From c8b4a22f25232b3b154ee439945e8781887aea24 Mon Sep 17 00:00:00 2001
From: Wytze van der Raay <wytze@cacert.org>
Date: Wed, 29 Jul 2015 10:07:18 +0000
Subject: [PATCH] Signer part of fix for
 https://bugs.cacert.org/view.php?id=1392 Issue of certificates to arbitrary
 domains.

---
 CommModule/server.pl | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/CommModule/server.pl b/CommModule/server.pl
index 6084042..3fd77e6 100755
--- a/CommModule/server.pl
+++ b/CommModule/server.pl
@@ -491,8 +491,8 @@ sub SignX509($$$$$$$$)
   $subject=~ s/\\x([A-F0-9]{2})/pack("C", hex($1))/egi;
   $san=~ s/\\x([A-F0-9]{2})/pack("C", hex($1))/egi;
 
-  Error "Invalid characters in SubjectAltName!\n" if($san=~m/[ \n\r\t\x00"'\\]/);
-  Error "Invalid characters in Subject: ".hexdump($subject)." - $subject\n" if($subject=~m/[\n\r\t\x00"'\\]/);
+  Error "Invalid characters in SubjectAltName!\n" if($san=~m/[ \n\r\t\x00#"'\\]/);
+  Error "Invalid characters in Subject: ".hexdump($subject)." - $subject\n" if($subject=~m/[\n\r\t\x00#"'\\]/);
 
   print "Subject: $subject\n";
   print "SAN: $san\n";
@@ -590,8 +590,8 @@ sub SignOpenPGP
 
   my $keyid=undef;
 
-  Error "Invalid characters in SubjectAltName!\n" if($san=~m/[ \n\r\t\x00"'\\]/);
-  Error "Invalid characters in Subject!\n" if($subject=~m/[ \n\r\t\x00"'\\;]/);
+  Error "Invalid characters in SubjectAltName!\n" if($san=~m/[ \n\r\t\x00#"'\\]/);
+  Error "Invalid characters in Subject!\n" if($subject=~m/[ \n\r\t\x00#"'\\;]/);
 
 
   if(open OUT,">$wid/request.key")
@@ -843,7 +843,7 @@ sub RevokeX509
 {
   my ($root,$template,$hash,$days,$spkac,$request,$san,$subject)=@_;
 
-  Error "Invalid characters in SubjectAltName!\n" if($san=~m/[ \n\r\t\x00"'\\]/);
+  Error "Invalid characters in SubjectAltName!\n" if($san=~m/[ \n\r\t\x00#"'\\]/);
   Error "Invalid characters in Hash!\n" if(! $subject=~m/^[0-9a-fA-F]+$/);
 
   SysLog "Widerrufe $PkiSystems{$_[0]}\n";