summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorDaniel Kahn Gillmor <dkg@fifthhorseman.net>2010-01-18 23:10:42 -0500
committerDaniel Kahn Gillmor <dkg@fifthhorseman.net>2010-01-18 23:10:42 -0500
commit8b806ee99239d48fd3c2920c19f5cac7d54d2e8d (patch)
tree7370dba4e93a0bfae44b8e4fb023cb23429ca2f5 /src
parent8324815dbc0d10791906ea355847803c1bf043fb (diff)
flesh out check for reasonable-looking service names
Diffstat (limited to 'src')
-rwxr-xr-xsrc/monkeysphere-host74
-rw-r--r--src/share/common22
2 files changed, 94 insertions, 2 deletions
diff --git a/src/monkeysphere-host b/src/monkeysphere-host
index fab3ef7..5007cac 100755
--- a/src/monkeysphere-host
+++ b/src/monkeysphere-host
@@ -102,10 +102,80 @@ update_pgp_pub_file() {
> "$HOST_KEY_FILE"
}
-# check that the service name is well formed
+# check that the service name is well formed. we assume that the
+# service name refers to a host; DNS labels for host names are limited
+# to a very small range of characters (see RFC 1912, section 2.1).
+
+# FIXME: i'm failing to check here for label components that are
+# all-number (e.g. ssh://666.666), which are technically not allowed
+# (though some exist on the 'net, apparently)
+
check_service_name() {
local name="$1"
- log error "FIX ME: check service name"
+ local errs=""
+ local scheme
+ local port
+ local assigned_ports
+
+ [ -n "$name" ] || \
+ failure "You must supply a service name to check"
+
+ printf '%s' "$name" | perl -n -e '($str = $_) =~ s/\s//g ; exit !(lc($str) eq $_);' || \
+ failure "Not a valid service name: '$name'
+
+Service names should be canonicalized to all lower-case,
+with no whitespace"
+
+ [[ "$name" =~ ^[a-z0-9./:-]+$ ]] || \
+ failure "Not a valid service name: '$name'
+
+Service names should contain only lower-case ASCII letters
+numbers, dots (.), hyphens (-), slashes (/), and a colon (:).
+If you are using non-ASCII characters (e.g. IDN), you should
+use the canonicalized ASCII (NAMEPREP -> Punycode) representation
+(see RFC 3490)."
+
+ [[ "$name" =~ \. ]] || \
+ failure "Not a valid service name: '$name'
+
+Service names should use fully-qualified domain names (FQDN), but the
+domain name you chose appears to only have the local part. For
+example: don't use 'ssh://foo' ; use 'ssh://foo.example.com' instead."
+
+ [[ "$name" =~ ^[a-z]([a-z0-9-]*[a-z0-9])?://[a-z0-9]([a-z0-9-]*[a-z0-9])?(\.|((\.[a-z0-9]([a-z0-9-]*[a-z0-9])?)+))(:[1-9][0-9]{0,4})?$ ]] || \
+ failure "Not a valid service name: '$name'
+
+Service names look like <scheme>://full.example.com[:<portnumber>],
+where <scheme> is something like ssh or https, and <portnumber> is
+a decimal number (supplied only if the service is on a non-standard
+port)."
+
+ scheme=$(cut -f1 -d: <<<"$name")
+ port=$(cut -f3 -d: <<<"$name")
+
+ # check that the scheme name is found in the system services
+ # database
+ available_=$(get_port_for_service "$scheme") || \
+ log error "Error looking up service scheme named '%s'" "$scheme"
+
+ # FIXME: if the service isn't found, or does not have a port, what
+ # should we do? at the moment, we're just warning.
+
+ if [ -n "$port" ]; then
+ # check that the port number is a legitimate port number (> 0, < 65536)
+ [ "$port" -gt 0 ] && [ "$port" -lt 65536 ] || \
+ failure "The given port number should be greater than 0 and
+less than 65536. '$port' is not OK"
+
+ # if the port number is given, and the scheme is in the services
+ # database, check that the port number does *not* match the
+ # default port.
+ if (printf '%s' "$assigned_ports" | grep -q -F -x "$port" ) ; then
+ failure $(printf "The scheme %s uses port number %d by default.
+You should leave off the port number if it is the default" "$scheme" "$port")
+ fi
+ fi
+
}
# fail if host key not present
diff --git a/src/share/common b/src/share/common
index 97f001a..0a7fe87 100644
--- a/src/share/common
+++ b/src/share/common
@@ -436,6 +436,28 @@ list_users() {
fi
}
+# take one argument, a service name. in response, print a series of
+# lines, each with a unique numeric port number that might be
+# associated with that service name. (e.g. in: "https", out: "443")
+# if nothing is found, print nothing, and return 0.
+#
+# return 1 if there was an error in the search somehow
+get_port_for_service() {
+
+ [[ "$1" =~ ^[a-z0-9]([a-z0-9-]*[a-z0-9])?$ ]] || \
+ failure $(printf "This is not a valid service name: '%s'" "$1")
+ if type getent &>/dev/null ; then
+ # for linux and FreeBSD systems (getent returns 2 if not found, 0 on success, 1 or 3 on various failures)
+ (getent services "$service" || if [ "$?" -eq 2 ] ; then true ; else false; fi) | awk '{ print $2 }' | cut -f1 -d/ | sort -u
+ elif [ -r /etc/services ] ; then
+ # fall back to /etc/services for systems that don't have getent (MacOS?)
+ # FIXME: doesn't handle aliases like "null" (or "http"?), which don't show up at the beginning of the line.
+ awk $(printf '/^%s[[:space:]]/{ print $2 }' "$1") /etc/services | cut -f1 -d/ | sort -u
+ else
+ return 1
+ fi
+}
+
# return the path to the home directory of a user
get_homedir() {
local uname=${1:-`whoami`}