From fef585ad6699042e594f407afe78df1e40344efe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?louiz=E2=80=99?= <louiz@louiz.org>
Date: Wed, 15 Feb 2017 01:05:42 +0100
Subject: Surround ipv6 with [], and properly cleanup otherwise invalid domains

fix #2694 (yeah, it was closed, but it was badly fixed)
---
 louloulibs/xmpp/jid.cpp | 74 +++++++++++++++++++++++++++++++++++++++++--------
 1 file changed, 63 insertions(+), 11 deletions(-)

(limited to 'louloulibs/xmpp/jid.cpp')

diff --git a/louloulibs/xmpp/jid.cpp b/louloulibs/xmpp/jid.cpp
index 7b62f3e..d17d4e9 100644
--- a/louloulibs/xmpp/jid.cpp
+++ b/louloulibs/xmpp/jid.cpp
@@ -6,6 +6,9 @@
 #include <louloulibs.h>
 #ifdef LIBIDN_FOUND
  #include <stringprep.h>
+ #include <netdb.h>
+ #include <utils/scopeguard.hpp>
+ #include <set>
 #endif
 
 #include <logger/logger.hpp>
@@ -58,19 +61,68 @@ std::string jidprep(const std::string& original)
 
   char domain[max_jid_part_len] = {};
   memcpy(domain, jid.domain.data(), std::min(max_jid_part_len, jid.domain.size()));
-  rc = static_cast<Stringprep_rc>(::stringprep(domain, max_jid_part_len,
-       static_cast<Stringprep_profile_flags>(0), stringprep_nameprep));
-  if (rc != STRINGPREP_OK)
+
   {
-    log_error(error_msg + stringprep_strerror(rc));
-    return "";
+    // Using getaddrinfo, check if the domain part is a valid IPv4 (then use
+    // it as is), or IPv6 (surround it with []), or a domain name (run
+    // nameprep)
+    struct addrinfo hints;
+    memset(&hints, 0, sizeof(hints));
+    hints.ai_flags = AI_NUMERICHOST;
+    hints.ai_family = AF_UNSPEC;
+
+    struct addrinfo* res = nullptr;
+    auto addrinfo_deleter = utils::make_scope_guard([res]() { if (res) freeaddrinfo(res); });
+    if (::getaddrinfo(domain, nullptr, &hints, &res) || !res ||
+        (res->ai_family != AF_INET && res->ai_family != AF_INET6))
+      { // Not an IP, run nameprep on it
+        rc = static_cast<Stringprep_rc>(::stringprep(domain, max_jid_part_len,
+                                                     static_cast<Stringprep_profile_flags>(0), stringprep_nameprep));
+        if (rc != STRINGPREP_OK)
+          {
+            log_error(error_msg + stringprep_strerror(rc));
+            return "";
+          }
+
+        // Make sure it contains only allowed characters
+        using std::begin;
+        using std::end;
+        char* domain_end = domain + ::strlen(domain);
+        std::replace_if(std::begin(domain), domain + ::strlen(domain),
+                        [](const char c) -> bool
+                        {
+                          return !((c >= 'a' && c <= 'z') || c == '-' ||
+                                   (c >= '0' && c <= '9') || c == '.');
+                        }, '-');
+        // Make sure there are no doubled - or .
+        std::set<char> special_chars{'-', '.'};
+        domain_end = std::unique(begin(domain), domain + ::strlen(domain), [&special_chars](const char& a, const char& b) -> bool
+        {
+          return special_chars.count(a) && special_chars.count(b);
+        });
+        // remove leading and trailing -. if any
+        if (domain_end != domain && special_chars.count(*(domain_end - 1)))
+          --domain_end;
+        if (domain_end != domain && special_chars.count(domain[0]))
+          {
+            std::memmove(domain, domain + 1, domain_end - domain + 1);
+            --domain_end;
+          }
+        // And if the final result is an empty string, return a dummy hostname
+        if (domain_end == domain)
+          ::strcpy(domain, "empty");
+        else
+          *domain_end = '\0';
+      }
+    else if (res->ai_family == AF_INET6)
+      { // IPv6, surround it with []. The length is always enough:
+        // the longest possible IPv6 is way shorter than max_jid_part_len
+        ::memmove(domain + 1, domain, jid.domain.size());
+        domain[0] = '[';
+        domain[jid.domain.size() + 1] = ']';
+      }
   }
-  std::replace_if(std::begin(domain), domain + ::strlen(domain),
-                  [](const char c) -> bool
-                  {
-                    return !((c >= 'a' && c <= 'z') || c == '-' ||
-                      (c >= '0' && c <= '9') || c == '.');
-                  }, '-');
+
 
   // If there is no resource, stop here
   if (jid.resource.empty())
-- 
cgit v1.2.3


From 561bbe9c145a80befc5b98c9865881e7f5d57648 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?louiz=E2=80=99?= <louiz@louiz.org>
Date: Wed, 15 Feb 2017 01:19:36 +0100
Subject: Fix a leak on getaddrinfo, thank you LeakSanitizer!

---
 louloulibs/xmpp/jid.cpp | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'louloulibs/xmpp/jid.cpp')

diff --git a/louloulibs/xmpp/jid.cpp b/louloulibs/xmpp/jid.cpp
index d17d4e9..493ddc1 100644
--- a/louloulibs/xmpp/jid.cpp
+++ b/louloulibs/xmpp/jid.cpp
@@ -71,10 +71,10 @@ std::string jidprep(const std::string& original)
     hints.ai_flags = AI_NUMERICHOST;
     hints.ai_family = AF_UNSPEC;
 
-    struct addrinfo* res = nullptr;
-    auto addrinfo_deleter = utils::make_scope_guard([res]() { if (res) freeaddrinfo(res); });
-    if (::getaddrinfo(domain, nullptr, &hints, &res) || !res ||
-        (res->ai_family != AF_INET && res->ai_family != AF_INET6))
+    struct addrinfo* addr_res = nullptr;
+    const auto ret = ::getaddrinfo(domain, nullptr, &hints, &addr_res);
+    auto addrinfo_deleter = utils::make_scope_guard([addr_res] { freeaddrinfo(addr_res); });
+    if (ret || !addr_res || (addr_res->ai_family != AF_INET && addr_res->ai_family != AF_INET6))
       { // Not an IP, run nameprep on it
         rc = static_cast<Stringprep_rc>(::stringprep(domain, max_jid_part_len,
                                                      static_cast<Stringprep_profile_flags>(0), stringprep_nameprep));
@@ -114,7 +114,7 @@ std::string jidprep(const std::string& original)
         else
           *domain_end = '\0';
       }
-    else if (res->ai_family == AF_INET6)
+    else if (addr_res->ai_family == AF_INET6)
       { // IPv6, surround it with []. The length is always enough:
         // the longest possible IPv6 is way shorter than max_jid_part_len
         ::memmove(domain + 1, domain, jid.domain.size());
-- 
cgit v1.2.3


From efb8a11c5763632eee0fffea190a90712c6373f0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?louiz=E2=80=99?= <louiz@louiz.org>
Date: Wed, 15 Feb 2017 01:27:45 +0100
Subject: Add missing include

---
 louloulibs/xmpp/jid.cpp | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'louloulibs/xmpp/jid.cpp')

diff --git a/louloulibs/xmpp/jid.cpp b/louloulibs/xmpp/jid.cpp
index 493ddc1..5862599 100644
--- a/louloulibs/xmpp/jid.cpp
+++ b/louloulibs/xmpp/jid.cpp
@@ -6,6 +6,8 @@
 #include <louloulibs.h>
 #ifdef LIBIDN_FOUND
  #include <stringprep.h>
+ #include <sys/types.h>
+ #include <sys/socket.h>
  #include <netdb.h>
  #include <utils/scopeguard.hpp>
  #include <set>
-- 
cgit v1.2.3


From 679bf94192695f2d6e7fe7e991bf490f95f63d25 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?louiz=E2=80=99?= <louiz@louiz.org>
Date: Wed, 15 Feb 2017 01:46:29 +0100
Subject: Only call freeaddrinfo if an actual addrinfo struct has been
 allocated

---
 louloulibs/xmpp/jid.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'louloulibs/xmpp/jid.cpp')

diff --git a/louloulibs/xmpp/jid.cpp b/louloulibs/xmpp/jid.cpp
index 5862599..46e01ea 100644
--- a/louloulibs/xmpp/jid.cpp
+++ b/louloulibs/xmpp/jid.cpp
@@ -75,7 +75,7 @@ std::string jidprep(const std::string& original)
 
     struct addrinfo* addr_res = nullptr;
     const auto ret = ::getaddrinfo(domain, nullptr, &hints, &addr_res);
-    auto addrinfo_deleter = utils::make_scope_guard([addr_res] { freeaddrinfo(addr_res); });
+    auto addrinfo_deleter = utils::make_scope_guard([addr_res] { if (addr_res) freeaddrinfo(addr_res); });
     if (ret || !addr_res || (addr_res->ai_family != AF_INET && addr_res->ai_family != AF_INET6))
       { // Not an IP, run nameprep on it
         rc = static_cast<Stringprep_rc>(::stringprep(domain, max_jid_part_len,
-- 
cgit v1.2.3