From 9fe0d4bbd994f6d462f4348256510ae01cb3b4fc Mon Sep 17 00:00:00 2001 From: levlam Date: Sat, 16 May 2020 22:53:19 +0300 Subject: [PATCH] Do not remove brackets from HttpUrl IPv6 host. GitOrigin-RevId: 59db5b747e66bd83cbfa81d4276af2aa1bb8b7ca --- td/telegram/misc.cpp | 2 +- tdnet/td/net/SslStream.cpp | 4 +++- tdutils/td/utils/HttpUrl.cpp | 14 ++++++-------- tdutils/td/utils/port/IPAddress.cpp | 8 ++++++++ 4 files changed, 18 insertions(+), 10 deletions(-) diff --git a/td/telegram/misc.cpp b/td/telegram/misc.cpp index 80457bd8..062b9d22 100644 --- a/td/telegram/misc.cpp +++ b/td/telegram/misc.cpp @@ -345,7 +345,7 @@ Result check_url(Slice url) { return PSTRING() << (is_tg ? "tg" : "ton") << "://" << http_url.host_ << query; } - if (http_url.host_.find('.') == string::npos) { + if (http_url.host_.find('.') == string::npos && !http_url.is_ipv6_) { return Status::Error("Wrong HTTP URL"); } return http_url.get_url(); diff --git a/tdnet/td/net/SslStream.cpp b/tdnet/td/net/SslStream.cpp index 12046e15..f8cadb6c 100644 --- a/tdnet/td/net/SslStream.cpp +++ b/tdnet/td/net/SslStream.cpp @@ -328,9 +328,10 @@ class SslStreamImpl { X509_VERIFY_PARAM *param = SSL_get0_param(ssl_handle); X509_VERIFY_PARAM_set_hostflags(param, 0); if (r_ip_address.is_ok()) { + LOG(DEBUG) << "Set verification IP address to " << r_ip_address.ok().get_ip_str(); X509_VERIFY_PARAM_set1_ip_asc(param, r_ip_address.ok().get_ip_str().c_str()); - // X509_VERIFY_PARAM_set1_host(param, host.c_str(), 0); } else { + LOG(DEBUG) << "Set verification host to " << host; X509_VERIFY_PARAM_set1_host(param, host.c_str(), 0); } #else @@ -343,6 +344,7 @@ class SslStreamImpl { #if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) if (r_ip_address.is_error()) { // IP address must not be send as SNI + LOG(DEBUG) << "Set SNI host name to " << host; auto host_str = host.str(); SSL_set_tlsext_host_name(ssl_handle, MutableCSlice(host_str).begin()); } diff --git a/tdutils/td/utils/HttpUrl.cpp b/tdutils/td/utils/HttpUrl.cpp index 4d8d11e8..b104fe17 100644 --- a/tdutils/td/utils/HttpUrl.cpp +++ b/tdutils/td/utils/HttpUrl.cpp @@ -10,6 +10,7 @@ #include "td/utils/logging.h" #include "td/utils/misc.h" #include "td/utils/Parser.h" +#include "td/utils/port/IPAddress.h" namespace td { @@ -29,13 +30,7 @@ string HttpUrl::get_url() const { result += userinfo_; result += '@'; } - if (is_ipv6_) { - result += '['; - } result += host_; - if (is_ipv6_) { - result += ']'; - } if (specified_port_ > 0) { result += ':'; result += to_string(specified_port_); @@ -88,8 +83,11 @@ Result parse_url(Slice url, HttpUrl::Protocol default_protocol) { bool is_ipv6 = false; if (!host.empty() && host[0] == '[' && host.back() == ']') { - host.remove_prefix(1); - host.remove_suffix(1); + IPAddress ip_address; + if (ip_address.init_ipv6_port(host.str(), 1).is_error()) { + return Status::Error("Wrong IPv6 address specified in the URL"); + } + CHECK(ip_address.is_ipv6()); is_ipv6 = true; } if (host.empty()) { diff --git a/tdutils/td/utils/port/IPAddress.cpp b/tdutils/td/utils/port/IPAddress.cpp index a79dfbd1..32b1acef 100644 --- a/tdutils/td/utils/port/IPAddress.cpp +++ b/tdutils/td/utils/port/IPAddress.cpp @@ -389,6 +389,10 @@ Result IPAddress::get_ipv6_address(CSlice host) { } Status IPAddress::init_host_port(CSlice host, int port, bool prefer_ipv6) { + if (host.size() > 2 && host[0] == '[' && host.back() == ']') { + return init_ipv6_port(host, port); + } + return init_host_port(host, PSLICE() << port, prefer_ipv6); } @@ -405,6 +409,10 @@ Status IPAddress::init_host_port(CSlice host, CSlice port, bool prefer_ipv6) { TRY_RESULT(ascii_host, idn_to_ascii(host)); host = ascii_host; // assign string to CSlice + if (host[0] == '[' && host.back() == ']') { + return init_ipv6_port(host, to_integer(port)); + } + // some getaddrinfo implementations use inet_pton instead of inet_aton and support only decimal-dotted IPv4 form, // and so doesn't recognize 0x12.0x34.0x56.0x78, or 0x12345678, or 0x7f.001 as valid IPv4 addresses auto ipv4_numeric_addr = inet_addr(host.c_str());