From 1c366baed7725a746e75a041fc161c7b7aec2d7e Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Thu, 9 Oct 2008 01:18:48 +0500 Subject: Fixed routing for IQs to bare JIDs, and added a simple IQ validity check --- core/stanza_router.lua | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'core') diff --git a/core/stanza_router.lua b/core/stanza_router.lua index 02e0871f..e6085595 100644 --- a/core/stanza_router.lua +++ b/core/stanza_router.lua @@ -16,9 +16,12 @@ local jid_split = jid.split; function core_process_stanza(origin, stanza) log("debug", "Received: "..tostring(stanza)) -- TODO verify validity of stanza (as well as JID validity) + if stanza.name == "iq" and not(#stanza.tags == 1 and stanza.tags[1].attr.xmlns) then + error("Invalid IQ"); + end if origin.type == "c2s" and not origin.full_jid - and not(stanza.name == "iq" and stanza.tags[1] and stanza.tags[1].name == "bind" + and not(stanza.name == "iq" and stanza.tags[1].name == "bind" and stanza.tags[1].attr.xmlns == "urn:ietf:params:xml:ns:xmpp-bind") then error("Client MUST bind resource after auth"); end @@ -29,6 +32,8 @@ function core_process_stanza(origin, stanza) if not to or (hosts[to] and hosts[to].type == "local") then core_handle_stanza(origin, stanza); + elseif to and stanza.name == "iq" and not select(3, jid_split(to)) then + core_handle_stanza(origin, stanza); elseif origin.type == "c2s" then core_route_stanza(origin, stanza); end -- cgit v1.2.3