Mercurial > lxmppd-hg-xmllex / changeset
changeset
xmppcomponent_listener: Don't validate to/from on non-stanzas, fixes component auth.
Sat, 03 Jul 2010 18:11:28 +0500
- author
- Waqas Hussain <waqas20@gmail.com>
- date
- Sat, 03 Jul 2010 18:11:28 +0500
- changeset 3316
- 6122a6270773
- parent 3315
- f4d2de6ac22e
- child 3318
- 8d09b21aeaa9
xmppcomponent_listener: Don't validate to/from on non-stanzas, fixes component auth.
| net/xmppcomponent_listener.lua | file | annotate | diff | comparison | revisions |
--- a/net/xmppcomponent_listener.lua Sat Jul 03 03:23:25 2010 +0100 +++ b/net/xmppcomponent_listener.lua Sat Jul 03 18:11:28 2010 +0500 @@ -99,26 +99,28 @@ if not stanza.attr.xmlns and stanza.name == "handshake" then stanza.attr.xmlns = xmlns_component; end - local from = stanza.attr.from; - if from then - if session.component_validate_from then - local _, domain = jid_split(stanza.attr.from); - if domain ~= session.host then - -- Return error - session:close{ - condition = "invalid-from"; - text = "Component tried to send from address <"..tostring(from) - .."> which is not in domain <"..tostring(session.host)..">"; - }; - return; + if not stanza.attr.xmlns or stanza.attr.xmlns == "jabber:client" then + local from = stanza.attr.from; + if from then + if session.component_validate_from then + local _, domain = jid_split(stanza.attr.from); + if domain ~= session.host then + -- Return error + session:close{ + condition = "invalid-from"; + text = "Component tried to send from address <"..tostring(from) + .."> which is not in domain <"..tostring(session.host)..">"; + }; + return; + end end - end - else + else stanza.attr.from = session.host; - end - if not stanza.attr.to then - session.send(st.error_reply(stanza, "modify", "bad-request", "Components MUST specify a 'to' address on stanzas")); - return; + end + if not stanza.attr.to then + session.send(st.error_reply(stanza, "modify", "bad-request", "Components MUST specify a 'to' address on stanzas")); + return; + end end return core_process_stanza(session, stanza); end
