Commit 0878a034 authored by louiz’'s avatar louiz’

Do not allow pings from resources that aren’t in the channel

fix #3252
parent e4cc6960
......@@ -744,9 +744,10 @@ void Bridge::send_irc_participant_ping_request(const Iid& iid, const std::string
const std::string& iq_id, const std::string& to_jid,
const std::string& from_jid)
{
Jid from(to_jid);
IrcClient* irc = this->get_irc_client(iid.get_server());
IrcChannel* chan = irc->get_channel(iid.get_local());
if (!chan->joined)
if (!chan->joined || !this->is_resource_in_chan(iid.to_tuple(), from.resource))
{
this->xmpp.send_stanza_error("iq", to_jid, from_jid, iq_id, "cancel", "not-allowed",
"", true);
......
......@@ -1139,6 +1139,34 @@ if __name__ == '__main__':
partial(expect_stanza,
"/iq[@from='#foo%{irc_server_one}/{nick_one}'][@type='result'][@to='{jid_one}/{resource_one}'][@id='first_ping']"),
]),
Scenario("self_ping_not_in_muc",
[
handshake_sequence(),
partial(send_stanza,
"<presence from='{jid_one}/{resource_one}' to='#foo%{irc_server_one}/{nick_one}' />"),
connection_sequence("irc.localhost", '{jid_one}/{resource_one}'),
partial(expect_stanza,
"/message/body[text()='Mode #foo [+nt] by {irc_host_one}']"),
partial(expect_stanza,
("/presence[@to='{jid_one}/{resource_one}'][@from='#foo%{irc_server_one}/{nick_one}']/muc_user:x/muc_user:item[@affiliation='admin'][@role='moderator']",
"/presence/muc_user:x/muc_user:status[@code='110']")
),
partial(expect_stanza, "/message[@from='#foo%{irc_server_one}'][@type='groupchat']/subject[not(text())]"),
# Send a ping to ourself, in a muc where we’re not
partial(send_stanza,
"<iq type='get' from='{jid_one}/{resource_one}' id='first_ping' to='#nil%{irc_server_one}/{nick_one}'><ping xmlns='urn:xmpp:ping' /></iq>"),
# Immediately receive an error
partial(expect_stanza,
"/iq[@from='#nil%{irc_server_one}/{nick_one}'][@type='error'][@to='{jid_one}/{resource_one}'][@id='first_ping']/error/stanza:not-allowed"),
# Send a ping to ourself, in a muc where we are, but not this resource
partial(send_stanza,
"<iq type='get' from='{jid_one}/{resource_two}' id='first_ping' to='#foo%{irc_server_one}/{nick_one}'><ping xmlns='urn:xmpp:ping' /></iq>"),
# Immediately receive an error
partial(expect_stanza,
"/iq[@from='#foo%{irc_server_one}/{nick_one}'][@type='error'][@to='{jid_one}/{resource_two}'][@id='first_ping']/error/stanza:not-allowed"),
]),
Scenario("self_ping_on_real_channel",
[
handshake_sequence(),
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment