[jdev] Re: s2s - invalid subsequent db:result
Jacek Konieczny
jajcus at bnet.pl
Fri May 20 03:06:12 CDT 2005
On Fri, May 20, 2005 at 07:11:57AM +0200, Stephen Marquard wrote:
> Gaston Dombiak wrote:
> >Which is the expected behavior when the subsequent <db:result/> packet is
> >invalid or there was some kind of error during the validation process?
> >Should the Receiving Server close the stream and the underlying TCP
> >connection as described in Protocol 8.3 step 10?
>
> That was my interpretation for jabberd2 - any validation error on the
> stream at any stage causes the stream & TCP connection to be closed.
>
> It should only happen if something is misconfigured on either side or
> someone is trying to spoof a connection.
Doesn't that allow a remote DoS agains any established s2s connection?
Greets,
Jacek
More information about the JDev
mailing list