diff sat_pubsub/delegation.py @ 310:e6a9a3c93314

delegation: fixed bad security check which was rejecting all delegations from external servers: A hack is used to check delegation origin, but a better solution need to be implemented in the future. A list of trusted servers seems an acceptable solution.
author Goffi <goffi@goffi.org>
date Mon, 21 Dec 2015 13:44:21 +0100
parents 6918a0dad359
children 5d7c3787672e
line wrap: on
line diff
--- a/sat_pubsub/delegation.py	Mon Dec 21 13:41:15 2015 +0100
+++ b/sat_pubsub/delegation.py	Mon Dec 21 13:44:21 2015 +0100
@@ -173,6 +173,17 @@
 
         @param iq(domish.Element): full delegation stanza
         """
+
+        # FIXME: we use a hack supposing that our delegation come from hostname
+        #        and we are a component named [name].hostname
+        #        but we need to manage properly allowed servers
+        # TODO: do proper origin security check
+        _, allowed = iq['to'].split('.', 1)
+        if jid.JID(iq['from']) != jid.JID(allowed):
+            log.msg((u"SECURITY WARNING: forwarded stanza doesn't come from our server: {}"
+                     .format(iq.toXml())).encode('utf-8'))
+            raise error.StanzaError('not-allowed')
+
         try:
             fwd_iq = (iq.elements(DELEGATION_NS, 'delegation').next()
                       .elements(FORWARDED_NS, 'forwarded').next()
@@ -182,11 +193,6 @@
 
         managed_entity = jid.JID(fwd_iq['from'])
 
-        if managed_entity.host != iq['from']:
-            log.msg((u"SECURITY WARNING: forwarded stanza doesn't come from the emitting server: {}"
-                     .format(iq.toXml())).encode('utf-8'))
-            raise error.StanzaError('not-allowed')
-
         self._current_iqs[fwd_iq['id']] = (iq, managed_entity)
         fwd_iq.delegated = True