diff options
| author | Guillaume Desmottes <cassidy@cass-wks.(none)> | 2007-11-21 14:21:39 (GMT) |
|---|---|---|
| committer | Morgan Collett <morgan.collett@gmail.com> | 2007-12-18 14:49:40 (GMT) |
| commit | 9239a4d24ed7f2c65d436dc1428b0faee330ae33 (patch) | |
| tree | 9c49d72cb8ad1e040614e5cabe9f557453414225 | |
| parent | abfffb6e5d2fb108878a8bc8f3702dcd868e5d2d (diff) | |
Only approve subscriptions coming from a trusted server (#4993)
| -rw-r--r-- | NEWS | 1 | ||||
| -rw-r--r-- | src/server_plugin.py | 35 |
2 files changed, 34 insertions, 2 deletions
@@ -1,5 +1,6 @@ * #4920: Harden _add_buddies to cope with no handle when calling BuddyHandleJoined (morgs) +* #4993: Only approve subscriptions coming from a trusted server (cassidy) Snapshot 4c8e8b71b5 diff --git a/src/server_plugin.py b/src/server_plugin.py index 834eedc..6b9f28b 100644 --- a/src/server_plugin.py +++ b/src/server_plugin.py @@ -235,6 +235,32 @@ class ServerPlugin(TelepathyPlugin): TelepathyPlugin._connected_cb(self) + def _filter_trusted_server(self, handles): + """Filter a list of contact handles removing the one which aren't hosted + on a trusted server. + This function is used to only accept subscriptions coming from a + trusted server. + + :Parameters: + `handles` : iterable over (int or long) + The contacts' handles to filter + + :Returns: a list of handles + """ + result = [] + if not handles: + return result + + identifiers = self._conn[CONN_INTERFACE].InspectHandles( + HANDLE_TYPE_CONTACT, handles) + + for handle, jid in izip(handles, identifiers): + user, host = jid.split('@', 1) + if self._server_is_trusted(host): + result.append(handle) + + return result + def _publish_members_changed_cb(self, message, added, removed, local_pending, remote_pending, actor, reason): @@ -242,6 +268,7 @@ class ServerPlugin(TelepathyPlugin): added, removed, local_pending, remote_pending, actor, reason) + local_pending = self._filter_trusted_server(local_pending) if local_pending: # accept all requested subscriptions self._publish_channel[CHANNEL_INTERFACE_GROUP].AddMembers( @@ -251,6 +278,7 @@ class ServerPlugin(TelepathyPlugin): if self._subscribe_channel is not None: added = list(set(added) - self._subscribe_members - self._subscribe_remote_pending) + added = self._filter_trusted_server(added) if added: self._subscribe_channel[CHANNEL_INTERFACE_GROUP].AddMembers( added, '') @@ -280,6 +308,7 @@ class ServerPlugin(TelepathyPlugin): publish_handles, local_pending, remote_pending = \ self._publish_channel[CHANNEL_INTERFACE_GROUP].GetAllMembers() + local_pending = self._filter_trusted_server(local_pending) if local_pending: # accept pending subscriptions # FIXME: do this async @@ -304,5 +333,7 @@ class ServerPlugin(TelepathyPlugin): # not subscribed to them not_subscribed = set(publish_handles) not_subscribed -= self._subscribe_members - self._subscribe_channel[CHANNEL_INTERFACE_GROUP].AddMembers( - not_subscribed, '') + not_subscribed = self._filter_trusted_server(not_subscribed) + if not_subscribed: + self._subscribe_channel[CHANNEL_INTERFACE_GROUP].AddMembers( + not_subscribed, '') |