From 1164523ee983a0ca38327703c7493772560aa2a3 Mon Sep 17 00:00:00 2001 From: Boris Grozev Date: Tue, 17 Sep 2024 16:22:36 -0500 Subject: [PATCH 1/2] feat: Verify the rayo JvbRoomName header if it exists. --- .../org/jitsi/jicofo/xmpp/JigasiIqHandler.kt | 31 ++++++++++++------- 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/jicofo/src/main/kotlin/org/jitsi/jicofo/xmpp/JigasiIqHandler.kt b/jicofo/src/main/kotlin/org/jitsi/jicofo/xmpp/JigasiIqHandler.kt index 2632eadf5..9a1fbbed5 100644 --- a/jicofo/src/main/kotlin/org/jitsi/jicofo/xmpp/JigasiIqHandler.kt +++ b/jicofo/src/main/kotlin/org/jitsi/jicofo/xmpp/JigasiIqHandler.kt @@ -35,6 +35,7 @@ import org.jivesoftware.smack.packet.IQ import org.jivesoftware.smack.packet.StanzaError import org.jivesoftware.smack.packet.id.StandardStanzaIdSource import org.jxmpp.jid.Jid +import org.jxmpp.jid.impl.JidCreate import java.util.concurrent.atomic.AtomicInteger class JigasiIqHandler( @@ -62,18 +63,13 @@ class JigasiIqHandler( Stats.rejectedRequests.inc() } - var conference = conferenceStore.getConference(conferenceJid) - - if (conference == null) { - // let's search for visitor room with that jid, maybe it's an invite from a visitor - conference = conferenceStore.getAllConferences() - .find { c -> c.visitorRoomsJids.contains(conferenceJid) } - } - - conference ?: return RejectedWithError(request, StanzaError.Condition.item_not_found).also { - logger.warn("Rejected request for non-existent conference: $conferenceJid") - Stats.rejectedRequests.inc() - } + val conference = conferenceStore.getConference(conferenceJid) + // search for visitor room with that jid, maybe it's an invite from a visitor + ?: conferenceStore.getAllConferences().find { c -> c.visitorRoomsJids.contains(conferenceJid) } + ?: return RejectedWithError(request, StanzaError.Condition.item_not_found).also { + logger.warn("Rejected request for non-existent conference: $conferenceJid") + Stats.rejectedRequests.inc() + } if (!conference.acceptJigasiRequest(request.iq.from)) { return RejectedWithError(request, StanzaError.Condition.forbidden).also { @@ -82,6 +78,17 @@ class JigasiIqHandler( } } + val roomNameHeader = request.iq.getHeader("JvbRoomName") + if (roomNameHeader != null && JidCreate.entityBareFrom(roomNameHeader) != conference.mainRoomJid) { + return RejectedWithError(request, StanzaError.Condition.forbidden).also { + logger.warn( + "Rejecting request with non-matching JvbRoomName: from=${request.iq.from} " + + ", mainRoomJid=${conference.mainRoomJid}, JvbRoomName=$roomNameHeader" + ) + Stats.rejectedRequests.inc() + } + } + logger.info("Accepted jigasi request from ${request.iq.from}: ${request.iq.toStringOpt()}") Stats.acceptedRequests.inc() From ad726e11bbd9cb30d76905eedee533fcc2196cd0 Mon Sep 17 00:00:00 2001 From: Boris Grozev Date: Wed, 18 Sep 2024 11:29:47 -0500 Subject: [PATCH 2/2] squash: Use the correct room JID. --- .../src/main/kotlin/org/jitsi/jicofo/xmpp/JigasiIqHandler.kt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/jicofo/src/main/kotlin/org/jitsi/jicofo/xmpp/JigasiIqHandler.kt b/jicofo/src/main/kotlin/org/jitsi/jicofo/xmpp/JigasiIqHandler.kt index 9a1fbbed5..bc45e5360 100644 --- a/jicofo/src/main/kotlin/org/jitsi/jicofo/xmpp/JigasiIqHandler.kt +++ b/jicofo/src/main/kotlin/org/jitsi/jicofo/xmpp/JigasiIqHandler.kt @@ -79,11 +79,11 @@ class JigasiIqHandler( } val roomNameHeader = request.iq.getHeader("JvbRoomName") - if (roomNameHeader != null && JidCreate.entityBareFrom(roomNameHeader) != conference.mainRoomJid) { + if (roomNameHeader != null && JidCreate.entityBareFrom(roomNameHeader) != conference.roomName) { return RejectedWithError(request, StanzaError.Condition.forbidden).also { logger.warn( "Rejecting request with non-matching JvbRoomName: from=${request.iq.from} " + - ", mainRoomJid=${conference.mainRoomJid}, JvbRoomName=$roomNameHeader" + ", roomName=${conference.roomName}, JvbRoomName=$roomNameHeader" ) Stats.rejectedRequests.inc() }