diff options
author | Ladar Levison <ladar@lavabit.com> | 2018-11-07 12:02:33 +0300 |
---|---|---|
committer | Ladar Levison <ladar@lavabit.com> | 2018-11-07 12:02:33 +0300 |
commit | 45e2994cdb90d880147777e413f2858356408b7d (patch) | |
tree | e3349a161c42a085d9477259b3cb140a020f62cb /src | |
parent | 5feb697be37874b521fdb1af781e7513a437b854 (diff) |
Sanitize usernames during registration. Force secure flag.
Diffstat (limited to 'src')
-rw-r--r-- | src/queries.h | 2 | ||||
-rw-r--r-- | src/web/json_api/endpoints.c | 15 | ||||
-rw-r--r-- | src/web/register/datatier.c | 36 |
3 files changed, 35 insertions, 18 deletions
diff --git a/src/queries.h b/src/queries.h index 535e7eab..e1edd1ba 100644 --- a/src/queries.h +++ b/src/queries.h @@ -131,7 +131,7 @@ #define REGISTER_INSERT_PROFILE "INSERT INTO Profile (`usernum`) VALUES (?)" #define REGISTER_INSERT_FOLDER_NAME "INSERT INTO Folders (`usernum`, `foldername`) VALUES (?, ?)" #define REGISTER_INSERT_LOG "INSERT INTO Log (`usernum`, `created`, `created_ip`) VALUES (?, NOW(), ?)" -#define REGISTER_INSERT_DISPATCH "INSERT INTO Dispatch (`usernum`, `spamfolder`, `inbox`, `send_size_limit`, `recv_size_limit`, `daily_send_limit`, `daily_recv_limit`, `daily_recv_limit_ip`) VALUES (?, ?, ?, ?, ?, ?, ?, ?)" +#define REGISTER_INSERT_DISPATCH "INSERT INTO Dispatch (`usernum`, `secure`, `spamfolder`, `inbox`, `send_size_limit`, `recv_size_limit`, `daily_send_limit`, `daily_recv_limit`, `daily_recv_limit_ip`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)" #define REGISTER_INSERT_MAILBOXES "INSERT INTO Mailboxes (`address`, `usernum`) VALUES (?, ?)" #define REGISTER_FETCH_BLOCKLIST "SELECT sequence FROM Banned" #define DELETE_USER "DELETE FROM Users WHERE userid = ?" diff --git a/src/web/json_api/endpoints.c b/src/web/json_api/endpoints.c index e6f6fe76..a1574f06 100644 --- a/src/web/json_api/endpoints.c +++ b/src/web/json_api/endpoints.c @@ -146,6 +146,7 @@ void api_endpoint_register(connection_t *con) { uint64_t usernum = 0; int64_t transaction = -1; json_error_t jansson_err; + stringer_t *sanitized = NULL; chr_t *holder = NULL, *username = NULL, *password = NULL, *password_verification = NULL; // Try parsing the parameters with and without the plan key. @@ -176,6 +177,12 @@ void api_endpoint_register(connection_t *con) { } + // Sanitize the username, and prepare it for the database insert. + if (!(sanitized = auth_sanitize_username(NULLER(username)))) { + api_error(con, HTTP_ERROR_400, JSON_RPC_2_ERROR_SERVER_METHOD_PARAMS, "Invalid username provided."); + goto out; + } + // Start the transaction. transaction = tran_start(); if (transaction == -1) { @@ -184,7 +191,7 @@ void api_endpoint_register(connection_t *con) { } // Database insert. - if ((result = register_data_insert_user(con, plan, lower_st(NULLER(username)), NULLER(password), transaction, &usernum)) != 0) { + if ((result = register_data_insert_user(con, plan, sanitized, NULLER(password), transaction, &usernum)) != 0) { tran_rollback(transaction); if (result < 0) { api_error(con, HTTP_ERROR_500, JSON_RPC_2_ERROR_SERVER_INTERNAL, "Internal server error."); @@ -203,7 +210,11 @@ void api_endpoint_register(connection_t *con) { api_response(con, HTTP_OK, "{s:s, s:{s:s}, s:I}", "jsonrpc", "2.0", "result", "register", "success", "id", con->http.portal.id); - out: return; + out: + + st_cleanup(sanitized); + + return; } void api_endpoint_delete_user(connection_t *con) { diff --git a/src/web/register/datatier.c b/src/web/register/datatier.c index 661a3207..0c111ffa 100644 --- a/src/web/register/datatier.c +++ b/src/web/register/datatier.c @@ -115,9 +115,9 @@ int_t register_data_insert_user(connection_t *con, uint16_t plan, stringer_t *us uint16_t serial = 0; uint32_t bonus = 0; - MYSQL_BIND parameters[8]; + MYSQL_BIND parameters[9]; auth_stacie_t *stacie = NULL; - uint8_t rotated = 1, ads = 0; + uint8_t rotated = 1, ads = 0, secure = 1; const chr_t *account_plans[] = { "BASIC", "PERSONAL", "ENHANCED", "PREMIUM", "STANDARD", "PREMIER" }; uint64_t name_len, quota = 0, usernum, inbox, size_limit, send_limit, recv_limit; stringer_t *newaddr = NULL, *salt = NULL, *shard = NULL, *b64_salt = NULL, *b64_shard = NULL, *b64_verification = NULL, @@ -378,48 +378,54 @@ int_t register_data_insert_user(connection_t *con, uint16_t plan, stringer_t *us parameters[0].buffer = &usernum; parameters[0].is_unsigned = true; - // Spam Folder - parameters[1].buffer_type = MYSQL_TYPE_LONGLONG; - parameters[1].buffer_length = sizeof(uint64_t); - parameters[1].buffer = &inbox; + // The secure storage boolean. + parameters[1].buffer_type = MYSQL_TYPE_TINY; + parameters[1].buffer_length = sizeof(uint8_t); + parameters[1].buffer = &secure; parameters[1].is_unsigned = true; - // Inbox + // Spam Folder parameters[2].buffer_type = MYSQL_TYPE_LONGLONG; parameters[2].buffer_length = sizeof(uint64_t); parameters[2].buffer = &inbox; parameters[2].is_unsigned = true; - // Send size limit. + // Inbox parameters[3].buffer_type = MYSQL_TYPE_LONGLONG; parameters[3].buffer_length = sizeof(uint64_t); - parameters[3].buffer = (chr_t *)&size_limit; + parameters[3].buffer = &inbox; parameters[3].is_unsigned = true; - // Receive size limit. + // Send size limit. parameters[4].buffer_type = MYSQL_TYPE_LONGLONG; parameters[4].buffer_length = sizeof(uint64_t); parameters[4].buffer = (chr_t *)&size_limit; parameters[4].is_unsigned = true; - // Daily send limit. + // Receive size limit. parameters[5].buffer_type = MYSQL_TYPE_LONGLONG; parameters[5].buffer_length = sizeof(uint64_t); - parameters[5].buffer = (chr_t *)&send_limit; + parameters[5].buffer = (chr_t *)&size_limit; parameters[5].is_unsigned = true; - // Daily receive limit. + // Daily send limit. parameters[6].buffer_type = MYSQL_TYPE_LONGLONG; parameters[6].buffer_length = sizeof(uint64_t); - parameters[6].buffer = (chr_t *)&recv_limit; + parameters[6].buffer = (chr_t *)&send_limit; parameters[6].is_unsigned = true; - // Daily receive limit, IP. + // Daily receive limit. parameters[7].buffer_type = MYSQL_TYPE_LONGLONG; parameters[7].buffer_length = sizeof(uint64_t); parameters[7].buffer = (chr_t *)&recv_limit; parameters[7].is_unsigned = true; + // Daily receive limit, IP. + parameters[8].buffer_type = MYSQL_TYPE_LONGLONG; + parameters[8].buffer_length = sizeof(uint64_t); + parameters[8].buffer = (chr_t *)&recv_limit; + parameters[8].is_unsigned = true; + // Dispatch table. if (!stmt_exec_conn(stmts.register_insert_dispatch, parameters, transaction)) { log_pedantic("Unable to insert the user into the database. (Failed on Dispatch table.)"); |