aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--core/rostermanager.lua2
-rw-r--r--core/sessionmanager.lua3
-rw-r--r--core/stanza_router.lua7
-rw-r--r--plugins/mod_roster.lua8
4 files changed, 12 insertions, 8 deletions
diff --git a/core/rostermanager.lua b/core/rostermanager.lua
index b31ca21b..5f06a308 100644
--- a/core/rostermanager.lua
+++ b/core/rostermanager.lua
@@ -24,3 +24,5 @@ function getroster(username, host)
}
-- return datamanager.load(username, host, "roster") or {};
end
+
+return _M; \ No newline at end of file
diff --git a/core/sessionmanager.lua b/core/sessionmanager.lua
index a7a9ff10..4f8b1913 100644
--- a/core/sessionmanager.lua
+++ b/core/sessionmanager.lua
@@ -12,6 +12,7 @@ local modulemanager = require "core.modulemanager";
local log = require "util.logger".init("sessionmanager");
local error = error;
local uuid_generate = require "util.uuid".uuid_generate;
+local rm_getroster = require "core.rostermanager".getroster
local newproxy = newproxy;
local getmetatable = getmetatable;
@@ -91,6 +92,8 @@ function bind_resource(session, resource)
session.full_jid = session.username .. '@' .. session.host .. '/' .. resource;
hosts[session.host].sessions[session.username].sessions[resource] = session;
+ session.roster = rm_getroster(session.username, session.host);
+
return true;
end
diff --git a/core/stanza_router.lua b/core/stanza_router.lua
index e5603cae..02e0871f 100644
--- a/core/stanza_router.lua
+++ b/core/stanza_router.lua
@@ -16,6 +16,13 @@ local jid_split = jid.split;
function core_process_stanza(origin, stanza)
log("debug", "Received: "..tostring(stanza))
-- TODO verify validity of stanza (as well as JID validity)
+
+ if origin.type == "c2s" and not origin.full_jid
+ and not(stanza.name == "iq" and stanza.tags[1] and stanza.tags[1].name == "bind"
+ and stanza.tags[1].attr.xmlns == "urn:ietf:params:xml:ns:xmpp-bind") then
+ error("Client MUST bind resource after auth");
+ end
+
local to = stanza.attr.to;
stanza.attr.from = origin.full_jid -- quick fix to prevent impersonation
diff --git a/plugins/mod_roster.lua b/plugins/mod_roster.lua
index 8b4a3a0a..962c6c70 100644
--- a/plugins/mod_roster.lua
+++ b/plugins/mod_roster.lua
@@ -5,14 +5,6 @@ local send = require "core.sessionmanager".send_to_session
add_iq_handler("c2s", "jabber:iq:roster",
function (session, stanza)
if stanza.attr.type == "get" then
- session.roster = session.roster or rostermanager.getroster(session.username, session.host);
- if session.roster == false then
- send(session, st.reply(stanza)
- :tag("error", { type = "wait" })
- :tag("internal-server-error", { xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas"}));
- return true;
- else session.roster = session.roster or {};
- end
local roster = st.reply(stanza)
:query("jabber:iq:roster");
for jid in pairs(session.roster) do