1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

gpg: Fix trusted introducer for user-ids with only the mbox.

* g10/trustdb.c (check_regexp): Kludge to match user-ids with only an
mbox.
--
(Also re-indented the function)
GnuPG-bug-id: 6238
This commit is contained in:
Werner Koch 2022-10-28 11:17:39 +02:00
parent 7aaedfb107
commit 0ef54e644f
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B

View File

@ -1707,38 +1707,50 @@ sanitize_regexp(const char *old)
return new;
}
/* Used by validate_one_keyblock to confirm a regexp within a trust
signature. Returns 1 for match, and 0 for no match or regex
error. */
* signature. Returns 1 for match, and 0 for no match or regex
* error. */
static int
check_regexp(const char *expr,const char *string)
check_regexp (const char *expr,const char *string)
{
int ret;
char *regexp;
char *stringbuf = NULL;
regex_t pat;
regexp=sanitize_regexp(expr);
regexp = sanitize_regexp (expr);
{
regex_t pat;
ret = regcomp (&pat, regexp, (REG_ICASE|REG_EXTENDED));
if (!ret)
{
if (*regexp == '<' && !strchr (string, '<')
&& is_valid_mailbox (string))
{
/* The R.E. starts with an angle bracket but STRING seems to
* be a plain mailbox (e.g. "foo@example.org"). The
* commonly used R.E. pattern "<[^>]+[@.]example\.org>$"
* won't be able to detect this. Thus we enclose STRING
* into angle brackets for checking. */
stringbuf = xstrconcat ("<", string, ">", NULL);
string = stringbuf;
}
ret = regexec (&pat, string, 0, NULL, 0);
regfree (&pat);
}
ret=regcomp(&pat,regexp,REG_ICASE|REG_EXTENDED);
if(ret==0)
{
ret=regexec(&pat,string,0,NULL,0);
regfree(&pat);
}
ret=(ret==0);
}
ret = !ret;
if(DBG_TRUST)
log_debug("regexp '%s' ('%s') on '%s': %s\n",
regexp,expr,string,ret?"YES":"NO");
xfree(regexp);
if (DBG_TRUST)
log_debug ("regexp '%s' ('%s') on '%s'%s: %s\n",
regexp, expr, string, stringbuf? " (fixed)":"", ret? "YES":"NO");
xfree (regexp);
xfree (stringbuf);
return ret;
}
/*
* Return true if the key is signed by one of the keys in the given
* key ID list. User IDs with a valid signature are marked by node