From a32c7bac03021a35b28097a557bd0f6e56519846 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Richard=20K=C3=B6rber?= <github@shredzone.org>
Date: Wed, 1 Nov 2017 17:42:09 +0100
Subject: [PATCH] Do not accept contacts with multiple email addresses

---
 .../org/shredzone/acme4j/AccountBuilder.java  | 11 ++++++++
 .../shredzone/acme4j/AccountBuilderTest.java  | 28 +++++++++++++++++++
 2 files changed, 39 insertions(+)

diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/AccountBuilder.java b/acme4j-client/src/main/java/org/shredzone/acme4j/AccountBuilder.java
index c1370901..29a87306 100644
--- a/acme4j-client/src/main/java/org/shredzone/acme4j/AccountBuilder.java
+++ b/acme4j-client/src/main/java/org/shredzone/acme4j/AccountBuilder.java
@@ -23,6 +23,7 @@ import java.security.PublicKey;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
+import java.util.regex.Pattern;
 
 import javax.crypto.SecretKey;
 
@@ -44,6 +45,8 @@ import org.slf4j.LoggerFactory;
 public class AccountBuilder {
     private static final Logger LOG = LoggerFactory.getLogger(AccountBuilder.class);
 
+    private static final Pattern MAIL_PATTERN = Pattern.compile("\\?|@.*,");
+
     private List<URI> contacts = new ArrayList<>();
     private Boolean termsOfServiceAgreed;
     private Boolean onlyExisting;
@@ -58,6 +61,14 @@ public class AccountBuilder {
      * @return itself
      */
     public AccountBuilder addContact(URI contact) {
+        if ("mailto".equalsIgnoreCase(contact.getScheme())) {
+            String address = contact.toString().substring(7);
+            if (MAIL_PATTERN.matcher(address).find()) {
+                throw new IllegalArgumentException(
+                        "multiple recipients or hfields are not allowed: " + contact);
+            }
+        }
+
         contacts.add(contact);
         return this;
     }
diff --git a/acme4j-client/src/test/java/org/shredzone/acme4j/AccountBuilderTest.java b/acme4j-client/src/test/java/org/shredzone/acme4j/AccountBuilderTest.java
index 3bfb9614..d14a9d44 100644
--- a/acme4j-client/src/test/java/org/shredzone/acme4j/AccountBuilderTest.java
+++ b/acme4j-client/src/test/java/org/shredzone/acme4j/AccountBuilderTest.java
@@ -240,4 +240,32 @@ public class AccountBuilderTest {
         provider.close();
     }
 
+    @Test
+    public void testEmailAddresses() {
+        AccountBuilder builder = new AccountBuilder();
+
+        builder.addContact("mailto:foo@example.com");
+
+        try {
+            builder.addContact("mailto:foo@example.com,bar@example.com");
+            fail("multiple recipients are accepted");
+        } catch (IllegalArgumentException ex) {
+            // expected
+        }
+
+        try {
+            builder.addContact("mailto:foo@example.com?to=bar@example.com");
+            fail("hfields are accepted");
+        } catch (IllegalArgumentException ex) {
+            // expected
+        }
+
+        try {
+            builder.addContact("mailto:?to=foo@example.com");
+            fail("hfields are accepted");
+        } catch (IllegalArgumentException ex) {
+            // expected
+        }
+    }
+
 }