 0 if ( substr($parts[0],-1,1) eq '.' );
+    return 0 if ( substr($parts[1],0,1) eq '.' );
+    return 0 if ( substr($parts[1],-1,1) eq '.' );
+
+    #check first addresspart (before '@' sign)
+    return 0 if  ( $parts[0] !~ m/^[a-zA-Z0-9\.!\-\+#]+$/ );
+
+    #check second addresspart (after '@' sign)
+    return 0 if  ( !&validfqdn( $parts[1] ) );
+
     return 1;
 }
 
-- 
1.9.1

[PATCH] BUG10963: implement a better email verification

[Alexander Marx]

[-- Attachment #1: Type: text/plain, Size: 2300 bytes --]

We now check all allowed chars in the address before the @ sign.

To check the fqdn of an email the function validfqdn has been adapted as
well. Here a valid domain part is for example: user(a)ipfire or user(a)localhost.localdomain

Signed-off-by: Alexander Marx <alexander.marx(a)ipfire.org>
---
 config/cfgroot/general-functions.pl | 30 +++++++++++++++++++-----------
 1 file changed, 19 insertions(+), 11 deletions(-)

diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl
index 2b5cd19..1bbcf85 100644
--- a/config/cfgroot/general-functions.pl
+++ b/config/cfgroot/general-functions.pl
@@ -653,9 +653,6 @@ sub validfqdn
 	# Checks a fully qualified domain name against RFC1035
         my $fqdn = $_[0];
 	my @parts = split (/\./, $fqdn);	# Split hostname at the '.'
-	if (scalar(@parts) < 2) {		# At least two parts should
-		return 0;}			# exist in a FQDN
-						# (i.e. hostname.domain)
 	foreach $part (@parts) {
 		# Each part should be at least one character in length
 		# but no more than 63 characters
@@ -747,14 +744,25 @@ sub ipcidr2msk {
 }
 
 sub validemail {
-    my $mail = shift;
-    return 0 if ( $mail !~ /^[0-9a-zA-Z\.\-\_]+\@[0-9a-zA-Z\.\-]+$/ );
-    return 0 if ( $mail =~ /^[^0-9a-zA-Z]|[^0-9a-zA-Z]$/);
-    return 0 if ( $mail !~ /([0-9a-zA-Z]{1})\@./ );
-    return 0 if ( $mail !~ /.\@([0-9a-zA-Z]{1})/ );
-    return 0 if ( $mail =~ /.\.\-.|.\-\..|.\.\..|.\-\-./g );
-    return 0 if ( $mail =~ /.\.\_.|.\-\_.|.\_\..|.\_\-.|.\_\_./g );
-    return 0 if ( $mail !~ /\.([a-zA-Z]{2,4})$/ );
+    my $address = shift;
+    my @parts = split( /\@/, $address );
+    my $anz=@parts;
+
+    #check if we have one part before and after '@'
+    return 0 if ( $anz != 2 );
+
+    #check if one of the parts starts or ends with a dot
+    return 0 if ( substr($parts[0],0,1) eq '.' );
+    return 0 if ( substr($parts[0],-1,1) eq '.' );
+    return 0 if ( substr($parts[1],0,1) eq '.' );
+    return 0 if ( substr($parts[1],-1,1) eq '.' );
+
+    #check first addresspart (before '@' sign)
+    return 0 if  ( $parts[0] !~ m/^[a-zA-Z0-9\.!\-\+#]+$/ );
+
+    #check second addresspart (after '@' sign)
+    return 0 if  ( !&validfqdn( $parts[1] ) );
+
     return 1;
 }
 
-- 
1.9.1

[PATCH] BUG10963: implement a better email verification

[Alexander Marx]

[-- Attachment #1: Type: text/plain, Size: 2300 bytes --]

We now check all allowed chars in the address before the @ sign.

To check the fqdn of an email the function validfqdn has been adapted as
well. Here a valid domain part is for example: user(a)ipfire or user(a)localhost.localdomain

Signed-off-by: Alexander Marx <alexander.marx(a)ipfire.org>
---
 config/cfgroot/general-functions.pl | 30 +++++++++++++++++++-----------
 1 file changed, 19 insertions(+), 11 deletions(-)

diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl
index 2b5cd19..1bbcf85 100644
--- a/config/cfgroot/general-functions.pl
+++ b/config/cfgroot/general-functions.pl
@@ -653,9 +653,6 @@ sub validfqdn
 	# Checks a fully qualified domain name against RFC1035
         my $fqdn = $_[0];
 	my @parts = split (/\./, $fqdn);	# Split hostname at the '.'
-	if (scalar(@parts) < 2) {		# At least two parts should
-		return 0;}			# exist in a FQDN
-						# (i.e. hostname.domain)
 	foreach $part (@parts) {
 		# Each part should be at least one character in length
 		# but no more than 63 characters
@@ -747,14 +744,25 @@ sub ipcidr2msk {
 }
 
 sub validemail {
-    my $mail = shift;
-    return 0 if ( $mail !~ /^[0-9a-zA-Z\.\-\_]+\@[0-9a-zA-Z\.\-]+$/ );
-    return 0 if ( $mail =~ /^[^0-9a-zA-Z]|[^0-9a-zA-Z]$/);
-    return 0 if ( $mail !~ /([0-9a-zA-Z]{1})\@./ );
-    return 0 if ( $mail !~ /.\@([0-9a-zA-Z]{1})/ );
-    return 0 if ( $mail =~ /.\.\-.|.\-\..|.\.\..|.\-\-./g );
-    return 0 if ( $mail =~ /.\.\_.|.\-\_.|.\_\..|.\_\-.|.\_\_./g );
-    return 0 if ( $mail !~ /\.([a-zA-Z]{2,4})$/ );
+    my $address = shift;
+    my @parts = split( /\@/, $address );
+    my $anz=@parts;
+
+    #check if we have one part before and after '@'
+    return 0 if ( $anz != 2 );
+
+    #check if one of the parts starts or ends with a dot
+    return 0 if ( substr($parts[0],0,1) eq '.' );
+    return 0 if ( substr($parts[0],-1,1) eq '.' );
+    return 0 if ( substr($parts[1],0,1) eq '.' );
+    return 0 if ( substr($parts[1],-1,1) eq '.' );
+
+    #check first addresspart (before '@' sign)
+    return 0 if  ( $parts[0] !~ m/^[a-zA-Z0-9\.!\-\+#]+$/ );
+
+    #check second addresspart (after '@' sign)
+    return 0 if  ( !&validfqdn( $parts[1] ) );
+
     return 1;
 }
 
-- 
1.9.1