Re: [Mutt] #2180: mutt / gpgme does a case sensitive check of
#2180: mutt / gpgme does a case sensitive check of sender's domainname
---------------------------------+------------------------------------------
Reporter: ludwig@xxxxxxxxxxx | Owner: mutt-dev
Type: defect | Status: new
Priority: minor | Milestone:
Component: crypto | Version: 1.5.11 (CVS from 2006-02-09)
Resolution: | Keywords: patch
---------------------------------+------------------------------------------
Changes (by pdmef):
* keywords: => patch
* component: mutt => crypto
Old description:
> {{{
> RFC 2821 reads (Sect. 2.4):
> SMTP implementations MUST take care to preserve
> the case of mailbox local-parts. Mailbox domains
> are not case sensitive.
>
> However, the function verify_sender() in crypt-gpgme.c that is used to
> verify the From: header against the email address stated in the signer's
> x509 certificate compares the complete address in a case sensitive
> manner.
>
> There is a mail server at our site that that I cannot control and that
> changes the domain name part from fh-worms.de into Fh-Worms.de.
> Therefore, whenever I open a mail from someone at fh-worms.de, mutt
> mistakenly complains that the signer's certificate does not belong to the
> sender.
> >How-To-Repeat:
> >Fix:
> The attached patch (against the CVS as of 2005-02-09) fixes this problem.
> It additionally fixes a not initialized variable in decrypt_part() that
> might be accessed in some code path.
> }}}
New description:
{{{
RFC 2821 reads (Sect. 2.4):
SMTP implementations MUST take care to preserve
the case of mailbox local-parts. Mailbox domains
are not case sensitive.
However, the function verify_sender() in crypt-gpgme.c that is used to
verify the From: header against the email address stated in the signer's
x509 certificate compares the complete address in a case sensitive manner.
There is a mail server at our site that that I cannot control and that
changes the domain name part from fh-worms.de into Fh-Worms.de. Therefore,
whenever I open a mail from someone at fh-worms.de, mutt mistakenly
complains that the signer's certificate does not belong to the sender.
>How-To-Repeat:
>Fix:
The attached patch (against the CVS as of 2005-02-09) fixes this problem.
It additionally fixes a not initialized variable in decrypt_part() that
might be accessed in some code path.
}}}
--
--
Ticket URL: <http://dev.mutt.org/trac/ticket/2180#comment:1>
Mutt <http://www.mutt.org/>
The Mutt mail user agent