prosody
29c6d2681bad
plugins/mod_c2s.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

plugins/mod_c2s.lua @ 8844:29c6d2681bad 0.9.14

mod_c2s: Do not allow the stream 'to' to change across stream restarts (fixes #1147)
author Kim Alvefur <zash@zash.se>
date Fri, 25 May 2018 21:09:34 +0200
parent 8232:176b7f4e4ac9
child 8846:7ec098b68042
comparison
equal deleted inserted replaced
8587:986c3e22ec32 8844:29c6d2681bad
38 local stream_xmlns_attr = {xmlns='urn:ietf:params:xml:ns:xmpp-streams'}; 38 local stream_xmlns_attr = {xmlns='urn:ietf:params:xml:ns:xmpp-streams'};
39 local default_stream_attr = { ["xmlns:stream"] = "http://etherx.jabber.org/streams", xmlns = stream_callbacks.default_ns, version = "1.0", id = "" }; 39 local default_stream_attr = { ["xmlns:stream"] = "http://etherx.jabber.org/streams", xmlns = stream_callbacks.default_ns, version = "1.0", id = "" };
40 40
41 function stream_callbacks.streamopened(session, attr) 41 function stream_callbacks.streamopened(session, attr)
42 local send = session.send; 42 local send = session.send;
43 session.host = nameprep(attr.to); 43 local host = nameprep(attr.to);
44 if not session.host then 44 if not host then
45 session:close{ condition = "improper-addressing", 45 session:close{ condition = "improper-addressing",
46 text = "A valid 'to' attribute is required on stream headers" }; 46 text = "A valid 'to' attribute is required on stream headers" };
47 return;
48 end
49 if not session.host then
50 session.host = host;
51 elseif session.host ~= host then
52 session:close{ condition = "not-authorized",
53 text = "The 'to' attribute must remain the same across stream restarts" };
47 return; 54 return;
48 end 55 end
49 session.version = tonumber(attr.version) or 0; 56 session.version = tonumber(attr.version) or 0;
50 session.streamid = uuid_generate(); 57 session.streamid = uuid_generate();
51 (session.log or session)("debug", "Client sent opening <stream:stream> to %s", session.host); 58 (session.log or session)("debug", "Client sent opening <stream:stream> to %s", session.host);