Changeset

3316:6122a6270773

xmppcomponent_listener: Don't validate to/from on non-stanzas, fixes component auth.
author Waqas Hussain <waqas20@gmail.com>
date Sat, 03 Jul 2010 18:11:28 +0500
parents 3315:f4d2de6ac22e
children 3318:8d09b21aeaa9
files net/xmppcomponent_listener.lua
diffstat 1 files changed, 20 insertions(+), 18 deletions(-) [+]
line wrap: on
line diff
--- a/net/xmppcomponent_listener.lua	Sat Jul 03 03:23:25 2010 +0100
+++ b/net/xmppcomponent_listener.lua	Sat Jul 03 18:11:28 2010 +0500
@@ -99,26 +99,28 @@
 	if not stanza.attr.xmlns and stanza.name == "handshake" then
 		stanza.attr.xmlns = xmlns_component;
 	end
-	local from = stanza.attr.from;
-	if from then
-		if session.component_validate_from then
-			local _, domain = jid_split(stanza.attr.from);
-			if domain ~= session.host then
-				-- Return error
-				session:close{
-					condition = "invalid-from";
-					text = "Component tried to send from address <"..tostring(from)
-					       .."> which is not in domain <"..tostring(session.host)..">";
-				};
-				return;
+	if not stanza.attr.xmlns or stanza.attr.xmlns == "jabber:client" then
+		local from = stanza.attr.from;
+		if from then
+			if session.component_validate_from then
+				local _, domain = jid_split(stanza.attr.from);
+				if domain ~= session.host then
+					-- Return error
+					session:close{
+						condition = "invalid-from";
+						text = "Component tried to send from address <"..tostring(from)
+							   .."> which is not in domain <"..tostring(session.host)..">";
+					};
+					return;
+				end
 			end
-		end
-	else
+		else
 			stanza.attr.from = session.host;
-	end
-	if not stanza.attr.to then
-		session.send(st.error_reply(stanza, "modify", "bad-request", "Components MUST specify a 'to' address on stanzas"));
-		return;
+		end
+		if not stanza.attr.to then
+			session.send(st.error_reply(stanza, "modify", "bad-request", "Components MUST specify a 'to' address on stanzas"));
+			return;
+		end
 	end
 	return core_process_stanza(session, stanza);
 end