From e00ee968306da54370d5c86ac871e0d8f5456305 Mon Sep 17 00:00:00 2001
From: Waqas Hussain <waqas20@gmail.com>
Date: Wed, 8 Oct 2008 19:30:35 +0500
Subject: Load roster on resource bind

---
 core/sessionmanager.lua | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/core/sessionmanager.lua b/core/sessionmanager.lua
index a7a9ff10..4f8b1913 100644
--- a/core/sessionmanager.lua
+++ b/core/sessionmanager.lua
@@ -12,6 +12,7 @@ local modulemanager = require "core.modulemanager";
 local log = require "util.logger".init("sessionmanager");
 local error = error;
 local uuid_generate = require "util.uuid".uuid_generate;
+local rm_getroster = require "core.rostermanager".getroster
 
 local newproxy = newproxy;
 local getmetatable = getmetatable;
@@ -91,6 +92,8 @@ function bind_resource(session, resource)
 	session.full_jid = session.username .. '@' .. session.host .. '/' .. resource;
 	hosts[session.host].sessions[session.username].sessions[resource] = session;
 	
+	session.roster = rm_getroster(session.username, session.host);
+	
 	return true;
 end
 
-- 
cgit v1.2.3


From 2afc5cdef025c308f74adf824e3fe033ae731587 Mon Sep 17 00:00:00 2001
From: Waqas Hussain <waqas20@gmail.com>
Date: Wed, 8 Oct 2008 20:37:16 +0500
Subject: Fized: Added check to ensure that resource binding is done after
 auth.

---
 core/stanza_router.lua | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/core/stanza_router.lua b/core/stanza_router.lua
index e5603cae..02e0871f 100644
--- a/core/stanza_router.lua
+++ b/core/stanza_router.lua
@@ -16,6 +16,13 @@ local jid_split = jid.split;
 function core_process_stanza(origin, stanza)
 	log("debug", "Received: "..tostring(stanza))
 	-- TODO verify validity of stanza (as well as JID validity)
+
+	if origin.type == "c2s" and not origin.full_jid
+		and not(stanza.name == "iq" and stanza.tags[1] and stanza.tags[1].name == "bind"
+				and stanza.tags[1].attr.xmlns == "urn:ietf:params:xml:ns:xmpp-bind") then
+		error("Client MUST bind resource after auth");
+	end
+
 	
 	local to = stanza.attr.to;
 	stanza.attr.from = origin.full_jid -- quick fix to prevent impersonation
-- 
cgit v1.2.3


From 99d8d3327b98e0a15322783abc1287e5300297ac Mon Sep 17 00:00:00 2001
From: Waqas Hussain <waqas20@gmail.com>
Date: Wed, 8 Oct 2008 20:38:05 +0500
Subject: Removed: Unnecessary check in mod_roster. session.roster is
 guaranteed to be available for "c2s" session type.

---
 plugins/mod_roster.lua | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/plugins/mod_roster.lua b/plugins/mod_roster.lua
index 8b4a3a0a..962c6c70 100644
--- a/plugins/mod_roster.lua
+++ b/plugins/mod_roster.lua
@@ -5,14 +5,6 @@ local send = require "core.sessionmanager".send_to_session
 add_iq_handler("c2s", "jabber:iq:roster", 
 		function (session, stanza)
 			if stanza.attr.type == "get" then
-				session.roster = session.roster or rostermanager.getroster(session.username, session.host);
-				if session.roster == false then
-					send(session, st.reply(stanza)
-						:tag("error", { type = "wait" })
-						:tag("internal-server-error", { xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas"}));
-					return true;
-				else session.roster = session.roster or {};
-				end
 				local roster = st.reply(stanza)
 							:query("jabber:iq:roster");
 				for jid in pairs(session.roster) do
-- 
cgit v1.2.3


From 0af37d5e1ed0b11e90e63ff232557dc890504a6f Mon Sep 17 00:00:00 2001
From: Waqas Hussain <waqas20@gmail.com>
Date: Wed, 8 Oct 2008 21:10:18 +0500
Subject: Fixed: rostermanager.lua now returns the module

---
 core/rostermanager.lua | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/core/rostermanager.lua b/core/rostermanager.lua
index b31ca21b..5f06a308 100644
--- a/core/rostermanager.lua
+++ b/core/rostermanager.lua
@@ -24,3 +24,5 @@ function getroster(username, host)
 		}
 --	return datamanager.load(username, host, "roster") or {};
 end
+
+return _M;
\ No newline at end of file
-- 
cgit v1.2.3