Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Ignore presence stanza of type "subscribed" without previous subscription request

Description

Upon receiving the presence stanza of type "subscribed" addressed to the user, the user's server MUST first verify that the contact is in the user's roster with either of the following states:

  1. subscription='none' and ask='subscribe' , or

  2. subscription='from' and ask='subscribe'.

If the contact is not in the user's roster with either of those states, the user's server MUST silently ignore the presence stanza of type "subscribed" (i.e., it MUST NOT route it to the user, modify the user's roster, or generate a roster push to the user's available resources).

Related thread:
http://www.jivesoftware.org/forums/thread.jspa?threadID=15606&tstart=15

Environment

None

Activity

Show:

Guus der Kinderen January 3, 2010 at 1:12 AM

I am resolving this issue. The latest issue was fixed as part of OF-38.

Ian McEwan October 6, 2009 at 7:03 PM

Actually I probably should have put this comment here since this is the major priority.

Referencing http://www.igniterealtime.org/community/thread/39630.

In my opinion,

org.jivesoftware.openfire.handler.PresenceSubscribeHandler line 141should be removed.

//deliverer.deliver(reply)

Guus der Kinderen August 25, 2009 at 2:23 AM

Dug up this issue from the archived project, because of renewed activity that appears to be related to this issue on http://www.igniterealtime.org/community/message/195334

alexander wenckus September 2, 2005 at 9:19 PM

Intresting. I just upgraded to 2.2.1 and i am still experiencing the issue, if you have some time PM me and I can give you an account on my server so I can demonstrate for you. Hopefully I am not waisting all of your time on a wild goose chase

Gaston Dombiak September 2, 2005 at 4:57 AM

The added contact is not being affected by the presence stanza of type "subscribed". The user that is sending the presence stanza of type "subscribed" is the one that is having a new roster item in his roster.

I'm moving this issue to 2.3.0 since this is not a roster exploit issue.

Fixed

Details

Assignee

Reporter

Components

Fix versions

Affects versions

Priority

Created August 31, 2005 at 11:23 PM
Updated February 1, 2010 at 3:21 AM
Resolved January 3, 2010 at 1:12 AM