#384 mod_privacy_lists: User gets kicked from room if they block an MUC occupant's room JID

Reporter michael.weibel
Owner MattJ
Stars ★ (1)
  • Type-Defect
  • Status-Accepted
  • Priority-Medium
  • Component-Community
  1. michael.weibel on

    *What steps will reproduce the problem?* 1. Login with two users (A@example.com, B@example.com) & have them in the same room (test@conference.example.com/A, test@conference.example.com/B) In my UC, B is the current owner of the room. I guess (but didn't test it) if B is not the owner, or A is the owner, it doesn't happen. 2. Create privacy list "ignore" for user A & add user B to it: Result from getting the current privacy list for A: <iq id='3:sendIQ' type='result' to='A@example.com/Candy'> <query xmlns='jabber:iq:privacy'> <list name='ignore'> <item value='test@conference.example.com/B' type='jid' action='deny' order='0'><message/></item> </list> </query> </iq> 3. With User B, whisper to A (in the muc room): <message to='test@conference.example.com/A' from='B@example.com/Candy' type='chat' id='msg:10' xmlns='jabber:client'> <body xmlns='jabber:client'>TEST</body> </message> 4. User A will be kicked out of room test@conference.example.com without receiving message TEST: <presence type='unavailable' to='A@example.com/Candy' from='test@conference.localhost/A'> <status>Kicked: service unavailable</status> <x xmlns='http://jabber.org/protocol/muc#user'> <item affiliation='none' role='none'/> <status code='110'/> </x> </presence> *What is the expected output? What do you see instead?* User A should just not receive the message from B. *What version of the product are you using? On what operating system?* Prosody 0.9.1, OSX 10.9

  2. michael.weibel on

    Debug info from prosody.log: Jan 17 16:58:30 mod_muc debug B@example.com/Candy sent private stanza to test@conference.example.com/A (A@example.com/Candy) Jan 17 16:58:30 localhost:privacy debug stanza blocked: message, to: A@example.com/Candy, from: test@conference.example.com/B Jan 17 16:58:30 mod_muc debug room: test@conference.conference.example.com, current_nick: test@conference.example.com/A, stanza: <message id='msg:10' type='error' to='test@conference.example.com/B' from='A@example.com/Candy'> Jan 17 16:58:30 mod_muc debug test@conference.example.com/A kicked from test@conference.example.com for sending an error message Jan 17 16:58:30 mod_muc debug room: test@conference.example.com, current_nick: test@conference.example.com/A, stanza: <presence type='unavailable' to='test@conference.example.com/B' from='A@conference.example.com/Candy'> Jan 17 16:58:30 mod_muc debug test@conference.example.com/A leaving test@conference.example.com

  3. MattJ on

    Hi, thanks for bringing up this issue. It's something of a specification bug in my opinion, but we need to look into workarounds. I'm marking it for 0.9, but if the solution requires major changes it may get pushed to 0.10.

    • tags Milestone-0.9 Status-Accepted
    • title [mod_muc/mod_privacy] User gets kicked from room if they block an occupant's room JID
    • owner MattJ
  4. Zash on

    mod_privacy was removed from 0.10 but the replacement, mod_blocklist, has the same dilemma. Currently I believe you get kicked if someone you blocked sends you a PM.

  5. Zash on

    This is unlikely to get fixed in Prosody. Let this refer to mod_privacy_lists in prosody-modules, where mod_privacy was moved to.

    • title [mod_muc/mod_privacy] User gets kicked from room if they block an occupant's room JID mod_privacy_lists: User gets kicked from room if they block an MUC occupant's room JID
    • tags Milestone-0.9
  6. MattJ on

    I still think this is an unfortunate spec bug, but I have a couple of proposals we could consider. Option #1: For stanzas addressed to a valid full JID (i.e. session is online), do not send service-unavailable. Option #2: Apply the above logic only if the stanza has a MUC <x> payload (some MUC services do not currently send this, so it wouldn't be a 100% fix until they do).

  7. Zash on

    • tags Component-Community

New comment

Not published. Used for spam prevention and optional update notifications.