IRC/libcommuni backend: newline/multi line broken

[Niluge-KiWi]

Setup

• docker image from today
• XMPP frontend
• IRC backend

Scenario

xmpp client sends a message in a room with multiple lines:

A
B

Expected result

Since IRC (version < 3) forbids CR and LF (newlines), I expect the message to either be rejected (not sure if it's possible...) or better: converted into multiple IRC messages: one per line.

Actual result

First line is correctly sent, but the second line is interpreted as a command by the IRC server, and rejects it as unknown.

Analysis

Spectrum frontend logs

INFO  Component.RAW: RAW DATA IN <message from='xx' to='xx' xml:lang='en' type='groupchat' id='xx'><body>A
B</body><origin-id xmlns='urn:xmpp:sid:0' id='xx'/></message>

spectrum backend logs

INFO  IRCNetworkPlugin: xx: Session name: xx, message to xx
INFO  IRCConnection: xx: Error message received: :xx 421 xx B :Unknown command

network trace between spectrum backend and IRC server

PRIVMSG #xx :A
B

(technically it's just a LF (0x0A) between A and B, instead of a full CRLF, but the server (ZNC) seems to tolerate that and interpret it as CRLF anyway, and the issue is the same: we could probably construct an xmpp message with CRLF).

Expected network trace

PRIVMSG #xx :A
PRIVMSG #xx :B

In fact it could even be used to inject any IRC command, maybe creating security issues?

How to fix it?

I followed the code and found that the message is directly passed to libcommuni:

spectrum2/backends/libcommuni/ircnetworkplugin.cpp

Line 211 in 4bb61b9

m_sessions[session]->sendCommand(IrcCommand::createMessage(FROM_UTF8(target), FROM_UTF8(message)));

Maybe the message could be split there? Or should it be libcommuni to handle that? I could not find any issue or documentation here or there about newline/multi lines...

I'm willing to create a PR to fix this issue in spectrum2 if a maintainer confirms the strategy for the fix.

[vitalyster]

I have take a bit more look on it and see issue is different, yes, we need to make two commands from one message

[Niluge-KiWi]

OK, I'll work soon on a spectrum2 PR to split messages into multiple commands !

[vitalyster]

By the way, how it works with libpurple-irc plugin?

[Niluge-KiWi]

I was not aware spectrum2 supported libpurple irc as backend, this is not documented: https://spectrum.im/documentation/backends/libpurple.html

They seem to split the outgoing message on each \n: https://bitbucket.org/pidgin/main/annotate/0b7a0190d83db173f80755c2d6267b0811cc07eb/libpurple/protocols/irc/cmds.c?at=default&fileviewer=file-view-default#cmds.c-437:462

As a side note, which was going to be my next issue and PR, they also handle max size for irc messages by also splitting the message into multiple PRIVMSG commands.

[vitalyster]

supporting all the networks supported by libpurple.

I'm thinking it is documented :D

[Niluge-KiWi]

I'm thinking it is documented :D

Indeed, I did not see that... The big table of protocols made me think it was the whole list, without IRC...

Anyway, here is a PR: #306 !