Software / code / prosody-modules
Changeset
6055:23c4c61a1068
mod_muc_gateway_optimize: New module to optimize muc presence to remote gateways
Some gateways are happy to receive presence for each participant
in MUCs that they are in only once, to any one of their joined JIDs.
| author | Stephen Paul Weber <singpolyma@singpolyma.net> |
|---|---|
| date | Sun, 17 Nov 2024 22:32:52 -0500 |
| parents | 6054:d39ddf13ff0a |
| children | 6056:56fa3bad16cc |
| files | mod_client_certs/mod_client_certs.lua mod_muc_gateway_optimize/mod_muc_gateway_optimize.lua mod_sasl2/mod_sasl2.lua |
| diffstat | 3 files changed, 81 insertions(+), 6 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_client_certs/mod_client_certs.lua Mon Nov 11 23:33:01 2024 +0100 +++ b/mod_client_certs/mod_client_certs.lua Sun Nov 17 22:32:52 2024 -0500 @@ -10,7 +10,7 @@ local dm_load = require "util.datamanager".load; local dm_store = require "util.datamanager".store; local dm_table = "client_certs"; -local ssl_x509 = require "ssl.x509"; +local ssl = require "ssl"; local util_x509 = require "util.x509"; local id_on_xmppAddr = "1.3.6.1.5.5.7.8.5"; local id_ce_subjectAltName = "2.5.29.17"; @@ -141,7 +141,7 @@ local can_manage = append:get_child("no-cert-management", xmlns_saslcert) ~= nil; x509cert = x509cert:gsub("^%s*(.-)%s*$", "%1"); - local cert = ssl_x509.load(util_x509.der2pem(base64.decode(x509cert))); + local cert = ssl.loadcertificate(util_x509.der2pem(base64.decode(x509cert))); if not cert then origin.send(st.error_reply(stanza, "modify", "not-acceptable", "Could not parse X.509 certificate")); @@ -206,8 +206,8 @@ instructions = "What action do you want to perform?"; { name = "FORM_TYPE", type = "hidden", value = "http://prosody.im/protocol/certs#subcmd" }; - { name = "subcmd", type = "list-single", label = "Actions", required = true, - value = { {label = "Add certificate", value = "add"}, + { name = "subcmd", type = "list-single", label = "Actions", required = false, + options = { {label = "Add certificate", value = "add"}, {label = "List certificates", value = "list"}, {label = "Disable certificate", value = "disable"}, {label = "Revoke certificate", value = "revoke"}, @@ -292,7 +292,7 @@ local name = fields.name; local x509cert = fields.cert:gsub("^%s*(.-)%s*$", "%1"); - local cert = ssl_x509.load(util_x509.der2pem(base64.decode(x509cert))); + local cert = ssl.loadcertificate(x509cert); if not cert then return { status = "completed", error = { message = "Could not parse X.509 certificate" } }; @@ -327,7 +327,7 @@ end end -local cmd_desc = adhoc_new("Manage certificates", "http://prosody.im/protocol/certs", adhoc_handler, "user"); +local cmd_desc = adhoc_new("Manage certificates", "http://prosody.im/protocol/certs", adhoc_handler, "any"); module:provides("adhoc", cmd_desc); -- Here comes the SASL EXTERNAL stuff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_muc_gateway_optimize/mod_muc_gateway_optimize.lua Sun Nov 17 22:32:52 2024 -0500 @@ -0,0 +1,55 @@ +local jid = require("util.jid") +local mod_muc = module:depends("muc") + +local gateway_hosts = module:get_option_array("gateway_hosts", {}) + +function optimize(remote_host, event) + local stanza = event.stanza + module:log("debug", "optimize presence event destined for " .. remote_host) + + local muc_x = stanza:get_child("x", "http://jabber.org/protocol/muc#user") + if muc_x then + for status in muc_x:childtags("status") do + if status.attr.status == "110" then + module:log("debug", "optimize delivering 110") + -- Always deliver self-presence + return + end + end + end + + local bare_jid = jid.bare(stanza.attr.to) + local room = mod_muc.get_room_from_jid(jid.bare(stanza.attr.from)) + if not room then return end + for nick, occupant in room:each_occupant() do + local occupant_host = jid.host(occupant.bare_jid) + if occupant_host == remote_host then + -- This is the "first" occupant from the host + -- which is the only one we will route non-110 + -- presence to + if occupant.bare_jid == bare_jid then + module:log("debug", "optimize found first occupant, so route") + return + else + module:log("debug", "optimize found non-first occupant, so drop") + return true + end + end + end + -- If we get here we found no occupants for this host + module:log("debug", "optimize found no occupants for host " .. remote_host) +end + +-- Note this will only affect gateways over s2s for now +module:hook("route/remote", function (event) + if event.stanza.name ~= "presence" then + return + end + + local remote_host = jid.host(event.stanza.attr.to) + for _, gateway_host in pairs(gateway_hosts) do + if remote_host == gateway_host then + return optimize(remote_host, event) + end + end +end, 1000)
--- a/mod_sasl2/mod_sasl2.lua Mon Nov 11 23:33:01 2024 +0100 +++ b/mod_sasl2/mod_sasl2.lua Sun Nov 17 22:32:52 2024 -0500 @@ -179,6 +179,26 @@ end end, 1000); +module:hook("sasl2/c2s/tasks", function(event) + if event.session.tested then + return; + end + + return { tasks = { TEST = function(session, el) + local data = st.stanza("task-data", { xmlns = xmlns_sasl2 }); + local count = tonumber(el:get_child_text("test", "test") or "0"); + if count >= 10000 then + session.tested = true + module:fire_event("sasl2/"..session.base_type.."/success", { + session = session, + }); + else + data:text_tag("test", tostring(count + 1), { xmlns = "test" }) + session.send(data); + end + end }, text = "Need to test this" }; +end); + module:hook("sasl2/c2s/success", function (event) local session = event.session event.success:text_tag("authorization-identifier", jid_join(session.username, session.host, session.resource));
