Mercurial Mercurial > prosody > prosody / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
stanza_router: Remove FIXME comment and close stream with not-authorized for s2s stanzas from unauthed domains
authorMatthew Wild <mwild1@gmail.com>
Sat, 12 May 2012 00:33:04 +0100
changeset 4863 8974a9b7363f
parent 4862 d1cfdb137b03
child 4864 b98154bbe0e0
child 4868 550f0a5e85c5
stanza_router: Remove FIXME comment and close stream with not-authorized for s2s stanzas from unauthed domains
core/stanza_router.lua file | annotate | diff | comparison | revisions 
--- a/core/stanza_router.lua	Sat May 12 00:31:48 2012 +0100
+++ b/core/stanza_router.lua	Sat May 12 00:33:04 2012 +0100
@@ -109,7 +109,8 @@
 			local host_status = origin.hosts[from_host];
 			if not host_status or not host_status.authed then -- remote server trying to impersonate some other server?
 				log("warn", "Received a stanza claiming to be from %s, over a stream authed for %s!", from_host, origin.from_host);
-				return; -- FIXME what should we do here? does this work with subdomains?
+				origin:close("not-authorized");
+				return;
 			elseif not hosts[to_host] then
 				log("warn", "Remote server %s sent us a stanza for %s, closing stream", origin.from_host, to_host);
 				origin:close("host-unknown");
prosody