Mercurial > lxmppd-hg-xmllex / changeset

changeset

stanza_router: Proper error for clients sending stanzas after auth but before resource binding

Mon, 01 Jun 2009 15:09:42 +0500

author
Waqas Hussain <waqas20@gmail.com>
date
Mon, 01 Jun 2009 15:09:42 +0500
changeset 1269
b06d6674477b
parent 1268
dc1f95b37024
child 1270
0e700e2041ef

stanza_router: Proper error for clients sending stanzas after auth but before resource binding

core/stanza_router.lua file | annotate | diff | comparison | revisions 
--- a/core/stanza_router.lua	Mon Jun 01 11:16:48 2009 +0500
+++ b/core/stanza_router.lua	Mon Jun 01 15:09:42 2009 +0500
@@ -62,9 +62,10 @@
 	end
 
 	if origin.type == "c2s" and not origin.full_jid
-		and not(stanza.name == "iq" and stanza.tags[1].name == "bind"
+		and not(stanza.name == "iq" and stanza.attr.type == "set" and stanza.tags[1] and stanza.tags[1].name == "bind"
 				and stanza.tags[1].attr.xmlns == "urn:ietf:params:xml:ns:xmpp-bind") then
-		error("Client MUST bind resource after auth");
+		-- authenticated client isn't bound and current stanza is not a bind request
+		origin.send(st.error_reply(stanza, "auth", "not-authorized")); -- FIXME maybe allow stanzas to account or server
 	end
 
 	-- TODO also, stanzas should be returned to their original state before the function ends

Mercurial Repository: lxmppd-hg-xmllex

mercurial