Software / code / prosody
Annotate
plugins/mod_dialback.lua @ 4822:5ef05f32bc42
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Thu, 10 May 2012 22:59:01 +0100 |
| parent | 4761:178f252c31b0 |
| child | 4846:3bc3498df0a0 |
| rev | line source |
|---|---|
|
1523
841d61be198f
Remove version number from copyright headers
Matthew Wild <mwild1@gmail.com>
parents:
1337
diff
changeset
|
1 -- Prosody IM |
|
2923
b7049746bd29
Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents:
1937
diff
changeset
|
2 -- Copyright (C) 2008-2010 Matthew Wild |
|
b7049746bd29
Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents:
1937
diff
changeset
|
3 -- Copyright (C) 2008-2010 Waqas Hussain |
|
519
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
438
diff
changeset
|
4 -- |
| 758 | 5 -- This project is MIT/X11 licensed. Please see the |
| 6 -- COPYING file in the source package for more information. | |
|
519
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
438
diff
changeset
|
7 -- |
|
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
438
diff
changeset
|
8 |
|
4567
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
9 local format = string.format; |
|
519
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
438
diff
changeset
|
10 |
|
1042
a3d77353c18a
mod_*: Fix a load of global accesses
Matthew Wild <mwild1@gmail.com>
parents:
896
diff
changeset
|
11 local hosts = _G.hosts; |
| 191 | 12 local s2s_make_authenticated = require "core.s2smanager".make_authenticated; |
| 13 | |
|
1070
3b066968063b
mod_dialback: Use module logger instead of creating a new one
Matthew Wild <mwild1@gmail.com>
parents:
1042
diff
changeset
|
14 local log = module._log; |
|
559
fa4a51fe6442
Remove an incorrect line which I didn't add, and fix the proper way. Corrects the sending of stanzas over unauthed s2sout's. Also fixes mod_dialback to send stanzas and not strings.
Matthew Wild <mwild1@gmail.com>
parents:
519
diff
changeset
|
15 |
|
1070
3b066968063b
mod_dialback: Use module logger instead of creating a new one
Matthew Wild <mwild1@gmail.com>
parents:
1042
diff
changeset
|
16 local st = require "util.stanza"; |
|
4567
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
17 local sha256_hash = require "util.hashes".sha256; |
| 191 | 18 |
|
1876
6d33e0521667
mod_dialback: Initiate dialback on incoming stream:features
Matthew Wild <mwild1@gmail.com>
parents:
1523
diff
changeset
|
19 local xmlns_stream = "http://etherx.jabber.org/streams"; |
| 191 | 20 |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
21 local dialback_requests = setmetatable({}, { __mode = 'v' }); |
|
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
22 |
|
4567
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
23 function generate_dialback(id, to, from) |
|
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
24 return sha256_hash(id..to..from..hosts[from].dialback_secret, true); |
|
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
25 end |
|
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
26 |
|
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
27 function initiate_dialback(session) |
|
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
28 -- generate dialback key |
|
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
29 session.dialback_key = generate_dialback(session.streamid, session.to_host, session.from_host); |
|
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
30 session.sends2s(format("<db:result from='%s' to='%s'>%s</db:result>", session.from_host, session.to_host, session.dialback_key)); |
|
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
31 session.log("info", "sent dialback key on outgoing s2s stream"); |
|
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
32 end |
|
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
33 |
|
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
34 function verify_dialback(id, to, from, key) |
|
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
35 return key == generate_dialback(id, to, from); |
|
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
36 end |
|
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
37 |
|
3533
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
38 module:hook("stanza/jabber:server:dialback:verify", function(event) |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
39 local origin, stanza = event.origin, event.stanza; |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
40 |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
41 if origin.type == "s2sin_unauthed" or origin.type == "s2sin" then |
| 219 | 42 -- We are being asked to verify the key, to ensure it was generated by us |
|
1077
d6a885cacd8c
mod_dialback: Miscellaneous logging improvements, changing levels, improving messages and using session loggers where possible
Matthew Wild <mwild1@gmail.com>
parents:
1070
diff
changeset
|
43 origin.log("debug", "verifying that dialback key is ours..."); |
| 219 | 44 local attr = stanza.attr; |
|
1337
16c5aa4696ca
mod_dialback: Change FIXME comment to COMPAT
Matthew Wild <mwild1@gmail.com>
parents:
1077
diff
changeset
|
45 -- COMPAT: Grr, ejabberd breaks this one too?? it is black and white in XEP-220 example 34 |
| 219 | 46 --if attr.from ~= origin.to_host then error("invalid-from"); end |
| 47 local type; | |
|
4567
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
48 if verify_dialback(attr.id, attr.from, attr.to, stanza[1]) then |
| 219 | 49 type = "valid" |
| 50 else | |
| 51 type = "invalid" | |
|
1077
d6a885cacd8c
mod_dialback: Miscellaneous logging improvements, changing levels, improving messages and using session loggers where possible
Matthew Wild <mwild1@gmail.com>
parents:
1070
diff
changeset
|
52 origin.log("warn", "Asked to verify a dialback key that was incorrect. An imposter is claiming to be %s?", attr.to); |
| 219 | 53 end |
|
1077
d6a885cacd8c
mod_dialback: Miscellaneous logging improvements, changing levels, improving messages and using session loggers where possible
Matthew Wild <mwild1@gmail.com>
parents:
1070
diff
changeset
|
54 origin.log("debug", "verified dialback key... it is %s", type); |
|
560
6c07f15a34f4
Fix the last couple of places where we send strings from mod_dialback
Matthew Wild <mwild1@gmail.com>
parents:
559
diff
changeset
|
55 origin.sends2s(st.stanza("db:verify", { from = attr.to, to = attr.from, id = attr.id, type = type }):text(stanza[1])); |
|
3533
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
56 return true; |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
57 end |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
58 end); |
| 191 | 59 |
|
3533
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
60 module:hook("stanza/jabber:server:dialback:result", function(event) |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
61 local origin, stanza = event.origin, event.stanza; |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
62 |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
63 if origin.type == "s2sin_unauthed" or origin.type == "s2sin" then |
| 219 | 64 -- he wants to be identified through dialback |
| 65 -- We need to check the key with the Authoritative server | |
| 66 local attr = stanza.attr; | |
|
4822
5ef05f32bc42
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents:
4761
diff
changeset
|
67 local to, from = attr.to, attr.from; |
|
5ef05f32bc42
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents:
4761
diff
changeset
|
68 |
|
5ef05f32bc42
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents:
4761
diff
changeset
|
69 origin.hosts[from] = { dialback_key = stanza[1] }; |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
70 |
|
4822
5ef05f32bc42
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents:
4761
diff
changeset
|
71 if not hosts[to] then |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
72 -- Not a host that we serve |
|
4822
5ef05f32bc42
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents:
4761
diff
changeset
|
73 origin.log("info", "%s tried to connect to %s, which we don't serve", from, to); |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
74 origin:close("host-unknown"); |
|
3533
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
75 return true; |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
76 end |
|
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
77 |
|
4822
5ef05f32bc42
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents:
4761
diff
changeset
|
78 dialback_requests[from.."/"..origin.streamid] = origin; |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
79 |
|
4822
5ef05f32bc42
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents:
4761
diff
changeset
|
80 -- COMPAT: ejabberd, gmail and perhaps others do not always set 'to' and 'from' |
|
5ef05f32bc42
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents:
4761
diff
changeset
|
81 -- on streams. We fill in the session's to/from here instead. |
|
5ef05f32bc42
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents:
4761
diff
changeset
|
82 if not origin.from_host then origin.from_host = from; end |
|
5ef05f32bc42
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents:
4761
diff
changeset
|
83 if not origin.to_host then origin.to_host = to; end |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
84 |
|
4822
5ef05f32bc42
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents:
4761
diff
changeset
|
85 origin.log("debug", "asking %s if key %s belongs to them", from, stanza[1]); |
|
5ef05f32bc42
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents:
4761
diff
changeset
|
86 module:fire_event("route/remote", { |
|
5ef05f32bc42
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents:
4761
diff
changeset
|
87 from_host = to, to_host = from; |
|
5ef05f32bc42
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents:
4761
diff
changeset
|
88 stanza = st.stanza("db:verify", { from = to, to = from, id = origin.streamid }):text(stanza[1]); |
|
5ef05f32bc42
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents:
4761
diff
changeset
|
89 }); |
|
3533
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
90 return true; |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
91 end |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
92 end); |
| 191 | 93 |
|
3533
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
94 module:hook("stanza/jabber:server:dialback:verify", function(event) |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
95 local origin, stanza = event.origin, event.stanza; |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
96 |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
97 if origin.type == "s2sout_unauthed" or origin.type == "s2sout" then |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
98 local attr = stanza.attr; |
|
4314
1e1110840965
mod_dialback: More robust handling of multiple outstanding dialback requests for the same domain, fixes intermittent s2s with some (patched?) ejabberds
Matthew Wild <mwild1@gmail.com>
parents:
4227
diff
changeset
|
99 local dialback_verifying = dialback_requests[attr.from.."/"..(attr.id or "")]; |
|
4567
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
100 module:log("debug", tostring(dialback_verifying).." "..attr.from.." "..origin.to_host); |
|
4314
1e1110840965
mod_dialback: More robust handling of multiple outstanding dialback requests for the same domain, fixes intermittent s2s with some (patched?) ejabberds
Matthew Wild <mwild1@gmail.com>
parents:
4227
diff
changeset
|
101 if dialback_verifying and attr.from == origin.to_host then |
| 219 | 102 local valid; |
| 103 if attr.type == "valid" then | |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
104 s2s_make_authenticated(dialback_verifying, attr.from); |
| 219 | 105 valid = "valid"; |
| 106 else | |
| 107 -- Warn the original connection that is was not verified successfully | |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
108 log("warn", "authoritative server for "..(attr.from or "(unknown)").." denied the key"); |
| 219 | 109 valid = "invalid"; |
| 191 | 110 end |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
111 if not dialback_verifying.sends2s then |
|
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
112 log("warn", "Incoming s2s session %s was closed in the meantime, so we can't notify it of the db result", tostring(dialback_verifying):match("%w+$")); |
|
347
fba39fda0879
Don't error if the original s2s connection has closed before we get the dialback result
Matthew Wild <mwild1@gmail.com>
parents:
260
diff
changeset
|
113 else |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
114 dialback_verifying.sends2s( |
|
560
6c07f15a34f4
Fix the last couple of places where we send strings from mod_dialback
Matthew Wild <mwild1@gmail.com>
parents:
559
diff
changeset
|
115 st.stanza("db:result", { from = attr.to, to = attr.from, id = attr.id, type = valid }) |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
116 :text(dialback_verifying.hosts[attr.from].dialback_key)); |
|
347
fba39fda0879
Don't error if the original s2s connection has closed before we get the dialback result
Matthew Wild <mwild1@gmail.com>
parents:
260
diff
changeset
|
117 end |
|
4314
1e1110840965
mod_dialback: More robust handling of multiple outstanding dialback requests for the same domain, fixes intermittent s2s with some (patched?) ejabberds
Matthew Wild <mwild1@gmail.com>
parents:
4227
diff
changeset
|
118 dialback_requests[attr.from.."/"..(attr.id or "")] = nil; |
| 219 | 119 end |
|
3533
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
120 return true; |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
121 end |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
122 end); |
| 191 | 123 |
|
3533
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
124 module:hook("stanza/jabber:server:dialback:result", function(event) |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
125 local origin, stanza = event.origin, event.stanza; |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
126 |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
127 if origin.type == "s2sout_unauthed" or origin.type == "s2sout" then |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
128 -- Remote server is telling us whether we passed dialback |
|
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
129 |
|
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
130 local attr = stanza.attr; |
|
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
131 if not hosts[attr.to] then |
|
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
132 origin:close("host-unknown"); |
|
3533
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
133 return true; |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
134 elseif hosts[attr.to].s2sout[attr.from] ~= origin then |
|
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
135 -- This isn't right |
|
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
136 origin:close("invalid-id"); |
|
3533
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
137 return true; |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
138 end |
| 219 | 139 if stanza.attr.type == "valid" then |
|
621
cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
140 s2s_make_authenticated(origin, attr.from); |
| 219 | 141 else |
|
4227
6b83ef6ec845
mod_dialback: Use session:close() on dialback failure instead of s2smanager.destroy_session() (thanks Zash)
Matthew Wild <mwild1@gmail.com>
parents:
3534
diff
changeset
|
142 origin:close("not-authorized", "dialback authentication failed"); |
| 219 | 143 end |
|
3533
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
144 return true; |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
145 end |
|
0385b9f29049
mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
146 end); |
|
1876
6d33e0521667
mod_dialback: Initiate dialback on incoming stream:features
Matthew Wild <mwild1@gmail.com>
parents:
1523
diff
changeset
|
147 |
| 3651 | 148 module:hook_stanza("urn:ietf:params:xml:ns:xmpp-sasl", "failure", function (origin, stanza) |
| 149 if origin.external_auth == "failed" then | |
| 150 module:log("debug", "SASL EXTERNAL failed, falling back to dialback"); | |
|
4567
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
151 initiate_dialback(origin); |
| 3651 | 152 return true; |
| 153 end | |
| 154 end, 100); | |
| 155 | |
|
1876
6d33e0521667
mod_dialback: Initiate dialback on incoming stream:features
Matthew Wild <mwild1@gmail.com>
parents:
1523
diff
changeset
|
156 module:hook_stanza(xmlns_stream, "features", function (origin, stanza) |
| 3651 | 157 if not origin.external_auth or origin.external_auth == "failed" then |
|
4587
93a84314c296
mod_dialback, mod_s2s: Log initiation of dialback in mod_dialback
Kim Alvefur <zash@zash.se>
parents:
4586
diff
changeset
|
158 module:log("debug", "Initiating dialback..."); |
|
4567
24617f360200
mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4316
diff
changeset
|
159 initiate_dialback(origin); |
| 3651 | 160 return true; |
| 161 end | |
|
3534
c68590b13a6d
mod_dialback: Fixed indentation.
Waqas Hussain <waqas20@gmail.com>
parents:
3533
diff
changeset
|
162 end, 100); |
|
1937
9c700500f408
mod_dialback: Catch s2s-stream-features and add dialback feature
Matthew Wild <mwild1@gmail.com>
parents:
1876
diff
changeset
|
163 |
|
4586
4d63852910ff
mod_s2s, mod_dialback: Rename event to s2s-authenticate-legacy
Kim Alvefur <zash@zash.se>
parents:
4584
diff
changeset
|
164 module:hook("s2s-authenticate-legacy", function (event) |
|
4587
93a84314c296
mod_dialback, mod_s2s: Log initiation of dialback in mod_dialback
Kim Alvefur <zash@zash.se>
parents:
4586
diff
changeset
|
165 module:log("debug", "Initiating dialback..."); |
|
4584
9a5de6509aa8
mod_s2s, mod_dialback: Event on pre-XMPP streams, so we can try dialback.
Kim Alvefur <zash@zash.se>
parents:
4579
diff
changeset
|
166 initiate_dialback(event.origin); |
|
9a5de6509aa8
mod_s2s, mod_dialback: Event on pre-XMPP streams, so we can try dialback.
Kim Alvefur <zash@zash.se>
parents:
4579
diff
changeset
|
167 return true; |
|
9a5de6509aa8
mod_s2s, mod_dialback: Event on pre-XMPP streams, so we can try dialback.
Kim Alvefur <zash@zash.se>
parents:
4579
diff
changeset
|
168 end, 100); |
|
9a5de6509aa8
mod_s2s, mod_dialback: Event on pre-XMPP streams, so we can try dialback.
Kim Alvefur <zash@zash.se>
parents:
4579
diff
changeset
|
169 |
|
1937
9c700500f408
mod_dialback: Catch s2s-stream-features and add dialback feature
Matthew Wild <mwild1@gmail.com>
parents:
1876
diff
changeset
|
170 -- Offer dialback to incoming hosts |
|
9c700500f408
mod_dialback: Catch s2s-stream-features and add dialback feature
Matthew Wild <mwild1@gmail.com>
parents:
1876
diff
changeset
|
171 module:hook("s2s-stream-features", function (data) |
|
4264
fa36e749749c
mod_dialback: Remove <optional/> from stream feature, as per latest specs.
Waqas Hussain <waqas20@gmail.com>
parents:
4238
diff
changeset
|
172 data.features:tag("dialback", { xmlns='urn:xmpp:features:dialback' }):up(); |
|
3534
c68590b13a6d
mod_dialback: Fixed indentation.
Waqas Hussain <waqas20@gmail.com>
parents:
3533
diff
changeset
|
173 end); |
