Changeset

406:a6d215c73c47

mod_component_roundrobin: Initial commit.
author Waqas Hussain <waqas20@gmail.com>
date Sun, 28 Aug 2011 21:41:46 +0500
parents 405:fe4fdba21a23
children 407:41feaf7fd8ac
files mod_component_roundrobin/mod_component_roundrobin.lua
diffstat 1 files changed, 95 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/mod_component_roundrobin/mod_component_roundrobin.lua	Sun Aug 28 21:41:46 2011 +0500
@@ -0,0 +1,95 @@
+-- Prosody IM
+-- Copyright (C) 2008-2010 Matthew Wild
+-- Copyright (C) 2008-2010 Waqas Hussain
+-- 
+-- This project is MIT/X11 licensed. Please see the
+-- COPYING file in the source package for more information.
+--
+
+if module:get_host_type() ~= "component" then
+	error("Don't load mod_component manually, it should be for a component, please see http://prosody.im/doc/components", 0);
+end
+
+local hosts = _G.hosts;
+
+local t_concat = table.concat;
+
+local sha1 = require "util.hashes".sha1;
+local st = require "util.stanza";
+
+local log = module._log;
+
+local sessions = {};
+
+local function on_destroy(session, err)
+	if sessions[session] then
+		sessions[session] = nil;
+		session.on_destroy = nil;
+	end
+end
+
+local last_session;
+local function handle_stanza(event)
+	local stanza = event.stanza;
+	if next(sessions) then
+		stanza.attr.xmlns = nil;
+		last_session = next(sessions, last_session) or next(sessions);
+		last_session.send(stanza);
+	else
+		log("warn", "Component not connected, bouncing error for: %s", stanza:top_tag());
+		if stanza.attr.type ~= "error" and stanza.attr.type ~= "result" then
+			event.origin.send(st.error_reply(stanza, "wait", "service-unavailable", "Component unavailable"));
+		end
+	end
+	return true;
+end
+
+module:hook("iq/bare", handle_stanza, -1);
+module:hook("message/bare", handle_stanza, -1);
+module:hook("presence/bare", handle_stanza, -1);
+module:hook("iq/full", handle_stanza, -1);
+module:hook("message/full", handle_stanza, -1);
+module:hook("presence/full", handle_stanza, -1);
+module:hook("iq/host", handle_stanza, -1);
+module:hook("message/host", handle_stanza, -1);
+module:hook("presence/host", handle_stanza, -1);
+
+--- Handle authentication attempts by components
+function handle_component_auth(event)
+	local session, stanza = event.origin, event.stanza;
+	
+	if session.type ~= "component" then return; end
+	if sessions[session] then return; end
+
+	if (not session.host) or #stanza.tags > 0 then
+		(session.log or log)("warn", "Invalid component handshake for host: %s", session.host);
+		session:close("not-authorized");
+		return true;
+	end
+	
+	local secret = module:get_option("component_secret");
+	if not secret then
+		(session.log or log)("warn", "Component attempted to identify as %s, but component_secret is not set", session.host);
+		session:close("not-authorized");
+		return true;
+	end
+	
+	local supplied_token = t_concat(stanza);
+	local calculated_token = sha1(session.streamid..secret, true);
+	if supplied_token:lower() ~= calculated_token:lower() then
+		log("info", "Component authentication failed for %s", session.host);
+		session:close{ condition = "not-authorized", text = "Given token does not match calculated token" };
+		return true;
+	end
+	
+	-- Add session to sessions table
+	sessions[session] = true;
+	session.on_destroy = on_destroy;
+	session.component_validate_from = module:get_option_boolean("validate_from_addresses", true);
+	log("info", "Component successfully authenticated: %s", session.host);
+	session.send(st.stanza("handshake"));
+	
+	return true;
+end
+
+module:hook("stanza/jabber:component:accept:handshake", handle_component_auth);