X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=util%2Fxmppstream.lua;h=138c86b744832b4e45f98798e64caf30fac664b5;hb=533fc1fa57ce10fc0821f8edaeb247f2710a543c;hp=cf485daceb5e1000c2fe1feb957b2b365469e839;hpb=1881612f6e77c771984d73b85704e89818a82977;p=prosody.git

diff --git a/util/xmppstream.lua b/util/xmppstream.lua
index cf485dac..138c86b7 100644
--- a/util/xmppstream.lua
+++ b/util/xmppstream.lua
@@ -6,37 +6,33 @@
 -- COPYING file in the source package for more information.
 --
 
-
 local lxp = require "lxp";
 local st = require "util.stanza";
 local stanza_mt = st.stanza_mt;
 
+local error = error;
 local tostring = tostring;
 local t_insert = table.insert;
 local t_concat = table.concat;
 local t_remove = table.remove;
 local setmetatable = setmetatable;
 
-local default_log = require "util.logger".init("xmppstream");
-
 -- COMPAT: w/LuaExpat 1.1.0
 local lxp_supports_doctype = pcall(lxp.new, { StartDoctypeDecl = false });
+local lxp_supports_xmldecl = pcall(lxp.new, { XmlDecl = false });
+local lxp_supports_bytecount = not not lxp.new({}).getcurrentbytecount;
 
-if not lxp_supports_doctype then
-	default_log("warn", "The version of LuaExpat on your system leaves Prosody "
-		.."vulnerable to denial-of-service attacks. You should upgrade to "
-		.."LuaExpat 1.1.1 or higher as soon as possible. See "
-		.."http://prosody.im/doc/depends#luaexpat for more information.");
-end
-
-local error = error;
+local default_stanza_size_limit = 1024*1024*10; -- 10MB
 
 module "xmppstream"
 
 local new_parser = lxp.new;
 
-local ns_prefixes = {
-	["http://www.w3.org/XML/1998/namespace"] = "xml";
+local xml_namespace = {
+	["http://www.w3.org/XML/1998/namespace\1lang"] = "xml:lang";
+	["http://www.w3.org/XML/1998/namespace\1space"] = "xml:space";
+	["http://www.w3.org/XML/1998/namespace\1base"] = "xml:base";
+	["http://www.w3.org/XML/1998/namespace\1id"] = "xml:id";
 };
 
 local xmlns_streams = "http://etherx.jabber.org/streams";
@@ -47,15 +43,16 @@ local ns_pattern = "^([^"..ns_separator.."]*)"..ns_separator.."?(.*)$";
 _M.ns_separator = ns_separator;
 _M.ns_pattern = ns_pattern;
 
-function new_sax_handlers(session, stream_callbacks)
+local function dummy_cb() end
+
+function new_sax_handlers(session, stream_callbacks, cb_handleprogress)
 	local xml_handlers = {};
 	
-	local log = session.log or default_log;
-	
 	local cb_streamopened = stream_callbacks.streamopened;
 	local cb_streamclosed = stream_callbacks.streamclosed;
-	local cb_error = stream_callbacks.error or function(session, e) error("XML stream error: "..tostring(e)); end;
+	local cb_error = stream_callbacks.error or function(session, e, stanza) error("XML stream error: "..tostring(e)..(stanza and ": "..tostring(stanza) or ""),2); end;
 	local cb_handlestanza = stream_callbacks.handlestanza;
+	cb_handleprogress = cb_handleprogress or dummy_cb;
 	
 	local stream_ns = stream_callbacks.stream_ns or xmlns_streams;
 	local stream_tag = stream_callbacks.stream_tag or "stream";
@@ -68,6 +65,7 @@ function new_sax_handlers(session, stream_callbacks)
 	
 	local stack = {};
 	local chardata, stanza = {};
+	local stanza_size = 0;
 	local non_streamns_depth = 0;
 	function xml_handlers:StartElement(tagname, attr)
 		if stanza and #chardata > 0 then
@@ -85,30 +83,33 @@ function new_sax_handlers(session, stream_callbacks)
 			non_streamns_depth = non_streamns_depth + 1;
 		end
 		
-		-- FIXME !!!!!
 		for i=1,#attr do
 			local k = attr[i];
 			attr[i] = nil;
-			local ns, nm = k:match(ns_pattern);
-			if nm ~= "" then
-				ns = ns_prefixes[ns];
-				if ns then
-					attr[ns..":"..nm] = attr[k];
-					attr[k] = nil;
-				end
+			local xmlk = xml_namespace[k];
+			if xmlk then
+				attr[xmlk] = attr[k];
+				attr[k] = nil;
 			end
 		end
 		
 		if not stanza then --if we are not currently inside a stanza
+			if lxp_supports_bytecount then
+				stanza_size = self:getcurrentbytecount();
+			end
 			if session.notopen then
 				if tagname == stream_tag then
 					non_streamns_depth = 0;
 					if cb_streamopened then
+						if lxp_supports_bytecount then
+							cb_handleprogress(stanza_size);
+							stanza_size = 0;
+						end
 						cb_streamopened(session, attr);
 					end
 				else
 					-- Garbage before stream?
-					cb_error(session, "no-stream");
+					cb_error(session, "no-stream", tagname);
 				end
 				return;
 			end
@@ -118,6 +119,9 @@ function new_sax_handlers(session, stream_callbacks)
 			
 			stanza = setmetatable({ name = name, attr = attr, tags = {} }, stanza_mt);
 		else -- we are inside a stanza, so add a tag
+			if lxp_supports_bytecount then
+				stanza_size = stanza_size + self:getcurrentbytecount();
+			end
 			t_insert(stack, stanza);
 			local oldstanza = stanza;
 			stanza = setmetatable({ name = name, attr = attr, tags = {} }, stanza_mt);
@@ -125,12 +129,45 @@ function new_sax_handlers(session, stream_callbacks)
 			t_insert(oldstanza.tags, stanza);
 		end
 	end
+	if lxp_supports_xmldecl then
+		function xml_handlers:XmlDecl(version, encoding, standalone)
+			if lxp_supports_bytecount then
+				cb_handleprogress(self:getcurrentbytecount());
+			end
+		end
+	end
+	function xml_handlers:StartCdataSection()
+		if lxp_supports_bytecount then
+			if stanza then
+				stanza_size = stanza_size + self:getcurrentbytecount();
+			else
+				cb_handleprogress(self:getcurrentbytecount());
+			end
+		end
+	end
+	function xml_handlers:EndCdataSection()
+		if lxp_supports_bytecount then
+			if stanza then
+				stanza_size = stanza_size + self:getcurrentbytecount();
+			else
+				cb_handleprogress(self:getcurrentbytecount());
+			end
+		end
+	end
 	function xml_handlers:CharacterData(data)
 		if stanza then
+			if lxp_supports_bytecount then
+				stanza_size = stanza_size + self:getcurrentbytecount();
+			end
 			t_insert(chardata, data);
+		elseif lxp_supports_bytecount then
+			cb_handleprogress(self:getcurrentbytecount());
 		end
 	end
 	function xml_handlers:EndElement(tagname)
+		if lxp_supports_bytecount then
+			stanza_size = stanza_size + self:getcurrentbytecount()
+		end
 		if non_streamns_depth > 0 then
 			non_streamns_depth = non_streamns_depth - 1;
 		end
@@ -142,6 +179,10 @@ function new_sax_handlers(session, stream_callbacks)
 			end
 			-- Complete stanza
 			if #stack == 0 then
+				if lxp_supports_bytecount then
+					cb_handleprogress(stanza_size);
+				end
+				stanza_size = 0;
 				if tagname ~= stream_error_tag then
 					cb_handlestanza(session, stanza);
 				else
@@ -152,24 +193,17 @@ function new_sax_handlers(session, stream_callbacks)
 				stanza = t_remove(stack);
 			end
 		else
-			if tagname == stream_tag then
-				if cb_streamclosed then
-					cb_streamclosed(session);
-				end
-			else
-				local curr_ns,name = tagname:match(ns_pattern);
-				if name == "" then
-					curr_ns, name = "", curr_ns;
-				end
-				cb_error(session, "parse-error", "unexpected-element-close", name);
+			if cb_streamclosed then
+				cb_streamclosed(session);
 			end
-			stanza, chardata = nil, {};
-			stack = {};
 		end
 	end
-	
-	local function restricted_handler()
+
+	local function restricted_handler(parser)
 		cb_error(session, "parse-error", "restricted-xml", "Restricted XML, see RFC 6120 section 11.1.");
+		if not parser.stop or not parser:stop() then
+			error("Failed to abort parsing");
+		end
 	end
 	
 	if lxp_supports_doctype then
@@ -179,31 +213,50 @@ function new_sax_handlers(session, stream_callbacks)
 	xml_handlers.ProcessingInstruction = restricted_handler;
 	
 	local function reset()
-		stanza, chardata = nil, {};
+		stanza, chardata, stanza_size = nil, {}, 0;
 		stack = {};
 	end
 	
 	local function set_session(stream, new_session)
 		session = new_session;
-		log = new_session.log or default_log;
 	end
 	
 	return xml_handlers, { reset = reset, set_session = set_session };
 end
 
-function new(session, stream_callbacks)
-	local handlers, meta = new_sax_handlers(session, stream_callbacks);
-	local parser = new_parser(handlers, ns_separator);
+function new(session, stream_callbacks, stanza_size_limit)
+	-- Used to track parser progress (e.g. to enforce size limits)
+	local n_outstanding_bytes = 0;
+	local handle_progress;
+	if lxp_supports_bytecount then
+		function handle_progress(n_parsed_bytes)
+			n_outstanding_bytes = n_outstanding_bytes - n_parsed_bytes;
+		end
+		stanza_size_limit = stanza_size_limit or default_stanza_size_limit;
+	elseif stanza_size_limit then
+		error("Stanza size limits are not supported on this version of LuaExpat")
+	end
+
+	local handlers, meta = new_sax_handlers(session, stream_callbacks, handle_progress);
+	local parser = new_parser(handlers, ns_separator, false);
 	local parse = parser.parse;
 
 	return {
 		reset = function ()
-			parser = new_parser(handlers, ns_separator);
+			parser = new_parser(handlers, ns_separator, false);
 			parse = parser.parse;
+			n_outstanding_bytes = 0;
 			meta.reset();
 		end,
 		feed = function (self, data)
-			return parse(parser, data);
+			if lxp_supports_bytecount then
+				n_outstanding_bytes = n_outstanding_bytes + #data;
+			end
+			local ok, err = parse(parser, data);
+			if lxp_supports_bytecount and n_outstanding_bytes > stanza_size_limit then
+				return nil, "stanza-too-large";
+			end
+			return ok, err;
 		end,
 		set_session = meta.set_session;
 	};