Software /
code /
prosody
File
spec/scansion/muc_whois_anyone_member.scs @ 11749:83d6d6a70edf
net.http: fail open if surrounding code does not configure TLS
Previously, if surrounding code was not configuring the TLS context
used default in net.http, it would not validate certificates at all.
This is not a security issue with prosody, because prosody updates the
context with `verify = "peer"` as well as paths to CA certificates in
util.startup.init_http_client.
Nevertheless... Let's not leave this pitfall out there in the open.
author | Jonas Schäfer <jonas@wielicki.name> |
---|---|
date | Sun, 29 Aug 2021 15:04:47 +0200 |
parent | 11712:d117b92fd8e4 |
line wrap: on
line source
# MUC: Allow members to fetch the affiliation lists in open non-anonymous rooms [Client] Romeo jid: 4e2pm7er@localhost password: password [Client] Juliet jid: qnjm5253@localhost password: password [Client] Random jid: iqizbcus@localhost password: password ----- Romeo connects Juliet connects Random connects # Romeo joins and creates the MUC Romeo sends: <presence to="mcgczevx@conference.localhost/Romeo"> <x xmlns="http://jabber.org/protocol/muc"/> </presence> Romeo receives: <presence from="mcgczevx@conference.localhost/Romeo"> <x xmlns="http://jabber.org/protocol/muc#user" scansion:strict="false"> <item affiliation="owner" jid="${Romeo's full JID}" role="moderator"/> <status code="110"/> <status code="201"/> </x> </presence> Romeo receives: <message from="mcgczevx@conference.localhost" type="groupchat"> <subject/> </message> # and configures it for private chat Romeo sends: <iq type="set" id="17fb8e7e-c75e-447c-b86f-3f1df8f507c4" to="mcgczevx@conference.localhost"> <query xmlns="http://jabber.org/protocol/muc#owner"> <x type="submit" xmlns="jabber:x:data"> <field var="FORM_TYPE"> <value>http://jabber.org/protocol/muc#roomconfig</value> </field> <field var="muc#roomconfig_membersonly"> <value>1</value> </field> <field var="muc#roomconfig_whois"> <value>anyone</value> </field> </x> </query> </iq> Romeo receives: <iq from="mcgczevx@conference.localhost" id="17fb8e7e-c75e-447c-b86f-3f1df8f507c4" type="result"/> Romeo receives: <message from="mcgczevx@conference.localhost" type="groupchat"> <x xmlns="http://jabber.org/protocol/muc#user" scansion:strict="false"> <status code="104"/> <status code="172"/> </x> </message> # Juliet is made a member Romeo sends: <iq type="set" id="32d81574-e1dc-4221-b36d-4c44debb7c19" to="mcgczevx@conference.localhost"> <query xmlns="http://jabber.org/protocol/muc#admin"> <item affiliation="member" jid="${Juliet's JID}"/> </query> </iq> # Juliet can read affiliations Juliet sends: <iq type="get" id="32d81574-e1dc-4221-b36d-4c44debb7c19" to="mcgczevx@conference.localhost"> <query xmlns="http://jabber.org/protocol/muc#admin"> <item affiliation="owner"/> </query> </iq> Juliet receives: <iq from="mcgczevx@conference.localhost" id="32d81574-e1dc-4221-b36d-4c44debb7c19" type="result"> <query xmlns="http://jabber.org/protocol/muc#admin"> <item affiliation="owner" jid="${Romeo's JID}"/> </query> </iq> Juliet sends: <iq type="get" id="05e3fe30-976f-4919-8221-ca1ac333eb9b" to="mcgczevx@conference.localhost"> <query xmlns="http://jabber.org/protocol/muc#admin"> <item affiliation="member"/> </query> </iq> Juliet receives: <iq from="mcgczevx@conference.localhost" id="05e3fe30-976f-4919-8221-ca1ac333eb9b" type="result"> <query xmlns="http://jabber.org/protocol/muc#admin"> <item affiliation="member" jid="${Juliet's JID}"/> </query> </iq> # Others can't read affiliations Random sends: <iq type="get" id="df1195e1-7ec8-4102-8561-3e3a1d942adf" to="mcgczevx@conference.localhost"> <query xmlns="http://jabber.org/protocol/muc#admin"> <item affiliation="owner"/> </query> </iq> Random receives: <iq from="mcgczevx@conference.localhost" id="df1195e1-7ec8-4102-8561-3e3a1d942adf" type="error"/> Juliet disconnects Romeo disconnects Random disconnects # recording ended on 2021-07-23T12:09:48Z