Tigase Forge
Dashboards
Projects
Pull Requests
Issues
Builds
Packages
Code Search
server-core
Code
Pull Requests
Issues
List
Boards
Iterations
Timesheets
Builds
Packages
Statistics
Child Projects
OneDev 10.9.4
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects tigase _server server-core Issues #1073
Tigase allows attempts to open connection to invalid hostname (#1073)
Closed
wojciech.kapcia@tigase.net opened 5 years ago

It looks that for some reason, somewhere jidInstanceNS is used which then reaches S2S connection manager

[2019-09-24 16:19:18:561] [FINE    ] [  ConnectionOpenThread ] ConnectionManager.startService() : Starting service: {cert-required-domain=2182181, cid=pandion.im@2182181, ifc=[Ljava.lang.String;@72823c4e, local-hostname=pandion.im, port-no=5269, remote-hostname=2182181, remote-ip=0.33.76.37, s2s-connection-key=S2S: null, socket=plain, srv-type=_xmpp-server._tcp, type=connect}
[2019-09-24 16:19:18:561] [WARNING ] [  ConnectionOpenThread ] ConnectionOpenThread.processWaiting(): Error: creating connection for: {cert-required-domain=2182181, cid=pandion.im@2182181, ifc=[Ljava.lang.String;@72823c4e, local-hostname=pandion.im, port-no=5269, remote-hostname=2182181, remote-ip=0.33.76.37, s2s-connection-key=S2S: null, socket=plain, srv-type=_xmpp-server._tcp, type=connect}
java.net.SocketException: Invalid argument
	at java.base/sun.nio.ch.Net.$$YJP$$connect0(Native Method)
	at java.base/sun.nio.ch.Net.connect0(Net.java)
	at java.base/sun.nio.ch.Net.connect(Net.java:482)
	at java.base/sun.nio.ch.Net.connect(Net.java:474)
	at java.base/sun.nio.ch.SocketChannelImpl.connect(SocketChannelImpl.java:694)
	at tigase.net.ConnectionOpenThread.addISA(ConnectionOpenThread.java:313)
	at tigase.net.ConnectionOpenThread.addPort(ConnectionOpenThread.java:333)
	at tigase.net.ConnectionOpenThread.processWaiting(ConnectionOpenThread.java:229)
	at tigase.net.ConnectionOpenThread.run(ConnectionOpenThread.java:194)
	at java.base/java.lang.Thread.run(Thread.java:834)
wojciech.kapcia@tigase.net commented 5 years ago

numeral-only hostnames are actually legal according to the RFC (hence there was no issue with stringprep rejecting it) however Java's InetAddress.getAllByName(hostname); tries to parse it as decimal representation of the IP first instead of doing lookup getAllByName​(String host):

The host name can either be a machine name, such as "java.sun.com", or a textual representation of its IP address. If a literal IP address is supplied, only the validity of the address format is checked.

I added a check to skip resolving of such hostnames.
issue 1 of 1
Type
Bug
Priority
Minor
Assignee
wojciech.kapcia@tigase.net
Spent time
4h 30m
Related
  • tigase-private/systems-maintenance/servers#277 You are not authorized to access this issue
  • tigase-private/systems-maintenance/servers#288 You are not authorized to access this issue
Issue Votes (0)
Login to vote
Watchers (0)
Reference
tigase/_server/server-core#1073
Please wait...
Page is in error, reload to recover