equal
deleted
inserted
replaced
37 #include <sys/stat.h> |
37 #include <sys/stat.h> |
38 #include <ctype.h> |
38 #include <ctype.h> |
39 #include <glib.h> |
39 #include <glib.h> |
40 |
40 |
41 #include <config.h> |
41 #include <config.h> |
|
42 #include "utils.h" |
42 #include "logprint.h" |
43 #include "logprint.h" |
43 |
44 |
44 static int DebugEnabled; |
45 static int DebugEnabled; |
45 static char *FName; |
46 static char *FName; |
46 |
47 |
311 char *domain, *resource; |
312 char *domain, *resource; |
312 int domlen; |
313 int domlen; |
313 |
314 |
314 if (!jid) return 1; |
315 if (!jid) return 1; |
315 |
316 |
316 domain = strchr(jid, '@'); |
317 domain = strchr(jid, JID_DOMAIN_SEPARATOR); |
317 |
318 |
318 /* the username is optional */ |
319 /* the username is optional */ |
319 if (!domain) { |
320 if (!domain) { |
320 domain = jid; |
321 domain = jid; |
321 } else { |
322 } else { |
323 if ((domain == jid) || (domain-jid > 1023)) |
324 if ((domain == jid) || (domain-jid > 1023)) |
324 return 1; |
325 return 1; |
325 domain++; |
326 domain++; |
326 |
327 |
327 /* check for low and invalid ascii characters in the username */ |
328 /* check for low and invalid ascii characters in the username */ |
328 for (str = jid; *str != '@'; str++) { |
329 for (str = jid; *str != JID_DOMAIN_SEPARATOR; str++) { |
329 if (*str <= 32 || *str == ':' || *str == '@' || |
330 if (*str <= ' ' || *str == ':' || *str == JID_DOMAIN_SEPARATOR || |
330 *str == '<' || *str == '>' || *str == '\'' || |
331 *str == '<' || *str == '>' || *str == '\'' || |
331 *str == '"' || *str == '&') { |
332 *str == '"' || *str == '&') { |
332 return 1; |
333 return 1; |
333 } |
334 } |
334 } |
335 } |
335 /* the username is okay as far as we can tell without LIBIDN */ |
336 /* the username is okay as far as we can tell without LIBIDN */ |
336 } |
337 } |
337 |
338 |
338 resource = strchr(domain, '/'); |
339 resource = strchr(domain, JID_RESOURCE_SEPARATOR); |
339 |
340 |
340 /* the resource is optional */ |
341 /* the resource is optional */ |
341 if (resource) { |
342 if (resource) { |
342 domlen = resource - domain; |
343 domlen = resource - domain; |
343 resource++; |
344 resource++; |
353 |
354 |
354 /* and it must not be longer than 1023 bytes */ |
355 /* and it must not be longer than 1023 bytes */ |
355 if (domlen > 1023) return 1; |
356 if (domlen > 1023) return 1; |
356 |
357 |
357 /* make sure the hostname is valid characters */ |
358 /* make sure the hostname is valid characters */ |
358 for (str = domain; *str != '\0' && *str != '/'; str++) { |
359 for (str = domain; *str != '\0' && *str != JID_RESOURCE_SEPARATOR; str++) { |
359 if (!(isalnum(*str) || *str == '.' || *str == '-' || *str == '_')) |
360 if (!(isalnum(*str) || *str == '.' || *str == '-' || *str == '_')) |
360 return 1; |
361 return 1; |
361 } |
362 } |
362 |
363 |
363 /* it's okay as far as we can tell without LIBIDN */ |
364 /* it's okay as far as we can tell without LIBIDN */ |