OF-706: Openfire does not close the stream with a stream error if the...

OF-706: Openfire does not close the stream with a stream error if the namespace is not 'http://etherx.jabber.org/streams'

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@13946 b35dd754-fafc-0310-a699-88a17e54d16e

src/java/org/jivesoftware/openfire/net/StanzaHandler.java

@@ -19,9 +19,6 @@
 
 package org.jivesoftware.openfire.net;
 
-import java.io.IOException;
-import java.io.StringReader;
-
 import org.dom4j.Element;
 import org.dom4j.io.XMPPPacketReader;
 import org.jivesoftware.openfire.Connection;
@@ -38,13 +35,10 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.xmlpull.v1.XmlPullParser;
 import org.xmlpull.v1.XmlPullParserException;
-import org.xmpp.packet.IQ;
-import org.xmpp.packet.JID;
-import org.xmpp.packet.Message;
-import org.xmpp.packet.PacketError;
-import org.xmpp.packet.Presence;
-import org.xmpp.packet.Roster;
-import org.xmpp.packet.StreamError;
+import org.xmpp.packet.*;
+
+import java.io.IOException;
+import java.io.StringReader;
 
 /**
  * A StanzaHandler is the main responsible for handling incoming stanzas. Some stanzas like startTLS
@@ -602,36 +596,36 @@ public abstract class StanzaHandler {
         // subdomain. If the value of the 'to' attribute is not valid then return a host-unknown
         // error and close the underlying connection.
         String host = xpp.getAttributeValue("", "to");
+        StreamError streamError = null;
         if (validateHost() && isHostUnknown(host)) {
-            StringBuilder sb = new StringBuilder(250);
-            sb.append("<?xml version='1.0' encoding='");
-            sb.append(CHARSET);
-            sb.append("'?>");
-            // Append stream header
-            sb.append("<stream:stream ");
-            sb.append("from=\"").append(serverName).append("\" ");
-            sb.append("id=\"").append(StringUtils.randomString(5)).append("\" ");
-            sb.append("xmlns=\"").append(xpp.getNamespace(null)).append("\" ");
-            sb.append("xmlns:stream=\"").append(xpp.getNamespace("stream")).append("\" ");
-            sb.append("version=\"1.0\">");
-            // Set the host_unknown error
-            StreamError error = new StreamError(StreamError.Condition.host_unknown);
-            sb.append(error.toXML());
-            // Deliver stanza
-            connection.deliverRawText(sb.toString());
-            // Close the underlying connection
-            connection.close();
+            streamError = new StreamError(StreamError.Condition.host_unknown);
             // Log a warning so that admins can track this cases from the server side
             Log.warn("Closing session due to incorrect hostname in stream header. Host: " + host +
                     ". Connection: " + connection);
         }
+        // Validate the stream namespace
+        else if (!"http://etherx.jabber.org/streams".equals(xpp.getNamespace())) {
+            // Include the invalid-namespace in the response
+            streamError = new StreamError(StreamError.Condition.invalid_namespace);
+            // Log a warning so that admins can track this cases from the server side
+            Log.warn("Closing session due to invalid_namespace in stream header. Namespace: " +
+                    xpp.getNamespace() + ". Connection: " + connection);
 
+        }
         // Create the correct session based on the sent namespace. At this point the server
         // may offer the client to secure the connection. If the client decides to secure
         // the connection then a <starttls> stanza should be received
         else if (!createSession(xpp.getNamespace(null), serverName, xpp, connection)) {
             // No session was created because of an invalid namespace prefix so answer a stream
             // error and close the underlying connection
+            // Include the bad-namespace-prefix in the response
+            streamError = new StreamError(StreamError.Condition.bad_namespace_prefix);
+            // Log a warning so that admins can track this cases from the server side
+            Log.warn("Closing session due to bad_namespace_prefix in stream header. Prefix: " +
+                    xpp.getNamespace(null) + ". Connection: " + connection);
+        }
+
+        if (streamError != null) {
             StringBuilder sb = new StringBuilder(250);
             sb.append("<?xml version='1.0' encoding='");
             sb.append(CHARSET);
@@ -641,18 +635,15 @@ public abstract class StanzaHandler {
             sb.append("from=\"").append(serverName).append("\" ");
             sb.append("id=\"").append(StringUtils.randomString(5)).append("\" ");
             sb.append("xmlns=\"").append(xpp.getNamespace(null)).append("\" ");
-            sb.append("xmlns:stream=\"").append(xpp.getNamespace("stream")).append("\" ");
+            sb.append("xmlns:stream=\"http://etherx.jabber.org/streams\" ");
             sb.append("version=\"1.0\">");
-            // Include the bad-namespace-prefix in the response
-            StreamError error = new StreamError(StreamError.Condition.bad_namespace_prefix);
-            sb.append(error.toXML());
+            sb.append(streamError.toXML());
+            // Deliver stanza
             connection.deliverRawText(sb.toString());
             // Close the underlying connection
             connection.close();
-            // Log a warning so that admins can track this cases from the server side
-            Log.warn("Closing session due to bad_namespace_prefix in stream header. Prefix: " +
-                    xpp.getNamespace(null) + ". Connection: " + connection);
         }
+
     }
 
     private boolean isHostUnknown(String host) {