Commit d50a1d98 authored by Daniel Henninger's avatar Daniel Henninger Committed by dhenninger

[GATE-66] Couple of other fixes for username validity checking.

git-svn-id: http://svn.igniterealtime.org/svn/repos/wildfire/trunk/src/plugins/gateway@5526 b35dd754-fafc-0310-a699-88a17e54d16e
parent b11bf489
...@@ -571,8 +571,7 @@ public abstract class BaseTransport implements Component, RosterEventListener, P ...@@ -571,8 +571,7 @@ public abstract class BaseTransport implements Component, RosterEventListener, P
if ( username == null if ( username == null
|| (isPasswordRequired() && password == null) || (isPasswordRequired() && password == null)
|| (isNicknameRequired() && nickname == null) || (isNicknameRequired() && nickname == null)) {
|| !isUsernameValid(username)) {
// Invalid information from stanza, lets yell. // Invalid information from stanza, lets yell.
IQ result = IQ.createResultIQ(packet); IQ result = IQ.createResultIQ(packet);
result.setError(Condition.bad_request); result.setError(Condition.bad_request);
...@@ -607,6 +606,12 @@ public abstract class BaseTransport implements Component, RosterEventListener, P ...@@ -607,6 +606,12 @@ public abstract class BaseTransport implements Component, RosterEventListener, P
eresult.setError(Condition.not_allowed); eresult.setError(Condition.not_allowed);
reply.add(eresult); reply.add(eresult);
} }
catch (IllegalArgumentException e) {
Log.error("Someone attempted to register with the gateway with an invalid username: " + from);
IQ eresult = IQ.createResultIQ(packet);
eresult.setError(Condition.bad_request);
reply.add(eresult);
}
} }
} }
else if (packet.getType() == IQ.Type.get) { else if (packet.getType() == IQ.Type.get) {
...@@ -1129,12 +1134,17 @@ public abstract class BaseTransport implements Component, RosterEventListener, P ...@@ -1129,12 +1134,17 @@ public abstract class BaseTransport implements Component, RosterEventListener, P
* @param nickname Legacy nickname of registration. * @param nickname Legacy nickname of registration.
* @throws UserNotFoundException if registration or roster not found. * @throws UserNotFoundException if registration or roster not found.
* @throws IllegalAccessException if jid is not from this server. * @throws IllegalAccessException if jid is not from this server.
* @throws IllegalArgumentException if username is not valid for this transport type.
*/ */
public void addNewRegistration(JID jid, String username, String password, String nickname) throws UserNotFoundException, IllegalAccessException { public void addNewRegistration(JID jid, String username, String password, String nickname) throws UserNotFoundException, IllegalAccessException {
if (!XMPPServer.getInstance().getServerInfo().getName().equals(jid.getDomain())) { if (!XMPPServer.getInstance().getServerInfo().getName().equals(jid.getDomain())) {
throw new IllegalAccessException("Domain of jid registering does not match domain of server."); throw new IllegalAccessException("Domain of jid registering does not match domain of server.");
} }
if (!isUsernameValid(username)) {
throw new IllegalArgumentException("Username specified is not valid for this transport type.");
}
Collection<Registration> registrations = registrationManager.getRegistrations(jid, this.transportType); Collection<Registration> registrations = registrationManager.getRegistrations(jid, this.transportType);
Boolean foundReg = false; Boolean foundReg = false;
for (Registration registration : registrations) { for (Registration registration : registrations) {
......
...@@ -106,6 +106,11 @@ ...@@ -106,6 +106,11 @@
response.sendRedirect("gateway-registrations.jsp?success=false"); response.sendRedirect("gateway-registrations.jsp?success=false");
return; return;
} }
catch (IllegalArgumentException e) {
Log.error("Username specified for registration is not valid.");
response.sendRedirect("gateway-registrations.jsp?success=false");
return;
}
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment