From 7aac87fba842b093bbb339dff9f8c6f305e1faa8 Mon Sep 17 00:00:00 2001
From: Matthew Wild <mwild1@gmail.com>
Date: Sat, 12 May 2012 00:33:04 +0100
Subject: stanza_router: Remove FIXME comment and close stream with
 not-authorized for s2s stanzas from unauthed domains

---
 core/stanza_router.lua | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'core/stanza_router.lua')

diff --git a/core/stanza_router.lua b/core/stanza_router.lua
index cea38166..4c241c27 100644
--- a/core/stanza_router.lua
+++ b/core/stanza_router.lua
@@ -109,7 +109,8 @@ function core_process_stanza(origin, stanza)
 			local host_status = origin.hosts[from_host];
 			if not host_status or not host_status.authed then -- remote server trying to impersonate some other server?
 				log("warn", "Received a stanza claiming to be from %s, over a stream authed for %s!", from_host, origin.from_host);
-				return; -- FIXME what should we do here? does this work with subdomains?
+				origin:close("not-authorized");
+				return;
 			elseif not hosts[to_host] then
 				log("warn", "Remote server %s sent us a stanza for %s, closing stream", origin.from_host, to_host);
 				origin:close("host-unknown");
-- 
cgit v1.2.3