Changeset 849

Show
Ignore:
Timestamp:
02/11/09 21:57:01 (10 months ago)
Author:
ykerherve
Message:

Fixed issues detected with Mike Malone and Mart Atkins today
(Section 8.3 of RFC 3920: If resource is not specified by
the client, the server should generate a random one)

Location:
trunk/DJabberd
Files:
3 modified

Legend:

Unmodified
Added
Removed

  • trunk/DJabberd/lib/DJabberd/IQ.pm

    r841 r849  
    44use DJabberd::Util qw(exml); 
    55use DJabberd::Roster; 
     6use Digest::SHA1; 
    67 
    78use DJabberd::Log; 
     
    626627    }; 
    627628 
    628     my $resource = $get->("resource") || ""; 
     629    my $resource = $get->("resource") 
     630                 || Digest::SHA1::sha1_hex(rand() . rand() . rand()); 
    629631 
    630632    my $vhost = $conn->vhost; 

  • trunk/DJabberd/t/lib/djabberd-test.pl

    r841 r849  
    566566    my $self = shift; 
    567567    my $sasl = shift; 
     568    my $res  = shift; 
    568569    my $sec  = shift; 
    569570 
     
    623624    die "no session"  unless $features =~ /session\b/sm; 
    624625 
    625     $self->bind_resource; 
    626     return 1; 
     626    return $self->bind_resource($res); 
    627627} 
    628628 
    629629sub bind_resource { 
    630630    my $self = shift; 
     631    my $res  = shift; 
    631632    my $sock = $self->{sock}; 
    632633 
    633634    print $sock <<EOB; 
    634 <iq type='set' id='purple81e4b57b'><bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><resource>yann</resource></bind></iq> 
     635<iq type='set' id='purple81e4b57b'><bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><resource>$res</resource></bind></iq> 
    635636EOB 
    636637    my $iq = $self->recv_xml_obj; 
    637638    die "invalid bind response" unless $iq->element_name eq 'iq'; 
    638639    my $bind = $iq->first_element; 
    639     die "invalid bind response" unless $bind->element_name eq 'bind'; 
     640    die "invalid bind response " unless $bind->element_name eq 'bind'; 
    640641    my $jid_el = $bind  ->first_element or die "no jid elt..."; 
    641642    my $jid    = $jid_el->first_child   or die "no jid..."; 
     643    return $jid; 
    642644} 
    643645 

  • trunk/DJabberd/t/sasl-login.t

    r841 r849  
    22use strict; 
    33use warnings; 
    4 use Test::More tests => 26; 
     4use Test::More tests => 46; 
    55use lib 't/lib'; 
    66 
     
    1010 
    1111my $login_and_be = sub { 
    12     my ($pa, $pb, $sasl) = @_; 
     12    my ($pa, $pb, $sasl, $res) = @_; 
    1313 
    14     $pa->sasl_login($sasl); 
     14    my $jid = $pa->sasl_login($sasl, $res); 
    1515    $pb->login; 
    1616    $pa->send_xml("<presence/>"); 
     
    2121    $pb->send_xml("<iq type='get' id='pb1' to='$pa'><x/></iq>"); 
    2222    like($pa->recv_xml, qr/id=.pb./, "pb got pa's iq"); 
     23    return $jid; 
    2324}; 
    2425 
     
    3738            ); 
    3839 
    39             $login_and_be->($pa, $pb, $sasl); 
     40            my $jid = $login_and_be->($pa, $pb, $sasl, "yann"); 
     41            like $jid, qr/yann/, "resource assigned accordingly"; 
    4042        }); 
    4143    } 
     44} 
     45 
     46## resource not provided by the client  
     47{ 
     48    two_parties(sub { 
     49        my ($pa, $pb) = @_; 
     50 
     51        my $sasl = Authen::SASL->new( 
     52            mechanism => "DIGEST-MD5", 
     53            callback  => { 
     54                pass => sub { $pa->password }, 
     55                user => sub { $pa->{name}   }, 
     56            }, 
     57        ); 
     58 
     59        my $jid = $login_and_be->($pa, $pb, $sasl, undef); # << no resource 
     60        ok $jid, "got jid"; 
     61        like $jid, qr{/\w+$}, "assigned resource $jid"; 
     62    }); 
     63} 
     64 
     65## resource conflict, resource reassigned 
     66{ 
     67    two_parties(sub { 
     68        my ($pa, $pb) = @_; 
     69 
     70        my $sasl = Authen::SASL->new( 
     71            mechanism => "DIGEST-MD5", 
     72            callback  => { 
     73                pass => sub { $pa->password }, 
     74                user => sub { $pa->{name}   }, 
     75            }, 
     76        ); 
     77        my $pa_jid = $pa->sasl_login($sasl, "yann"); 
     78        my $pb_jid = $pb->sasl_login($sasl, "yann"); 
     79        my ($pa_res) = $pa_jid =~ m{/(\w+)$}; 
     80        my ($pb_res) = $pb_jid =~ m{/(\w+)$}; 
     81        cmp_ok $pa_res, 'ne', $pb_res, "resources are different"; 
     82        is   $pa_res, "yann", "first got what it wanted"; 
     83        isnt $pb_res, "yann", "second didn't"; 
     84    }); 
    4285} 
    4386 
     
    58101 
    59102        my $pa = Test::DJabberd::Client->new(server => $server, name => "partya"); 
    60         eval { $pa->sasl_login($sasl) }; 
     103        eval { $pa->sasl_login($sasl, "yann") }; 
    61104        my $err = $@; 
    62105        ok $err, "login failure"; 
     
    76119 
    77120    my $pa = Test::DJabberd::Client->new(server => $server, name => "partya"); 
    78     my $response = $pa->abort_sasl_login($sasl); 
     121    my $response = $pa->abort_sasl_login($sasl, "yann"); 
    79122    like $response, qr{failure.*<aborted/>}; 
    80123} 
     
    100143 
    101144    my $pa = Test::DJabberd::Client->new(server => $strong_server, name => "partya"); 
    102     eval { $pa->sasl_login($sasl) }; 
     145    eval { $pa->sasl_login($sasl, "yann") }; 
    103146    my $err = $@; 
    104147    like $err, qr{failure.*<invalid-mechanism/>};