Swiftdiff options
| -rw-r--r-- | Swiften/IDN/StringPrep.cpp | 3 | ||||
| -rw-r--r-- | Swiften/JID/JID.cpp | 56 | ||||
| -rw-r--r-- | Swiften/JID/JID.h | 3 | ||||
| -rw-r--r-- | Swiften/JID/UnitTest/JIDTest.cpp | 7 | ||||
| -rw-r--r-- | Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp | 13 |
5 files changed, 54 insertions, 28 deletions
diff --git a/Swiften/IDN/StringPrep.cpp b/Swiften/IDN/StringPrep.cpp index ff01eed..d54fb0b 100644 --- a/Swiften/IDN/StringPrep.cpp +++ b/Swiften/IDN/StringPrep.cpp @@ -20,21 +20,20 @@ const Stringprep_profile* getLibIDNProfile(StringPrep::Profile profile) { case StringPrep::XMPPNodePrep: return stringprep_xmpp_nodeprep; break; case StringPrep::XMPPResourcePrep: return stringprep_xmpp_resourceprep; break; case StringPrep::SASLPrep: return stringprep_saslprep; break; } assert(false); return 0; } std::string StringPrep::getPrepared(const std::string& s, Profile profile) { - std::vector<char> input(s.begin(), s.end()); input.resize(MAX_STRINGPREP_SIZE); if (stringprep(&input[0], MAX_STRINGPREP_SIZE, static_cast<Stringprep_profile_flags>(0), getLibIDNProfile(profile)) == 0) { return std::string(&input[0]); } else { - return ""; + throw std::exception(); } } } diff --git a/Swiften/JID/JID.cpp b/Swiften/JID/JID.cpp index e4611b3..925c763 100644 --- a/Swiften/JID/JID.cpp +++ b/Swiften/JID/JID.cpp @@ -23,36 +23,37 @@ typedef boost::unordered_map<std::string, std::string> PrepCache; static PrepCache nodePrepCache; static PrepCache domainPrepCache; static PrepCache resourcePrepCache; #endif namespace Swift { -JID::JID(const char* jid) { +JID::JID(const char* jid) : valid_(true) { initializeFromString(std::string(jid)); } -JID::JID(const std::string& jid) { +JID::JID(const std::string& jid) : valid_(true) { initializeFromString(jid); } -JID::JID(const std::string& node, const std::string& domain) : hasResource_(false) { +JID::JID(const std::string& node, const std::string& domain) : valid_(true), hasResource_(false) { nameprepAndSetComponents(node, domain, ""); } -JID::JID(const std::string& node, const std::string& domain, const std::string& resource) : hasResource_(true) { +JID::JID(const std::string& node, const std::string& domain, const std::string& resource) : valid_(true), hasResource_(true) { nameprepAndSetComponents(node, domain, resource); } void JID::initializeFromString(const std::string& jid) { if (String::beginsWith(jid, '@')) { + valid_ = false; return; } std::string bare, resource; size_t slashIndex = jid.find('/'); if (slashIndex != jid.npos) { hasResource_ = true; bare = jid.substr(0, slashIndex); resource = jid.substr(slashIndex + 1, jid.npos); @@ -66,43 +67,52 @@ void JID::initializeFromString(const std::string& jid) { nameprepAndSetComponents("", nodeAndDomain.first, resource); } else { nameprepAndSetComponents(nodeAndDomain.first, nodeAndDomain.second, resource); } } void JID::nameprepAndSetComponents(const std::string& node, const std::string& domain, const std::string& resource) { + try { #ifndef SWIFTEN_CACHE_JID_PREP - node_ = StringPrep::getPrepared(node, StringPrep::NamePrep); - domain_ = StringPrep::getPrepared(domain, StringPrep::XMPPNodePrep); - resource_ = StringPrep::getPrepared(resource, StringPrep::XMPPResourcePrep); + node_ = StringPrep::getPrepared(node, StringPrep::NamePrep); + domain_ = StringPrep::getPrepared(domain, StringPrep::XMPPNodePrep); + resource_ = StringPrep::getPrepared(resource, StringPrep::XMPPResourcePrep); #else - std::pair<PrepCache::iterator, bool> r; + std::pair<PrepCache::iterator, bool> r; - r = nodePrepCache.insert(std::make_pair(node, std::string())); - if (r.second) { - r.first->second = StringPrep::getPrepared(node, StringPrep::NamePrep); - } - node_ = r.first->second; + r = nodePrepCache.insert(std::make_pair(node, std::string())); + if (r.second) { + r.first->second = StringPrep::getPrepared(node, StringPrep::NamePrep); + } + node_ = r.first->second; - r = domainPrepCache.insert(std::make_pair(domain, std::string())); - if (r.second) { - r.first->second = StringPrep::getPrepared(domain, StringPrep::XMPPNodePrep); - } - domain_ = r.first->second; + r = domainPrepCache.insert(std::make_pair(domain, std::string())); + if (r.second) { + r.first->second = StringPrep::getPrepared(domain, StringPrep::XMPPNodePrep); + } + domain_ = r.first->second; + if (domain_.empty()) { + valid_ = false; + return; + } - r = resourcePrepCache.insert(std::make_pair(resource, std::string())); - if (r.second) { - r.first->second = StringPrep::getPrepared(resource, StringPrep::XMPPResourcePrep); - } - resource_ = r.first->second; + r = resourcePrepCache.insert(std::make_pair(resource, std::string())); + if (r.second) { + r.first->second = StringPrep::getPrepared(resource, StringPrep::XMPPResourcePrep); + } + resource_ = r.first->second; #endif + } + catch (const std::exception&) { + valid_ = false; + } } std::string JID::toString() const { std::string string; if (!node_.empty()) { string += node_ + "@"; } string += domain_; if (!isBare()) { diff --git a/Swiften/JID/JID.h b/Swiften/JID/JID.h index 63e063d..1a7dbe3 100644 --- a/Swiften/JID/JID.h +++ b/Swiften/JID/JID.h @@ -16,19 +16,19 @@ namespace Swift { WithResource, WithoutResource }; JID(const std::string& = std::string()); JID(const char*); JID(const std::string& node, const std::string& domain); JID(const std::string& node, const std::string& domain, const std::string& resource); bool isValid() const { - return !domain_.empty(); /* FIXME */ + return valid_; } const std::string& getNode() const { return node_; } const std::string& getDomain() const { return domain_; } const std::string& getResource() const { @@ -73,15 +73,16 @@ namespace Swift { friend bool operator!=(const Swift::JID& a, const Swift::JID& b) { return a.compare(b, Swift::JID::WithResource) != 0; } private: void nameprepAndSetComponents(const std::string& node, const std::string& domain, const std::string& resource); void initializeFromString(const std::string&); private: + bool valid_; std::string node_; std::string domain_; bool hasResource_; std::string resource_; }; } diff --git a/Swiften/JID/UnitTest/JIDTest.cpp b/Swiften/JID/UnitTest/JIDTest.cpp index 0f22e15..f406635 100644 --- a/Swiften/JID/UnitTest/JIDTest.cpp +++ b/Swiften/JID/UnitTest/JIDTest.cpp @@ -17,18 +17,19 @@ class JIDTest : public CppUnit::TestFixture CPPUNIT_TEST(testConstructorWithString); CPPUNIT_TEST(testConstructorWithString_NoResource); CPPUNIT_TEST(testConstructorWithString_NoNode); CPPUNIT_TEST(testConstructorWithString_EmptyResource); CPPUNIT_TEST(testConstructorWithString_OnlyDomain); CPPUNIT_TEST(testConstructorWithString_UpperCaseNode); CPPUNIT_TEST(testConstructorWithString_UpperCaseDomain); CPPUNIT_TEST(testConstructorWithString_UpperCaseResource); CPPUNIT_TEST(testConstructorWithString_EmptyNode); + CPPUNIT_TEST(testConstructorWithString_IllegalResource); CPPUNIT_TEST(testConstructorWithStrings); CPPUNIT_TEST(testIsBare); CPPUNIT_TEST(testIsBare_NotBare); CPPUNIT_TEST(testToBare); CPPUNIT_TEST(testToBare_EmptyNode); CPPUNIT_TEST(testToBare_EmptyResource); CPPUNIT_TEST(testToString); CPPUNIT_TEST(testToString_EmptyNode); CPPUNIT_TEST(testToString_EmptyResource); @@ -118,18 +119,24 @@ class JIDTest : public CppUnit::TestFixture CPPUNIT_ASSERT_EQUAL(testling.getResource(), std::string("Fo\xCE\xA9")); } void testConstructorWithString_EmptyNode() { JID testling("@bar"); CPPUNIT_ASSERT(!testling.isValid()); } + void testConstructorWithString_IllegalResource() { + JID testling("foo@bar.com/\xd8\xb1\xd9\x85\xd9\x82\xd9\x87\x20\xd8\xaa\xd8\xb1\xd9\x86\xd8\xb3\x20"); + + CPPUNIT_ASSERT(!testling.isValid()); + } + void testConstructorWithStrings() { JID testling("foo", "bar", "baz"); CPPUNIT_ASSERT_EQUAL(std::string("foo"), testling.getNode()); CPPUNIT_ASSERT_EQUAL(std::string("bar"), testling.getDomain()); CPPUNIT_ASSERT_EQUAL(std::string("baz"), testling.getResource()); } void testIsBare() { diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp index 2dd7bf4..33de014 100644 --- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp +++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp @@ -93,19 +93,23 @@ bool SCRAMSHA1ClientAuthenticator::setChallenge(const boost::optional<ByteArray> return false; } ByteArray channelBindData; if (useChannelBinding && tlsChannelBindingData) { channelBindData = *tlsChannelBindingData; } // Compute all the values needed for the server signature - saltedPassword = PBKDF2::encode(StringPrep::getPrepared(getPassword(), StringPrep::SASLPrep), salt, iterations); + try { + saltedPassword = PBKDF2::encode(StringPrep::getPrepared(getPassword(), StringPrep::SASLPrep), salt, iterations); + } + catch (const std::exception&) { + } authMessage = getInitialBareClientMessage() + "," + initialServerMessage + "," + getFinalMessageWithoutProof(); ByteArray serverKey = HMACSHA1::getResult(saltedPassword, "Server Key"); serverSignature = HMACSHA1::getResult(serverKey, authMessage); step = Proof; return true; } else if (step == Proof) { ByteArray result = ByteArray("v=") + ByteArray(Base64::encode(serverSignature)); @@ -140,19 +144,24 @@ std::map<char, std::string> SCRAMSHA1ClientAuthenticator::parseMap(const std::st } i++; } result[key] = value; } return result; } ByteArray SCRAMSHA1ClientAuthenticator::getInitialBareClientMessage() const { - std::string authenticationID = StringPrep::getPrepared(getAuthenticationID(), StringPrep::SASLPrep); + std::string authenticationID; + try { + authenticationID = StringPrep::getPrepared(getAuthenticationID(), StringPrep::SASLPrep); + } + catch (const std::exception&) { + } return ByteArray(std::string("n=" + escape(authenticationID) + ",r=" + clientnonce)); } ByteArray SCRAMSHA1ClientAuthenticator::getGS2Header() const { ByteArray channelBindingHeader("n"); if (tlsChannelBindingData) { if (useChannelBinding) { channelBindingHeader = ByteArray("p=tls-unique"); } |