From b07ac7a732c1cced4dd76c9c17b523446d43b4e4 Mon Sep 17 00:00:00 2001 From: pedro Date: Sun, 23 May 2021 19:15:14 +0200 Subject: [PATCH] [__jitsi_meet_user] refactor user validation improve user validation and the corresponding docs coauthored with evilham :D --- type/__jitsi_meet_user/man.rst | 13 +++++++++++-- type/__jitsi_meet_user/manifest | 24 ++++++++++++++++++++---- 2 files changed, 31 insertions(+), 6 deletions(-) diff --git a/type/__jitsi_meet_user/man.rst b/type/__jitsi_meet_user/man.rst index eb298ba..9b9a1ba 100644 --- a/type/__jitsi_meet_user/man.rst +++ b/type/__jitsi_meet_user/man.rst @@ -12,8 +12,17 @@ This type manages a user identified by `$__object_id` that is allowed to start meetings in a Jitsi Meet instance managed by `__jitsi_meet(7)` and `__jitsi_meet_domain(7)`. -It does so by taking advantage of Prosody's plaintext authentication and -managing a file per user with the credentials. +These users are mapped to XMPP users which means that they must be a valid +localpart as defined in `RFC6122`_. This implies that users are case +insensitive and cannot contain the following symbols: `"&'/:<>@`. + +.. _RFC6122: https://xmpp.org/rfcs/rfc6122.html#nodeprep-prohibited + +To preserve idempotency we only allow lowercase for the users which correspond +to the `$__object_id` of this type. + +This type takes advantage of Prosody's plaintext authentication and managing a +file per user with the credentials. If a different authentication mechanism is needed, `__jitsi_meet(7)` should be patched accordingly. diff --git a/type/__jitsi_meet_user/manifest b/type/__jitsi_meet_user/manifest index b47795d..826858f 100755 --- a/type/__jitsi_meet_user/manifest +++ b/type/__jitsi_meet_user/manifest @@ -1,5 +1,9 @@ #!/bin/sh -e +basic_urlencode() { + echo "${1}" | sed 's/\./%2e/g' | sed 's/-/%2d/g' | sed 's/_/%5f/g' +} + PASSWD="$(cat "${__object}/parameter/password" 2>/dev/null || true)" STATE="$(cat "${__object}/parameter/state")" @@ -9,11 +13,23 @@ if [ -z "${PASSWD}" ] && [ "${STATE}" != "absent" ]; then EOF fi -USER="${__object_id}" -FQDN="$(echo "${__target_host}" | sed 's/\./%2e/g' | sed 's/-/%2d/g')" -FILENAME="/var/lib/prosody/${FQDN}/accounts/${USER}.dat" +JITSI_USER_RAW="${__object_id}" +if echo "${JITSI_USER_RAW}" | grep -q ".*[A-Z\"&'/:<>@]"; then + cat > /dev/stderr <@) according to RFC6122. +EOF + exit 1 +fi -__file "${FILENAME}" --owner prosody --group prosody --mode 0440 \ +JITSI_USER="$(basic_urlencode "${JITSI_USER_RAW}")" +FQDN="$(basic_urlencode "${__target_host}")" +FQDN_PATH="/var/lib/prosody/${FQDN}/accounts" +FILENAME="${FQDN_PATH}/${JITSI_USER}.dat" + +__directory "${FQDN_PATH}" --parents --owner prosody --group prosody --state "present" + +require="__directory${FQDN_PATH}" __file "${FILENAME}" --owner prosody --group prosody --mode 0440 \ --state "${STATE}" --source - <