Re: [Mutt] #2180: mutt / gpgme does a case sensitive check of

To: ludwig@xxxxxxxxxxx, pdmef@xxxxxxx
Subject: Re: [Mutt] #2180: mutt / gpgme does a case sensitive check of
From: Mutt <fleas@xxxxxxxx>
Date: Tue, 30 Jun 2009 14:24:01 -0000
Auto-submitted: auto-generated
Cc: mutt-dev@xxxxxxxx
In-reply-to: <050.ee96f7af5532e29d592c8a2361b9104d@xxxxxxxx>
List-post: <mailto:mutt-dev@mutt.org>
List-unsubscribe: send mail to majordomo@mutt.org, body only "unsubscribe mutt-dev"
Mail-followup-to: fleas@xxxxxxxx
References: <050.ee96f7af5532e29d592c8a2361b9104d@xxxxxxxx>
Reply-to: fleas@xxxxxxxx
Sender: owner-mutt-dev@xxxxxxxx

#2180: mutt / gpgme does a case sensitive check of sender's domainname
---------------------------------+------------------------------------------
  Reporter:  ludwig@xxxxxxxxxxx  |       Owner:  mutt-dev                    
      Type:  defect              |      Status:  new                         
  Priority:  minor               |   Milestone:                              
 Component:  crypto              |     Version:  1.5.11 (CVS from 2006-02-09)
Resolution:                      |    Keywords:  patch                       
---------------------------------+------------------------------------------
Changes (by pdmef):

  * keywords:  => patch
  * component:  mutt => crypto


Old description:

> {{{
> RFC 2821 reads (Sect. 2.4):
>   SMTP implementations MUST take care to preserve
>   the case of mailbox local-parts. Mailbox domains
>   are not case sensitive.
>
> However, the function verify_sender() in crypt-gpgme.c that is used to
> verify the From: header against the email address stated in the signer's
> x509 certificate compares the complete address in a case sensitive
> manner.
>
> There is a mail server at our site that that I cannot control and that
> changes the domain name part from fh-worms.de into Fh-Worms.de.
> Therefore, whenever I open a mail from someone at fh-worms.de, mutt
> mistakenly complains that the signer's certificate does not belong to the
> sender.
> >How-To-Repeat:
> >Fix:
> The attached patch (against the CVS as of 2005-02-09) fixes this problem.
> It additionally fixes a not initialized variable in decrypt_part() that
> might be accessed in some code path.
> }}}

New description:

 {{{
 RFC 2821 reads (Sect. 2.4):
   SMTP implementations MUST take care to preserve
   the case of mailbox local-parts. Mailbox domains
   are not case sensitive.

 However, the function verify_sender() in crypt-gpgme.c that is used to
 verify the From: header against the email address stated in the signer's
 x509 certificate compares the complete address in a case sensitive manner.

 There is a mail server at our site that that I cannot control and that
 changes the domain name part from fh-worms.de into Fh-Worms.de. Therefore,
 whenever I open a mail from someone at fh-worms.de, mutt mistakenly
 complains that the signer's certificate does not belong to the sender.
 >How-To-Repeat:
 >Fix:
 The attached patch (against the CVS as of 2005-02-09) fixes this problem.
 It additionally fixes a not initialized variable in decrypt_part() that
 might be accessed in some code path.
 }}}

--

-- 
Ticket URL: <http://dev.mutt.org/trac/ticket/2180#comment:1>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

Prev by Date: Re: [Mutt] #2904: recursive pgp_check_traditional() will crash on
Next by Date: Re: [Mutt] #2804: Bug#305069: mutt: extra redraw, scroll when resuming
Previous by thread: Re: [Mutt] #1751: fetch_mail splits body at "From "
Next by thread: Re: [Mutt] #1421: Mutt generates base64 in Subject
Index(es):
- Date
- Thread