From e701756ba976c28d2532f3d113f24429c457dec5 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Tue, 13 Dec 2016 18:15:17 +0100 Subject: core.sessionmanager, mod_saslauth: Introduce intermediate session type for authenticated but unbound sessions so that resource binding is not treated as a normal stanza --- core/sessionmanager.lua | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'core') diff --git a/core/sessionmanager.lua b/core/sessionmanager.lua index c8856634..75e54b4f 100644 --- a/core/sessionmanager.lua +++ b/core/sessionmanager.lua @@ -108,7 +108,7 @@ local function make_authenticated(session, username) if not username or #username == 0 then return nil, "Invalid username"; end session.username = username; if session.type == "c2s_unauthed" then - session.type = "c2s"; + session.type = "c2s_unbound"; end session.log("info", "Authenticated as %s@%s", username or "(unknown)", session.host or "(unknown)"); return true; @@ -176,6 +176,9 @@ local function bind_resource(session, resource) session.full_jid = session.username .. '@' .. session.host .. '/' .. resource; hosts[session.host].sessions[session.username].sessions[resource] = session; full_sessions[session.full_jid] = session; + if session.type == "c2s_unbound" then + session.type = "c2s"; + end local err; session.roster, err = rm_load_roster(session.username, session.host); -- cgit v1.2.3 From 2c7554d63405a862ae1681c52b24de1efe350a96 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Tue, 13 Dec 2016 18:16:20 +0100 Subject: core.stanza_router: Remove hack for allowing resource binding IQ before resource binding --- core/stanza_router.lua | 10 ---------- 1 file changed, 10 deletions(-) (limited to 'core') diff --git a/core/stanza_router.lua b/core/stanza_router.lua index af797f08..98952faf 100644 --- a/core/stanza_router.lua +++ b/core/stanza_router.lua @@ -79,16 +79,6 @@ function core_process_stanza(origin, stanza) end end - if not origin.full_jid - and not(name == "iq" and st_type == "set" and stanza.tags[1] and stanza.tags[1].name == "bind" - and stanza.tags[1].attr.xmlns == "urn:ietf:params:xml:ns:xmpp-bind") then - -- authenticated client isn't bound and current stanza is not a bind request - if stanza.attr.type ~= "result" and stanza.attr.type ~= "error" then - origin.send(st.error_reply(stanza, "auth", "not-authorized")); -- FIXME maybe allow stanzas to account or server - end - return; - end - -- TODO also, stanzas should be returned to their original state before the function ends stanza.attr.from = origin.full_jid; end -- cgit v1.2.3