Cleanup

1 files changed, 175 insertions, 0 deletions

diff --git a/xmpp-vala/src/module/xep/0115_entity_capabilities.vala b/xmpp-vala/src/module/xep/0115_entity_capabilities.vala
new file mode 100644
index 00000000..8e15e0c2
--- /dev/null
+++ b/xmpp-vala/src/module/xep/0115_entity_capabilities.vala
@@ -0,0 +1,175 @@
+using Gee;
+
+namespace Xmpp.Xep.EntityCapabilities {
+    private const string NS_URI = "http://jabber.org/protocol/caps";
+
+    private Regex? sha1_base64_regex = null;
+
+    private Regex get_sha1_base64_regex() {
+        if (sha1_base64_regex == null) {
+            sha1_base64_regex = /^[A-Za-z0-9+\/]{27}=$/;
+        }
+        return sha1_base64_regex;
+    }
+
+    public string? get_caps_hash(Presence.Stanza presence) {
+        Regex sha1_base64_regex = get_sha1_base64_regex();
+        StanzaNode? c_node = presence.stanza.get_subnode("c", NS_URI);
+        if (c_node == null) return null;
+        string? ver_attribute = c_node.get_attribute("ver", NS_URI);
+        if (ver_attribute == null || !sha1_base64_regex.match(ver_attribute)) return null;
+        return ver_attribute;
+    }
+
+    public string? get_server_caps_hash(XmppStream stream) {
+        StanzaNode? node = stream.features.get_subnode("c", NS_URI);
+        if (node == null) return null;
+
+        string? ver_attribute = node.get_attribute("ver", NS_URI);
+        if (ver_attribute == null) return null;
+
+        return ver_attribute;
+    }
+
+    public class Module : XmppStreamModule {
+        public static ModuleIdentity<Module> IDENTITY = new ModuleIdentity<Module>(NS_URI, "0115_entity_capabilities");
+
+        private string own_ver_hash;
+        private Storage storage;
+
+        public Module(Storage storage) {
+            this.storage = storage;
+        }
+
+        private string get_own_hash(XmppStream stream) {
+            if (own_ver_hash == null) {
+                own_ver_hash = compute_hash(stream.get_flag(ServiceDiscovery.Flag.IDENTITY).own_identities, stream.get_flag(ServiceDiscovery.Flag.IDENTITY).own_features, new ArrayList<DataForms.DataForm>());
+            }
+            return own_ver_hash;
+        }
+
+        public override void attach(XmppStream stream) {
+            stream.get_module(Presence.Module.IDENTITY).pre_send_presence_stanza.connect(on_pre_send_presence_stanza);
+            stream.get_module(ServiceDiscovery.Module.IDENTITY).add_feature(stream, NS_URI);
+        }
+
+        public override void detach(XmppStream stream) {
+            stream.get_module(Presence.Module.IDENTITY).pre_send_presence_stanza.disconnect(on_pre_send_presence_stanza);
+            stream.get_module(ServiceDiscovery.Module.IDENTITY).remove_feature(stream, NS_URI);
+        }
+
+        public override string get_ns() { return NS_URI; }
+        public override string get_id() { return IDENTITY.id; }
+
+        private void on_pre_send_presence_stanza(XmppStream stream, Presence.Stanza presence) {
+            if (presence.type_ == Presence.Stanza.TYPE_AVAILABLE) {
+                presence.stanza.put_node(new StanzaNode.build("c", NS_URI).add_self_xmlns()
+                    .put_attribute("hash", "sha-1")
+                    .put_attribute("node", "https://dino.im")
+                    .put_attribute("ver", get_own_hash(stream)));
+            }
+        }
+
+        public static string compute_hash_for_info_result(ServiceDiscovery.InfoResult info_result) {
+            Gee.List<DataForms.DataForm> data_forms = new ArrayList<DataForms.DataForm>();
+            foreach (StanzaNode node in info_result.iq.stanza.get_deep_subnodes(ServiceDiscovery.NS_URI_INFO + ":query", DataForms.NS_URI + ":x")) {
+                data_forms.add(DataForms.DataForm.create_from_node(node));
+            }
+
+            return compute_hash(info_result.identities, info_result.features, data_forms);
+        }
+
+        public static string compute_hash(Gee.Set<ServiceDiscovery.Identity> identities_set, Gee.List<string> features, Gee.List<DataForms.DataForm> data_forms) {
+            var identities = new ArrayList<ServiceDiscovery.Identity>();
+            foreach (var identity in identities_set) identities.add(identity);
+
+            identities.sort(compare_identities);
+            features.sort();
+
+            StringBuilder sb = new StringBuilder();
+            foreach (ServiceDiscovery.Identity identity in identities) {
+                sb.append(sanitize(identity.category))
+                    .append("/")
+                    .append(sanitize(identity.type_))
+                    .append("//");
+                if (identity.name != null) {
+                    sb.append(sanitize(identity.name));
+                }
+                sb.append("<");
+            }
+            foreach (string feature in features) {
+                sb.append(sanitize(feature))
+                        .append("<");
+            }
+
+            data_forms.sort(compare_data_forms);
+            foreach (DataForms.DataForm data_form in data_forms) {
+                if (data_form.form_type == null) {
+                    // If [..] the FORM_TYPE field is not of type "hidden" or the form does not include a FORM_TYPE field, ignore the form but continue processing. (XEP-0115 5.4)
+                    continue;
+                }
+                sb.append(sanitize(data_form.form_type))
+                        .append("<");
+
+                data_form.fields.sort(compare_data_fields);
+                foreach (DataForms.DataForm.Field field in data_form.fields) {
+                    sb.append(sanitize(field.var))
+                        .append("<");
+                    Gee.List<string> values = field.get_values();
+                    values.sort();
+                    foreach (string value in values) {
+                        sb.append(sanitize(value ?? ""))
+                            .append("<");
+                    }
+                }
+            }
+
+            Checksum c = new Checksum(ChecksumType.SHA1);
+            c.update(sb.str.data, -1);
+            size_t size = 20;
+            uint8[] buf = new uint8[size];
+            c.get_digest(buf, ref size);
+
+            return Base64.encode(buf);
+        }
+
+        /*
+         * If the four characters '&', 'l', 't', ';' appear consecutively in any of the factors of the verification
+         * string S [...] then that string of characters MUST be treated as literally '&lt;' and MUST NOT be converted to
+         * the character '<', because completing such a conversion would open the protocol to trivial attacks. (XEP-0115 5.1)
+         */
+        private static string sanitize(string s) {
+            return s.replace("<", "&lt;");
+        }
+
+        private static int compare_identities(ServiceDiscovery.Identity a, ServiceDiscovery.Identity b) {
+            int category_comp = a.category.collate(b.category);
+            if (category_comp != 0) return category_comp;
+            int type_comp = a.type_.collate(b.type_);
+            if (type_comp != 0) return type_comp;
+            // TODO lang
+            return 0;
+        }
+
+        private static int compare_data_forms(DataForms.DataForm a, DataForms.DataForm b) {
+            if (a.form_type != null && b.form_type != null) {
+                return a.form_type.collate(b.form_type);
+            }
+            return 0;
+        }
+
+        private static int compare_data_fields(DataForms.DataForm.Field a, DataForms.DataForm.Field b) {
+            if (a.var != null && b.var != null) {
+                return a.var.collate(b.var);
+            }
+            return 0;
+        }
+    }
+
+    public interface Storage : Object {
+        public abstract void store_identities(string entity, Gee.Set<ServiceDiscovery.Identity> identities);
+        public abstract void store_features(string entity, Gee.List<string> capabilities);
+        public abstract ServiceDiscovery.Identity? get_identities(string entity);
+        public abstract Gee.List<string> get_features(string entity);
+    }
+}