View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0001276Main CAcert WebsiteGPG/PGPpublic2014-05-08 10:042014-12-02 22:47
Reporterenglal Assigned ToBenBE  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Product Version2014 Q2 
Fixed in Version2014 Q3 
Summary0001276: Middle Initial Matching for uid on GPG identities
DescriptionA middle name known to CAcert will only match the same, whole middle name in a GPG identity and not an initial.

A CAcert user with the name John Joseph Doe won't get a match for a GPG key identity with the name "John J Doe" or "John J. Doe".
Steps To ReproduceUse a GPG identity that utilizes a middle initial on a CAcert account that has a middle name associated.
Additional InformationI grabbed the source code and made some updates. This version of the code will match all cases that were previously accounted for, plus the middle initial in place of the middle name, both where it has a period and does not. Additionally, this makes the comparison case insensitive. These changes match with the name policy found here: http://wiki.cacert.org/PracticeOnNames in that it makes the matching case-insensitive (rule 5), and allows the reduction of information (rule 5) but not the addition of information (a middle initial known from a middle name will match, but a middle initial in CAcert will not match a complete middle name in a GPG identity). Comments have also been added to clarify the match each line tests.
TagsNo tags attached.
Reviewed bydastrath, BenBE
Test Instructions

Relationships

related to 0001079 needs work GPG key can not be revoked 

Activities

englal

2014-05-08 10:17

reporter  

namematches3.patch (2,025 bytes)    
--- gpg.php	2014-04-18 01:10:43.000000000 -0700
+++ gpg.php.new	2014-05-08 03:11:36.870600558 -0700
@@ -63,12 +63,16 @@
 function verifyName($name)
 {
 	if($name == "") return 0;
-	if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']) return 1;
-	if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']) return 1;
-	if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix']) return 1;
-	if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix']) return 1;
-	return 0;
+	if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname'])) return 1; // John Doe
+	if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname'])) return 1; // John Joseph Doe
+	if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname'][0]." ".$_SESSION['profile']['lname'])) return 1; // John J Doe
+	if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname'][0].". ".$_SESSION['profile']['lname'])) return 1; // John J. Doe
+	if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'])) return 1; // John Doe Jr.
+	if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'])) return 1; //John Joseph Doe Jr.
+	if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname'][0]." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'])) return 1; //John J Doe Jr.
+	if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname'][0].". ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'])) return 1; //John J. Doe Jr.
 
+	return 0;
 }
 
 function verifyEmail($email)
namematches3.patch (2,025 bytes)   

englal

2014-05-08 10:18

reporter   ~0004779

Please disregard the first two patch files uploaded. I had trouble with the ticketing system and can't figure out how to remove those. The relevant file that should be considered is namematches3.patch.

BenBE

2014-05-09 07:26

updater   ~0004780

I updated the bugtracker item to point to me. I'll put it onto our test system after the initial review. I also remove the additional attachments to clean things up here a bit. :)

BenBE

2014-05-11 17:46

updater   ~0004781

The patch has been (except for some minor formatting using blank lines) taken as provided by englal. Please test the changes and report back here.

@englal: Please note that test.cacert.org where changes can be tested, is not for production use - don't upload signatures you receive from there. Also note the instructions on the front page of the testserver.

neal

2014-05-13 22:03

developer   ~0004782

tested with the folowing names in the pgp-keys:

before update
1   -    HaNs wUrSt
2  fail Hans D Wurst
3  fail  Hans D. Wurst
4   ok   Hans Dieter Wurst

after update
1   ok   HaNs wUrSt
2   ok   Hans D Wurst
3   ok   Hans D. Wurst
4   ok   Hans Dieter Wurst

=> works

egal

2014-05-13 22:07

administrator   ~0004783

Patch seems to be correct.

felixd

2014-06-15 01:09

updater   ~0004830

Last edited: 2014-07-01 22:25

 Testing with the following names after update:
First Name: Kürti
Middle Names: Räiner Zufall
Last Name: Hänsel

Kürti Räiner Zufall Hänsel (ok)
Kürti R. Z. Hänsel (fails, but is ok)
// not intended to be implemented in this bug
Kürti Hänsel (ok)
Kürti R. Hänsel (ok)
Kürti R Hänsel (ok)
kürti räiner zufall hänsel (ok)

=> ok

Ted

2014-08-15 19:46

administrator   ~0004947

Last edited: 2014-08-15 19:47

 Is there a specific reason why this bug is assigned to me?

Anyway, there seem to be two positive reviews and two positive test reports, so the issue should be ready to deploy.

BenBE, I'd prefer that someone else creates the patch, unless noone else is available...

wytze

2014-08-21 14:40

developer   ~0004978

The fix has been installed on the production server on August 21, 2014. See also:
https://lists.cacert.org/wws/arc/cacert-systemlog/2014-08/msg00012.html

Issue History

Date Modified Username Field Change
2014-05-08 10:04 englal New Issue
2014-05-08 10:04 englal File Added: namematches.patch
2014-05-08 10:07 englal Relationship added related to 0001079
2014-05-08 10:10 englal File Added: namematches2.patch
2014-05-08 10:17 englal File Added: namematches3.patch
2014-05-08 10:18 englal Note Added: 0004779
2014-05-09 07:26 BenBE Note Added: 0004780
2014-05-09 07:26 BenBE Assigned To => BenBE
2014-05-09 07:26 BenBE Status new => fix available
2014-05-09 07:26 BenBE Product Version => 2014 Q2
2014-05-09 07:28 BenBE File Deleted: namematches.patch
2014-05-09 07:29 BenBE File Deleted: namematches2.patch
2014-05-11 17:35 BenBE Source_changeset_attached => cacert-devel testserver-stable 36d80564
2014-05-11 17:35 BenBE Source_changeset_attached => cacert-devel testserver-stable e6841da6
2014-05-11 17:46 BenBE Reviewed by => BenBE
2014-05-11 17:46 BenBE Note Added: 0004781
2014-05-11 17:46 BenBE Assigned To BenBE => Ted
2014-05-11 17:46 BenBE Status fix available => needs review & testing
2014-05-13 22:03 neal Note Added: 0004782
2014-05-13 22:07 egal Note Added: 0004783
2014-06-03 20:46 BenBE Reviewed by BenBE => dastrath, BenBE
2014-06-03 20:46 BenBE Status needs review & testing => needs testing
2014-06-15 01:09 felixd Note Added: 0004830
2014-07-01 22:25 felixd Note Edited: 0004830
2014-08-15 19:46 Ted Note Added: 0004947
2014-08-15 19:46 Ted Assigned To Ted => BenBE
2014-08-15 19:46 Ted Status needs testing => ready to deploy
2014-08-15 19:47 Ted Note Edited: 0004947
2014-08-21 14:40 wytze Note Added: 0004978
2014-08-21 14:40 wytze Status ready to deploy => solved?
2014-08-21 14:40 wytze Fixed in Version => 2014 Q3
2014-08-21 14:40 wytze Resolution open => fixed
2014-08-28 07:25 BenBE Source_changeset_attached => cacert-devel release be3c7c95
2014-12-02 22:47 INOPIAE Status solved? => closed