~singpolyma/biboumi

fef585ad6699042e594f407afe78df1e40344efe — louiz’ 7 years ago 7f08cf8
Surround ipv6 with [], and properly cleanup otherwise invalid domains

fix #2694 (yeah, it was closed, but it was badly fixed)
2 files changed, 77 insertions(+), 17 deletions(-)

M louloulibs/xmpp/jid.cpp
M tests/jid.cpp
M louloulibs/xmpp/jid.cpp => louloulibs/xmpp/jid.cpp +63 -11
@@ 6,6 6,9 @@
#include <louloulibs.h>
#ifdef LIBIDN_FOUND
 #include <stringprep.h>
 #include <netdb.h>
 #include <utils/scopeguard.hpp>
 #include <set>
#endif

#include <logger/logger.hpp>


@@ 58,19 61,68 @@ std::string jidprep(const std::string& original)

  char domain[max_jid_part_len] = {};
  memcpy(domain, jid.domain.data(), std::min(max_jid_part_len, jid.domain.size()));
  rc = static_cast<Stringprep_rc>(::stringprep(domain, max_jid_part_len,
       static_cast<Stringprep_profile_flags>(0), stringprep_nameprep));
  if (rc != STRINGPREP_OK)

  {
    log_error(error_msg + stringprep_strerror(rc));
    return "";
    // Using getaddrinfo, check if the domain part is a valid IPv4 (then use
    // it as is), or IPv6 (surround it with []), or a domain name (run
    // nameprep)
    struct addrinfo hints;
    memset(&hints, 0, sizeof(hints));
    hints.ai_flags = AI_NUMERICHOST;
    hints.ai_family = AF_UNSPEC;

    struct addrinfo* res = nullptr;
    auto addrinfo_deleter = utils::make_scope_guard([res]() { if (res) freeaddrinfo(res); });
    if (::getaddrinfo(domain, nullptr, &hints, &res) || !res ||
        (res->ai_family != AF_INET && res->ai_family != AF_INET6))
      { // Not an IP, run nameprep on it
        rc = static_cast<Stringprep_rc>(::stringprep(domain, max_jid_part_len,
                                                     static_cast<Stringprep_profile_flags>(0), stringprep_nameprep));
        if (rc != STRINGPREP_OK)
          {
            log_error(error_msg + stringprep_strerror(rc));
            return "";
          }

        // Make sure it contains only allowed characters
        using std::begin;
        using std::end;
        char* domain_end = domain + ::strlen(domain);
        std::replace_if(std::begin(domain), domain + ::strlen(domain),
                        [](const char c) -> bool
                        {
                          return !((c >= 'a' && c <= 'z') || c == '-' ||
                                   (c >= '0' && c <= '9') || c == '.');
                        }, '-');
        // Make sure there are no doubled - or .
        std::set<char> special_chars{'-', '.'};
        domain_end = std::unique(begin(domain), domain + ::strlen(domain), [&special_chars](const char& a, const char& b) -> bool
        {
          return special_chars.count(a) && special_chars.count(b);
        });
        // remove leading and trailing -. if any
        if (domain_end != domain && special_chars.count(*(domain_end - 1)))
          --domain_end;
        if (domain_end != domain && special_chars.count(domain[0]))
          {
            std::memmove(domain, domain + 1, domain_end - domain + 1);
            --domain_end;
          }
        // And if the final result is an empty string, return a dummy hostname
        if (domain_end == domain)
          ::strcpy(domain, "empty");
        else
          *domain_end = '\0';
      }
    else if (res->ai_family == AF_INET6)
      { // IPv6, surround it with []. The length is always enough:
        // the longest possible IPv6 is way shorter than max_jid_part_len
        ::memmove(domain + 1, domain, jid.domain.size());
        domain[0] = '[';
        domain[jid.domain.size() + 1] = ']';
      }
  }
  std::replace_if(std::begin(domain), domain + ::strlen(domain),
                  [](const char c) -> bool
                  {
                    return !((c >= 'a' && c <= 'z') || c == '-' ||
                      (c >= '0' && c <= '9') || c == '.');
                  }, '-');


  // If there is no resource, stop here
  if (jid.resource.empty())

M tests/jid.cpp => tests/jid.cpp +14 -6
@@ 15,7 15,10 @@ TEST_CASE("Jid")
  CHECK(jid2.local == "");
  CHECK(jid2.domain == "ツ.coucou");
  CHECK(jid2.resource == "coucou@coucou/coucou");
}

TEST_CASE("jidprep")
{
  // Jidprep
  const std::string badjid("~zigougou™@EpiK-7D9D1FDE.poez.io/Boujour/coucou/slt™");
  const std::string correctjid = jidprep(badjid);


@@ 26,13 29,18 @@ TEST_CASE("Jid")
  CHECK(jidprep(badjid) == "~zigougoutm@epik-7d9d1fde.poez.io/Boujour/coucou/sltTM");
  CHECK(jidprep(badjid) == "~zigougoutm@epik-7d9d1fde.poez.io/Boujour/coucou/sltTM");

  const std::string badjid2("Zigougou@poez.io");
  const std::string correctjid2 = jidprep(badjid2);
  CHECK(correctjid2 == "zigougou@poez.io");
  CHECK(jidprep("Zigougou@poez.io") == "zigougou@poez.io");

  CHECK(jidprep("~Bisous@88.123.43.45") == "~bisous@88.123.43.45");

  CHECK(jidprep("~Bisous@::ffff:42.156.139.46") == "~bisous@[::ffff:42.156.139.46]");

  CHECK(jidprep("louiz!6bf74289@2001:bc8:38e7::") == "louiz!6bf74289@[2001:bc8:38e7::]");

  const std::string crappy("~Bisous@7ea8beb1:c5fd2849:da9a048e:ip");
  const std::string fixed_crappy = jidprep(crappy);
  CHECK(fixed_crappy == "~bisous@7ea8beb1-c5fd2849-da9a048e-ip");
  CHECK(jidprep("louiz@+:::::----coucou.com78--.") == "louiz@coucou.com78");
  CHECK(jidprep("louiz@coucou.com78--.") == "louiz@coucou.com78");
  CHECK(jidprep("louiz@+:::::----coucou.com78") == "louiz@coucou.com78");
  CHECK(jidprep("louiz@:::::") == "louiz@empty");
#else // Without libidn, jidprep always returns an empty string
  CHECK(jidprep(badjid) == "");
#endif