prosody-modules
94399ad6b5ab
misc/systemd/socket-activation.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

misc/systemd/socket-activation.lua @ 6191:94399ad6b5ab

mod_invites_register_api: Use set_password() for password resets Previously the code relied on the (weird) behaviour of create_user(), which would update the password for a user account if it already existed. This has several issues, and we plan to deprecate this behaviour of create_user(). The larger issue is that this route does not trigger the user-password-changed event, which can be a security problem. For example, it did not disconnect existing user sessions (this occurs in mod_c2s in response to the event). Switching to set_password() is the right thing to do.
author Matthew Wild <mwild1@gmail.com>
date Thu, 06 Feb 2025 10:13:39 +0000
parent 2352:3296a09b4e57
line wrap: on
line source

-- Monkeypatch to support socket activation
--
-- Requires LuaSocket after "agnostic" changes merged
--
-- To enable:
-- RunScript "socket-activation.lua"

local socket = require"socket";
local tcp_serv_mt = debug.getregistry()["tcp{server}"];
local socket_bind = socket.bind;

local SD_LISTEN_FDS_START = 3;

local fds = tonumber(os.getenv"LISTEN_FDS") or 0;

if fds < SD_LISTEN_FDS_START then return; end

local servs = {};

for i = 1, fds do
	local serv = socket.tcp();
	if serv:getfd() >= 0 then
		return; -- This won't work, we will leak the old FD
	end
	debug.setmetatable(serv, tcp_serv_mt);
	serv:setfd(SD_LISTEN_FDS_START + i - 1);
	local ip, port = serv:getsockname();
	servs [ ip .. ":" .. port ] = serv;
end

function socket.bind( ip, port, backlog )
	local sock = servs [ ip .. ":" .. port ];
	if sock then
		servs [ ip .. ":" .. port ] = nil;
		return sock;
	end
	if next(servs) == nil then
		-- my work here is done
		socket.bind = socket_bind;
	end
	return socket_bind( ip, port, backlog );
end