From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: [PATCH] BUG10963: implement a better email verification Date: Thu, 12 Nov 2015 18:04:32 +0000 Message-ID: <1447351472.2699.131.camel@ipfire.org> In-Reply-To: <1447342071-13161-1-git-send-email-alexander.marx@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0821482103428584264==" List-Id: --===============0821482103428584264== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Hi, On Thu, 2015-11-12 at 16:27 +0100, Alexander Marx wrote: > With this patch the new domains with german umlauts are checked. In > addition we check all allowed chars in the address before the @ sign. > > To check the fqdn of an email the function validfqdn has been adapted > as > well. > > Signed-off-by: Alexander Marx > --- > config/cfgroot/general-functions.pl | 33 ++++++++++++++++++++++----- > ------ > 1 file changed, 22 insertions(+), 11 deletions(-) > > diff --git a/config/cfgroot/general-functions.pl > b/config/cfgroot/general-functions.pl > index 2b5cd19..55ea5b6 100644 > --- a/config/cfgroot/general-functions.pl > +++ b/config/cfgroot/general-functions.pl > @@ -662,13 +662,13 @@ sub validfqdn > if (length ($part) < 1 || length ($part) > 63) { > return 0;} > # Only valid characters are a-z, A-Z, 0-9 and - > - if ($part !~ /^[a-zA-Z0-9-]*$/) { > + if ($part !~ /^[a-zA-ZöäüÖÄÜ0-9-]*$/) { > return 0;} > # First character can only be a letter or a digit > - if (substr ($part, 0, 1) !~ /^[a-zA-Z0-9]*$/) { > + if (substr ($part, 0, 1) !~ /^[a-zA-ZöäüÖÄÜ0-9]*$/) > { > return 0;} > # Last character can only be a letter or a digit > - if (substr ($part, -1, 1) !~ /^[a-zA-Z0-9]*$/) { > + if (substr ($part, -1, 1) !~ /^[a-zA-ZöäüÖÄÜ0-9]*$/) > { > return 0;} > } > return 1; There can't be any of those special characters in the domain name. These must be escaped by using the IDN standard. > @@ -747,14 +747,25 @@ sub ipcidr2msk { > } > > sub validemail { > - my $mail = shift; > - return 0 if ( $mail !~ /^[0-9a-zA-Z\.\-\_]+\@[0-9a-zA-Z\.\-]+$/ > ); > - return 0 if ( $mail =~ /^[^0-9a-zA-Z]|[^0-9a-zA-Z]$/); > - return 0 if ( $mail !~ /([0-9a-zA-Z]{1})\@./ ); > - return 0 if ( $mail !~ /.\@([0-9a-zA-Z]{1})/ ); > - return 0 if ( $mail =~ /.\.\-.|.\-\..|.\.\..|.\-\-./g ); > - return 0 if ( $mail =~ /.\.\_.|.\-\_.|.\_\..|.\_\-.|.\_\_./g ); > - return 0 if ( $mail !~ /\.([a-zA-Z]{2,4})$/ ); > + my $address = shift; > + my @positionen = split( /\@/, $address ); > + my $anz=@positionen; The variables in this code are not English. > + > + #check if we have one part before and after '@' > + return 0 if ( $anz != 2 ); > + > + #check if one of the parts starts or ends with a dot > + return 0 if ( substr($positionen[0],0,1) eq '.' ); > + return 0 if ( substr($positionen[0],-1,1) eq '.' ); > + return 0 if ( substr($positionen[1],0,1) eq '.' ); > + return 0 if ( substr($positionen[1],-1,1) eq '.' ); > + > + #check first addresspart (before '@' sign) > + return 0 if ( $positionen[0] !~ m/^[a-zA-Z0-9\.!\-\+#]+$/ ); In this part may be special characters. I don't think that this is a good thing though, but some mailboxes allow unicode. > + > + #check second addresspart (after '@' sign) > + return 0 if ( !&validfqdn( $positionen[1] ) ); > + You could write this easier as: return &validfqdn(...); If the validfqdn() method finds an invalid domain name, the return code would be false. Otherwise it would be true. > return 1; > } > -Michael --===============0821482103428584264== Content-Type: application/pgp-signature Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="signature.asc" MIME-Version: 1.0 LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KVmVyc2lvbjogR251UEcgdjEKCmlRSWNCQUFC Q2dBR0JRSldSTlN3QUFvSkVJQjU4UDl2a0FrSFJ2RVFBS05JbGl6TUFnVFlHQ3FGS0J1UllEMXkK dEhLbkg2ZnJ5bUROeDE4aGhMclZTeGRBWEt0bS9XMWMxdFdPQU5TM05Bc1Bia3JmR29sbHNCSUNY U2NoditmawpiUzVtSnNNREpLV1g0MG1mSGJBdlBkN2xLa3M2ZGNLOHlGNzN0eGMxc3doU1ZHVGNj Wi9jcWRIcG1hRWs1M0tVCnFQU0YrMUxUQitlSFlsQlRWTzVIMnA3NU11dVR3REZjWTIrYWlmdzAr WlRKVjRDekNmM0dHRjVOTGFFMkdVZlIKR05wbmRYNEloNzBZdkN1dnNuZXprOTVnUi9wOVBMTit2 OTdJTzhXSkdBWG1TOGthc1JIb0NjTjR5OG05TG1jSApIQXNZRjNwblljVjFhYjVNYm9hKzROVDcz d1lSdHNYZDZvVE04ZEhoRFdPeHM5WTBpYWhCUFRiVGhvdUVidHYyCitqYXYvRkpuZ3F1NVkxTlRD THVxbCtPeTZMNmlPNTUzdkRDNEo5Um9wVGlnSG1hMG14WENHZTR2b1V0aERQdWYKWHYyVVhVM2JI bDFFanRSS1BYMHRnQmJkZXBjZUVJRGN6TGEyeGMxMFhlR0QzVVJ3OE5ZUzVSR0oyVG81eENzVgpI MlgvcXVvVElBYkZSM08xbW1pYzh1TUNYbE9UbTgxTk5MSTk5MUJZYWMxT3J0UXZFc1pFNDJoRWdq MDE2NFRwCnVxaUppdmxoSUxEUmRRMzBRUlBYWnZoRkZ1Y2gzOEhHWWdON0h3bVdXVndvdnh5Zis1 Z1hCSzJqeTdreUY0OW0KN0Q4b0Q2RVUwY3ZQVVU5Zk1lN1kzUEkyUHM1anA2bHdpV2orQTVuVWRz NHIxNGhlSDNhdnhxb0RpUFpjeWRWZgpuNlo5Q1Y3L05WdzVPbTNjQzNzTQo9YmpJQgotLS0tLUVO RCBQR1AgU0lHTkFUVVJFLS0tLS0K --===============0821482103428584264==--