Commit 426ae23f authored by Daniel Henninger's avatar Daniel Henninger Committed by dhenninger

[GATE-68] Updated to deny registration additions for users not on the same server.

git-svn-id: http://svn.igniterealtime.org/svn/repos/wildfire/trunk@5491 b35dd754-fafc-0310-a699-88a17e54d16e
parent 5327cf5a
...@@ -584,6 +584,13 @@ public abstract class BaseTransport implements Component, RosterEventListener, P ...@@ -584,6 +584,13 @@ public abstract class BaseTransport implements Component, RosterEventListener, P
try { try {
this.addNewRegistration(from, username, password, nickname); this.addNewRegistration(from, username, password, nickname);
// Lets ask them what their presence is, maybe log
// them in immediately.
Presence p = new Presence(Presence.Type.probe);
p.setTo(from);
p.setFrom(to);
reply.add(p);
} }
catch (UserNotFoundException e) { catch (UserNotFoundException e) {
Log.error("Someone attempted to register with the gateway who is not registered with the server: " + from); Log.error("Someone attempted to register with the gateway who is not registered with the server: " + from);
...@@ -591,13 +598,12 @@ public abstract class BaseTransport implements Component, RosterEventListener, P ...@@ -591,13 +598,12 @@ public abstract class BaseTransport implements Component, RosterEventListener, P
eresult.setError(Condition.bad_request); eresult.setError(Condition.bad_request);
reply.add(eresult); reply.add(eresult);
} }
catch (IllegalAccessException e) {
// Lets ask them what their presence is, maybe log Log.error("Someone who is not a user of this server tried to register with the transport: "+from);
// them in immediately. IQ eresult = IQ.createResultIQ(packet);
Presence p = new Presence(Presence.Type.probe); eresult.setError(Condition.not_allowed);
p.setTo(from); reply.add(eresult);
p.setFrom(to); }
reply.add(p);
} }
} }
else if (packet.getType() == IQ.Type.get) { else if (packet.getType() == IQ.Type.get) {
...@@ -1119,8 +1125,13 @@ public abstract class BaseTransport implements Component, RosterEventListener, P ...@@ -1119,8 +1125,13 @@ public abstract class BaseTransport implements Component, RosterEventListener, P
* @param password Legacy password of registration. * @param password Legacy password of registration.
* @param nickname Legacy nickname of registration. * @param nickname Legacy nickname of registration.
* @throws UserNotFoundException if registration or roster not found. * @throws UserNotFoundException if registration or roster not found.
* @throws IllegalAccessException if jid is not from this server.
*/ */
public void addNewRegistration(JID jid, String username, String password, String nickname) throws UserNotFoundException { public void addNewRegistration(JID jid, String username, String password, String nickname) throws UserNotFoundException, IllegalAccessException {
if (!XMPPServer.getInstance().getServerInfo().getName().equals(jid.getDomain())) {
throw new IllegalAccessException("Domain of jid registering does not match domain of server.");
}
Collection<Registration> registrations = registrationManager.getRegistrations(jid, this.transportType); Collection<Registration> registrations = registrationManager.getRegistrations(jid, this.transportType);
Boolean foundReg = false; Boolean foundReg = false;
for (Registration registration : registrations) { for (Registration registration : registrations) {
......
...@@ -101,6 +101,11 @@ ...@@ -101,6 +101,11 @@
response.sendRedirect("gateway-registrations.jsp?success=false"); response.sendRedirect("gateway-registrations.jsp?success=false");
return; return;
} }
catch (IllegalAccessException e) {
Log.error("Domain of JID specified for registration is not on this server: "+jid.toString());
response.sendRedirect("gateway-registrations.jsp?success=false");
return;
}
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment