diff options
author | Garry Zacheiss <zacheiss@mit.edu> | 2001-07-02 23:28:31 +0000 |
---|---|---|
committer | Garry Zacheiss <zacheiss@mit.edu> | 2001-07-02 23:28:31 +0000 |
commit | 4e2bf8bf612f4837319b9a20d7e5d10a910779d9 (patch) | |
tree | ad4702c6cb04d7dfcf464c39ac6f0f2034c6ae0e /server/subscr.c | |
parent | 39885e5ba65feef6eb5ab5709b9d03b1bcaa7c5d (diff) |
Don't accept subscriptions from foreign realms for acl'ed classes.
Diffstat (limited to 'server/subscr.c')
-rw-r--r-- | server/subscr.c | 24 |
1 files changed, 16 insertions, 8 deletions
diff --git a/server/subscr.c b/server/subscr.c index eb3ba27..30b6d64 100644 --- a/server/subscr.c +++ b/server/subscr.c @@ -186,14 +186,19 @@ add_subscriptions(who, subs, notice, server) } } } - if (realm && !bdumping && server && server == me_server) { - retval = subscr_realm_sendit(who, subs, notice, realm); - if (retval != ZERR_NONE) { - free_subscriptions(subs); - free_string(sender); - return(retval); + if (realm && !bdumping) { + if (server && server == me_server) { + retval = subscr_realm_sendit(who, subs, notice, realm); + if (retval != ZERR_NONE) { + free_subscriptions(subs); + free_string(sender); + return(retval); + } else { + /* free this one, will get from ADD */ + free_subscription(subs); + } } else { - free_subscription(subs); /* free this one, will get from ADD */ + /* Indicates we leaked traffic back to our realm */ } } else { retval = triplet_register(who, &subs->dest, NULL); @@ -1475,7 +1480,10 @@ subscr_check_foreign_subs(notice, who, server, realm, newsubs) syslog(LOG_WARNING, "subscr auth not verifiable %s (%s) class %s", sender->string, rlm->name, subs->dest.classname->string); - continue; + free_subscriptions(newsubs); + free_string(sender); + free(text); + return ZSRV_CLASSRESTRICTED; } } if (!access_check(sender->string, acl, SUBSCRIBE)) { |