Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Return error when blocking last activity request #1087

Merged
merged 1 commit into from May 3, 2016
Merged

Return error when blocking last activity request #1087

merged 1 commit into from May 3, 2016

Conversation

weiss
Copy link
Member

@weiss weiss commented Apr 24, 2016

Return a generic service-unavailable error whenever an IQ-get or IQ-set is rejected (as per RFC 6121, XEP-0016, and XEP-0191).

@coveralls
Copy link

Coverage Status

Coverage increased (+0.002%) to 31.407% when pulling f58c2ed on weiss:avoid-presence-leak into 65ad70d on processone:master.

@zinid
Copy link
Contributor

zinid commented Apr 25, 2016

I'm not sure how to debug those service-unavailable received. We got a lot of questions like: "hey, I got service-unavailable, wtf?"

@weiss
Return error when blocking last activity request
36164d9 
As per XEP-0016 and XEP-0191, return a service-unavailable error when an
incoming last activity query was blocked by a privacy list (just as we
do for other IQ requests).
@weiss
Copy link
Member Author

weiss commented Apr 25, 2016

Fair enough. I've updated the PR so that it only adds a service-unavailable error for blocked last activity request (instead of dropping them silently) and leaves the other error messages alone. The new error is again without an error text, as there's currently no text when blocking other IQ/message stanzas either. Could add that if you like.

@weiss weiss changed the title Avoid presence leaks when rejecting IQ stanzas Return error when blocking last activity request Apr 25, 2016
@zinid
Copy link
Contributor

zinid commented Apr 25, 2016

We also probably can make sure any service-unavailable have error text except the ones related to privacy and presence. Presences will not be leaked in that case I think.

@coveralls
Copy link

Coverage Status

Coverage increased (+0.001%) to 31.409% when pulling 36164d9 on weiss:avoid-presence-leak into ef90a38 on processone:master.

@weiss
Copy link
Member Author

weiss commented Apr 25, 2016

We also probably can make sure any service-unavailable have error text except the ones related to privacy and presence. Presences will not be leaked in that case I think.

Yes. I think it already works that way, with the exception of groupchat messages (those aren't easy to fix) and IQ stanzas. In my original commit I tried to avoid the leak for IQ stanzas by removing an error text from ejabberd_sm, but we could instead wrap that one into a privacy list check and only include the error text if the traffic isn't blocked.

@weiss weiss merged commit 36164d9 into processone:master May 3, 2016
@weiss weiss deleted the avoid-presence-leak branch May 13, 2016 21:06
@cromain cromain added this to the ejabberd 16.06 milestone May 27, 2016
@lock
Copy link

lock bot commented Jun 10, 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked as resolved and limited conversation to collaborators Jun 10, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
ejabberd 16.06
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@weiss @coveralls @zinid @cromain