~singpolyma/biboumi: Do not allow pings from resources that aren’t in the channel

2 files changed, 30 insertions(+), 1 deletions(-)

M src/bridge/bridge.cpp
M tests/end_to_end/__main__.py

M src/bridge/bridge.cpp => src/bridge/bridge.cpp +2 -1

@@ 744,9 744,10 @@ void Bridge::send_irc_participant_ping_request(const Iid& iid, const std::string
                                                const std::string& iq_id, const std::string& to_jid,
                                                const std::string& from_jid)
 {
+  Jid from(to_jid);
   IrcClient* irc = this->get_irc_client(iid.get_server());
   IrcChannel* chan = irc->get_channel(iid.get_local());
-  if (!chan->joined)
+  if (!chan->joined || !this->is_resource_in_chan(iid.to_tuple(), from.resource))
     {
       this->xmpp.send_stanza_error("iq", to_jid, from_jid, iq_id, "cancel", "not-allowed",
                                     "", true);

M tests/end_to_end/__main__.py => tests/end_to_end/__main__.py +28 -0

@@ 1139,6 1139,34 @@ if __name__ == '__main__':
                      partial(expect_stanza,
                              "/iq[@from='#foo%{irc_server_one}/{nick_one}'][@type='result'][@to='{jid_one}/{resource_one}'][@id='first_ping']"),
                  ]),
+                Scenario("self_ping_not_in_muc",
+                 [
+                     handshake_sequence(),
+                     partial(send_stanza,
+                             "<presence from='{jid_one}/{resource_one}' to='#foo%{irc_server_one}/{nick_one}' />"),
+                     connection_sequence("irc.localhost", '{jid_one}/{resource_one}'),
+                     partial(expect_stanza,
+                             "/message/body[text()='Mode #foo [+nt] by {irc_host_one}']"),
+                     partial(expect_stanza,
+                             ("/presence[@to='{jid_one}/{resource_one}'][@from='#foo%{irc_server_one}/{nick_one}']/muc_user:x/muc_user:item[@affiliation='admin'][@role='moderator']",
+                              "/presence/muc_user:x/muc_user:status[@code='110']")
+                             ),
+                     partial(expect_stanza, "/message[@from='#foo%{irc_server_one}'][@type='groupchat']/subject[not(text())]"),
+
+                     # Send a ping to ourself, in a muc where we’re not
+                     partial(send_stanza,
+                             "<iq type='get' from='{jid_one}/{resource_one}' id='first_ping' to='#nil%{irc_server_one}/{nick_one}'><ping xmlns='urn:xmpp:ping' /></iq>"),
+                     # Immediately receive an error
+                     partial(expect_stanza,
+                             "/iq[@from='#nil%{irc_server_one}/{nick_one}'][@type='error'][@to='{jid_one}/{resource_one}'][@id='first_ping']/error/stanza:not-allowed"),
+
+                     # Send a ping to ourself, in a muc where we are, but not this resource
+                     partial(send_stanza,
+                             "<iq type='get' from='{jid_one}/{resource_two}' id='first_ping' to='#foo%{irc_server_one}/{nick_one}'><ping xmlns='urn:xmpp:ping' /></iq>"),
+                     # Immediately receive an error
+                     partial(expect_stanza,
+                             "/iq[@from='#foo%{irc_server_one}/{nick_one}'][@type='error'][@to='{jid_one}/{resource_two}'][@id='first_ping']/error/stanza:not-allowed"),
+                 ]),
                 Scenario("self_ping_on_real_channel",
                  [
                      handshake_sequence(),