diff options
| -rw-r--r-- | plugins/mod_proxy65.lua | 23 | ||||
| -rw-r--r-- | tests/test_util_jid.lua | 11 | ||||
| -rw-r--r-- | util/jid.lua | 13 |
3 files changed, 29 insertions, 18 deletions
diff --git a/plugins/mod_proxy65.lua b/plugins/mod_proxy65.lua index 190d30be..61359444 100644 --- a/plugins/mod_proxy65.lua +++ b/plugins/mod_proxy65.lua @@ -14,7 +14,7 @@ if module:get_host_type() ~= "component" then error("proxy65 should be loaded as a component, please see http://prosody.im/doc/components", 0); end -local jid_split, jid_join = require "util.jid".split, require "util.jid".join; +local jid_split, jid_join, jid_compare = require "util.jid".split, require "util.jid".join, require "util.jid".compare; local st = require "util.stanza"; local componentmanager = require "core.componentmanager"; local config_get = require "core.configmanager".get; @@ -151,24 +151,11 @@ local function get_stream_host(origin, stanza) local err_reply = replies_cache.stream_host_err; local sid = stanza.tags[1].attr.sid; local allow = false; - local jid_node, jid_host, jid_resource = jid_split(stanza.attr.from); - - if stanza.attr.from == nil then - jid_node = origin.username; - jid_host = origin.host; - jid_resource = origin.resource; - end + local jid = stanza.attr.from; if proxy_acl and #proxy_acl > 0 then - if host ~= nil then -- at least a domain is needed. - for _, acl in ipairs(proxy_acl) do - local acl_node, acl_host, acl_resource = jid_split(acl); - if ((acl_node ~= nil and acl_node == jid_node) or acl_node == nil) and - ((acl_host ~= nil and acl_host == jid_host) or acl_host == nil) and - ((acl_resource ~= nil and acl_resource == jid_resource) or acl_resource == nil) then - allow = true; - end - end + for _, acl in ipairs(proxy_acl) do + if jid_compare(jid, acl) then allow = true; end end else allow = true; @@ -181,7 +168,7 @@ local function get_stream_host(origin, stanza) replies_cache.stream_host = reply; end else - module:log("warn", "Denying use of proxy for %s", tostring(jid_join(jid_node, jid_host, jid_resource))); + module:log("warn", "Denying use of proxy for %s", tostring(jid)); if err_reply == nil then err_reply = st.iq({type="error", from=host}) :query("http://jabber.org/protocol/bytestreams") diff --git a/tests/test_util_jid.lua b/tests/test_util_jid.lua index 5cc1390b..e91585bd 100644 --- a/tests/test_util_jid.lua +++ b/tests/test_util_jid.lua @@ -54,3 +54,14 @@ function bare(bare) assert_equal(bare("user@host/"), nil, "invalid JID is nil"); end +function compare(compare) + assert_equal(compare("host", "host"), true, "host should match"); + assert_equal(compare("host", "other-host"), false, "host should not match"); + assert_equal(compare("other-user@host/resource", "host"), true, "host should match"); + assert_equal(compare("other-user@host", "user@host"), false, "user should not match"); + assert_equal(compare("user@host", "host"), true, "host should match"); + assert_equal(compare("user@host/resource", "host"), true, "host should match"); + assert_equal(compare("user@host/resource", "user@host"), true, "user and host should match"); + assert_equal(compare("user@other-host", "host"), false, "host should not match"); + assert_equal(compare("user@other-host", "user@host"), false, "host should not match"); +end diff --git a/util/jid.lua b/util/jid.lua index ba9730fa..9128ce4e 100644 --- a/util/jid.lua +++ b/util/jid.lua @@ -78,4 +78,17 @@ function join(node, host, resource) return nil; -- Invalid JID end +function compare(jid, acl) + -- compare jid to single acl rule + -- TODO compare to table of rules? + local jid_node, jid_host, jid_resource = _split(jid); + local acl_node, acl_host, acl_resource = _split(acl); + if ((acl_node ~= nil and acl_node == jid_node) or acl_node == nil) and + ((acl_host ~= nil and acl_host == jid_host) or acl_host == nil) and + ((acl_resource ~= nil and acl_resource == jid_resource) or acl_resource == nil) then + return true + end + return false +end + return _M; |