Changeset

3394:4fe7eee926ce

Merge with goffi
author Kim Alvefur <zash@zash.se>
date Sat, 01 Dec 2018 17:52:17 +0100
parents 3392:8d1141025b43 (diff) 3393:7454274ead2f (current diff)
children 3395:eaf0b1e95016
files
diffstat 4 files changed, 32 insertions(+), 41 deletions(-) [+]
line wrap: on
line diff
--- a/mod_auth_external/README.markdown	Sat Dec 01 17:50:36 2018 +0100
+++ b/mod_auth_external/README.markdown	Sat Dec 01 17:52:17 2018 +0100
@@ -52,14 +52,20 @@
 Blocking vs non-blocking
 ------------------------
 
-Non-blocking mode is automatically activated when:
+Non-blocking mode is experimental and is disabled by default.
+
+Enable at your own risk if you fulfil these conditions:
 
 -   Running Prosody trunk ([nightly](http://prosody.im/nightly/) build
-    414+).
+    414+) or Prosody 0.11.x.
 -   [libevent](http://prosody.im/doc/libevent) is enabled in the config,
     and LuaEvent is available.
 -   lpty (see installation above) is version 1.0.1 or later.
 
+```lua
+external_auth_blocking = false;
+```
+
 Protocol
 ========
 
--- a/mod_auth_external/mod_auth_external.lua	Sat Dec 01 17:50:36 2018 +0100
+++ b/mod_auth_external/mod_auth_external.lua	Sat Dec 01 17:52:17 2018 +0100
@@ -21,7 +21,7 @@
 local script_type = module:get_option_string("external_auth_protocol", "generic");
 local command = module:get_option_string("external_auth_command", "");
 local read_timeout = module:get_option_number("external_auth_timeout", 5);
-local blocking = module:get_option_boolean("external_auth_blocking", not(have_async and server.event and lpty.getfd));
+local blocking = module:get_option_boolean("external_auth_blocking", true); -- non-blocking is very experimental
 local auth_processes = module:get_option_number("external_auth_processes", 1);
 
 assert(script_type == "ejabberd" or script_type == "generic",
--- a/mod_s2s_auth_monkeysphere/README.markdown	Sat Dec 01 17:50:36 2018 +0100
+++ b/mod_s2s_auth_monkeysphere/README.markdown	Sat Dec 01 17:52:17 2018 +0100
@@ -3,26 +3,24 @@
 - 'Stage-Alpha'
 - 'Type-S2SAuth'
 summary: Monkeysphere certificate checking for s2s
-...
+---
 
-Introduction
-------------
+## Introduction
 
 [Monkeysphere](http://web.monkeysphere.info/) is a project aiming to
 introduce PGP's web of trust to protocols such as SSH and TLS (which
 XMPP uses).
 
-Details
--------
+## Details
 
 This module is currently just a prototype, it has numerous issues and is
 **not** suitable for production use.
 
-Compatibility
--------------
+## Compatibility
 
-  ------- -------
-  trunk   Works
-  0.10    Works
-  0.9     Works
-  ------- -------
+  ------- -----------------------------
+  trunk   Works (not tested recently)
+  0.11    Works (not tested)
+  0.10    Does not work
+  0.9     Does not work
+  ------- -----------------------------
--- a/mod_s2s_auth_monkeysphere/mod_s2s_auth_monkeysphere.lua	Sat Dec 01 17:50:36 2018 +0100
+++ b/mod_s2s_auth_monkeysphere/mod_s2s_auth_monkeysphere.lua	Sat Dec 01 17:52:17 2018 +0100
@@ -1,33 +1,17 @@
 module:set_global();
 
-local http_request = require"socket.http".request;
-local ltn12 = require"ltn12";
 local json = require"util.json";
 local json_encode, json_decode = json.encode, json.decode;
 local gettime = require"socket".gettime;
 local serialize = require"util.serialization".serialize;
-local have_async, async = pcall(require, "util.async");
+local async = require"util.async";
+local http_request = require "net.http".request;
 
 local msva_url = assert(os.getenv"MONKEYSPHERE_VALIDATION_AGENT_SOCKET",
 	"MONKEYSPHERE_VALIDATION_AGENT_SOCKET is unset, please set it").."/reviewcert";
 
-if have_async then
-	local _http_request = require "net.http".request;
-	function http_request(url, ex)
-		local wait, done = async.waiter();
-		local content, code, request, response;
-		_http_request(url, ex, function (_content, _code, _request, _response)
-			content, code, request, response = _content, _code, _request, _response;
-			done();
-		end);
-		wait();
-		return content, code, request, response;
-	end
-end
-
 local function check_with_monkeysphere(event)
 	local session, host, cert = event.session, event.host, event.cert;
-	local result = {};
 	local post_body = json_encode {
 		peer = {
 			name = host;
@@ -42,23 +26,26 @@
 	}
 	local req = {
 		method = "POST";
-		url = msva_url;
 		headers = {
 			["Content-Type"] = "application/json";
-			["Content-Length"] = tostring(#post_body);
 		};
-		sink = ltn12.sink.table(result);
-		source = ltn12.source.string(post_body);
+		body = post_body;
 	};
 	session.log("debug", "Asking what Monkeysphere thinks about this certificate");
 	local starttime = gettime();
-	local ok, code = http_request(req);
+	local wait, done = async.waiter();
+	local body, code;
+	http_request(msva_url, req, function (_, _code)
+		body, code = body, _code;
+		done();
+	end);
+	wait();
 	module:log("debug", "Request took %fs", gettime() - starttime);
-	local body = table.concat(result);
-	if ok and code == 200 and body then
+	if code == 200 and body then
 		body = json_decode(body);
 		if body then
-			session.log(body.valid and "info" or "warn", "Monkeysphere thinks the cert is %salid: %s", body.valid and "V" or "Inv", body.message);
+			session.log(body.valid and "info" or "warn",
+				"Monkeysphere thinks the cert is %salid: %s", body.valid and "V" or "Inv", body.message);
 			if body.valid then
 				session.cert_chain_status = "valid";
 				session.cert_identity_status = "valid";