prosody
8974a9b7363f
core/stanza_router.lua
Software / code / prosody
Comparison
core/stanza_router.lua @ 4863:8974a9b7363f
stanza_router: Remove FIXME comment and close stream with not-authorized for s2s stanzas from unauthed domains
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sat, 12 May 2012 00:33:04 +0100 |
| parent | 4862:d1cfdb137b03 |
| child | 4864:b98154bbe0e0 |
comparison
equal
deleted
inserted
replaced
| 4862:d1cfdb137b03 | 4863:8974a9b7363f |
|---|---|
| 107 if (origin.type == "s2sin" or origin.type == "c2s" or origin.type == "component") and xmlns == nil then | 107 if (origin.type == "s2sin" or origin.type == "c2s" or origin.type == "component") and xmlns == nil then |
| 108 if origin.type == "s2sin" and not origin.dummy then | 108 if origin.type == "s2sin" and not origin.dummy then |
| 109 local host_status = origin.hosts[from_host]; | 109 local host_status = origin.hosts[from_host]; |
| 110 if not host_status or not host_status.authed then -- remote server trying to impersonate some other server? | 110 if not host_status or not host_status.authed then -- remote server trying to impersonate some other server? |
| 111 log("warn", "Received a stanza claiming to be from %s, over a stream authed for %s!", from_host, origin.from_host); | 111 log("warn", "Received a stanza claiming to be from %s, over a stream authed for %s!", from_host, origin.from_host); |
| 112 return; -- FIXME what should we do here? does this work with subdomains? | 112 origin:close("not-authorized"); |
| 113 return; | |
| 113 elseif not hosts[to_host] then | 114 elseif not hosts[to_host] then |
| 114 log("warn", "Remote server %s sent us a stanza for %s, closing stream", origin.from_host, to_host); | 115 log("warn", "Remote server %s sent us a stanza for %s, closing stream", origin.from_host, to_host); |
| 115 origin:close("host-unknown"); | 116 origin:close("host-unknown"); |
| 116 return; | 117 return; |
| 117 end | 118 end |
