prosody
fbb3a4ff9cf1
core/stanza_router.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

core/stanza_router.lua @ 145:fbb3a4ff9cf1 s2s

dialback keys now verified
author Matthew Wild <mwild1@gmail.com>
date Fri, 24 Oct 2008 03:06:55 +0100
parent 144:ed78c1a0401e
child 146:3826ca244eb6
comparison
equal deleted inserted replaced
144:ed78c1a0401e 145:fbb3a4ff9cf1
9 9
10 local st = require "util.stanza"; 10 local st = require "util.stanza";
11 local send = require "core.sessionmanager".send_to_session; 11 local send = require "core.sessionmanager".send_to_session;
12 local send_s2s = require "core.s2smanager".send_to_host; 12 local send_s2s = require "core.s2smanager".send_to_host;
13 local user_exists = require "core.usermanager".user_exists; 13 local user_exists = require "core.usermanager".user_exists;
14
15 local s2s_verify_dialback = require "core.s2smanager".verify_dialback;
16 local format = string.format;
17 local tostring = tostring;
14 18
15 local jid_split = require "util.jid".split; 19 local jid_split = require "util.jid".split;
16 local print = print; 20 local print = print;
17 21
18 function core_process_stanza(origin, stanza) 22 function core_process_stanza(origin, stanza)
31 and stanza.tags[1].attr.xmlns == "urn:ietf:params:xml:ns:xmpp-bind") then 35 and stanza.tags[1].attr.xmlns == "urn:ietf:params:xml:ns:xmpp-bind") then
32 error("Client MUST bind resource after auth"); 36 error("Client MUST bind resource after auth");
33 end 37 end
34 38
35 local to = stanza.attr.to; 39 local to = stanza.attr.to;
36 stanza.attr.from = origin.full_jid; -- quick fix to prevent impersonation (FIXME this would be incorrect when the origin is not c2s)
37 -- TODO also, stazas should be returned to their original state before the function ends 40 -- TODO also, stazas should be returned to their original state before the function ends
41 if origin.type == "c2s" then
42 stanza.attr.from = origin.full_jid; -- quick fix to prevent impersonation (FIXME this would be incorrect when the origin is not c2s)
43 end
38 44
39 -- TODO presence subscriptions
40 if not to then 45 if not to then
41 core_handle_stanza(origin, stanza); 46 core_handle_stanza(origin, stanza);
42 elseif hosts[to] and hosts[to].type == "local" then 47 elseif hosts[to] and hosts[to].type == "local" then
43 core_handle_stanza(origin, stanza); 48 core_handle_stanza(origin, stanza);
44 elseif stanza.name == "iq" and not select(3, jid_split(to)) then 49 elseif stanza.name == "iq" and not select(3, jid_split(to)) then
88 end 93 end
89 else 94 else
90 log("debug", "Routing stanza to local"); 95 log("debug", "Routing stanza to local");
91 handle_stanza(session, stanza); 96 handle_stanza(session, stanza);
92 end 97 end
98 elseif origin.type == "s2sin_unauthed" then
99 if stanza.name == "verify" and stanza.attr.xmlns == "jabber:server:dialback" then
100 log("debug", "verifying dialback key...");
101 local attr = stanza.attr;
102 print(tostring(attr.to), tostring(attr.from))
103 print(tostring(origin.to_host), tostring(origin.from_host))
104 -- FIXME: Grr, ejabberd breaks this one too?? it is black and white in XEP-220 example 34
105 --if attr.from ~= origin.to_host then error("invalid-from"); end
106 local type = "invalid";
107 if s2s_verify_dialback(attr.id, attr.from, attr.to, stanza[1]) then
108 type = "valid"
109 end
110 origin.send(format("<db:verify from='%s' to='%s' id='%s' type='%s'>%s</db:verify>", attr.to, attr.from, attr.id, type, stanza[1]));
111 end
112 else
113 log("warn", "Unhandled origin: %s", origin.type);
93 end 114 end
94 end 115 end
95 116
96 -- TODO: Does this function belong here? 117 -- TODO: Does this function belong here?
97 function is_authorized_to_see_presence(origin, username, host) 118 function is_authorized_to_see_presence(origin, username, host)