Don't allow the bare jid to change on bind

monal-im · Mar 24, 2024 · 3f9ec84 · 3f9ec84
1 parent f0a4bd5
commit 3f9ec84
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 10 deletions.
diff --git a/Monal/Classes/MLXMPPIdentity.m b/Monal/Classes/MLXMPPIdentity.m
@@ -39,12 +39,23 @@ -(void) updatPassword:(NSString*) newPassword
 
 -(void) bindJid:(NSString*) jid
 {
-    _fullJid = jid;
     NSDictionary* parts = [HelperTools splitJid:jid];
-    self.jid = parts[@"user"];
-    self.resource = parts[@"resource"];
-    self.user = parts[@"node"];
-    self.domain = parts[@"host"];
+
+    //we don't allow this because several parts in monal rely on stable bare jids not changing after login/bind
+    MLAssert([self.jid isEqualToString:parts[@"user"]], @"trying to bind to different bare jid!", @{@"bind_to_jid": jid, @"current_bare_jid": self.jid});
+
+    //don't set new full jid if we don't have a resource
+    if(parts[@"resource"] != nil)
+    {
+        //these won't change because of the MLAssert above, but we keep this
+        //to make sure user and domain match the jid once the assertion gets removed
+        self.jid = parts[@"user"];
+        self.user = parts[@"node"];
+        self.domain = parts[@"host"];
+
+        self.resource = parts[@"resource"];
+        _fullJid = [NSString stringWithFormat:@"%@/%@", self.jid, self.resource];
+    }
 }
 
 @end
diff --git a/Monal/Classes/xmpp.m b/Monal/Classes/xmpp.m
@@ -2606,11 +2606,7 @@ -(void) processInput:(MLXMLNode*) parsedStanza withDelayedReplay:(BOOL) delayedR
             self.connectionProperties.channelBindingTypes = channelBindings;
 
             //update user identity using authorization-identifier, including support for fullJids (as specified by BIND2)
-            NSString* authid = [parsedStanza findFirst:@"authorization-identifier#"];
-            NSDictionary* authidParts = [HelperTools splitJid:authid];
-            self.connectionProperties.identity.jid = authidParts[@"user"];
-            if(authidParts[@"resource"] != nil)
-                self.connectionProperties.identity.resource = authidParts[@"resource"];
+            [self.connectionProperties.identity bindJid:[parsedStanza findFirst:@"authorization-identifier#"]];
 
             //record SDDP support
             self.connectionProperties.supportsSSDP = self->_scramHandler.ssdpSupported;