From 352ee2f2fd6458a46e046ecaedb78addd5d6ac20 Mon Sep 17 00:00:00 2001 From: Lance Stout Date: Mon, 23 Jul 2012 21:45:24 -0700 Subject: Fix JID validation bugs, add lots of tests. --- sleekxmpp/__init__.py | 2 +- sleekxmpp/jid.py | 20 ++++++++++++++------ sleekxmpp/util/stringprep_profiles.py | 3 +++ 3 files changed, 18 insertions(+), 7 deletions(-) (limited to 'sleekxmpp') diff --git a/sleekxmpp/__init__.py b/sleekxmpp/__init__.py index 84b1114f..f0dc2ce2 100644 --- a/sleekxmpp/__init__.py +++ b/sleekxmpp/__init__.py @@ -10,7 +10,7 @@ from sleekxmpp.basexmpp import BaseXMPP from sleekxmpp.clientxmpp import ClientXMPP from sleekxmpp.componentxmpp import ComponentXMPP from sleekxmpp.stanza import Message, Presence, Iq -from sleekxmpp.jid import JID +from sleekxmpp.jid import JID, InvalidJID from sleekxmpp.xmlstream.handler import * from sleekxmpp.xmlstream import XMLStream, RestartStream from sleekxmpp.xmlstream.matcher import * diff --git a/sleekxmpp/jid.py b/sleekxmpp/jid.py index f0b7423b..9e9c0d0b 100644 --- a/sleekxmpp/jid.py +++ b/sleekxmpp/jid.py @@ -140,13 +140,12 @@ def _validate_node(node): """ try: if node is not None: - if not node: - raise InvalidJID('Localpart must not be 0 bytes') - node = nodeprep(node) if not node: raise InvalidJID('Localpart must not be 0 bytes') + if len(node) > 1023: + raise InvalidJID('Localpart must be less than 1024 bytes') return node except stringprep_profiles.StringPrepError: raise InvalidJID('Invalid local part') @@ -179,6 +178,7 @@ def _validate_domain(domain): if not ip_addr and hasattr(socket, 'inet_pton'): try: socket.inet_pton(socket.AF_INET6, domain.strip('[]')) + domain = '[%s]' % domain.strip('[]') ip_addr = True except socket.error: pass @@ -186,12 +186,19 @@ def _validate_domain(domain): if not ip_addr: # This is a domain name, which must be checked further + if domain and domain[-1] == '.': + domain = domain[:-1] + domain_parts = [] for label in domain.split('.'): try: label = encodings.idna.nameprep(label) encodings.idna.ToASCII(label) + pass_nameprep = True except UnicodeError: + pass_nameprep = False + + if not pass_nameprep: raise InvalidJID('Could not encode domain as ASCII') if label.startswith('xn--'): @@ -209,6 +216,8 @@ def _validate_domain(domain): if not domain: raise InvalidJID('Domain must not be 0 bytes') + if len(domain) > 1023: + raise InvalidJID('Domain must be less than 1024 bytes') return domain @@ -222,13 +231,12 @@ def _validate_resource(resource): """ try: if resource is not None: - if not resource: - raise InvalidJID('Resource must not be 0 bytes') - resource = resourceprep(resource) if not resource: raise InvalidJID('Resource must not be 0 bytes') + if len(resource) > 1023: + raise InvalidJID('Resource must be less than 1024 bytes') return resource except stringprep_profiles.StringPrepError: raise InvalidJID('Invalid resource') diff --git a/sleekxmpp/util/stringprep_profiles.py b/sleekxmpp/util/stringprep_profiles.py index a75bb9dd..6844c9ac 100644 --- a/sleekxmpp/util/stringprep_profiles.py +++ b/sleekxmpp/util/stringprep_profiles.py @@ -77,6 +77,9 @@ def check_bidi(data): character MUST be the first character of the string, and a RandALCat character MUST be the last character of the string. """ + if not data: + return data + has_lcat = False has_randal = False -- cgit v1.2.3