In my CMSMS application, the whitelist and blacklist for CGFEURegister did'nt
react correctly. I searched during a long time and finally found a bug in the
class named "class.BlacklistRegistrationVerifier.php".
For tests I made following blacklist in config.php:

$config['cgfr_username_blacklist'] = 'abc
pqr
xyz';

with Windows end-of-line (CR-LF)

In the class BlacklistRegistrationVerifier I changed this:

protected function match_useremail_from_string(string $list, string
$useremail) : bool
    {
     // here I placed 2 new lines   
        file_put_contents('aaazzzbl.txt', $list);  // write $list content
        return true ; // and go out as OK
// etc.....

and I found in aaazzzbl.txt
abc
pqr
xyz

That means that \r (CR) has been replace with its HTML value 
 and \n (LF)
with 
 value.

My solution :

protected function match_username_from_string(string $list, string
$username) : bool
    {
        $list = html_entity_decode($list);    //new
        $list = preg_split("/((\r(?!\n))|((?<!\r)\n)|(\r\n))/", $list);
        if (count($list)) {
            foreach ($list as $one_line) {
$regex = '/^' . str_replace("@", "\@", str_replace("\*", ".*",
preg_quote($one_line))) . '$/';
                if (preg_match($regex, $username) > 0) return true;
            }
            return false ;  // a list, but no match
        }
        return false ; // no element in list -> no match possible
    }

this beeing made, I found a second problem in the same class and my solution is
here

        if( $this->settings->username_blacklist ) {
if( $matches_blacklist && !$matches_whitelist ) {    //
!$matches_blacklist corrected
                // failed valid blacklist, not excluded in whitelist
throw new
ValidationError($this->mod->Lang('err_username_cannotregister'));
            }
        }

That's all concerning some bugs.

I find, the autor of this page (class.BlacklistRegistrationVerifier.php) had
really good ideas,
  and it was nearly OK for the case username is email. 

Now new elements for the case where username is not email 
A) By beginning of the following function searching for the user email
    public function validate_registration(RegFieldSet $fields, User $user)
        if( $this->settings->username_is_email ) 
            $useremail = $user->username;
        else
        // here using get_email_field() get email if not username!
            $useremail = $user->get($fields->get_email_field()->name) ;
        // check if we have blacklist stuff
     etc...

B) Using the new defined $useremail instead $user->username
        // check if we have blacklist stuff
        $matches_blacklist = $matches_whitelist = null;
        if( $this->settings->username_blacklist ) {
$matches_blacklist =
$this->match_username_from_string($this->settings->username_blacklist,
$useremail);
        }
        if( $this->settings->username_whitelist ) { 
$matches_whitelist =
$this->match_username_from_string($this->settings->username_whitelist,
$useremail);
        }
    etc...


If we only need a whitelist, that's my case, modify the function regVerifier()
in module CGFEURegister.module.php

    protected function regVerifier() : RegistrationVerifierInterface
    {
        // todo: could have decorator here that sends hooks
        static $_obj;
        if( !$_obj ) {
$_obj = new NormalRegistrationVerifier($this, $this->feu(),
$this->get_extended_db());
        // take in account username_whitelist, too
if( $this->cms->is_frontend_request() &&
($this->settings()->username_blacklist || $this->settings()->username_whitelist)
) $_obj = new BlacklistRegistrationVerifier($_obj, $this->settings());
        }
        return $_obj;
    }

There is another thing that was necessary for the case where username is not
email.
It is in the CGFEURegister-class class.EmailRegistrationProcessor.php, in the
function get_email

    protected function get_email(RegFieldSet $set, User $user)
    {
        // get an email address
        $email = null;
        if( $this->settings->username_is_email ) {
            return $user->get($user::USERNAME_FIELD);
        } else {
            foreach( $set as $field ) {
            //    if( $field->type == FrontendUsers::PROPTYPE_EMAIL ) {  // ?
                if( $field->type == 2 ) {
                    $propname = $field->name;
                    $email = $user->get($propname);
                    if( $email ) return $email;
                }
            }
        }
    }

With the precedently explained changes and this last change, I could use
CGFEURegister
with a whitelist and with username not being email. But if the lists rejected
the user,
the answer coming was a void content on the page.

Here the changes I made in the code:
There are two changes that must be coordinated.

1)in CGFEURegister.module.php calling the BlacklistRegistrationVerifier should
be
with parameter  "$this" AND "$this->settings()" 
if(...) $_obj = new BlacklistRegistrationVerifier($_obj, $this,
$this->settings());

2)and in BlacklistRegistrationVerifier.php new private $mod and maintaining
$settings

class BlacklistRegistrationVerifier
    extends AbstractVerifierDecorator
    implements RegistrationVerifierInterface
{
        private $mod;       // new
        private $settings;

    // in the next line new "CGFEURegister $mod" AND "Settings $settings") 
public function __construct(RegistrationVerifierInterface $parent,
CGFEURegister $mod, Settings $settings)
    {
        parent::__construct($parent);
        $this->mod = $mod;
        $this->settings = $settings;  
    }