Skip to content

Commit

Permalink
ResponderAuthBuilder: Disallow duplicate tasks
Browse files Browse the repository at this point in the history 
Fixes #10
  • Loading branch information
@threema-danilo
threema-danilo committed May 7, 2018
1 parent e571774 commit 23367a3
Show file tree
Hide file tree
Showing 2 changed files with 57 additions and 8 deletions.
31 changes: 23 additions & 8 deletions src/protocol/messages.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -426,14 +426,29 @@ impl ResponderAuthBuilder {
if self.auth.task.is_some() {
panic!("task may not be set");
}
// TODO (#10): Check for duplicate tasks!
match self.auth.tasks {
Some(ref tasks) if tasks.is_empty() => Err(SignalingError::InvalidMessage(
"An `Auth` message must contain at least one task".to_string()
)),
Some(_) => Ok(self.auth),
None => panic!("tasks list not initialized!"),
}

{ // Validate tasks
let tasks = self.auth.tasks.as_ref().expect("tasks list not initialized!");

// Ensure that tasks list is not empty
if tasks.is_empty() {
return Err(SignalingError::InvalidMessage(
"An `Auth` message must contain at least one task".to_string()
));
}

// Ensure that tasks list does not contain duplicates
let mut cloned = tasks.clone();
cloned.sort_unstable();
cloned.dedup();
if cloned.len() != tasks.len() {
return Err(SignalingError::InvalidMessage(
"An `Auth` message may not contain duplicate tasks".to_string()
));
}
} // Waiting for NLL

Ok(self.auth)
}

}
Expand Down
34 changes: 34 additions & 0 deletions src/protocol/tests/signaling_messages.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1042,6 +1042,40 @@ mod auth {
assert_eq!(ctx.signaling.common().signaling_state(), SignalingState::Task);
assert_eq!(ctx.signaling.initiator.handshake_state(), InitiatorHandshakeState::AuthReceived);
}

/// Ensure that duplicate names are not allowed when constructing a responder `Auth` message.
#[test]
fn responder_auth_tasks_no_duplicates_simple() {
let simple = ResponderAuthBuilder::new(Cookie::random())
.add_task("dummy1", None)
.add_task("dummy1", None)
.build();
assert_eq!(
simple,
Err(SignalingError::InvalidMessage("An `Auth` message may not contain duplicate tasks".into())),
);

let nonconsecutive = ResponderAuthBuilder::new(Cookie::random())
.add_task("dummy1", None)
.add_task("dummy2", None)
.add_task("dummy1", None)
.build();
assert_eq!(
nonconsecutive,
Err(SignalingError::InvalidMessage("An `Auth` message may not contain duplicate tasks".into())),
);

let different_data = ResponderAuthBuilder::new(Cookie::random())
.add_task("dummy1", None)
.add_task("dummy1", Some({
let mut data = HashMap::new(); data.insert("a".into(), 1.into()); data
}))
.build();
assert_eq!(
different_data,
Err(SignalingError::InvalidMessage("An `Auth` message may not contain duplicate tasks".into())),
);
}
}

mod new_initiator {
Expand Down

0 comments on commit 23367a3

Please sign in to comment.