Skip to content

Commit 9309614

Browse files
martin31821martin31821
committed
Fix protocol violation when publish errors occur
1 parent 711ed55 commit 9309614

File tree

2 files changed

+22
-9
lines changed

2 files changed

+22
-9
lines changed

router/broker.go

Lines changed: 18 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -114,10 +114,14 @@ func (b *Broker) Publish(pub *session, msg *wamp.Publish) {
114114
if pub == nil || msg == nil {
115115
panic("broker.Publish with nil session or message")
116116
}
117+
// Send a publish error only when pubAck is set.
118+
pubAck, _ := msg.Options[wamp.OptAcknowledge].(bool)
119+
117120
// Validate URI. For PUBLISH, must be valid URI (either strict or loose),
118121
// and all URI components must be non-empty.
122+
119123
if !msg.Topic.ValidURI(b.strictURI, "") {
120-
if pubAck, _ := msg.Options[wamp.OptAcknowledge].(bool); !pubAck {
124+
if !pubAck {
121125
return
122126
}
123127
errMsg := fmt.Sprintf(
@@ -145,12 +149,17 @@ func (b *Broker) Publish(pub *session, msg *wamp.Publish) {
145149
if opt, _ := msg.Options[wamp.OptDiscloseMe].(bool); opt {
146150
// Broker MAY deny a publisher's request to disclose its identity.
147151
if !b.allowDisclose {
148-
b.trySend(pub, &wamp.Error{
149-
Type: msg.MessageType(),
150-
Request: msg.Request,
151-
Details: wamp.Dict{},
152-
Error: wamp.ErrOptionDisallowedDiscloseMe,
153-
})
152+
if pubAck {
153+
b.trySend(pub, &wamp.Error{
154+
Type: msg.MessageType(),
155+
Request: msg.Request,
156+
Details: wamp.Dict{},
157+
Error: wamp.ErrOptionDisallowedDiscloseMe,
158+
})
159+
}
160+
// When the publisher requested disclosure, but it isn't
161+
// allowed, don't continue to publish the message.
162+
return
154163
}
155164
disclose = true
156165
}
@@ -164,7 +173,7 @@ func (b *Broker) Publish(pub *session, msg *wamp.Publish) {
164173
}
165174

166175
// Send PUBLISHED message if acknowledge is present and true.
167-
if pubAck, _ := msg.Options[wamp.OptAcknowledge].(bool); pubAck {
176+
if pubAck {
168177
b.trySend(pub, &wamp.Published{Request: msg.Request, Publication: pubID})
169178
}
170179
}
@@ -443,7 +452,7 @@ func (b *Broker) removeSession(subscriber *session) {
443452
// pubEvent sends an event to all subscribers that are not excluded from
444453
// receiving the event.
445454
func (b *Broker) pubEvent(pub *session, msg *wamp.Publish, pubID wamp.ID, sub *subscription, excludePublisher, sendTopic, disclose bool, filter *publishFilter) {
446-
for subscriber, _ := range sub.subscribers {
455+
for subscriber := range sub.subscribers {
447456
// Do not send event to publisher.
448457
if subscriber == pub && excludePublisher {
449458
continue

router/realm.go

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -580,6 +580,10 @@ func (r *realm) authzMessage(sess *session, msg wamp.Message) bool {
580580
// Get the Request from request types of messages.
581581
switch msg := msg.(type) {
582582
case *wamp.Publish:
583+
// a publish error should only be sent when OptAcknowledge is set.
584+
if pubAck, _ := msg.Options[wamp.OptAcknowledge].(bool); !pubAck {
585+
return false
586+
}
583587
errRsp.Request = msg.Request
584588
case *wamp.Subscribe:
585589
errRsp.Request = msg.Request

0 commit comments

Comments
 (0)