SMIME and Email address detection is case sensitive

[michas]

The check of an email address in certificate file and email from header for SMIME encryption is case sensitive.

We have a customer who put Firstname.Lastname@domain.com in it's email "From:" field but owns an SMIME cert issued for firsname.lastname@domain.com. In this case, OTRS 3.2.12 won't find the correct certificate cause of the cases sensivity of the search.

To fix this, I patched OTRS just to always compare lower case versions of the email addresses only by applying this patch:

Code: Select all

--- Kernel/System/Crypt/SMIME.pm.orig	2013-12-06 14:36:01.995650259 +0100
+++ Kernel/System/Crypt/SMIME.pm	2013-12-06 13:31:50.259922154 +0100
@@ -1720,6 +1720,7 @@
     $AttributesRef->{Issuer} =~ s{=}{= }xmsg  if $AttributesRef->{Issuer};
     $AttributesRef->{Subject} =~ s{\/}{ }xmsg if $AttributesRef->{Subject};
     $AttributesRef->{Subject} =~ s{=}{= }xmsg if $AttributesRef->{Subject};
+    $AttributesRef->{Email} = lc($AttributesRef->{Email}) if $AttributesRef->{Email};

     my %Month = (
         Jan => '01',

--- Kernel/Output/HTML/ArticleComposeCrypt.pm.orig	2013-12-06 11:55:55.677396192 +0100
+++ Kernel/Output/HTML/ArticleComposeCrypt.pm	2013-12-06 13:38:38.751477983 +0100
@@ -155,7 +155,7 @@
         my $CryptObjectSMIME = Kernel::System::Crypt->new( %{$Self}, CryptType => 'SMIME' );
         if ($CryptObjectSMIME) {
             my @PublicKeys = $CryptObjectSMIME->CertificateSearch(
-                Search => $SearchAddress[0]->address(),
+                Search => lc($SearchAddress[0]->address()),
             );
             for my $DataRef (@PublicKeys) {
                 my $EndDate = '';

Maybe this should be fixed in distributed version?

[jojo]

Hi,

this is the wrong place for sending fixes.

Please open a bug (http://bugs.otrs.org) and send a pull request via Github


Thanks