Software / code / prosody-modules
Changeset
406:a6d215c73c47
mod_component_roundrobin: Initial commit.
| author | Waqas Hussain <waqas20@gmail.com> |
|---|---|
| date | Sun, 28 Aug 2011 21:41:46 +0500 |
| parents | 405:fe4fdba21a23 |
| children | 407:41feaf7fd8ac |
| files | mod_component_roundrobin/mod_component_roundrobin.lua |
| diffstat | 1 files changed, 95 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_component_roundrobin/mod_component_roundrobin.lua Sun Aug 28 21:41:46 2011 +0500 @@ -0,0 +1,95 @@ +-- Prosody IM +-- Copyright (C) 2008-2010 Matthew Wild +-- Copyright (C) 2008-2010 Waqas Hussain +-- +-- This project is MIT/X11 licensed. Please see the +-- COPYING file in the source package for more information. +-- + +if module:get_host_type() ~= "component" then + error("Don't load mod_component manually, it should be for a component, please see http://prosody.im/doc/components", 0); +end + +local hosts = _G.hosts; + +local t_concat = table.concat; + +local sha1 = require "util.hashes".sha1; +local st = require "util.stanza"; + +local log = module._log; + +local sessions = {}; + +local function on_destroy(session, err) + if sessions[session] then + sessions[session] = nil; + session.on_destroy = nil; + end +end + +local last_session; +local function handle_stanza(event) + local stanza = event.stanza; + if next(sessions) then + stanza.attr.xmlns = nil; + last_session = next(sessions, last_session) or next(sessions); + last_session.send(stanza); + else + log("warn", "Component not connected, bouncing error for: %s", stanza:top_tag()); + if stanza.attr.type ~= "error" and stanza.attr.type ~= "result" then + event.origin.send(st.error_reply(stanza, "wait", "service-unavailable", "Component unavailable")); + end + end + return true; +end + +module:hook("iq/bare", handle_stanza, -1); +module:hook("message/bare", handle_stanza, -1); +module:hook("presence/bare", handle_stanza, -1); +module:hook("iq/full", handle_stanza, -1); +module:hook("message/full", handle_stanza, -1); +module:hook("presence/full", handle_stanza, -1); +module:hook("iq/host", handle_stanza, -1); +module:hook("message/host", handle_stanza, -1); +module:hook("presence/host", handle_stanza, -1); + +--- Handle authentication attempts by components +function handle_component_auth(event) + local session, stanza = event.origin, event.stanza; + + if session.type ~= "component" then return; end + if sessions[session] then return; end + + if (not session.host) or #stanza.tags > 0 then + (session.log or log)("warn", "Invalid component handshake for host: %s", session.host); + session:close("not-authorized"); + return true; + end + + local secret = module:get_option("component_secret"); + if not secret then + (session.log or log)("warn", "Component attempted to identify as %s, but component_secret is not set", session.host); + session:close("not-authorized"); + return true; + end + + local supplied_token = t_concat(stanza); + local calculated_token = sha1(session.streamid..secret, true); + if supplied_token:lower() ~= calculated_token:lower() then + log("info", "Component authentication failed for %s", session.host); + session:close{ condition = "not-authorized", text = "Given token does not match calculated token" }; + return true; + end + + -- Add session to sessions table + sessions[session] = true; + session.on_destroy = on_destroy; + session.component_validate_from = module:get_option_boolean("validate_from_addresses", true); + log("info", "Component successfully authenticated: %s", session.host); + session.send(st.stanza("handshake")); + + return true; +end + +module:hook("stanza/jabber:component:accept:handshake", handle_component_auth);
