# HG changeset patch
# User Waqas Hussain <waqas20@gmail.com>
# Date 1243850982 -18000
# Node ID b06d6674477b54982d1e65fbf214753858294719
# Parent  dc1f95b3702425f959d76dfdccda0723beb001ac
stanza_router: Proper error for clients sending stanzas after auth but before resource binding

diff -r dc1f95b37024 -r b06d6674477b core/stanza_router.lua
--- a/core/stanza_router.lua	Mon Jun 01 11:16:48 2009 +0500
+++ b/core/stanza_router.lua	Mon Jun 01 15:09:42 2009 +0500
@@ -62,9 +62,10 @@
 	end
 
 	if origin.type == "c2s" and not origin.full_jid
-		and not(stanza.name == "iq" and stanza.tags[1].name == "bind"
+		and not(stanza.name == "iq" and stanza.attr.type == "set" and stanza.tags[1] and stanza.tags[1].name == "bind"
 				and stanza.tags[1].attr.xmlns == "urn:ietf:params:xml:ns:xmpp-bind") then
-		error("Client MUST bind resource after auth");
+		-- authenticated client isn't bound and current stanza is not a bind request
+		origin.send(st.error_reply(stanza, "auth", "not-authorized")); -- FIXME maybe allow stanzas to account or server
 	end
 
 	-- TODO also, stanzas should be returned to their original state before the function ends