1
0
mirror of https://github.com/weechat/weechat.git synced 2026-07-02 15:53:12 +02:00
Commit Graph

47 Commits

Author SHA1 Message Date
aizu-m 519ab4e7bb relay: fix out-of-bounds read in relay_http_print_log_request (#2324) 2026-06-06 11:20:05 +02:00
Sébastien Helleu 3c36fd7412 relay: limit size of partial message received while reading an HTTP request to prevent memory exhaustion
A relay client could send data with no end-of-line (an unterminated method
or header line) and dribble its payload, making WeeChat accumulate it in the
partial message buffer that grew without limit, until all memory was
exhausted. This path is reachable before authentication during websocket
initialization with the "weechat" and "irc" protocols.

The accumulated partial message is now bounded by
RELAY_HTTP_PARTIAL_MESSAGE_MAX_LENGTH: once the limit is reached, the extra
data is ignored.
2026-06-06 09:38:55 +02:00
Sébastien Helleu 377b6da43d relay: limit size of received websocket frame and HTTP body to prevent memory exhaustion
A relay client could announce a huge websocket frame (or HTTP body via
"Content-Length") and dribble its payload, making WeeChat accumulate it
in a buffer that grew without limit, until all memory was exhausted. The
websocket frame path is reachable before authentication with the
"weechat" and "irc" protocols.

The announced websocket frame length and HTTP "Content-Length" are now
bounded by WEBSOCKET_FRAME_MAX_LENGTH and RELAY_HTTP_BODY_MAX_LENGTH: an
oversized websocket frame closes the connection, and an oversized body is
rejected.
2026-06-01 22:09:27 +02:00
Sébastien Helleu f53e7fb9ef core, plugins: fix typos in comments on functions, use imperative 2026-03-23 20:45:36 +01:00
Sébastien Helleu 106fe6ca7c core: update copyright dates 2026-03-08 10:37:15 +01:00
Sébastien Helleu 93d73d234f relay/api: consider boolean/long query string parameters as invalid if they are empty 2025-10-26 18:12:02 +01:00
Sébastien Helleu d05b83d03f relay/api: return an error 401 when header "x-weechat-totp" is received with empty value 2025-10-26 10:11:10 +01:00
Sébastien Helleu 0009732f78 relay/api: return an error 401 when header "x-weechat-totp" has an invalid value 2025-10-26 09:19:43 +01:00
Sébastien Helleu e637e0de1c relay/api: return an error 400 when URL parameters "nicks", "lines" and "lines_free" have an invalid value 2025-10-26 08:07:23 +01:00
Sébastien Helleu 58067431de relay/api: process HTTP request received as soon as a NULL char is received
This fixes the API probe made by schemathesis, so it detects immediately that
such NULL byte is not allowed by WeeChat, instead of timing out after 10
seconds:

   API capabilities:

     Supports NULL byte in headers:    ✘
2025-07-02 20:32:09 +02:00
Sébastien Helleu 2475f20cb7 all: move description of C files below the copyright and license 2025-03-31 11:47:49 +02:00
Sébastien Helleu 3a6ac9ee76 all: add SPDX license tag 2025-03-31 07:49:26 +02:00
Sébastien Helleu d8987a1678 all: replace Copyright lines by SPDX copyright tag 2025-03-30 14:47:12 +02:00
Aaron Jones f5038bccbc Fix function prototypes for list of arguments
At the moment, building WeeChat triggers several thousand -Wstrict-prototypes
diagnostics.  This is due to its source code using an empty argument list for
functions and function pointers that take no arguments, instead of explicitly
declaring that they take no arguments by using a void list.

This commit replaces all empty argument lists with a void list.

Note that Ruby's headers also suffer the same problem, which WeeChat can't
do anything to fix.  Thus, building WeeChat with the Ruby plugin enabled
will still issue approximately 30 such diagnostics.
2025-03-10 08:16:52 +01:00
Sébastien Helleu 547e2b934e core: update copyright dates 2025-02-01 23:13:18 +01:00
Sébastien Helleu 60422ca6b1 relay: remove extra space in JSON authentication error 2025-01-07 07:28:45 +01:00
Sébastien Helleu b45d2105a5 relay: replace calls to malloc by weechat_asprintf 2024-12-21 15:31:39 +01:00
Trygve Aaberge ca07c03bf3 relay/api: combine request headers with the same name
If a request repeats the same header name multiple times, merge the
header values into a comma separated string. Previously, only the last
header specified would be used.

For header fields that are defined as a comma-separated list, a client
may choose to send it as multiple headers instead of one header with
comma-separated values. The specification says that these are
equivalent, so we can therefore join the headers into a comma-separated
string.

This is specified at https://datatracker.ietf.org/doc/html/rfc7230#section-3.2.2
which says:

    A sender MUST NOT generate multiple header fields with the same field
    name in a message unless either the entire field value for that
    header field is defined as a comma-separated list [i.e., #(values)]
    or the header field is a well-known exception (as noted below).

    A recipient MAY combine multiple header fields with the same field
    name into one "field-name: field-value" pair, without changing the
    semantics of the message, by appending each subsequent field value to
    the combined field value in order, separated by a comma.  The order
    in which header fields with the same field name are received is
    therefore significant to the interpretation of the combined field
    value; a proxy MUST NOT change the order of these field values when
    forwarding a message.
2024-11-24 16:15:35 +01:00
Trygve Aaberge bd7c503e7b relay/api: support passing auth in sub protocol header
The API for connecting to WebSockets in browsers unfortunately doesn't
support setting any Authorization header. This means that before this
commit it was impossible to connect to the API relay from a web browser.
The only thing that can be set apart from the URL is the
Sec-WebSocket-Protocol header. Therefore this allows you to send the
auth token in this header.

This is a weird way to send auth, but it seems to be the best one that
makes it possible for browsers to connect. Kubernetes also does it this
way: https://github.com/kubernetes/kubernetes/pull/47740

Here is a post describing the different ways to make it possible for a
browser to authenticate against a websocket connection, and it also
recommends doing it this way:
https://stackoverflow.com/questions/4361173/http-headers-in-websockets-client-api/77060459#77060459

Note that when this header is used to pass auth, the client also needs
to specify the `api.weechat` sub protocol. This is because the client
and server have to agree on a sub protocol when this header is
specified, and in order to not send the fake protocol used for auth back
to the client, we require specifying the protocol `api.weechat`, which
the server then returns to the client. This is only necessary when the
Sec-WebSocket-Protocol header is used. If the Authorization header is
used for auth as before, nothing changes.
2024-11-24 16:00:25 +01:00
Josh Soref 2202cd9f85 spelling: zstd
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2024-09-28 21:22:56 +02:00
Sébastien Helleu fc197df056 relay/api: allow clients without authentication when no relay password is defined and option relay.network.allow_empty_password is on (issue #2158) 2024-07-20 15:57:56 +02:00
Sébastien Helleu 259615d436 relay/api: add field "request_id" in websocket frame (request and response) 2024-06-30 00:11:29 +02:00
Sébastien Helleu 1cacbde6b7 relay: remove check of NULL pointers before calling free functions 2024-06-30 00:11:00 +02:00
Sébastien Helleu f8d98bbd5e core: replace "%lx" by "%p" in dump of relay data 2024-06-14 18:10:18 +02:00
Sébastien Helleu 26fa0ea1b8 relay: enable websocket extension "permessage-deflate" with "api" relay only 2024-06-02 09:05:40 +02:00
Sébastien Helleu 5294249515 relay: fix compiler warning in call to snprintf
This fixes the following warning emitted by gcc:

…/relay-http.c:1207:32: warning: ‘%s’ directive output may be truncated writing up to 1023 bytes into a region of size 64 [-Wformat-truncation=]
 1207 |                               "%s[%d bytes data]",
      |                                ^~
 1208 |                               str_header,
      |                               ~~~~~~~~~~
…/relay-http.c:1207:31: note: directive argument in the range [1, 2147483647]
 1207 |                               "%s[%d bytes data]",
      |                               ^~~~~~~~~~~~~~~~~~~
…/relay-http.c:1206:21: note: ‘snprintf’ output between 15 and 1047 bytes into a destination of size 64
 1206 |                     snprintf (raw_message, length_raw,
      |                     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 1207 |                               "%s[%d bytes data]",
      |                               ~~~~~~~~~~~~~~~~~~~~
 1208 |                               str_header,
      |                               ~~~~~~~~~~~
 1209 |                               *ptr_body_size);
      |                               ~~~~~~~~~~~~~~~
2024-05-24 21:08:10 +02:00
Sébastien Helleu 25e3a631b9 relay/api: reply to preflight request OPTIONS received from browsers (CORS)
This adds the support of Cross-Origin Resource Sharing (CORS) in the relay HTTP
API.
2024-05-05 11:08:37 +02:00
Sébastien Helleu 9c3eda660d relay: remove check of NULL pointers before calling relay_websocket_deflate_free() (issue #865) 2024-04-26 21:23:39 +02:00
Sébastien Helleu ba97a39565 relay: remove check of NULL pointers before calling relay_http_response_free() (issue #865) 2024-04-26 21:22:49 +02:00
Sébastien Helleu 7af01a56ca plugins: remove check of NULL pointers before calling weechat_string_dyn_free() (issue #865) 2024-04-26 08:53:22 +02:00
Sébastien Helleu 9a5a1fb300 plugins: remove check of NULL pointers before calling weechat_string_free_split() (issue #865) 2024-04-26 08:53:22 +02:00
Sébastien Helleu 0b2d9bcb9b plugins: remove check of NULL pointers before calling weechat_hashtable_free() (issue #865) 2024-04-26 08:53:22 +02:00
Sébastien Helleu 7ee57af8e3 relay: remove check of NULL pointers before calling free() (issue #865) 2024-04-25 20:59:24 +02:00
Sébastien Helleu 4baf0e8526 relay: add final '\0' in body when parsing HTTP response
This fixes tests on Debian GNU/Hurd.
2024-04-24 21:24:51 +02:00
Sébastien Helleu 90b855e1aa relay: add connection to remote (issue #2066)
Connection to remote:

- handshake: offer support for all supported hash algorithms
- network connect with a socket
- upgrade to websocket and authenticate with remote (password/TOTP)
- check websocket response
- get list of buffers (not used yet)

Note: connection to remote with TLS or a proxy is not yet supported.
2024-04-07 13:18:13 +02:00
Sébastien Helleu c2343ecb74 relay: add functions to parse HTTP response (issue #2066) 2024-04-07 13:16:50 +02:00
Sébastien Helleu 965beb37de core: fix print of pointer values 2024-04-01 21:08:52 +02:00
Sébastien Helleu 6d549d0da9 relay/api: rename "salt" to "timestamp" 2024-02-26 12:56:44 +01:00
Sébastien Helleu 0f30a4e020 relay: move functions to get URL parameters from api to relay-http.c, add tests 2024-02-18 23:13:20 +01:00
Sébastien Helleu 820a3e8767 relay: free ws_deflate when http request is freed 2024-02-03 11:30:35 +01:00
Sébastien Helleu 3f902dba28 relay: check that request is not NULL before compressing data (issue #2066) 2024-02-01 21:39:23 +01:00
Sébastien Helleu de72fe1db5 relay/api: fix send of responses 400 and 404 in case of error (issue #2066) 2024-02-01 21:39:23 +01:00
Sébastien Helleu 89aeb03a13 relay: remove request from some function arguments (issue #2066) 2024-02-01 21:39:23 +01:00
Sébastien Helleu 83567fd871 relay: allow password hash authentication in api relay, add option relay.network.time_window (issue #2066) 2024-02-01 21:39:23 +01:00
Sébastien Helleu f126255d6a core: add support of base64url in encode/decode functions (issue #2066) 2024-02-01 21:39:21 +01:00
Sébastien Helleu 6cfb31c306 relay: add support of websocket extension "permessage-deflate" (closes #1549)
This extension is used to compress and decompress websocket frames (using
the DEFLATE algorithm, with zlib).
2024-02-01 21:38:53 +01:00
Sébastien Helleu 8971fc069a relay: add "api" protocol (HTTP REST API) (issue #2066) 2024-02-01 21:38:49 +01:00