diff options
author | Matthew Wild <mwild1@gmail.com> | 2010-07-03 03:23:25 +0100 |
---|---|---|
committer | Matthew Wild <mwild1@gmail.com> | 2010-07-03 03:23:25 +0100 |
commit | afd2f3da8a34282e02e744cd1b13c62e66d613ae (patch) | |
tree | 3d4141d496c5e1212b96442169f47b31ae5106ab | |
parent | 423ad6b5d1e075b11b8cb7d10703a2ba07ef306b (diff) | |
download | prosody-afd2f3da8a34282e02e744cd1b13c62e66d613ae.tar.gz prosody-afd2f3da8a34282e02e744cd1b13c62e66d613ae.zip |
xmppcomponent_listener: Validate to/from on components, fixes #104 and #162
-rw-r--r-- | net/xmppcomponent_listener.lua | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/net/xmppcomponent_listener.lua b/net/xmppcomponent_listener.lua index b87f7c96..2d6d7de8 100644 --- a/net/xmppcomponent_listener.lua +++ b/net/xmppcomponent_listener.lua @@ -99,6 +99,27 @@ function stream_callbacks.handlestanza(session, stanza) if not stanza.attr.xmlns and stanza.name == "handshake" then stanza.attr.xmlns = xmlns_component; end + local from = stanza.attr.from; + if from then + if session.component_validate_from then + local _, domain = jid_split(stanza.attr.from); + if domain ~= session.host then + -- Return error + session:close{ + condition = "invalid-from"; + text = "Component tried to send from address <"..tostring(from) + .."> which is not in domain <"..tostring(session.host)..">"; + }; + return; + end + end + else + stanza.attr.from = session.host; + end + if not stanza.attr.to then + session.send(st.error_reply(stanza, "modify", "bad-request", "Components MUST specify a 'to' address on stanzas")); + return; + end return core_process_stanza(session, stanza); end |