Re: [PATCH] BUG10963: implement a better email verification

[Michael Tremer <michael.tremer@ipfire.org>]

[-- Attachment #1: Type: text/plain, Size: 2869 bytes --]

Hi,

okay, this looks better, but I still would like to request a change:

On Mon, 2015-11-16 at 11:53 +0100, Alexander Marx wrote:
> We now check all allowed chars in the address before the @ sign.
> 
> To check the fqdn of an email the function validfqdn has been adapted
> as
> well. Here a valid domain part is for example: user(a)ipfire or 
> user(a)localhost.localdomain
> 
> Signed-off-by: Alexander Marx <alexander.marx(a)ipfire.org>
> ---
>  config/cfgroot/general-functions.pl | 30 +++++++++++++++++++--------
> ---
>  1 file changed, 19 insertions(+), 11 deletions(-)
> 
> diff --git a/config/cfgroot/general-functions.pl
> b/config/cfgroot/general-functions.pl
> index 2b5cd19..564a904 100644
> --- a/config/cfgroot/general-functions.pl
> +++ b/config/cfgroot/general-functions.pl
> @@ -653,9 +653,6 @@ sub validfqdn
>  	# Checks a fully qualified domain name against RFC1035
>          my $fqdn = $_[0];
>  	my @parts = split (/\./, $fqdn);	# Split hostname at
> the '.'
> -	if (scalar(@parts) < 2) {		# At least two
> parts should
> -		return 0;}			# exist in a FQDN
> -						# (i.e.
> hostname.domain)
>  	foreach $part (@parts) {
>  		# Each part should be at least one character in
> length
>  		# but no more than 63 characters
> @@ -747,14 +744,25 @@ sub ipcidr2msk {
>  }

This function above is called validfqdn and is supposed (according to
the comment) to check for a FQDN as defined in RFC1035. You change
changes that. Therefore I think this function should be left as it is
so other things that use this function don't break.

>  sub validemail {
> -    my $mail = shift;
> -    return 0 if ( $mail !~ /^[0-9a-zA-Z\.\-\_]+\@[0-9a-zA-Z\.\-]+$/
> );
> -    return 0 if ( $mail =~ /^[^0-9a-zA-Z]|[^0-9a-zA-Z]$/);
> -    return 0 if ( $mail !~ /([0-9a-zA-Z]{1})\@./ );
> -    return 0 if ( $mail !~ /.\@([0-9a-zA-Z]{1})/ );
> -    return 0 if ( $mail =~ /.\.\-.|.\-\..|.\.\..|.\-\-./g );
> -    return 0 if ( $mail =~ /.\.\_.|.\-\_.|.\_\..|.\_\-.|.\_\_./g );
> -    return 0 if ( $mail !~ /\.([a-zA-Z]{2,4})$/ );
> +    my $address = shift;
> +    my @parts = split( /\@/, $address );
> +    my $count=@parts;
> +
> +    #check if we have one part before and after '@'
> +    return 0 if ( $count != 2 );
> +
> +    #check if one of the parts starts or ends with a dot
> +    return 0 if ( substr($parts[0],0,1) eq '.' );
> +    return 0 if ( substr($parts[0],-1,1) eq '.' );
> +    return 0 if ( substr($parts[1],0,1) eq '.' );
> +    return 0 if ( substr($parts[1],-1,1) eq '.' );
> +
> +    #check first addresspart (before '@' sign)
> +    return 0 if  ( $parts[0] !~ m/^[a-zA-Z0-9\.!\-\+#]+$/ );
> +
> +    #check second addresspart (after '@' sign)
> +    return 0 if  ( !&validfqdn( $parts[1] ) );

If the FQDN function is not amended, the domain name should just be
checked for invalid characters.

> +
>      return 1;
>  }
>  

-Michael

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]