forked from GNUsocial/gnu-social
Merge branch '0.9.x' into 1.0.x
Conflicts: actions/imsettings.php lib/jabber.php Made a quick attempt to merge the new JID validation into the XmppPlugin, have not had a chance to test that version live yet. Should also move over the test cases.
This commit is contained in:
Brion Vibber
@@ -66,17 +66,198 @@ class XmppPlugin extends ImPlugin
|
||||
return _m('XMPP/Jabber/GTalk');
|
||||
}
|
||||
|
||||
function normalize($screenname)
|
||||
/**
|
||||
* Splits a Jabber ID (JID) into node, domain, and resource portions.
|
||||
*
|
||||
* Based on validation routine submitted by:
|
||||
* @copyright 2009 Patrick Georgi <patrick@georgi-clan.de>
|
||||
* @license Licensed under ISC-L, which is compatible with everything else that keeps the copyright notice intact.
|
||||
*
|
||||
* @param string $jid string to check
|
||||
*
|
||||
* @return array with "node", "domain", and "resource" indices
|
||||
* @throws Exception if input is not valid
|
||||
*/
|
||||
|
||||
protected function splitJid($jid)
|
||||
{
|
||||
if (preg_match("/(?:([^\@]+)\@)?([^\/]+)(?:\/(.*))?$/", $screenname, $matches)) {
|
||||
$node = $matches[1];
|
||||
$server = $matches[2];
|
||||
return strtolower($node.'@'.$server);
|
||||
$chars = '';
|
||||
/* the following definitions come from stringprep, Appendix C,
|
||||
which is used in its entirety by nodeprop, Chapter 5, "Prohibited Output" */
|
||||
/* C1.1 ASCII space characters */
|
||||
$chars .= "\x{20}";
|
||||
/* C1.2 Non-ASCII space characters */
|
||||
$chars .= "\x{a0}\x{1680}\x{2000}-\x{200b}\x{202f}\x{205f}\x{3000a}";
|
||||
/* C2.1 ASCII control characters */
|
||||
$chars .= "\x{00}-\x{1f}\x{7f}";
|
||||
/* C2.2 Non-ASCII control characters */
|
||||
$chars .= "\x{80}-\x{9f}\x{6dd}\x{70f}\x{180e}\x{200c}\x{200d}\x{2028}\x{2029}\x{2060}-\x{2063}\x{206a}-\x{206f}\x{feff}\x{fff9}-\x{fffc}\x{1d173}-\x{1d17a}";
|
||||
/* C3 - Private Use */
|
||||
$chars .= "\x{e000}-\x{f8ff}\x{f0000}-\x{ffffd}\x{100000}-\x{10fffd}";
|
||||
/* C4 - Non-character code points */
|
||||
$chars .= "\x{fdd0}-\x{fdef}\x{fffe}\x{ffff}\x{1fffe}\x{1ffff}\x{2fffe}\x{2ffff}\x{3fffe}\x{3ffff}\x{4fffe}\x{4ffff}\x{5fffe}\x{5ffff}\x{6fffe}\x{6ffff}\x{7fffe}\x{7ffff}\x{8fffe}\x{8ffff}\x{9fffe}\x{9ffff}\x{afffe}\x{affff}\x{bfffe}\x{bffff}\x{cfffe}\x{cffff}\x{dfffe}\x{dffff}\x{efffe}\x{effff}\x{ffffe}\x{fffff}\x{10fffe}\x{10ffff}";
|
||||
/* C5 - Surrogate codes */
|
||||
$chars .= "\x{d800}-\x{dfff}";
|
||||
/* C6 - Inappropriate for plain text */
|
||||
$chars .= "\x{fff9}-\x{fffd}";
|
||||
/* C7 - Inappropriate for canonical representation */
|
||||
$chars .= "\x{2ff0}-\x{2ffb}";
|
||||
/* C8 - Change display properties or are deprecated */
|
||||
$chars .= "\x{340}\x{341}\x{200e}\x{200f}\x{202a}-\x{202e}\x{206a}-\x{206f}";
|
||||
/* C9 - Tagging characters */
|
||||
$chars .= "\x{e0001}\x{e0020}-\x{e007f}";
|
||||
|
||||
/* Nodeprep forbids some more characters */
|
||||
$nodeprepchars = $chars;
|
||||
$nodeprepchars .= "\x{22}\x{26}\x{27}\x{2f}\x{3a}\x{3c}\x{3e}\x{40}";
|
||||
|
||||
$parts = explode("/", $jid, 2);
|
||||
if (count($parts) > 1) {
|
||||
$resource = $parts[1];
|
||||
if ($resource == '') {
|
||||
// Warning: empty resource isn't legit.
|
||||
// But if we're normalizing, we may as well take it...
|
||||
}
|
||||
} else {
|
||||
$resource = null;
|
||||
}
|
||||
|
||||
$node = explode("@", $parts[0]);
|
||||
if ((count($node) > 2) || (count($node) == 0)) {
|
||||
throw new Exception("Invalid JID: too many @s");
|
||||
} else if (count($node) == 1) {
|
||||
$domain = $node[0];
|
||||
$node = null;
|
||||
} else {
|
||||
$domain = $node[1];
|
||||
$node = $node[0];
|
||||
if ($node == '') {
|
||||
throw new Exception("Invalid JID: @ but no node");
|
||||
}
|
||||
}
|
||||
|
||||
// Length limits per http://xmpp.org/rfcs/rfc3920.html#addressing
|
||||
if ($node !== null) {
|
||||
if (strlen($node) > 1023) {
|
||||
throw new Exception("Invalid JID: node too long.");
|
||||
}
|
||||
if (preg_match("/[".$nodeprepchars."]/u", $node)) {
|
||||
throw new Exception("Invalid JID node '$node'");
|
||||
}
|
||||
}
|
||||
|
||||
if (strlen($domain) > 1023) {
|
||||
throw new Exception("Invalid JID: domain too long.");
|
||||
}
|
||||
if (!common_valid_domain($domain)) {
|
||||
throw new Exception("Invalid JID domain name '$domain'");
|
||||
}
|
||||
|
||||
if ($resource !== null) {
|
||||
if (strlen($resource) > 1023) {
|
||||
throw new Exception("Invalid JID: resource too long.");
|
||||
}
|
||||
if (preg_match("/[".$chars."]/u", $resource)) {
|
||||
throw new Exception("Invalid JID resource '$resource'");
|
||||
}
|
||||
}
|
||||
|
||||
return array('node' => is_null($node) ? null : mb_strtolower($node),
|
||||
'domain' => is_null($domain) ? null : mb_strtolower($domain),
|
||||
'resource' => $resource);
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks whether a string is a syntactically valid Jabber ID (JID),
|
||||
* either with or without a resource.
|
||||
*
|
||||
* Note that a bare domain can be a valid JID.
|
||||
*
|
||||
* @param string $jid string to check
|
||||
* @param bool $check_domain whether we should validate that domain...
|
||||
*
|
||||
* @return boolean whether the string is a valid JID
|
||||
*/
|
||||
protected function validateFullJid($jid, $check_domain=false)
|
||||
{
|
||||
try {
|
||||
$parts = $this->splitJid($jid);
|
||||
if ($check_domain) {
|
||||
if (!$this->checkDomain($parts['domain'])) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return $parts['resource'] !== ''; // missing or present; empty ain't kosher
|
||||
} catch (Exception $e) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks whether a string is a syntactically valid base Jabber ID (JID).
|
||||
* A base JID won't include a resource specifier on the end; since we
|
||||
* take it off when reading input we can't really use them reliably
|
||||
* to direct outgoing messages yet (sorry guys!)
|
||||
*
|
||||
* Note that a bare domain can be a valid JID.
|
||||
*
|
||||
* @param string $jid string to check
|
||||
* @param bool $check_domain whether we should validate that domain...
|
||||
*
|
||||
* @return boolean whether the string is a valid JID
|
||||
*/
|
||||
protected function validateBaseJid($jid, $check_domain=false)
|
||||
{
|
||||
try {
|
||||
$parts = $this->splitJid($jid);
|
||||
if ($check_domain) {
|
||||
if (!$this->checkDomain($parts['domain'])) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return ($parts['resource'] === null); // missing; empty ain't kosher
|
||||
} catch (Exception $e) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Normalizes a Jabber ID for comparison, dropping the resource component if any.
|
||||
*
|
||||
* @param string $jid JID to check
|
||||
* @param bool $check_domain if true, reject if the domain isn't findable
|
||||
*
|
||||
* @return string an equivalent JID in normalized (lowercase) form
|
||||
*/
|
||||
|
||||
function normalize($jid)
|
||||
{
|
||||
try {
|
||||
$parts = $this->splitJid($jid);
|
||||
if ($parts['node'] !== null) {
|
||||
return $parts['node'] . '@' . $parts['domain'];
|
||||
} else {
|
||||
return $parts['domain'];
|
||||
}
|
||||
} catch (Exception $e) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if this domain's got some legit DNS record
|
||||
*/
|
||||
protected function checkDomain($domain)
|
||||
{
|
||||
if (checkdnsrr("_xmpp-server._tcp." . $domain, "SRV")) {
|
||||
return true;
|
||||
}
|
||||
if (checkdnsrr($domain, "ANY")) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
function daemon_screenname()
|
||||
{
|
||||
$ret = $this->user . '@' . $this->server;
|
||||
@@ -90,8 +271,7 @@ class XmppPlugin extends ImPlugin
|
||||
|
||||
function validate($screenname)
|
||||
{
|
||||
// Cheap but effective
|
||||
return Validate::email($screenname);
|
||||
return $this->validateBaseJid($screenname, common_config('email', 'check_domain'));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user