Bug 46599 – mail syntax allows space in email address

Bug 46599 - mail syntax allows space in email address


Summary:	mail syntax allows space in email address

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	Mail
Version:	UCS 4.2
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.4-3-errata
Assigned To:	Toni Röhmeyer
QA Contact:	Daniel Tröder

URL:	https://forge.univention.org/bugzilla...
Keywords:

Depends on:	46021
Blocks:	46602
	Show dependency tree / graph

Reported:	2018-03-12 13:13 CET by Daniel Tröder
Modified:	2020-03-18 12:27 CET (History)
CC List:	1 user (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	3: Simply Wrong: The implementation doesn't match the docu
Who will be affected by this bug?:	1: Will affect a very few installed domains
How will those affected feel about the bug?:	3: A User would likely not purchase the product
User Pain:	0.051
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Daniel Tröder

2018-03-12 13:13:22 CET

The UDM syntax check for mailPrimaryAddress and mailAlternativeAdress (and probably also "email") does allow space in an email address.

That is valid in the local part, but it must then be quoted, which is not done.

But I suggest to not allow space at all, because it is a sure way to trouble, once communication with other mail servers begins.

Comment 1 Toni Röhmeyer

2020-02-04 12:03:44 CET

Added test "71_spaces_in_mail_address" to check if udm-test does not allow spaces in email addresses.

Changes to "syntax.py" so that udm-test does not allow spaces in email addresses anymore.

Solution was pushed to branch

troehmey/bug46599

with commit
fbc6e8f1fb10acb306387d98073934cc54c5f530
"Bug #46599: added test module and fixed udm test to not allow spaces"


Waiting for check by QA

Comment 2 Daniel Tröder

2020-02-20 14:43:43 CET

Please apply the style fixes I did for Bug #50748.

The test does _not_ fail, when an email address with a space is accepted. It only fails if there was an error, but it was not the expected one.

Comment 3 Toni Röhmeyer

2020-02-21 12:54:57 CET

Corrected test and added style fixes with commit

commit 895afdca451f10665d963ec8f70536355607bc01
Bug #46599: correction and style fixes

on branch troehmey/bug46599

Comment 4 Daniel Tröder

2020-02-24 12:45:14 CET

OK: test works

I simplified the test logic a bit. The utils.fail() can simply follow the udm.create_user() before the except-block, as that should never happen.
A second utils.fail() exists in the except-block for the case, that the user creation failed for an unexpected reason.
BTW: the test can run on UCS systens without installed mail server app, so I changed the required "packages" to "univention-mail-postfix".
I modified syntax.py only to replace the \ with (), because I think it improves readability.

[troehmey/bug46599 f0170a1923] Bug #46599: use brackets instead of backslash
[troehmey/bug46599 0f444b5efc] Bug #46599: simplify test logic


Please merge the branch into the "4.4-3" branch, create changelog entries, build both packages and create an advisory.

Comment 5 Toni Röhmeyer

2020-03-12 16:08:54 CET

Feature branch troehmey/bug46599 is now merged into 4.4-3.
Changelog entries were made and both packages built.
The yaml for univention-directory-manager-modules was created.

Comment 6 Daniel Tröder

2020-03-12 17:43:53 CET

You rebuilt 14.0.14-22, but your version is 14.0.14-23. I built it and updated the yaml file. Same for ucs-test: you built 9.0.3-175, but it should be 9.0.3-176.

[4.4-3 f9d82d3bf5] Bug #46599: update advisory

univention-directory-manager-modules (14.0.14-23)
ucs-test (9.0.3-176)

Comment 7 Daniel Tröder

2020-03-12 18:07:17 CET

OK: code change
OK: manual test
OK: automatic test
OK: advisory

Comment 8 Erik Damrose

2020-03-18 12:27:38 CET

<http://errata.software-univention.de/ucs/4.4/486.html>