From 5a7f6f15a6766447e6a270779369942c344d9a98 Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Wed, 7 Feb 2024 14:30:17 +0100 Subject: [PATCH] ensure federation info fqdn to lowercase --- go.mod | 7 +++++-- go.sum | 1 - models/forgefed/federationhost.go | 6 +++++- models/forgefed/federationhost_repository.go | 3 ++- models/forgefed/federationhost_test.go | 13 ++++++++++++- 5 files changed, 24 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 9e97331977..5ca531282d 100644 --- a/go.mod +++ b/go.mod @@ -113,14 +113,17 @@ require ( gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df gopkg.in/ini.v1 v1.67.0 gopkg.in/yaml.v3 v3.0.1 - // TODO: f3 is the way to go ? - lab.forgefriends.org/friendlyforgeformat/gof3 v1.0.1-0.20231016193607-59f139e6759e mvdan.cc/xurls/v2 v2.5.0 strk.kbt.io/projects/go/libravatar v0.0.0-20191008002943-06d1c002b251 xorm.io/builder v0.3.13 xorm.io/xorm v1.3.7 ) +require ( + github.com/sethvargo/go-password v0.2.0 + github.com/valyala/fastjson v1.6.4 +) + require ( cloud.google.com/go/compute v1.23.3 // indirect cloud.google.com/go/compute/metadata v0.2.3 // indirect diff --git a/go.sum b/go.sum index a8e8a190fd..ce8dd011c9 100644 --- a/go.sum +++ b/go.sum @@ -1280,7 +1280,6 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -lab.forgefriends.org/friendlyforgeformat/gof3 v1.0.1-0.20231016193607-59f139e6759e/go.mod h1:gbekmufZ+PvotlQUCw9OpcMYo4igaWDjyT70FyNGFwc= lukechampine.com/uint128 v1.2.0 h1:mBi/5l91vocEN8otkC5bDLhi2KdCticRiwbdB0O+rjI= lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= modernc.org/cc/v3 v3.40.0 h1:P3g79IUS/93SYhtoeaHW+kRCIrYaxJ27MFPv+7kaTOw= diff --git a/models/forgefed/federationhost.go b/models/forgefed/federationhost.go index f820a1708b..936bbbd01a 100644 --- a/models/forgefed/federationhost.go +++ b/models/forgefed/federationhost.go @@ -5,6 +5,7 @@ package forgefed import ( "fmt" + "strings" "time" "code.gitea.io/gitea/modules/timeutil" @@ -26,7 +27,7 @@ type FederationHost struct { // Factory function for PersonID. Created struct is asserted to be valid func NewFederationHost(nodeInfo NodeInfo, hostFqdn string) (FederationHost, error) { result := FederationHost{ - HostFqdn: hostFqdn, + HostFqdn: strings.ToLower(hostFqdn), NodeInfo: nodeInfo, } if valid, err := validation.IsValid(result); !valid { @@ -41,6 +42,9 @@ func (host FederationHost) Validate() []string { result = append(result, validation.ValidateNotEmpty(host.HostFqdn, "HostFqdn")...) result = append(result, validation.ValidateMaxLen(host.HostFqdn, 255, "HostFqdn")...) result = append(result, host.NodeInfo.Validate()...) + if host.HostFqdn != strings.ToLower(host.HostFqdn) { + result = append(result, fmt.Sprintf("HostFqdn has to be lower case but was: %v", host.HostFqdn)) + } if !host.LatestActivity.IsZero() && host.LatestActivity.After(time.Now().Add(10*time.Minute)) { result = append(result, fmt.Sprintf("Latest Activity may not be far futurer: %v", host.LatestActivity)) } diff --git a/models/forgefed/federationhost_repository.go b/models/forgefed/federationhost_repository.go index fa9ab67c8c..37987d5720 100644 --- a/models/forgefed/federationhost_repository.go +++ b/models/forgefed/federationhost_repository.go @@ -6,6 +6,7 @@ package forgefed import ( "context" "fmt" + "strings" "code.gitea.io/gitea/models/db" "code.gitea.io/gitea/modules/validation" @@ -32,7 +33,7 @@ func GetFederationHost(ctx context.Context, ID int64) (*FederationHost, error) { func FindFederationHostByFqdn(ctx context.Context, fqdn string) (*FederationHost, error) { host := new(FederationHost) // TODO: use parameter with toLower - has, err := db.GetEngine(ctx).Where("host_fqdn=?", fqdn).Get(host) + has, err := db.GetEngine(ctx).Where("host_fqdn=?", strings.ToLower(fqdn)).Get(host) if err != nil { return nil, err } else if !has { diff --git a/models/forgefed/federationhost_test.go b/models/forgefed/federationhost_test.go index 88eecf511a..75ddfff9dd 100644 --- a/models/forgefed/federationhost_test.go +++ b/models/forgefed/federationhost_test.go @@ -39,6 +39,17 @@ func Test_FederationHostValidation(t *testing.T) { LatestActivity: time.Now().Add(1 * time.Hour), } if res, _ := validation.IsValid(sut); res { - t.Errorf("sut should be invalid") + t.Errorf("sut should be invalid: Future timestamp") + } + + sut = FederationHost{ + HostFqdn: "hOst.do.main", + NodeInfo: NodeInfo{ + Source: "forgejo", + }, + LatestActivity: time.Now(), + } + if res, _ := validation.IsValid(sut); res { + t.Errorf("sut should be invalid: HostFqdn lower case") } }