| | 767 | /* incomplete. Only used to thwart the APOP MD5 attack (#2846). */ |
| | 768 | int rfc822_valid_msgid (const char *msgid) |
| | 769 | { |
| | 770 | /* msg-id = "<" addr-spec ">" |
| | 771 | * addr-spec = local-part "@" domain |
| | 772 | * local-part = word *("." word) |
| | 773 | * word = atom / quoted-string |
| | 774 | * atom = 1*<any CHAR except specials, SPACE and CTLs> |
| | 775 | * CHAR = ( 0.-127. ) |
| | 776 | * specials = "(" / ")" / "<" / ">" / "@" |
| | 777 | / "," / ";" / ":" / "\" / <"> |
| | 778 | / "." / "[" / "]" |
| | 779 | * SPACE = ( 32. ) |
| | 780 | * CTLS = ( 0.-31., 127.) |
| | 781 | * quoted-string = <"> *(qtext/quoted-pair) <"> |
| | 782 | * qtext = <any CHAR except <">, "\" and CR> |
| | 783 | * CR = ( 13. ) |
| | 784 | * quoted-pair = "\" CHAR |
| | 785 | * domain = sub-domain *("." sub-domain) |
| | 786 | * sub-domain = domain-ref / domain-literal |
| | 787 | * domain-ref = atom |
| | 788 | * domain-literal = "[" *(dtext / quoted-pair) "]" |
| | 789 | */ |
| | 790 | |
| | 791 | char* dom; |
| | 792 | unsigned int l, i; |
| | 793 | |
| | 794 | if (!msgid || !*msgid) |
| | 795 | return -1; |
| | 796 | |
| | 797 | l = mutt_strlen (msgid); |
| | 798 | if (l < 5) /* <atom@atom> */ |
| | 799 | return -1; |
| | 800 | if (msgid[0] != '<' || msgid[l-1] != '>') |
| | 801 | return -1; |
| | 802 | if (!(dom = strrchr (msgid, '@'))) |
| | 803 | return -1; |
| | 804 | |
| | 805 | /* TODO: complete parser */ |
| | 806 | for (i = 0; i < l; i++) |
| | 807 | if (msgid[i] > 127) |
| | 808 | return -1; |
| | 809 | |
| | 810 | return 0; |
| | 811 | } |
| | 812 | |
