From 70e4e7f7bef3dfb8bf097e64540708491f4f07a9 Mon Sep 17 00:00:00 2001
From: Jonas Platte <mail@jonasplatte.de>
Date: Sat, 12 Jul 2014 03:19:09 +0200
Subject: [PATCH 1/2] Fixed validate_email not accepting catchalls (empty local
 part of the address)

---
 management/mailconfig.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/management/mailconfig.py b/management/mailconfig.py
index 653b98f0..e04ccabd 100755
--- a/management/mailconfig.py
+++ b/management/mailconfig.py
@@ -20,7 +20,7 @@ def validate_email(email, strict):
 		# these characters are permitted in email address.
 		ATEXT = r'[\w!#$%&\'\*\+\-/=\?\^`\{\|\}~]' # see 3.2.4
 
-	DOT_ATOM_TEXT = ATEXT + r'+(?:\.' + ATEXT + r'+)*'      # see 3.2.4
+	DOT_ATOM_TEXT = ATEXT + r'*(?:\.' + ATEXT + r'+)*'      # see 3.2.4
 	DOT_ATOM_TEXT2 = ATEXT + r'+(?:\.' + ATEXT + r'+)+'      # as above, but with a "+" since the host part must be under some TLD
 	ADDR_SPEC = '^%s@%s$' % (DOT_ATOM_TEXT, DOT_ATOM_TEXT2) # see 3.4.1
 

From c35252720fd81ce278d3e5e0c576479335b5263d Mon Sep 17 00:00:00 2001
From: Jonas Platte <mail@jonasplatte.de>
Date: Sat, 12 Jul 2014 13:17:13 +0200
Subject: [PATCH 2/2] Prohibited usage of empty local part for
 validate_email(email, strict = true)

---
 management/mailconfig.py | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/management/mailconfig.py b/management/mailconfig.py
index e04ccabd..94342acb 100755
--- a/management/mailconfig.py
+++ b/management/mailconfig.py
@@ -20,8 +20,11 @@ def validate_email(email, strict):
 		# these characters are permitted in email address.
 		ATEXT = r'[\w!#$%&\'\*\+\-/=\?\^`\{\|\}~]' # see 3.2.4
 
-	DOT_ATOM_TEXT = ATEXT + r'*(?:\.' + ATEXT + r'+)*'      # see 3.2.4
-	DOT_ATOM_TEXT2 = ATEXT + r'+(?:\.' + ATEXT + r'+)+'      # as above, but with a "+" since the host part must be under some TLD
+	DOT_ATOM_TEXT = r'(' + ATEXT + r'(?:\.' + ATEXT + r'+)*)' # see 3.2.4
+	if not strict:
+		DOT_ATOM_TEXT += r'?' # allow an empty local part for catchalls
+
+	DOT_ATOM_TEXT2 = ATEXT + r'+(?:\.' + ATEXT + r'+)+'     # as above, but with a "+" since the host part must be under some TLD
 	ADDR_SPEC = '^%s@%s$' % (DOT_ATOM_TEXT, DOT_ATOM_TEXT2) # see 3.4.1
 
 	return re.match(ADDR_SPEC, email)
@@ -66,7 +69,7 @@ def add_mail_user(email, pw, env):
 		c.execute("INSERT INTO users (email, password) VALUES (?, ?)", (email, pw))
 	except sqlite3.IntegrityError:
 		return ("User already exists.", 400)
-		
+
 	# write databasebefore next step
 	conn.commit()
 
@@ -212,4 +215,3 @@ if __name__ == "__main__":
 	if len(sys.argv) > 1 and sys.argv[1] == "update":
 		from utils import load_environment
 		print(kick(load_environment()))
-