Protect against lookup loops
This commit is contained in:
Maxime Dor
@@ -21,8 +21,11 @@
|
||||
package io.kamax.mxisd.lookup
|
||||
|
||||
import io.kamax.mxisd.api.ThreePidType
|
||||
import io.kamax.mxisd.config.ServerConfig
|
||||
import org.apache.commons.lang.StringUtils
|
||||
import org.slf4j.Logger
|
||||
import org.slf4j.LoggerFactory
|
||||
import org.springframework.beans.factory.annotation.Autowired
|
||||
import org.springframework.stereotype.Component
|
||||
import org.xbill.DNS.Lookup
|
||||
import org.xbill.DNS.SRVRecord
|
||||
@@ -33,6 +36,9 @@ class DnsLookupProvider extends RemoteIdentityServerProvider {
|
||||
|
||||
private Logger log = LoggerFactory.getLogger(DnsLookupProvider.class)
|
||||
|
||||
@Autowired
|
||||
private ServerConfig srvCfg;
|
||||
|
||||
@Override
|
||||
int getPriority() {
|
||||
return 10
|
||||
@@ -48,6 +54,10 @@ class DnsLookupProvider extends RemoteIdentityServerProvider {
|
||||
|
||||
String domain = threePid.substring(threePid.lastIndexOf("@") + 1)
|
||||
log.info("Domain name for {}: {}", threePid, domain)
|
||||
if (StringUtils.equals(srvCfg.getName(), domain)) {
|
||||
log.warn("We are authoritative for ${domain}, no remote lookup - is your server.name configured properly?")
|
||||
return Optional.empty()
|
||||
}
|
||||
|
||||
log.info("Performing SRV lookup")
|
||||
String lookupDns = "_matrix-identity._tcp." + domain
|
||||
|
||||
@@ -27,12 +27,16 @@ import org.apache.directory.api.ldap.model.entry.Attribute
|
||||
import org.apache.directory.api.ldap.model.message.SearchScope
|
||||
import org.apache.directory.ldap.client.api.LdapConnection
|
||||
import org.apache.directory.ldap.client.api.LdapNetworkConnection
|
||||
import org.slf4j.Logger
|
||||
import org.slf4j.LoggerFactory
|
||||
import org.springframework.beans.factory.annotation.Autowired
|
||||
import org.springframework.stereotype.Component
|
||||
|
||||
@Component
|
||||
class LdapProvider implements ThreePidProvider {
|
||||
|
||||
private Logger log = LoggerFactory.getLogger(LdapProvider.class)
|
||||
|
||||
@Autowired
|
||||
private LdapConfig ldapCfg
|
||||
|
||||
@@ -43,6 +47,8 @@ class LdapProvider implements ThreePidProvider {
|
||||
|
||||
@Override
|
||||
Optional<?> find(ThreePidType type, String threePid) {
|
||||
log.info("Performing LDAP lookup ${threePid} of type ${type}")
|
||||
|
||||
LdapConnection conn = new LdapNetworkConnection(ldapCfg.getHost(), ldapCfg.getPort())
|
||||
try {
|
||||
conn.bind(ldapCfg.getBindDn(), ldapCfg.getBindPassword())
|
||||
|
||||
@@ -21,6 +21,8 @@
|
||||
package io.kamax.mxisd.lookup
|
||||
|
||||
import io.kamax.mxisd.api.ThreePidType
|
||||
import org.slf4j.Logger
|
||||
import org.slf4j.LoggerFactory
|
||||
import org.springframework.beans.factory.InitializingBean
|
||||
import org.springframework.beans.factory.annotation.Autowired
|
||||
import org.springframework.stereotype.Component
|
||||
@@ -28,11 +30,15 @@ import org.springframework.stereotype.Component
|
||||
@Component
|
||||
class PriorityLookupStrategy implements LookupStrategy, InitializingBean {
|
||||
|
||||
private Logger log = LoggerFactory.getLogger(PriorityLookupStrategy.class)
|
||||
|
||||
@Autowired
|
||||
private List<ThreePidProvider> providers
|
||||
|
||||
@Override
|
||||
void afterPropertiesSet() throws Exception {
|
||||
log.info("Found ${providers.size()} providers")
|
||||
|
||||
providers.sort(new Comparator<ThreePidProvider>() {
|
||||
|
||||
@Override
|
||||
|
||||
Reference in New Issue
Block a user