View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0001276 | Main CAcert Website | GPG/PGP | public | 2014-05-08 10:04 | 2014-12-02 22:47 |
Reporter | englal | Assigned To | BenBE | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 2014 Q2 | ||||
Fixed in Version | 2014 Q3 | ||||
Summary | 0001276: Middle Initial Matching for uid on GPG identities | ||||
Description | A middle name known to CAcert will only match the same, whole middle name in a GPG identity and not an initial. A CAcert user with the name John Joseph Doe won't get a match for a GPG key identity with the name "John J Doe" or "John J. Doe". | ||||
Steps To Reproduce | Use a GPG identity that utilizes a middle initial on a CAcert account that has a middle name associated. | ||||
Additional Information | I grabbed the source code and made some updates. This version of the code will match all cases that were previously accounted for, plus the middle initial in place of the middle name, both where it has a period and does not. Additionally, this makes the comparison case insensitive. These changes match with the name policy found here: http://wiki.cacert.org/PracticeOnNames in that it makes the matching case-insensitive (rule 5), and allows the reduction of information (rule 5) but not the addition of information (a middle initial known from a middle name will match, but a middle initial in CAcert will not match a complete middle name in a GPG identity). Comments have also been added to clarify the match each line tests. | ||||
Tags | No tags attached. | ||||
Reviewed by | dastrath, BenBE | ||||
Test Instructions | |||||
related to | 0001079 | needs work | GPG key can not be revoked |
|
namematches3.patch (2,025 bytes)
--- gpg.php 2014-04-18 01:10:43.000000000 -0700 +++ gpg.php.new 2014-05-08 03:11:36.870600558 -0700 @@ -63,12 +63,16 @@ function verifyName($name) { if($name == "") return 0; - if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']) return 1; - if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']) return 1; - if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix']) return 1; - if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix']) return 1; - return 0; + if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname'])) return 1; // John Doe + if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname'])) return 1; // John Joseph Doe + if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname'][0]." ".$_SESSION['profile']['lname'])) return 1; // John J Doe + if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname'][0].". ".$_SESSION['profile']['lname'])) return 1; // John J. Doe + if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'])) return 1; // John Doe Jr. + if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'])) return 1; //John Joseph Doe Jr. + if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname'][0]." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'])) return 1; //John J Doe Jr. + if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname'][0].". ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'])) return 1; //John J. Doe Jr. + return 0; } function verifyEmail($email) |
|
Please disregard the first two patch files uploaded. I had trouble with the ticketing system and can't figure out how to remove those. The relevant file that should be considered is namematches3.patch. |
|
I updated the bugtracker item to point to me. I'll put it onto our test system after the initial review. I also remove the additional attachments to clean things up here a bit. :) |
|
The patch has been (except for some minor formatting using blank lines) taken as provided by englal. Please test the changes and report back here. @englal: Please note that test.cacert.org where changes can be tested, is not for production use - don't upload signatures you receive from there. Also note the instructions on the front page of the testserver. |
|
tested with the folowing names in the pgp-keys: before update 1 - HaNs wUrSt 2 fail Hans D Wurst 3 fail Hans D. Wurst 4 ok Hans Dieter Wurst after update 1 ok HaNs wUrSt 2 ok Hans D Wurst 3 ok Hans D. Wurst 4 ok Hans Dieter Wurst => works |
|
Patch seems to be correct. |
|
Testing with the following names after update: First Name: Kürti Middle Names: Räiner Zufall Last Name: Hänsel Kürti Räiner Zufall Hänsel (ok) Kürti R. Z. Hänsel (fails, but is ok) // not intended to be implemented in this bug Kürti Hänsel (ok) Kürti R. Hänsel (ok) Kürti R Hänsel (ok) kürti räiner zufall hänsel (ok) => ok |
|
Is there a specific reason why this bug is assigned to me? Anyway, there seem to be two positive reviews and two positive test reports, so the issue should be ready to deploy. BenBE, I'd prefer that someone else creates the patch, unless noone else is available... |
|
The fix has been installed on the production server on August 21, 2014. See also: https://lists.cacert.org/wws/arc/cacert-systemlog/2014-08/msg00012.html |
Date Modified | Username | Field | Change |
---|---|---|---|
2014-05-08 10:04 | englal | New Issue | |
2014-05-08 10:04 | englal | File Added: namematches.patch | |
2014-05-08 10:07 | englal | Relationship added | related to 0001079 |
2014-05-08 10:10 | englal | File Added: namematches2.patch | |
2014-05-08 10:17 | englal | File Added: namematches3.patch | |
2014-05-08 10:18 | englal | Note Added: 0004779 | |
2014-05-09 07:26 | BenBE | Note Added: 0004780 | |
2014-05-09 07:26 | BenBE | Assigned To | => BenBE |
2014-05-09 07:26 | BenBE | Status | new => fix available |
2014-05-09 07:26 | BenBE | Product Version | => 2014 Q2 |
2014-05-09 07:28 | BenBE | File Deleted: namematches.patch | |
2014-05-09 07:29 | BenBE | File Deleted: namematches2.patch | |
2014-05-11 17:35 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable 36d80564 |
2014-05-11 17:35 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable e6841da6 |
2014-05-11 17:46 | BenBE | Reviewed by | => BenBE |
2014-05-11 17:46 | BenBE | Note Added: 0004781 | |
2014-05-11 17:46 | BenBE | Assigned To | BenBE => Ted |
2014-05-11 17:46 | BenBE | Status | fix available => needs review & testing |
2014-05-13 22:03 | neal | Note Added: 0004782 | |
2014-05-13 22:07 | egal | Note Added: 0004783 | |
2014-06-03 20:46 | BenBE | Reviewed by | BenBE => dastrath, BenBE |
2014-06-03 20:46 | BenBE | Status | needs review & testing => needs testing |
2014-06-15 01:09 | felixd | Note Added: 0004830 | |
2014-07-01 22:25 | felixd | Note Edited: 0004830 | |
2014-08-15 19:46 | Ted | Note Added: 0004947 | |
2014-08-15 19:46 | Ted | Assigned To | Ted => BenBE |
2014-08-15 19:46 | Ted | Status | needs testing => ready to deploy |
2014-08-15 19:47 | Ted | Note Edited: 0004947 | |
2014-08-21 14:40 | wytze | Note Added: 0004978 | |
2014-08-21 14:40 | wytze | Status | ready to deploy => solved? |
2014-08-21 14:40 | wytze | Fixed in Version | => 2014 Q3 |
2014-08-21 14:40 | wytze | Resolution | open => fixed |
2014-08-28 07:25 | BenBE | Source_changeset_attached | => cacert-devel release be3c7c95 |
2014-12-02 22:47 | INOPIAE | Status | solved? => closed |