Commit 301f02e6 authored by Ingo Klöcker's avatar Ingo Klöcker
Browse files

Impose less strict restrictions on the name component of a new user id

Now that we use the quick-add-uid interface which doesn't check the
user id, we only disallow the characters '<', '>', and '@' which could
confuse user id parsers trying to split the name and the email component.

GnuPG-bug-id: 5916
parent acfab27b
......@@ -78,18 +78,11 @@ public:
ui.nameInput = FormTextInput<QLineEdit>::create(q);
ui.nameInput->label()->setText(i18nc("@label", "Name:"));
const auto regexp = config.readEntry(QLatin1String("NAME_regex"));
ui.nameInput->setValidator(regexp.isEmpty() ? Validation::pgpName(Validation::Optional, q)
: Validation::pgpName(regexp, Validation::Optional, q));
ui.nameInput->setValidator(regexp.isEmpty() ? Validation::simpleName(Validation::Optional, q)
: Validation::simpleName(regexp, Validation::Optional, q));
const auto additionalRule = regexp.isEmpty() ? QString{} : i18n("Additionally, the name must adhere to rules set by your organization.");
ui.nameInput->setToolTip(xi18n(
"<para>If a name is given, then it has to satisfy the following rules:"
"<list>"
"<item>The name must be at least 5 characters long.</item>"
"<item>The first character must not be a digit.</item>"
"<item>The name must not contain any of the following characters: &lt;, &gt;, @.</item>"
"</list>"
"%1"
"</para>",
"<para>The name must not contain any of the following characters: &lt;, &gt;, @. %1</para>",
additionalRule));
ui.nameInput->setErrorMessage(i18n("Error: The entered name is not valid."));
......
......@@ -106,6 +106,17 @@ QValidator *Validation::pgpName(const QString &addRX, Flags flags, QObject *pare
return new MultiValidator{pgpName(flags), regularExpressionValidator(flags, addRX, nullptr), parent};
}
QValidator *Validation::simpleName(Flags flags, QObject *parent)
{
static const QString name_rx{QLatin1String{"[^<>@]*"}};
return regularExpressionValidator(flags, name_rx, parent);
}
QValidator *Validation::simpleName(const QString &additionalRegExp, Flags flags, QObject *parent)
{
return new MultiValidator{simpleName(flags), regularExpressionValidator(flags, additionalRegExp, nullptr), parent};
}
QValidator *Validation::pgpComment(Flags flags, QObject *parent)
{
// this regular expression is modeled after gnupg/g10/keygen.c:ask_user_id:
......
......@@ -24,11 +24,31 @@ enum Flags {
};
QValidator *email(Flags flags = Required, QObject *parent = nullptr);
/**
* Creates a validator for the name part of the user ID of an OpenPGP key with
* restrictions that are necessary for usage with the edit-key interface.
*/
QValidator *pgpName(Flags flags = Required, QObject *parent = nullptr);
/**
* Creates a validator for the name part of the user ID of an OpenPGP key with
* less restrictions than \ref pgpName.
*/
QValidator *simpleName(Flags flags = Required, QObject *parent = nullptr);
QValidator *pgpComment(Flags flags = Required, QObject *parent = nullptr);
QValidator *email(const QString &additionalRegExp, Flags flags = Required, QObject *parent = nullptr);
/**
* Creates a validator for the name part of the user ID of an OpenPGP key with
* restrictions that are necessary for usage with the edit-key interface, and
* with additional restrictions imposed by \p additionalRegExp.
*/
QValidator *pgpName(const QString &additionalRegExp, Flags flags = Required, QObject *parent = nullptr);
/**
* Creates a validator for the name part of the user ID of an OpenPGP key with
* less restrictions than \ref pgpName, but with additional restrictions imposed
* by \p additionalRegExp.
*/
QValidator *simpleName(const QString &additionalRegExp, Flags flags = Required, QObject *parent = nullptr);
QValidator *pgpComment(const QString &additionalRegExp, Flags flags = Required, QObject *parent = nullptr);
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment