# HG changeset patch # User Marco Cirillo # Date 1363111766 -3600 # Node ID e20e94d75fe3a2e5610d9f26a801cb561c3bbdb0 # Parent c08b424583c36e21a24c1eca31c8e6c496676a83# Parent 4584c3303bb42bd88725ea03df4e8c17e587f923 Merge (someone needs to remember to pull...) diff -r c08b424583c3 -r e20e94d75fe3 mod_block_subscribes/mod_block_subscribes.lua --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_block_subscribes/mod_block_subscribes.lua Tue Mar 12 19:09:26 2013 +0100 @@ -0,0 +1,13 @@ +local allowed_presence_types = { probe = true, unavailable = true }; + +function filter_presence(event) + local stanza = event.stanza; + local presence_type = stanza.attr.type; + if presence_type == nil or allowed_presence_types[presence_type] then + return; + end + return true; -- Drop +end + +module:hook("pre-presence/bare", filter_presence, 200); -- Client sending +module:hook("presence/bare", filter_presence, 200); -- Client receiving diff -r c08b424583c3 -r e20e94d75fe3 mod_dwd/mod_dwd.lua --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_dwd/mod_dwd.lua Tue Mar 12 19:09:26 2013 +0100 @@ -0,0 +1,41 @@ +local hosts = _G.hosts; +local st = require "util.stanza"; +local s2s_make_authenticated = require "core.s2smanager".make_authenticated; +local nameprep = require "util.encodings".stringprep.nameprep; +local cert_verify_identity = require "util.x509".verify_identity; + +module:hook("stanza/jabber:server:dialback:result", function(event) + local origin, stanza = event.origin, event.stanza; + + if origin.cert_chain_status == "valid" and origin.type == "s2sin_unauthed" or origin.type == "s2sin" then + local attr = stanza.attr; + local to, from = nameprep(attr.to), nameprep(attr.from); + + local conn = origin.conn:socket() + local cert; + if conn.getpeercertificate then + cert = conn:getpeercertificate() + end + + if cert and hosts[to] and cert_verify_identity(from, "xmpp-server", cert) then + + -- COMPAT: ejabberd, gmail and perhaps others do not always set 'to' and 'from' + -- on streams. We fill in the session's to/from here instead. + if not origin.from_host then + origin.from_host = from; + end + if not origin.to_host then + origin.to_host = to; + end + + module:log("info", "Accepting Dialback without Dialback for %s", from); + s2s_make_authenticated(origin, from); + origin.sends2s( + st.stanza("db:result", { from = attr.to, to = attr.from, id = attr.id, type = "valid" })); + + return true; + end + end +end, 100); + + diff -r c08b424583c3 -r e20e94d75fe3 mod_smacks/mod_smacks.lua --- a/mod_smacks/mod_smacks.lua Tue Mar 12 19:05:59 2013 +0100 +++ b/mod_smacks/mod_smacks.lua Tue Mar 12 19:09:26 2013 +0100 @@ -249,6 +249,14 @@ end); module:hook_stanza(xmlns_sm, "resume", function (session, stanza) + if session.full_jid then + session.log("debug", "Tried to resume after resource binding"); + session.send(st.stanza("failed", sm_attr) + :tag("unexpected-request", { xmlns = xmlns_errors }) + ); + return true; + end + local id = stanza.attr.previd; local original_session = session_registry[id]; if not original_session then