diff options
| author | Wilmer van der Gaast <wilmer@gaast.net> | 2005-12-02 12:30:03 +0100 |
|---|---|---|
| committer | Wilmer van der Gaast <wilmer@gaast.net> | 2005-12-02 12:30:03 +0100 |
| commit | 626b446e0a4f10fbcf38661013a592bcd3193e08 (patch) | |
| tree | 40b669b654cbe8eb4cee10925f14a272f9af6f2e /protocols/jabber/jabber.c | |
| parent | e5663e0aad633278512b2c09606bd6939e094adb (diff) | |
The Jabber module now only accepts a limited range of ports (5222 and 5223),
so it can't be abused as a portscanner. Thanks to Peter van Dijk (Habbie)
for the report.
Diffstat (limited to 'protocols/jabber/jabber.c')
| -rw-r--r-- | protocols/jabber/jabber.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/protocols/jabber/jabber.c b/protocols/jabber/jabber.c index 16755d99..e7703b44 100644 --- a/protocols/jabber/jabber.c +++ b/protocols/jabber/jabber.c @@ -589,6 +589,11 @@ static void gjab_start(gjconn gjc) port = DEFAULT_PORT; else if (port == -1 && ssl) port = DEFAULT_PORT_SSL; + else if (port != 5222 && port != 5223) { + serv_got_crap(GJ_GC(gjc), "Only port numbers 5222 and 5223 are allowed for Jabber connections."); + STATE_EVT(JCONN_STATE_OFF) + return; + } if (server == NULL) server = g_strdup(gjc->user->server); |