aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTom Smeding <tom@tomsmeding.com>2021-02-27 17:47:37 +0100
committerTom Smeding <tom@tomsmeding.com>2021-02-27 17:53:53 +0100
commit47a07875f24d62e6873b100bb3668b9b7938de60 (patch)
treeea006cd4b7d8a3715c7163ce00cfda1ea9fde097
parent1e1cd7ce0aa362a0a2a20a764145035be911673d (diff)
server: Leak less information in error messages
-rw-r--r--command.c107
1 files changed, 52 insertions, 55 deletions
diff --git a/command.c b/command.c
index d84c456..70024f5 100644
--- a/command.c
+++ b/command.c
@@ -29,13 +29,27 @@ struct cmd_retval{
#define RET_MEMZERO ((struct cmd_retval){.socket_close=false,.memzero=true})
#define RET_MEMZERO_CLOSE(close_) ((struct cmd_retval){.socket_close=(close_),.memzero=true})
+#define ERR_VERSION_UNSUPP "Version not supported"
+#define ERR_USER_ALREADY_EXISTS "Username already exists"
+#define ERR_INVALID_CREDS "Invalid credentials"
+#define ERR_NOLOGIN "Not logged in"
+#define ERR_NOROOM "Room not found"
+#define ERR_NOUSER "User not found"
+#define ERR_USER_ALREADY_IN_ROOM "User already in that room"
+#define ERR_MSG_TOO_LONG "Message too long"
+#define ERR_NOMSG "Message not found"
+#define ERR_NOREPLYMSG "Replied-to message not found"
+#define ERR_REPLYMSG_TIMETRAVEL "Replied-to message later than target timestamp"
+#define ERR_SENDAT_UNAVAIL_3 "sendat unavailable in protocol version 3"
+#define ERR_SENDAT_FORBIDDEN "sendat not allowed"
+
static struct cmd_retval cmd_version(struct conn_data *data,const char *tag,const char **args){
i64 version;
if (!parse_i64(args[0], &version)
|| version < MIN_SUPPORTED_PROTOCOL_VERSION
|| version > PROTOCOL_VERSION) {
data->protversion = -1;
- net_send_error(data->fd, tag, "Version not supported");
+ net_send_error(data->fd, tag, ERR_VERSION_UNSUPP);
return RET_OK;
}
@@ -48,7 +62,7 @@ static struct cmd_retval cmd_version(struct conn_data *data,const char *tag,cons
static struct cmd_retval cmd_register(struct conn_data *data,const char *tag,const char **args){
i64 userid=db_find_user(args[0]);
if(userid!=-1){
- net_send_error(data->fd,tag,"Username already exists");
+ net_send_error(data->fd,tag,ERR_USER_ALREADY_EXISTS);
return RET_OK;
}
db_create_user(args[0],args[1]);
@@ -63,7 +77,7 @@ static struct cmd_retval cmd_login(struct conn_data *data,const char *tag,const
i64 userid=db_find_user(args[0]);
if(userid==-1){
- net_send_error(data->fd,tag,"User not found");
+ net_send_error(data->fd,tag,ERR_INVALID_CREDS);
if(data->userid!=-1){
userdata_unregister(data->userid,data->fd);
broadcast_online_change(data->userid);
@@ -82,7 +96,7 @@ static struct cmd_retval cmd_login(struct conn_data *data,const char *tag,const
broadcast_online_change(userid);
} else {
data->userid=-1;
- net_send_error(data->fd,tag,"Incorrect password");
+ net_send_error(data->fd,tag,ERR_INVALID_CREDS);
}
}
return RET_MEMZERO;
@@ -106,7 +120,7 @@ static struct cmd_retval cmd_change_password(struct conn_data *data, const char
// to see that we indeed return MEMZERO.
if (data->userid == -1) {
- net_send_error(data->fd, tag, "Not logged in");
+ net_send_error(data->fd, tag, ERR_NOLOGIN);
} else {
db_set_pass(data->userid, args[0]);
net_send_ok(data->fd, tag);
@@ -117,7 +131,7 @@ static struct cmd_retval cmd_change_password(struct conn_data *data, const char
static struct cmd_retval cmd_list_rooms(struct conn_data *data,const char *tag,const char **args){
(void)args;
if(data->userid==-1){
- net_send_error(data->fd,tag,"Not logged in");
+ net_send_error(data->fd,tag,ERR_NOLOGIN);
return RET_OK;
}
struct db_room_list rl=db_list_rooms(data->userid);
@@ -136,16 +150,12 @@ static struct cmd_retval cmd_list_rooms(struct conn_data *data,const char *tag,c
static struct cmd_retval cmd_list_members(struct conn_data *data,const char *tag,const char **args){
if(data->userid==-1){
- net_send_error(data->fd,tag,"Not logged in");
+ net_send_error(data->fd,tag,ERR_NOLOGIN);
return RET_OK;
}
i64 roomid=db_find_room(args[0]);
- if(roomid==-1){
- net_send_error(data->fd,tag,"Room not found");
- return RET_OK;
- }
- if(!db_is_member(roomid,data->userid)){
- net_send_error(data->fd,tag,"Not in that room");
+ if(roomid==-1||!db_is_member(roomid,data->userid)){
+ net_send_error(data->fd,tag,ERR_NOROOM);
return RET_OK;
}
@@ -166,7 +176,7 @@ static struct cmd_retval cmd_list_members(struct conn_data *data,const char *tag
static struct cmd_retval cmd_create_room(struct conn_data *data,const char *tag,const char **args){
(void)args;
if (data->userid == -1) {
- net_send_error(data->fd, tag, "Not logged in");
+ net_send_error(data->fd, tag, ERR_NOLOGIN);
return RET_OK;
}
userdata_mark_active(data->userid, data->fd, true);
@@ -197,7 +207,7 @@ static struct cmd_retval cmd_create_room(struct conn_data *data,const char *tag,
static struct cmd_retval cmd_leave_room(struct conn_data *data,const char *tag,const char **args){
(void)args;
if (data->userid == -1) {
- net_send_error(data->fd, tag, "Not logged in");
+ net_send_error(data->fd, tag, ERR_NOLOGIN);
return RET_OK;
}
userdata_mark_active(data->userid, data->fd, true);
@@ -206,12 +216,12 @@ static struct cmd_retval cmd_leave_room(struct conn_data *data,const char *tag,c
i64 roomid = db_find_room(roomname);
if (roomid == -1) {
- net_send_error(data->fd, tag, "Room not found");
+ net_send_error(data->fd, tag, ERR_NOROOM);
return RET_OK;
}
if (!db_remove_member(roomid, data->userid)) {
- net_send_error(data->fd, tag, "Not in that room");
+ net_send_error(data->fd, tag, ERR_NOROOM);
return RET_OK;
}
@@ -247,29 +257,24 @@ static struct cmd_retval cmd_leave_room(struct conn_data *data,const char *tag,c
static struct cmd_retval cmd_invite(struct conn_data *data,const char *tag,const char **args){
if(data->userid==-1){
- net_send_error(data->fd,tag,"Not logged in");
+ net_send_error(data->fd,tag,ERR_NOLOGIN);
return RET_OK;
}
userdata_mark_active(data->userid,data->fd,true);
const char *roomname=args[0];
i64 roomid=db_find_room(roomname);
- if(roomid==-1){
- net_send_error(data->fd,tag,"Room not found");
+ if(roomid==-1||!db_is_member(roomid,data->userid)){
+ net_send_error(data->fd,tag,ERR_NOROOM);
return RET_OK;
}
i64 user2=db_find_user(args[1]);
if(user2==-1){
- net_send_error(data->fd,tag,"User not found");
- return RET_OK;
- }
-
- if(!db_is_member(roomid,data->userid)){
- net_send_error(data->fd,tag,"Not in that room");
+ net_send_error(data->fd,tag,ERR_NOUSER);
return RET_OK;
}
if(db_is_member(roomid,user2)){
- net_send_error(data->fd,tag,"User already in that room");
+ net_send_error(data->fd,tag,ERR_USER_ALREADY_IN_ROOM);
return RET_OK;
}
@@ -315,7 +320,7 @@ static struct cmd_retval send_impl(
const char *roomname,const char *replyidstr,const char *message,
i64 timestamp,bool check_reply_earlier){
if(strlen(message)>MAX_MESSAGE_LEN){
- net_send_error(data->fd,tag,"Message too long");
+ net_send_error(data->fd,tag,ERR_MSG_TOO_LONG);
return RET_OK;
}
@@ -327,12 +332,8 @@ static struct cmd_retval send_impl(
}
const i64 roomid=db_find_room(roomname);
- if(roomid==-1){
- net_send_error(data->fd,tag,"Room not found");
- return RET_OK;
- }
- if(!db_is_member(roomid,data->userid)){
- net_send_error(data->fd,tag,"Not in that room");
+ if(roomid==-1||!db_is_member(roomid,data->userid)){
+ net_send_error(data->fd,tag,ERR_NOROOM);
return RET_OK;
}
@@ -340,10 +341,10 @@ static struct cmd_retval send_impl(
const struct db_message msg=db_get_message(replyid);
bool error_sent=false;
if(msg.msgid==-1){
- net_send_error(data->fd,tag,"Replied-to message not found");
+ net_send_error(data->fd,tag,ERR_NOREPLYMSG);
error_sent=true;
} else if(check_reply_earlier&&msg.timestamp>=timestamp){
- net_send_error(data->fd,tag,"Replied-to message later than target timestamp");
+ net_send_error(data->fd,tag,ERR_REPLYMSG_TIMETRAVEL);
error_sent=true;
}
db_nullify_message(msg);
@@ -383,7 +384,7 @@ static struct cmd_retval send_impl(
static struct cmd_retval cmd_send(struct conn_data *data, const char *tag, const char **args){
if (data->userid == -1) {
- net_send_error(data->fd, tag, "Not logged in");
+ net_send_error(data->fd, tag, ERR_NOLOGIN);
return RET_OK;
}
userdata_mark_active(data->userid, data->fd, true);
@@ -397,12 +398,12 @@ static struct cmd_retval cmd_send(struct conn_data *data, const char *tag, const
static struct cmd_retval cmd_sendat(struct conn_data *data, const char *tag, const char **args){
if (data->userid == -1) {
- net_send_error(data->fd, tag, "Not logged in");
+ net_send_error(data->fd, tag, ERR_NOLOGIN);
return RET_OK;
}
if (data->protversion < 4) {
- net_send_error(data->fd, tag, "sendat unavailable in protocol version 3");
+ net_send_error(data->fd, tag, ERR_SENDAT_UNAVAIL_3);
return RET_OK;
}
@@ -413,7 +414,7 @@ static struct cmd_retval cmd_sendat(struct conn_data *data, const char *tag, con
const char *message = args[4];
if (!config_check_apikey(apikey).sendat) {
- net_send_error(data->fd, tag, "sendat not allowed");
+ net_send_error(data->fd, tag, ERR_SENDAT_FORBIDDEN);
return RET_OK;
}
@@ -438,17 +439,13 @@ static struct cmd_retval history_cmd_helper(
}
if(data->userid==-1){
- net_send_error(data->fd,tag,"Not logged in");
+ net_send_error(data->fd,tag,ERR_NOLOGIN);
return RET_OK;
}
const char *roomname=args[0];
i64 roomid=db_find_room(roomname);
- if(roomid==-1){
- net_send_error(data->fd,tag,"Room not found");
- return RET_OK;
- }
- if(!db_is_member(roomid,data->userid)){
- net_send_error(data->fd,tag,"Not in that room");
+ if(roomid==-1||!db_is_member(roomid,data->userid)){
+ net_send_error(data->fd,tag,ERR_NOROOM);
return RET_OK;
}
@@ -503,20 +500,20 @@ static struct cmd_retval cmd_get_message(struct conn_data *data, const char *tag
}
if (data->userid == -1) {
- net_send_error(data->fd, tag, "Not logged in");
+ net_send_error(data->fd, tag, ERR_NOLOGIN);
return RET_OK;
}
struct db_message msg = db_get_message(msgid);
if (msg.msgid == -1) {
- net_send_error(data->fd, tag, "Message not found");
+ net_send_error(data->fd, tag, ERR_NOMSG);
return RET_OK;
}
if (!db_is_member(msg.roomid, data->userid)) {
db_nullify_message(msg);
// Don't disclose that the message actually exists elsewhere
- net_send_error(data->fd, tag, "Message not found");
+ net_send_error(data->fd, tag, ERR_NOMSG);
return RET_OK;
}
@@ -543,13 +540,13 @@ static struct cmd_retval cmd_ping(struct conn_data *data,const char *tag,const c
static struct cmd_retval cmd_is_online(struct conn_data *data,const char *tag,const char **args){
if (data->userid == -1) {
- net_send_error(data->fd, tag, "Not logged in");
+ net_send_error(data->fd, tag, ERR_NOLOGIN);
return RET_OK;
}
i64 userid2 = db_find_user(args[0]);
if (userid2 == -1 || !db_user_knows_user(data->userid, userid2)) {
- net_send_error(data->fd, tag, "User not found");
+ net_send_error(data->fd, tag, ERR_NOUSER);
return RET_OK;
}
i64 nfds;
@@ -559,7 +556,7 @@ static struct cmd_retval cmd_is_online(struct conn_data *data,const char *tag,co
static struct cmd_retval cmd_firebase_token(struct conn_data *data,const char *tag,const char **args){
if(data->userid==-1){
- net_send_error(data->fd,tag,"Not logged in");
+ net_send_error(data->fd,tag,ERR_NOLOGIN);
return RET_OK;
}
db_add_token(data->userid,args[0]);
@@ -568,7 +565,7 @@ static struct cmd_retval cmd_firebase_token(struct conn_data *data,const char *t
static struct cmd_retval cmd_delete_firebase_token(struct conn_data *data,const char *tag,const char **args){
if(data->userid==-1){
- net_send_error(data->fd,tag,"Not logged in");
+ net_send_error(data->fd,tag,ERR_NOLOGIN);
return RET_OK;
}
db_delete_token(data->userid,args[0]);
@@ -577,7 +574,7 @@ static struct cmd_retval cmd_delete_firebase_token(struct conn_data *data,const
static struct cmd_retval cmd_user_active(struct conn_data *data,const char *tag,const char **args){
if(data->userid==-1){
- net_send_error(data->fd,tag,"Not logged in");
+ net_send_error(data->fd,tag,ERR_NOLOGIN);
return RET_OK;
}
i64 active;