prosody
615a0774e4cc
plugins/mod_dialback.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Annotate

plugins/mod_dialback.lua @ 5877:615a0774e4cc

util.timer: Updated to use util.indexedbheap to provide a more complete API. Timers can now be stopped or rescheduled. Callbacks are now pcall'd. Adding/removing timers from within timer callbacks works better. Optional parameter can be passed when creating timer which gets passed to callback, eliminating the need for closures in various timer uses. Timers are now much more lightweight.
author Waqas Hussain <waqas20@gmail.com>
date Wed, 30 Oct 2013 17:44:42 -0400
parent 5778:8ea6fa8459e3
child 6299:a1da78658a82
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1523
841d61be198f Remove version number from copyright headers
Matthew Wild <mwild1@gmail.com>
parents: 1337
diff changeset
1 -- Prosody IM
2923
b7049746bd29 Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents: 1937
diff changeset
2 -- Copyright (C) 2008-2010 Matthew Wild
b7049746bd29 Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents: 1937
diff changeset
3 -- Copyright (C) 2008-2010 Waqas Hussain
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5362
diff changeset
4 --
758
b1885732e979 GPL->MIT!
Matthew Wild <mwild1@gmail.com>
parents: 645
diff changeset
5 -- This project is MIT/X11 licensed. Please see the
b1885732e979 GPL->MIT!
Matthew Wild <mwild1@gmail.com>
parents: 645
diff changeset
6 -- COPYING file in the source package for more information.
519
cccd610a0ef9 Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents: 438
diff changeset
7 --
cccd610a0ef9 Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents: 438
diff changeset
8
1042
a3d77353c18a mod_*: Fix a load of global accesses
Matthew Wild <mwild1@gmail.com>
parents: 896
diff changeset
9 local hosts = _G.hosts;
191
e64c8a44060f Fix s2s once and for all
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10
1070
3b066968063b mod_dialback: Use module logger instead of creating a new one
Matthew Wild <mwild1@gmail.com>
parents: 1042
diff changeset
11 local log = module._log;
559
fa4a51fe6442 Remove an incorrect line which I didn't add, and fix the proper way. Corrects the sending of stanzas over unauthed s2sout's. Also fixes mod_dialback to send stanzas and not strings.
Matthew Wild <mwild1@gmail.com>
parents: 519
diff changeset
12
1070
3b066968063b mod_dialback: Use module logger instead of creating a new one
Matthew Wild <mwild1@gmail.com>
parents: 1042
diff changeset
13 local st = require "util.stanza";
4567
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
14 local sha256_hash = require "util.hashes".sha256;
4836
bda0593d3f73 mod_dialback: add better safe then sorry nameprepping to the from attribute.
Marco Cirillo <maranda@lightwitch.org>
parents: 4835
diff changeset
15 local nameprep = require "util.encodings".stringprep.nameprep;
191
e64c8a44060f Fix s2s once and for all
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16
1876
6d33e0521667 mod_dialback: Initiate dialback on incoming stream:features
Matthew Wild <mwild1@gmail.com>
parents: 1523
diff changeset
17 local xmlns_stream = "http://etherx.jabber.org/streams";
191
e64c8a44060f Fix s2s once and for all
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
19 local dialback_requests = setmetatable({}, { __mode = 'v' });
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
20
4567
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
21 function generate_dialback(id, to, from)
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
22 return sha256_hash(id..to..from..hosts[from].dialback_secret, true);
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
23 end
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
24
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
25 function initiate_dialback(session)
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
26 -- generate dialback key
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
27 session.dialback_key = generate_dialback(session.streamid, session.to_host, session.from_host);
4851
8e3992ae7bf5 mod_dialback: Remove a remaining usage of string.format, ick.
Matthew Wild <mwild1@gmail.com>
parents: 4848
diff changeset
28 session.sends2s(st.stanza("db:result", { from = session.from_host, to = session.to_host }):text(session.dialback_key));
5778
8ea6fa8459e3 mod_dialback: Change level of some log statements to be more appropriate
Kim Alvefur <zash@zash.se>
parents: 5776
diff changeset
29 session.log("debug", "sent dialback key on outgoing s2s stream");
4567
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
30 end
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
31
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
32 function verify_dialback(id, to, from, key)
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
33 return key == generate_dialback(id, to, from);
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
34 end
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
35
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
36 module:hook("stanza/jabber:server:dialback:verify", function(event)
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
37 local origin, stanza = event.origin, event.stanza;
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5362
diff changeset
38
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
39 if origin.type == "s2sin_unauthed" or origin.type == "s2sin" then
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
40 -- We are being asked to verify the key, to ensure it was generated by us
1077
d6a885cacd8c mod_dialback: Miscellaneous logging improvements, changing levels, improving messages and using session loggers where possible
Matthew Wild <mwild1@gmail.com>
parents: 1070
diff changeset
41 origin.log("debug", "verifying that dialback key is ours...");
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
42 local attr = stanza.attr;
5019
017e864b459d mod_dialback: Ignore <db:verify/> with a 'type' attribute on incoming connections, instead of interpreting them as a request to verify a key
Matthew Wild <mwild1@gmail.com>
parents: 4993
diff changeset
43 if attr.type then
017e864b459d mod_dialback: Ignore <db:verify/> with a 'type' attribute on incoming connections, instead of interpreting them as a request to verify a key
Matthew Wild <mwild1@gmail.com>
parents: 4993
diff changeset
44 module:log("warn", "Ignoring incoming session from %s claiming a dialback key for %s is %s",
017e864b459d mod_dialback: Ignore <db:verify/> with a 'type' attribute on incoming connections, instead of interpreting them as a request to verify a key
Matthew Wild <mwild1@gmail.com>
parents: 4993
diff changeset
45 origin.from_host or "(unknown)", attr.from or "(unknown)", attr.type);
017e864b459d mod_dialback: Ignore <db:verify/> with a 'type' attribute on incoming connections, instead of interpreting them as a request to verify a key
Matthew Wild <mwild1@gmail.com>
parents: 4993
diff changeset
46 return true;
017e864b459d mod_dialback: Ignore <db:verify/> with a 'type' attribute on incoming connections, instead of interpreting them as a request to verify a key
Matthew Wild <mwild1@gmail.com>
parents: 4993
diff changeset
47 end
1337
16c5aa4696ca mod_dialback: Change FIXME comment to COMPAT
Matthew Wild <mwild1@gmail.com>
parents: 1077
diff changeset
48 -- COMPAT: Grr, ejabberd breaks this one too?? it is black and white in XEP-220 example 34
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
49 --if attr.from ~= origin.to_host then error("invalid-from"); end
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
50 local type;
4567
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
51 if verify_dialback(attr.id, attr.from, attr.to, stanza[1]) then
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
52 type = "valid"
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
53 else
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
54 type = "invalid"
1077
d6a885cacd8c mod_dialback: Miscellaneous logging improvements, changing levels, improving messages and using session loggers where possible
Matthew Wild <mwild1@gmail.com>
parents: 1070
diff changeset
55 origin.log("warn", "Asked to verify a dialback key that was incorrect. An imposter is claiming to be %s?", attr.to);
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
56 end
1077
d6a885cacd8c mod_dialback: Miscellaneous logging improvements, changing levels, improving messages and using session loggers where possible
Matthew Wild <mwild1@gmail.com>
parents: 1070
diff changeset
57 origin.log("debug", "verified dialback key... it is %s", type);
560
6c07f15a34f4 Fix the last couple of places where we send strings from mod_dialback
Matthew Wild <mwild1@gmail.com>
parents: 559
diff changeset
58 origin.sends2s(st.stanza("db:verify", { from = attr.to, to = attr.from, id = attr.id, type = type }):text(stanza[1]));
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
59 return true;
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
60 end
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
61 end);
191
e64c8a44060f Fix s2s once and for all
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
62
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
63 module:hook("stanza/jabber:server:dialback:result", function(event)
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
64 local origin, stanza = event.origin, event.stanza;
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5362
diff changeset
65
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
66 if origin.type == "s2sin_unauthed" or origin.type == "s2sin" then
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
67 -- he wants to be identified through dialback
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
68 -- We need to check the key with the Authoritative server
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
69 local attr = stanza.attr;
4848
f7a4920aed6b mod_dialback: Final sweep to get nameprep + error handling in order (hopefully)
Matthew Wild <mwild1@gmail.com>
parents: 4847
diff changeset
70 local to, from = nameprep(attr.to), nameprep(attr.from);
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5362
diff changeset
71
4822
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
72 if not hosts[to] then
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
73 -- Not a host that we serve
5778
8ea6fa8459e3 mod_dialback: Change level of some log statements to be more appropriate
Kim Alvefur <zash@zash.se>
parents: 5776
diff changeset
74 origin.log("warn", "%s tried to connect to %s, which we don't serve", from, to);
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
75 origin:close("host-unknown");
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
76 return true;
4848
f7a4920aed6b mod_dialback: Final sweep to get nameprep + error handling in order (hopefully)
Matthew Wild <mwild1@gmail.com>
parents: 4847
diff changeset
77 elseif not from then
f7a4920aed6b mod_dialback: Final sweep to get nameprep + error handling in order (hopefully)
Matthew Wild <mwild1@gmail.com>
parents: 4847
diff changeset
78 origin:close("improper-addressing");
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
79 end
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5362
diff changeset
80
4848
f7a4920aed6b mod_dialback: Final sweep to get nameprep + error handling in order (hopefully)
Matthew Wild <mwild1@gmail.com>
parents: 4847
diff changeset
81 origin.hosts[from] = { dialback_key = stanza[1] };
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5362
diff changeset
82
4822
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
83 dialback_requests[from.."/"..origin.streamid] = origin;
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5362
diff changeset
84
4822
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
85 -- COMPAT: ejabberd, gmail and perhaps others do not always set 'to' and 'from'
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
86 -- on streams. We fill in the session's to/from here instead.
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
87 if not origin.from_host then
4848
f7a4920aed6b mod_dialback: Final sweep to get nameprep + error handling in order (hopefully)
Matthew Wild <mwild1@gmail.com>
parents: 4847
diff changeset
88 origin.from_host = from;
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
89 end
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
90 if not origin.to_host then
4931
7a4f00168260 mod_dialback: Skip an unnecessary nameprep.
Waqas Hussain <waqas20@gmail.com>
parents: 4851
diff changeset
91 origin.to_host = to;
4837
9f1fb34cd7f8 mod_dialback: make change a bit more wide, encompass to and from and reject with proper addressing when neither are there.
Marco Cirillo <maranda@lightwitch.org>
parents: 4836
diff changeset
92 end
9f1fb34cd7f8 mod_dialback: make change a bit more wide, encompass to and from and reject with proper addressing when neither are there.
Marco Cirillo <maranda@lightwitch.org>
parents: 4836
diff changeset
93
4822
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
94 origin.log("debug", "asking %s if key %s belongs to them", from, stanza[1]);
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
95 module:fire_event("route/remote", {
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
96 from_host = to, to_host = from;
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
97 stanza = st.stanza("db:verify", { from = to, to = from, id = origin.streamid }):text(stanza[1]);
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
98 });
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
99 return true;
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
100 end
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
101 end);
191
e64c8a44060f Fix s2s once and for all
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
102
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
103 module:hook("stanza/jabber:server:dialback:verify", function(event)
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
104 local origin, stanza = event.origin, event.stanza;
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5362
diff changeset
105
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
106 if origin.type == "s2sout_unauthed" or origin.type == "s2sout" then
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
107 local attr = stanza.attr;
4314
1e1110840965 mod_dialback: More robust handling of multiple outstanding dialback requests for the same domain, fixes intermittent s2s with some (patched?) ejabberds
Matthew Wild <mwild1@gmail.com>
parents: 4227
diff changeset
108 local dialback_verifying = dialback_requests[attr.from.."/"..(attr.id or "")];
1e1110840965 mod_dialback: More robust handling of multiple outstanding dialback requests for the same domain, fixes intermittent s2s with some (patched?) ejabberds
Matthew Wild <mwild1@gmail.com>
parents: 4227
diff changeset
109 if dialback_verifying and attr.from == origin.to_host then
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
110 local valid;
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
111 if attr.type == "valid" then
5362
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents: 5341
diff changeset
112 module:fire_event("s2s-authenticated", { session = dialback_verifying, host = attr.from });
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
113 valid = "valid";
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
114 else
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
115 -- Warn the original connection that is was not verified successfully
4993
5243b74a4cbb Hopefully inert commit to clean up logging across a number of modules, removing all cases of concatenation when building log messages
Matthew Wild <mwild1@gmail.com>
parents: 4931
diff changeset
116 log("warn", "authoritative server for %s denied the key", attr.from or "(unknown)");
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
117 valid = "invalid";
191
e64c8a44060f Fix s2s once and for all
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
118 end
5113
3393cab2dd6b mod_dialback: Correctly check if a connection was destroyed (thanks iron)
Kim Alvefur <zash@zash.se>
parents: 5019
diff changeset
119 if dialback_verifying.destroyed then
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
120 log("warn", "Incoming s2s session %s was closed in the meantime, so we can't notify it of the db result", tostring(dialback_verifying):match("%w+$"));
347
fba39fda0879 Don't error if the original s2s connection has closed before we get the dialback result
Matthew Wild <mwild1@gmail.com>
parents: 260
diff changeset
121 else
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
122 dialback_verifying.sends2s(
560
6c07f15a34f4 Fix the last couple of places where we send strings from mod_dialback
Matthew Wild <mwild1@gmail.com>
parents: 559
diff changeset
123 st.stanza("db:result", { from = attr.to, to = attr.from, id = attr.id, type = valid })
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
124 :text(dialback_verifying.hosts[attr.from].dialback_key));
347
fba39fda0879 Don't error if the original s2s connection has closed before we get the dialback result
Matthew Wild <mwild1@gmail.com>
parents: 260
diff changeset
125 end
4314
1e1110840965 mod_dialback: More robust handling of multiple outstanding dialback requests for the same domain, fixes intermittent s2s with some (patched?) ejabberds
Matthew Wild <mwild1@gmail.com>
parents: 4227
diff changeset
126 dialback_requests[attr.from.."/"..(attr.id or "")] = nil;
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
127 end
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
128 return true;
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
129 end
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
130 end);
191
e64c8a44060f Fix s2s once and for all
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
131
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
132 module:hook("stanza/jabber:server:dialback:result", function(event)
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
133 local origin, stanza = event.origin, event.stanza;
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5362
diff changeset
134
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
135 if origin.type == "s2sout_unauthed" or origin.type == "s2sout" then
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
136 -- Remote server is telling us whether we passed dialback
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5362
diff changeset
137
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
138 local attr = stanza.attr;
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
139 if not hosts[attr.to] then
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
140 origin:close("host-unknown");
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
141 return true;
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
142 elseif hosts[attr.to].s2sout[attr.from] ~= origin then
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
143 -- This isn't right
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
144 origin:close("invalid-id");
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
145 return true;
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
146 end
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
147 if stanza.attr.type == "valid" then
5362
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents: 5341
diff changeset
148 module:fire_event("s2s-authenticated", { session = origin, host = attr.from });
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
149 else
4227
6b83ef6ec845 mod_dialback: Use session:close() on dialback failure instead of s2smanager.destroy_session() (thanks Zash)
Matthew Wild <mwild1@gmail.com>
parents: 3534
diff changeset
150 origin:close("not-authorized", "dialback authentication failed");
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
151 end
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
152 return true;
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
153 end
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
154 end);
1876
6d33e0521667 mod_dialback: Initiate dialback on incoming stream:features
Matthew Wild <mwild1@gmail.com>
parents: 1523
diff changeset
155
3651
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
156 module:hook_stanza("urn:ietf:params:xml:ns:xmpp-sasl", "failure", function (origin, stanza)
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
157 if origin.external_auth == "failed" then
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
158 module:log("debug", "SASL EXTERNAL failed, falling back to dialback");
4567
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
159 initiate_dialback(origin);
3651
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
160 return true;
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
161 end
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
162 end, 100);
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
163
1876
6d33e0521667 mod_dialback: Initiate dialback on incoming stream:features
Matthew Wild <mwild1@gmail.com>
parents: 1523
diff changeset
164 module:hook_stanza(xmlns_stream, "features", function (origin, stanza)
3651
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
165 if not origin.external_auth or origin.external_auth == "failed" then
4587
93a84314c296 mod_dialback, mod_s2s: Log initiation of dialback in mod_dialback
Kim Alvefur <zash@zash.se>
parents: 4586
diff changeset
166 module:log("debug", "Initiating dialback...");
4567
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
167 initiate_dialback(origin);
3651
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
168 return true;
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
169 end
3534
c68590b13a6d mod_dialback: Fixed indentation.
Waqas Hussain <waqas20@gmail.com>
parents: 3533
diff changeset
170 end, 100);
1937
9c700500f408 mod_dialback: Catch s2s-stream-features and add dialback feature
Matthew Wild <mwild1@gmail.com>
parents: 1876
diff changeset
171
5341
760c22c822be mod_s2s, mod_dialback: Rename s2s-authenticate-legacy event to s2sout-authenticate-legacy for clarity. Also, hello!
Matthew Wild <mwild1@gmail.com>
parents: 5113
diff changeset
172 module:hook("s2sout-authenticate-legacy", function (event)
4587
93a84314c296 mod_dialback, mod_s2s: Log initiation of dialback in mod_dialback
Kim Alvefur <zash@zash.se>
parents: 4586
diff changeset
173 module:log("debug", "Initiating dialback...");
4584
9a5de6509aa8 mod_s2s, mod_dialback: Event on pre-XMPP streams, so we can try dialback.
Kim Alvefur <zash@zash.se>
parents: 4579
diff changeset
174 initiate_dialback(event.origin);
9a5de6509aa8 mod_s2s, mod_dialback: Event on pre-XMPP streams, so we can try dialback.
Kim Alvefur <zash@zash.se>
parents: 4579
diff changeset
175 return true;
9a5de6509aa8 mod_s2s, mod_dialback: Event on pre-XMPP streams, so we can try dialback.
Kim Alvefur <zash@zash.se>
parents: 4579
diff changeset
176 end, 100);
9a5de6509aa8 mod_s2s, mod_dialback: Event on pre-XMPP streams, so we can try dialback.
Kim Alvefur <zash@zash.se>
parents: 4579
diff changeset
177
1937
9c700500f408 mod_dialback: Catch s2s-stream-features and add dialback feature
Matthew Wild <mwild1@gmail.com>
parents: 1876
diff changeset
178 -- Offer dialback to incoming hosts
9c700500f408 mod_dialback: Catch s2s-stream-features and add dialback feature
Matthew Wild <mwild1@gmail.com>
parents: 1876
diff changeset
179 module:hook("s2s-stream-features", function (data)
4264
fa36e749749c mod_dialback: Remove <optional/> from stream feature, as per latest specs.
Waqas Hussain <waqas20@gmail.com>
parents: 4238
diff changeset
180 data.features:tag("dialback", { xmlns='urn:xmpp:features:dialback' }):up();
3534
c68590b13a6d mod_dialback: Fixed indentation.
Waqas Hussain <waqas20@gmail.com>
parents: 3533
diff changeset
181 end);