1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-22 14:57:02 +01:00

gpg: Fix trusted introducer for user-ids with only the mbox.

* g10/trustdb.c (check_regexp): Kludge to match user-ids with only an
mbox.
--
(Also re-indented the function)
GnuPG-bug-id: 6238
This commit is contained in:
Werner Koch 2022-10-28 11:17:39 +02:00
parent 290f458ad6
commit c1f5fcff42
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B

View File

@ -1669,38 +1669,50 @@ sanitize_regexp(const char *old)
return new; return new;
} }
/* Used by validate_one_keyblock to confirm a regexp within a trust /* Used by validate_one_keyblock to confirm a regexp within a trust
signature. Returns 1 for match, and 0 for no match or regex * signature. Returns 1 for match, and 0 for no match or regex
error. */ * error. */
static int static int
check_regexp (const char *expr,const char *string) check_regexp (const char *expr,const char *string)
{ {
int ret; int ret;
char *regexp; char *regexp;
char *stringbuf = NULL;
regex_t pat;
regexp = sanitize_regexp (expr); regexp = sanitize_regexp (expr);
ret = regcomp (&pat, regexp, (REG_ICASE|REG_EXTENDED));
if (!ret)
{ {
regex_t pat; if (*regexp == '<' && !strchr (string, '<')
&& is_valid_mailbox (string))
ret=regcomp(&pat,regexp,REG_ICASE|REG_EXTENDED);
if(ret==0)
{ {
/* The R.E. starts with an angle bracket but STRING seems to
* be a plain mailbox (e.g. "foo@example.org"). The
* commonly used R.E. pattern "<[^>]+[@.]example\.org>$"
* won't be able to detect this. Thus we enclose STRING
* into angle brackets for checking. */
stringbuf = xstrconcat ("<", string, ">", NULL);
string = stringbuf;
}
ret = regexec (&pat, string, 0, NULL, 0); ret = regexec (&pat, string, 0, NULL, 0);
regfree (&pat); regfree (&pat);
} }
ret=(ret==0);
} ret = !ret;
if (DBG_TRUST) if (DBG_TRUST)
log_debug("regexp '%s' ('%s') on '%s': %s\n", log_debug ("regexp '%s' ('%s') on '%s'%s: %s\n",
regexp,expr,string,ret?"YES":"NO"); regexp, expr, string, stringbuf? " (fixed)":"", ret? "YES":"NO");
xfree (regexp); xfree (regexp);
xfree (stringbuf);
return ret; return ret;
} }
/* /*
* Return true if the key is signed by one of the keys in the given * Return true if the key is signed by one of the keys in the given
* key ID list. User IDs with a valid signature are marked by node * key ID list. User IDs with a valid signature are marked by node