diff mod_delegation/mod_delegation.lua @ 1719:3938496cd4f8

mod_delegation: removed invalid error replies to iq result.
author Goffi <goffi@goffi.org>
date Sun, 03 May 2015 17:43:12 +0200
parents 48be6e7efbe8
children 48b7e8021afa
line wrap: on
line diff
--- a/mod_delegation/mod_delegation.lua	Sun May 03 17:27:37 2015 +0200
+++ b/mod_delegation/mod_delegation.lua	Sun May 03 17:43:12 2015 +0200
@@ -155,7 +155,7 @@
 	-- this function manage iq results from the managing entity
 	-- it do a couple of security check before sending the
 	-- result to the managed entity
-	local session, stanza = event.origin, event.stanza
+	local stanza = event.stanza
 	if stanza.attr.to ~= module.host then
 		module:log("warn", 'forwarded stanza result has "to" attribute not addressed to current host, id conflict ?')
 		return
@@ -166,20 +166,20 @@
 	local delegation = stanza.tags[1]
 	if #stanza ~= 1 or delegation.name ~= "delegation" or
 		delegation.attr.xmlns ~= _DELEGATION_NS then
-		session.send(st.error_reply(stanza, 'modify', 'not-acceptable'))
+		module:log("warn", "ignoring invalid iq result from managing entity %s", stanza.attr.from)
 		return true
 	end
 
 	local forwarded = delegation.tags[1]
 	if #delegation ~= 1 or forwarded.name ~= "forwarded" or
 		forwarded.attr.xmlns ~= _FORWARDED_NS then
-		session.send(st.error_reply(stanza, 'modify', 'not-acceptable'))
+		module:log("warn", "ignoring invalid iq result from managing entity %s", stanza.attr.from)
 		return true
 	end
 
 	local iq = forwarded.tags[1]
 	if #forwarded ~= 1 or iq.name ~= "iq" or #iq ~= 1 then
-		session.send(st.error_reply(stanza, 'modify', 'not-acceptable'))
+		module:log("warn", "ignoring invalid iq result from managing entity %s", stanza.attr.from)
 		return true
 	end
 
@@ -189,7 +189,7 @@
 
 	if stanza.attr.from ~= ns_data.connected or iq.attr.type ~= "result" or
 		iq.attr.id ~= original.attr.id or iq.attr.to ~= original.attr.from then
-		session.send(st.error_reply(stanza, 'auth', 'forbidden'))
+		module:log("warn", "ignoring forbidden iq result from managing entity %s, please check that the component is no trying to do something bad (stanza: %s)", stanza.attr.from, tostring(stanza))
 		module:send(st.error_reply(original, 'cancel', 'service-unavailable'))
 		return true
 	end