Uploaded image for project: 'ejabberd development'
  1. ejabberd development
  2. EJAB-1320

Privacy list does not block outgoing iq stanzas

        Details

          Description

          User sets and activates privacy lists to block iq stanzas:

          <!-- 16:20:02.256 OUT (::xmpp::1, user1@domain.tld/Ткаббер) -->
<iq id='184:823142' xml:lang='en' type='set'>
    <query xmlns='jabber:iq:privacy'>
        <list name='blockiq'>
            <item action='deny' order='1'><iq/></item>
        </list>
    </query>
</iq>
<!-- 16:20:02.347 IN (::xmpp::1, user1@domain.tld/Ткаббер) -->
<iq from='user1@domain.tld' to='user1@domain.tld/Ткаббер' id='184:823142' type='result'/>

<!-- 16:21:08.397 OUT (::xmpp::1, user1@domain.tld/Ткаббер) -->
<iq id='186:791728' xml:lang='en' type='set'>
    <query xmlns='jabber:iq:privacy'>
        <active name='blockiq'/>
    </query>
</iq>
<!-- 16:21:08.460 IN (::xmpp::1, user1@domain.tld/Ткаббер) -->
<iq from='user1@domain.tld' to='user1@domain.tld/Ткаббер' id='186:791728' type='result'/>}}

          User sends an iq stanza, which should be blocked:

          <!-- 16:23:32.003 OUT (::xmpp::1, user1@domain.tld/Ткаббер) -->
<iq id='189:525572' xml:lang='en' type='get' to='user2@domain.tld/resource'>
    <query xmlns='jabber:iq:version'/>
</iq>

          Server should block this stanza, and send back iq not-acceptable error stanza. (XEP-0016, example 51)

          Instead, the server routes it to contact, which responds:

          <!-- 16:23:32.099 IN (::xmpp::1, user1@domain.tld/Ткаббер) -->
<iq from='user2@domain.tld/resource' to='user1@domain.tld/Ткаббер' type='result' id='189:525572'>
    <query xmlns='jabber:iq:version'>
        <name>Stabber</name>
        <version>666</version>
        <os>FiendOS</os>
    </query>
    <evil xmlns='http://jabber.org/protocol/evil'/>
</iq>

            Expenses

              Activity

              Ascending order - Click to sort in descending order
              hermitifier Hermitifier created issue -
              badlop Badlop made changes -
              Field Original Value New Value
              Assignee Badlop [ badlop ]
              badlop Badlop made changes -
              Status Open [ 1 ] Resolved [ 5 ]
              Fix Version/s ejabberd 2.1.6 [ 10658 ]
              Fix Version/s ejabberd 3.0.0-alpha-2 [ 10659 ]
              Resolution Fixed [ 1 ]
              badlop Badlop made changes -
              Status Resolved [ 5 ] Closed [ 6 ]
              mremond@process-one.net Mickaël Rémond made changes -
              Workflow development v3 [ 73296 ] Development v4 [ 81455 ]

                People

                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:

                    Development