From a5e360e6739be4ea3019f4129a55c74b124d9153 Mon Sep 17 00:00:00 2001 From: Marco Cirillo Date: Wed, 9 May 2012 11:25:22 +0000 Subject: mod_dialback: add better safe then sorry nameprepping to the from attribute. --- plugins/mod_dialback.lua | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'plugins/mod_dialback.lua') diff --git a/plugins/mod_dialback.lua b/plugins/mod_dialback.lua index cc076db5..5d32fdb2 100644 --- a/plugins/mod_dialback.lua +++ b/plugins/mod_dialback.lua @@ -15,6 +15,7 @@ local log = module._log; local st = require "util.stanza"; local sha256_hash = require "util.hashes".sha256; +local nameprep = require "util.encodings".stringprep.nameprep; local xmlns_stream = "http://etherx.jabber.org/streams"; @@ -77,10 +78,15 @@ module:hook("stanza/jabber:server:dialback:result", function(event) if not origin.from_host then -- Just used for friendlier logging - origin.from_host = attr.from; + origin.from_host = nameprep(attr.from); -- COMPAT: Fix ejabberd chopness by resetting the send function - origin.log("debug", "Remote server didn't specify a from attr, resetting session.send now that we know where to knock to."); - origin.send = function(stanza) hosts[attr.to].events.fire_event("route/remote", { from_host = origin.to_host, to_host = origin.from_host, stanza = stanza}); end + if not origin.from_host then + origin.log("debug", "We need to know where to connect but remote server blindly refuses to tell us and to comply to specs, closing connection."); + origin:close("invalid-from"); + else + origin.log("debug", "Remote server didn't specify a from attr, resetting session.send now that we know where to knock to."); + origin.send = function(stanza) hosts[attr.to].events.fire_event("route/remote", { from_host = origin.to_host, to_host = origin.from_host, stanza = stanza}); end + end end if not origin.to_host then -- Just used for friendlier logging -- cgit v1.2.3