#724 mod_register throttle check logic inverted

Reporter Link Mauve
Owner Zash
Stars ★ (1)
  • Priority-Medium
  • Status-Fixed
  • Type-Defect
  • Milestone-0.10
  1. Link Mauve on

    What steps will reproduce the problem? 1. Enable mod_register. 2. Use a client supporting IBR. 3. Create an account containing an uppercase letter, like Test@your-domain.tld What is the expected output? What do you see instead? The account test@your-domain.tld should have been created. Instead a not-acceptable error has been sent and no account has been created. What version of the product are you using? On what operating system? hg:bdaff978c790 (0.10) on ArchLinux current. Please provide any additional information below. The issue is most likely that stringprep hasn’t been applied on the requested <username/>.

  2. Zash on

    I am to reproduce on 0.10 4f7990902874 What is the full error reply?

    • owner Zash
    • tags Status-NeedInfo
  3. Zash on

    *unable to reproduce

  4. Link Mauve on

    Oh hmm, now I get an error of type wait, so it might be that I did too many attempts at creating an account and am now blacklisted by my server, I haven’t checked what it was before: <iq id='b54f9de7-79fc-4231-8884-49837a6ac41f' type='error' from='im.apinc.org'><error type='wait'><not-acceptable xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/></error></iq>

  5. Link Mauve on

    Actually no, the throttle check seem to erroneously trigger with an uppercase letter, since I was able to register the same account in lowercase.

  6. Zash on

    Oh, the throttle check was inverted. https://hg.prosody.im/0.10/rev/c61ea328fac2

    • tags Status-Fixed Milestone-0.10
  7. Zash on

    Clarify title

    • title mod_register returns a not-acceptable when the requested username contains an uppercase letter mod_register throttle check logic inverted

New comment

Not published. Used for spam prevention and optional update notifications.