Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Projets publics
Sympa
Commits
d2f4fc21
Commit
d2f4fc21
authored
Aug 11, 2021
by
IKEDA Soji
Browse files
Some clarification: Use canonic_email() to canonicalize email addresses
parent
1ced6143
Changes
11
Show whitespace changes
Inline
Side-by-side
src/cgi/wwsympa.fcgi.in
View file @
d2f4fc21
...
...
@@ -1348,11 +1348,9 @@ while ($query = Sympa::WWW::FastCGI->new) {
if (defined $net_id) { # the ticket is valid net-id
$log->syslog('notice', 'Login CAS OK server netid=%s',
$net_id);
$param->{'user'}{'email'} = lc(
Sympa::WWW::Auth::get_email_by_net_id(
$robot, $cas_id, {'uid' => $net_id}
)
);
$param->{'user'}{'email'} =
Sympa::WWW::Auth::get_email_by_net_id($robot,
$cas_id, {'uid' => $net_id});
$session->{'auth'} = 'cas';
$session->{'email'} = $param->{user}{email};
...
...
@@ -2070,8 +2068,8 @@ sub get_parameters {
# mod_ssl sets SSL_PROTOCOL; Apache-SSL sets SSL_PROTOCOL_VERSION.
$param->{'use_ssl'} = ($ENV{HTTPS} && $ENV{HTTPS} eq 'on');
#
# Lowercas
e email addresses
$in{'email'} = l
c
($in{'email'});
#
Canonicaliz
e email addresses
.
$in{'email'} =
Sympa::Tools::Text::canonic_emai
l($in{'email'});
## Don't get multiple listnames
if ($in{'list'}) {
...
...
@@ -3420,7 +3418,8 @@ sub do_sso_login {
{'email_http_header'} && !$email_is_trusted) {
my @email_list = split(
/$Conf::Conf{'auth_services'}{$robot}[$sso_id]{'http_header_value_separator'}/,
lc( $ENV{
Sympa::Tools::Text::canonic_email(
$ENV{
$Conf::Conf{'auth_services'}{$robot}[$sso_id]
{'email_http_header'}
}
...
...
@@ -3588,7 +3587,8 @@ sub do_sso_login {
my @email_list = split(
$Conf::Conf{'auth_services'}{$robot}[$sso_id]
{'http_header_value_separator'},
lc( $ENV{
Sympa::Tools::Text::canonic_email(
$ENV{
$Conf::Conf{'auth_services'}{$robot}[$sso_id]
{'email_http_header'}
}
...
...
@@ -5292,12 +5292,11 @@ sub do_set {
'update_date' => time
};
#
# Lower-cas
e new email address
$in{'new_email'} = l
c
($in{'new_email'});
#
Canonicaliz
e new email address
.
$in{'new_email'} =
Sympa::Tools::Text::canonic_emai
l($in{'new_email'});
if ($in{'new_email'} and $in{'email'} ne $in{'new_email'}) {
unless ($in{'new_email'}
and Sympa::Tools::Text::valid_email($in{'new_email'})) {
unless (Sympa::Tools::Text::valid_email($in{'new_email'})) {
wwslog('notice', 'Incorrect email %s', $in{'new_email'});
Sympa::WWW::Report::reject_report_web('user', 'incorrect_email',
{'email' => $in{'new_email'}},
...
...
@@ -5587,7 +5586,7 @@ sub do_subscribe {
wwslog('notice', "Missing required custom attributes");
return 1;
}
unless (
$email and
Sympa::Tools::Text::valid_email($email)) {
unless (Sympa::Tools::Text::valid_email($email)) {
return 1;
}
...
...
@@ -5718,7 +5717,7 @@ sub do_auto_signoff {
my $email = Sympa::Tools::Text::canonic_email($in{'email'});
return $default_home
unless
$email and
Sympa::Tools::Text::valid_email($email);
unless Sympa::Tools::Text::valid_email($email);
$param->{'email'} = $email;
...
...
@@ -5784,7 +5783,7 @@ sub do_family_signoff {
unless $family;
my $email = Sympa::Tools::Text::canonic_email($in{'email'});
return $default_home
unless
$email and
Sympa::Tools::Text::valid_email($email);
unless Sympa::Tools::Text::valid_email($email);
$param->{'email'} = $email;
$param->{'family'} = $family->{name};
...
...
@@ -5858,7 +5857,7 @@ sub do_signoff {
$param->{email} = $email;
unless (
$email and
Sympa::Tools::Text::valid_email($email)) {
unless (Sympa::Tools::Text::valid_email($email)) {
return 1;
}
...
...
@@ -8011,7 +8010,7 @@ sub do_add_frommod {
next;
}
my $email = $message->{sender};
next unless
$email and
Sympa::Tools::Text::valid_email($email);
next unless Sympa::Tools::Text::valid_email($email);
my $fullname = $message->{gecos}
if defined $message->{gecos} and $message->{gecos} =~ /\S/;
...
...
@@ -10794,7 +10793,7 @@ sub _notify_deleted_topic {
);
unless (
$list->update_list_member(
lc(
$subscriber->{'email'}
)
,
$subscriber->{'email'},
update_date => time,
topics => join(',', @{$topics->{'added'}})
)
...
...
@@ -13641,7 +13640,7 @@ sub do_d_set_owner {
# The email must look like an email "somebody@somewhere".
my $email = Sympa::Tools::Text::canonic_email($in{'content'})
if $in{'content'};
unless (
$email and
Sympa::Tools::Text::valid_email($email)) {
unless (Sympa::Tools::Text::valid_email($email)) {
Sympa::WWW::Report::reject_report_web('user', 'incorrect_email',
{'email' => $in{'content'}},
$param->{'action'}, $list);
...
...
@@ -17136,7 +17135,7 @@ sub do_auth {
my $default_home = Conf::get_robot_conf($robot, 'default_home');
return $default_home
unless
$email and
Sympa::Tools::Text::valid_email($email);
unless Sympa::Tools::Text::valid_email($email);
@{$param}{qw(id heldaction listname email)} =
($keyauth, $heldaction, $listname, $email);
...
...
@@ -17409,8 +17408,7 @@ sub _add_in_blacklist {
my $list = shift;
$log->syslog('info', '(%s, %s, %s)', $entry, $robot, $list->{'name'});
$entry = lc($entry);
chomp $entry;
$entry = Sympa::Tools::Text::canonic_email($entry);
# robot blacklist not yet availible
unless ($list) {
...
...
src/lib/Sympa.pm
View file @
d2f4fc21
...
...
@@ -669,6 +669,7 @@ sub get_listmasters_email {
}
my
@listmasters
=
map
{
Sympa::Tools::Text::
canonic_email
(
$_
)
}
grep
{
Sympa::Tools::Text::
valid_email
(
$_
)
}
split
/\s*,\s*/
,
$listmaster
;
# If no valid adresses found, use listmaster of site config.
...
...
@@ -753,8 +754,8 @@ sub is_listmaster {
my
$who
=
Sympa::Tools::Text::
canonic_email
(
shift
);
return
undef
unless
defined
$who
;
return
1
if
grep
{
lc
$_
eq
$who
}
Sympa::
get_listmasters_email
(
$that
);
return
1
if
grep
{
lc
$_
eq
$who
}
Sympa::
get_listmasters_email
('
*
');
return
1
if
grep
{
$_
eq
$who
}
Sympa::
get_listmasters_email
(
$that
);
return
1
if
grep
{
$_
eq
$who
}
Sympa::
get_listmasters_email
('
*
');
return
0
;
}
...
...
src/lib/Sympa/DataSource/File.pm
View file @
d2f4fc21
...
...
@@ -73,10 +73,6 @@ sub _next {
next
;
}
my
(
$email
,
$gecos
)
=
(
$
1
,
$
2
);
unless
(
Sympa::Tools::Text::
valid_email
(
$email
))
{
$log
->
syslog
('
err
',
'
Skip badly formed email: "%s"
',
$email
);
next
;
}
$gecos
=~
s/\s+\z//
if
defined
$gecos
;
$found
++
;
...
...
src/lib/Sympa/Message.pm
View file @
d2f4fc21
...
...
@@ -260,7 +260,8 @@ sub _get_sender_email {
## Try to get envelope sender
if
(
$self
->
{'
envelope_sender
'}
and
$self
->
{'
envelope_sender
'}
ne
'
<>
')
{
$sender
=
lc
(
$self
->
{'
envelope_sender
'});
$sender
=
Sympa::Tools::Text::
canonic_email
(
$self
->
{'
envelope_sender
'});
}
}
elsif
(
$hdr
->
get
(
$field
))
{
## Try to get message header.
...
...
@@ -271,7 +272,8 @@ sub _get_sender_email {
my
$addr
=
$hdr
->
get
(
$field
,
0
);
# get the first one
my
@sender_hdr
=
Mail::
Address
->
parse
(
$addr
);
if
(
@sender_hdr
and
$sender_hdr
[
0
]
->
address
)
{
$sender
=
lc
(
$sender_hdr
[
0
]
->
address
);
$sender
=
Sympa::Tools::Text::
canonic_email
(
$sender_hdr
[
0
]
->
address
);
my
$phrase
=
$sender_hdr
[
0
]
->
phrase
;
if
(
defined
$phrase
and
length
$phrase
)
{
$gecos
=
MIME::EncWords::
decode_mimewords
(
$phrase
,
...
...
@@ -1294,7 +1296,7 @@ sub check_smime_signature {
## Messages that should not be altered (no footer)
$self
->
{'
protected
'}
=
1
;
my
$sender
=
$self
->
{'
sender
'};
my
$sender
=
Sympa::Tools::Text::
canonic_email
(
$self
->
{'
sender
'}
)
;
# First step is to check if message signing is OK.
my
$smime
=
Crypt::
SMIME
->
new
;
...
...
@@ -1318,7 +1320,7 @@ sub check_smime_signature {
foreach
my
$cert
(
@
{
$signers
||
[]
})
{
my
$parsed
=
Sympa::Tools::SMIME::
parse_cert
(
text
=>
$cert
);
next
unless
$parsed
;
next
unless
$parsed
->
{'
email
'}{
lc
$sender
};
next
unless
$parsed
->
{'
email
'}{
$sender
};
if
(
$parsed
->
{'
purpose
'}{'
sign
'}
and
$parsed
->
{'
purpose
'}{'
enc
'})
{
$certs
{'
both
'}
=
$cert
;
...
...
@@ -1342,8 +1344,8 @@ sub check_smime_signature {
# or a pair of single-purpose. save them, as email@addr if combined,
# or as email@addr@sign / email@addr@enc for split certs.
foreach
my
$c
(
keys
%certs
)
{
my
$filename
=
"
$Conf
::Conf{ssl_cert_dir
}/
"
.
Sympa::Tools::Text::
escape_chars
(
lc
(
$sender
)
)
;
my
$filename
=
sprintf
'
%s/%s
',
$
Conf::
Conf
{
'
ssl_cert_dir
'},
Sympa::Tools::Text::
escape_chars
(
$sender
);
if
(
$c
ne
'
both
')
{
unlink
$filename
;
# just in case there's an old cert left...
$filename
.=
"
\@
$c
";
...
...
src/lib/Sympa/Request/Handler/create_list.pm
View file @
d2f4fc21
...
...
@@ -36,6 +36,7 @@ use Sympa::List;
use
Sympa::
LockedFile
;
use
Sympa::
Log
;
use
Sympa::
Template
;
use
Sympa::Tools::
Text
;
use
base
qw(Sympa::Request::Handler)
;
...
...
src/lib/Sympa/Request/Handler/include.pm
View file @
d2f4fc21
...
...
@@ -31,6 +31,7 @@ use Sympa::DatabaseManager;
use
Sympa::
DataSource
;
use
Sympa::
LockedFile
;
use
Sympa::
Log
;
use
Sympa::Tools::
Text
;
use
base
qw(Sympa::Request::Handler)
;
...
...
src/lib/Sympa/Robot.pm
View file @
d2f4fc21
...
...
@@ -39,6 +39,7 @@ use Sympa::ListDef;
use
Sympa::
Log
;
use
Sympa::Tools::
Data
;
use
Sympa::Tools::
File
;
use
Sympa::Tools::
Text
;
my
$language
=
Sympa::
Language
->
instance
;
my
$log
=
Sympa::
Log
->
instance
;
...
...
src/lib/Sympa/Spindle/ProcessBounce.pm
View file @
d2f4fc21
...
...
@@ -118,7 +118,7 @@ sub _twist {
# Pick address only.
my
@to
=
Mail::
Address
->
parse
(
$to
);
if
(
@to
and
$to
[
0
]
and
$to
[
0
]
->
address
)
{
$to
=
l
c
(
$to
[
0
]
->
address
);
$to
=
Sympa::Tools::Text::
canonic_emai
l
(
$to
[
0
]
->
address
);
}
else
{
undef
$to
;
}
...
...
src/lib/Sympa/Tools/SMIME.pm
View file @
d2f4fc21
...
...
@@ -30,6 +30,7 @@ use English qw(-no_match_vars);
use
Conf
;
use
Sympa::
Log
;
use
Sympa::Tools::
Text
;
my
$log
=
Sympa::
Log
->
instance
;
...
...
@@ -185,10 +186,10 @@ sub parse_cert {
}
if
(
%emails
)
{
foreach
my
$email
(
keys
%emails
)
{
$res
{
email
}{
l
c
(
$email
)}
=
1
;
$res
{
email
}{
Sympa::Tools::Text::
canonic_emai
l
(
$email
)}
=
1
;
}
}
elsif
(
$x509
->
email
)
{
$res
{
email
}{
l
c
(
$x509
->
email
)}
=
1
;
$res
{
email
}{
Sympa::Tools::Text::
canonic_emai
l
(
$x509
->
email
)}
=
1
;
}
# Check key usage roughy.
my
%purposes
=
$x509
->
extensions_by_name
->
{
keyUsage
}
->
hash_bit_string
;
...
...
src/lib/Sympa/Tools/Text.pm
View file @
d2f4fc21
...
...
@@ -508,7 +508,8 @@ sub unescape_chars {
sub
valid_email
{
my
$email
=
shift
;
return
undef
unless
$email
=~
/\A$email_re\z/
;
return
undef
unless
defined
$email
and
$email
=~
/\A$email_re\z/
;
return
1
;
}
...
...
src/lib/Sympa/WWW/Auth.pm
View file @
d2f4fc21
...
...
@@ -346,12 +346,13 @@ sub get_email_by_net_id {
$db
->
disconnect
();
## return only the first attribute
my
@results
=
$mesg
->
entries
;
foreach
my
$result
(
@results
)
{
return
(
lc
(
$result
->
get_value
(
$ldap
->
{'
email_attribute
'})));
# Return only the first attribute.
foreach
my
$result
(
$mesg
->
entries
)
{
my
$email
=
$result
->
get_value
(
$ldap
->
{'
email_attribute
'});
return
undef
unless
Sympa::Tools::Text::
valid_email
(
$email
);
return
Sympa::Tools::Text::
canonic_email
(
$email
);
}
return
undef
;
}
# check trusted_application_name et trusted_application_password : return 1 or
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment