From 0dd8f41c1dd8d2f11ab07761b0bc414e4603263d Mon Sep 17 00:00:00 2001 From: alexzorin Date: Thu, 12 Mar 2020 11:15:23 +1100 Subject: [PATCH] ra: forbid mailto contacts that contain hfields (#4694) https://tools.ietf.org/html/rfc8555#section-7.3 Clients MUST NOT provide a "mailto" URL in the "contact" field that contains "hfields" [RFC6068] or more than one "addr-spec" in the "to" component. If a server encounters a "mailto" contact URL that does not meet these criteria, then it SHOULD reject it as invalid. --- ra/ra.go | 4 ++++ ra/ra_test.go | 3 +++ 2 files changed, 7 insertions(+) diff --git a/ra/ra.go b/ra/ra.go index fbdf7a4b1..f3b66555c 100644 --- a/ra/ra.go +++ b/ra/ra.go @@ -358,6 +358,7 @@ func (ra *RegistrationAuthorityImpl) NewRegistration(ctx context.Context, init c // * A list containing an empty contact // * A list containing a contact that does not parse as a URL // * A list containing a contact that has a URL scheme other than mailto +// * A list containing a mailto contact that contains hfields // * A list containing a contact that has non-ascii characters // * A list containing a contact that doesn't pass `validateEmail` func (ra *RegistrationAuthorityImpl) validateContacts(ctx context.Context, contacts *[]string) error { @@ -383,6 +384,9 @@ func (ra *RegistrationAuthorityImpl) validateContacts(ctx context.Context, conta if parsed.Scheme != "mailto" { return berrors.InvalidEmailError("contact method %q is not supported", parsed.Scheme) } + if parsed.RawQuery != "" { + return berrors.InvalidEmailError("contact email [%q] contains hfields", contact) + } if !core.IsASCII(contact) { return berrors.InvalidEmailError( "contact email [%q] contains non-ASCII characters", diff --git a/ra/ra_test.go b/ra/ra_test.go index f02177090..d5d1f6385 100644 --- a/ra/ra_test.go +++ b/ra/ra_test.go @@ -419,6 +419,9 @@ func TestValidateContacts(t *testing.T) { err = ra.validateContacts(context.Background(), &[]string{"mailto:admin@[1.2.3.4]"}) test.AssertError(t, err, "Forbidden email") + err = ra.validateContacts(context.Background(), &[]string{"mailto:admin@a.com?no-reminder-emails"}) + test.AssertError(t, err, "No hfields in email") + // The registrations.contact field is VARCHAR(191). 175 'a' characters plus // the prefix "mailto:" and the suffix "@a.com" makes exactly 191 bytes of // encoded JSON. The correct size to hit our maximum DB field length.