aboutsummaryrefslogtreecommitdiffstats
path: root/core
diff options
context:
space:
mode:
authorMatthew Wild <mwild1@gmail.com>2008-10-24 03:06:55 +0100
committerMatthew Wild <mwild1@gmail.com>2008-10-24 03:06:55 +0100
commiteb8e9997e03f6b0c399af0a6f88ee85684c74d06 (patch)
tree10e5a34e49bfea82d6b36b751d47d5185505c75e /core
parent162e3fb849f47089ad6114041374d66d48638db3 (diff)
downloadprosody-eb8e9997e03f6b0c399af0a6f88ee85684c74d06.tar.gz
prosody-eb8e9997e03f6b0c399af0a6f88ee85684c74d06.zip
dialback keys now verified
Diffstat (limited to 'core')
-rw-r--r--core/sessionmanager.lua2
-rw-r--r--core/stanza_router.lua25
-rw-r--r--core/xmlhandlers.lua19
3 files changed, 37 insertions, 9 deletions
diff --git a/core/sessionmanager.lua b/core/sessionmanager.lua
index d140ebe0..682f12df 100644
--- a/core/sessionmanager.lua
+++ b/core/sessionmanager.lua
@@ -11,7 +11,7 @@ local sessions = sessions;
local modulemanager = require "core.modulemanager";
local log = require "util.logger".init("sessionmanager");
local error = error;
-local uuid_generate = require "util.uuid".uuid_generate;
+local uuid_generate = require "util.uuid".generate;
local rm_load_roster = require "core.rostermanager".load_roster;
local newproxy = newproxy;
diff --git a/core/stanza_router.lua b/core/stanza_router.lua
index f18e706d..fd62a18e 100644
--- a/core/stanza_router.lua
+++ b/core/stanza_router.lua
@@ -12,6 +12,10 @@ local send = require "core.sessionmanager".send_to_session;
local send_s2s = require "core.s2smanager".send_to_host;
local user_exists = require "core.usermanager".user_exists;
+local s2s_verify_dialback = require "core.s2smanager".verify_dialback;
+local format = string.format;
+local tostring = tostring;
+
local jid_split = require "util.jid".split;
local print = print;
@@ -33,10 +37,11 @@ function core_process_stanza(origin, stanza)
end
local to = stanza.attr.to;
- stanza.attr.from = origin.full_jid; -- quick fix to prevent impersonation (FIXME this would be incorrect when the origin is not c2s)
-- TODO also, stazas should be returned to their original state before the function ends
+ if origin.type == "c2s" then
+ stanza.attr.from = origin.full_jid; -- quick fix to prevent impersonation (FIXME this would be incorrect when the origin is not c2s)
+ end
- -- TODO presence subscriptions
if not to then
core_handle_stanza(origin, stanza);
elseif hosts[to] and hosts[to].type == "local" then
@@ -90,6 +95,22 @@ function core_handle_stanza(origin, stanza)
log("debug", "Routing stanza to local");
handle_stanza(session, stanza);
end
+ elseif origin.type == "s2sin_unauthed" then
+ if stanza.name == "verify" and stanza.attr.xmlns == "jabber:server:dialback" then
+ log("debug", "verifying dialback key...");
+ local attr = stanza.attr;
+ print(tostring(attr.to), tostring(attr.from))
+ print(tostring(origin.to_host), tostring(origin.from_host))
+ -- FIXME: Grr, ejabberd breaks this one too?? it is black and white in XEP-220 example 34
+ --if attr.from ~= origin.to_host then error("invalid-from"); end
+ local type = "invalid";
+ if s2s_verify_dialback(attr.id, attr.from, attr.to, stanza[1]) then
+ type = "valid"
+ end
+ origin.send(format("<db:verify from='%s' to='%s' id='%s' type='%s'>%s</db:verify>", attr.to, attr.from, attr.id, type, stanza[1]));
+ end
+ else
+ log("warn", "Unhandled origin: %s", origin.type);
end
end
diff --git a/core/xmlhandlers.lua b/core/xmlhandlers.lua
index b1af299f..4187819c 100644
--- a/core/xmlhandlers.lua
+++ b/core/xmlhandlers.lua
@@ -11,6 +11,8 @@ local t_concat = table.concat;
local t_concatall = function (t, sep) local tt = {}; for _, s in ipairs(t) do t_insert(tt, tostring(s)); end return t_concat(tt, sep); end
local sm_destroy_session = import("core.sessionmanager", "destroy_session");
+local default_log = require "util.logger".init("xmlhandlers");
+
local error = error;
module "xmlhandlers"
@@ -21,7 +23,7 @@ function init_xmlhandlers(session, streamopened)
local curr_tag;
local chardata = {};
local xml_handlers = {};
- local log = session.log;
+ local log = session.log or default_log;
local print = function (...) log("info", "xmlhandlers", t_concatall({...}, "\t")); end
local send = session.send;
@@ -33,8 +35,11 @@ function init_xmlhandlers(session, streamopened)
stanza:text(t_concat(chardata));
chardata = {};
end
- curr_ns,name = name:match("^(.+):(%w+)$");
- if not stanza then
+ log("debug", "Start element: %s", tostring(name));
+ curr_ns,name = name:match("^(.+):([%w%-]+)$");
+ attr.xmlns = curr_ns;
+
+ if not stanza then --if we are not currently inside a stanza
if session.notopen then
if name == "stream" then
streamopened(session, attr);
@@ -45,10 +50,10 @@ function init_xmlhandlers(session, streamopened)
if curr_ns == "jabber:client" and name ~= "iq" and name ~= "presence" and name ~= "message" then
error("Client sent invalid top-level stanza");
end
- attr.xmlns = curr_ns;
+
stanza = st.stanza(name, attr); --{ to = attr.to, type = attr.type, id = attr.id, xmlns = curr_ns });
curr_tag = stanza;
- else
+ else -- we are inside a stanza, so add a tag
attr.xmlns = curr_ns;
stanza:tag(name, attr);
end
@@ -59,12 +64,14 @@ function init_xmlhandlers(session, streamopened)
end
end
function xml_handlers:EndElement(name)
- curr_ns,name = name:match("^(.+):(%w+)$");
+ curr_ns,name = name:match("^(.+):([%w%-]+)$");
if (not stanza) or #stanza.last_add < 0 or (#stanza.last_add > 0 and name ~= stanza.last_add[#stanza.last_add].name) then
if name == "stream" then
log("debug", "Stream closed");
sm_destroy_session(session);
return;
+ elseif name == "error" then
+ error("Stream error: "..tostring(name)..": "..tostring(stanza));
else
error("XML parse error in client stream");
end