Software `/` code `/` prosody

Annotate

util/prosodyctl/check.lua @ 13134:638f627e707f

util.datamanager: Add O(1) list indexing with on-disk index Index file contains offsets and lengths of each item() which allows seeking directly to each item and reading it without parsing the entire file. Also allows tricks like binary search, assuming items have some defined order. We take advantage of the 1-based indexing in tables to store a magic header in the 0 position, so that table index 1 ends up at file index 1.

author	Kim Alvefur <zash@zash.se>
date	Tue, 11 May 2021 02:09:56 +0200
parent	13122:45458ecaacae
child	13218:e576c6a0d1f8

rev	line source
12975 d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	1 local configmanager = require "prosody.core.configmanager";
d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	2 local show_usage = require "prosody.util.prosodyctl".show_usage;
d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	3 local show_warning = require "prosody.util.prosodyctl".show_warning;
d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	4 local is_prosody_running = require "prosody.util.prosodyctl".isrunning;
d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	5 local parse_args = require "prosody.util.argparse".parse;
d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	6 local dependencies = require "prosody.util.dependencies";
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	7 local socket = require "socket";
11827 2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	8 local socket_url = require "socket.url";
12975 d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	9 local jid_split = require "prosody.util.jid".prepped_split;
d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	10 local modulemanager = require "prosody.core.modulemanager";
d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	11 local async = require "prosody.util.async";
d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	12 local httputil = require "prosody.util.http";
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	13
11826 e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check Kim Alvefur <zash@zash.se> parents: 11807 diff changeset	14 local function check_ojn(check_type, target_host)
12975 d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	15 local http = require "prosody.net.http"; -- .new({});
d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	16 local json = require "prosody.util.json";
11779 f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	17
11826 e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check Kim Alvefur <zash@zash.se> parents: 11807 diff changeset	18 local response, err = async.wait_for(http.request(
11827 2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	19 ("https://observe.jabber.network/api/v1/check/%s"):format(httputil.urlencode(check_type)),
11779 f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	20 {
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	21 method="POST",
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	22 headers={["Accept"] = "application/json"; ["Content-Type"] = "application/json"},
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	23 body=json.encode({target=target_host}),
11826 e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check Kim Alvefur <zash@zash.se> parents: 11807 diff changeset	24 }));
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check Kim Alvefur <zash@zash.se> parents: 11807 diff changeset	25
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check Kim Alvefur <zash@zash.se> parents: 11807 diff changeset	26 if not response then
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check Kim Alvefur <zash@zash.se> parents: 11807 diff changeset	27 return false, err;
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check Kim Alvefur <zash@zash.se> parents: 11807 diff changeset	28 end
11779 f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	29
11826 e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check Kim Alvefur <zash@zash.se> parents: 11807 diff changeset	30 if response.code ~= 200 then
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check Kim Alvefur <zash@zash.se> parents: 11807 diff changeset	31 return false, ("API replied with non-200 code: %d"):format(response.code);
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check Kim Alvefur <zash@zash.se> parents: 11807 diff changeset	32 end
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check Kim Alvefur <zash@zash.se> parents: 11807 diff changeset	33
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check Kim Alvefur <zash@zash.se> parents: 11807 diff changeset	34 local decoded_body, err = json.decode(response.body);
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check Kim Alvefur <zash@zash.se> parents: 11807 diff changeset	35 if decoded_body == nil then
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check Kim Alvefur <zash@zash.se> parents: 11807 diff changeset	36 return false, ("Failed to parse API JSON: %s"):format(err)
11779 f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	37 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	38
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	39 local success = decoded_body["success"];
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	40 return success == true, nil;
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	41 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	42
11827 2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	43 local function check_probe(base_url, probe_module, target)
12975 d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	44 local http = require "prosody.net.http"; -- .new({});
11827 2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	45 local params = httputil.formencode({ module = probe_module; target = target })
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	46 local response, err = async.wait_for(http.request(base_url .. "?" .. params));
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	47
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	48 if not response then return false, err; end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	49
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	50 if response.code ~= 200 then return false, ("API replied with non-200 code: %d"):format(response.code); end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	51
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	52 for line in response.body:gmatch("[^\r\n]+") do
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	53 local probe_success = line:match("^probe_success%s+(%d+)");
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	54
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	55 if probe_success == "1" then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	56 return true;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	57 elseif probe_success == "0" then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	58 return false;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	59 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	60 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	61 return false, "Probe endpoint did not return a success status";
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	62 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	63
12372 1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	64 local function check_turn_service(turn_service, ping_service)
12975 d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	65 local ip = require "prosody.util.ip";
d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	66 local stun = require "prosody.net.stun";
12357 cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	67
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	68 -- Create UDP socket for communication with the server
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	69 local sock = assert(require "socket".udp());
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	70 sock:setsockname("*", 0);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	71 sock:setpeername(turn_service.host, turn_service.port);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	72 sock:settimeout(10);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	73
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	74 -- Helper function to receive a packet
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	75 local function receive_packet()
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	76 local raw_packet, err = sock:receive();
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	77 if not raw_packet then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	78 return nil, err;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	79 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	80 return stun.new_packet():deserialize(raw_packet);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	81 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	82
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	83 local result = { warnings = {} };
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	84
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	85 -- Send a "binding" query, i.e. a request for our external IP/port
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	86 local bind_query = stun.new_packet("binding", "request");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	87 bind_query:add_attribute("software", "prosodyctl check turn");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	88 sock:send(bind_query:serialize());
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	89
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	90 local bind_result, err = receive_packet();
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	91 if not bind_result then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	92 result.error = "No STUN response: "..err;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	93 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	94 elseif bind_result:is_err_resp() then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	95 result.error = ("STUN server returned error: %d (%s)"):format(bind_result:get_error());
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	96 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	97 elseif not bind_result:is_success_resp() then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	98 result.error = ("Unexpected STUN response: %d (%s)"):format(bind_result:get_type());
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	99 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	100 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	101
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	102 result.external_ip = bind_result:get_xor_mapped_address();
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	103 if not result.external_ip then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	104 result.error = "STUN server did not return an address";
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	105 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	106 end
12384 53b4549c2209 prosodyctl: check turn: Add check for private IP returned from STUN. Matthew Wild <mwild1@gmail.com> parents: 12383 diff changeset	107 if ip.new_ip(result.external_ip.address).private then
53b4549c2209 prosodyctl: check turn: Add check for private IP returned from STUN. Matthew Wild <mwild1@gmail.com> parents: 12383 diff changeset	108 table.insert(result.warnings, "STUN returned a private IP! Is the TURN server behind a NAT and misconfigured?");
53b4549c2209 prosodyctl: check turn: Add check for private IP returned from STUN. Matthew Wild <mwild1@gmail.com> parents: 12383 diff changeset	109 end
12357 cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	110
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	111 -- Send a TURN "allocate" request. Expected to fail due to auth, but
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	112 -- necessary to obtain a valid realm/nonce from the server.
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	113 local pre_request = stun.new_packet("allocate", "request");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	114 sock:send(pre_request:serialize());
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	115
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	116 local pre_result, err = receive_packet();
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	117 if not pre_result then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	118 result.error = "No initial TURN response: "..err;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	119 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	120 elseif pre_result:is_success_resp() then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	121 result.error = "TURN server does not have authentication enabled";
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	122 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	123 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	124
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	125 local realm = pre_result:get_attribute("realm");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	126 local nonce = pre_result:get_attribute("nonce");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	127
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	128 if not realm then
12383 a9b6ed86b573 prosodyctl: check turn: improve warning text to suggest issues Matthew Wild <mwild1@gmail.com> parents: 12382 diff changeset	129 table.insert(result.warnings, "TURN server did not return an authentication realm. Is authentication enabled?");
12357 cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	130 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	131 if not nonce then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	132 table.insert(result.warnings, "TURN server did not return a nonce");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	133 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	134
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	135 -- Use the configured secret to obtain temporary user/pass credentials
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	136 local turn_user, turn_pass = stun.get_user_pass_from_secret(turn_service.secret);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	137
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	138 -- Send a TURN allocate request, will fail if auth is wrong
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	139 local alloc_request = stun.new_packet("allocate", "request");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	140 alloc_request:add_requested_transport("udp");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	141 alloc_request:add_attribute("username", turn_user);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	142 if realm then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	143 alloc_request:add_attribute("realm", realm);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	144 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	145 if nonce then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	146 alloc_request:add_attribute("nonce", nonce);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	147 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	148 local key = stun.get_long_term_auth_key(realm or turn_service.host, turn_user, turn_pass);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	149 alloc_request:add_message_integrity(key);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	150 sock:send(alloc_request:serialize());
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	151
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	152 -- Check the response
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	153 local alloc_response, err = receive_packet();
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	154 if not alloc_response then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	155 result.error = "TURN server did not response to allocation request: "..err;
12466 9ee41552bca0 util.prosodyctl: check turn: ensure a result is always returned from a check (thanks eTaurus) Matthew Wild <mwild1@gmail.com> parents: 12441 diff changeset	156 return result;
12357 cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	157 elseif alloc_response:is_err_resp() then
12741 7b3deafb9162 prosodyctl: check turn: More clearly indicate the error is from TURN server Matthew Wild <mwild1@gmail.com> parents: 12520 diff changeset	158 result.error = ("TURN server failed to create allocation: %d (%s)"):format(alloc_response:get_error());
12357 cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	159 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	160 elseif not alloc_response:is_success_resp() then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	161 result.error = ("Unexpected TURN response: %d (%s)"):format(alloc_response:get_type());
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	162 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	163 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	164
12375 ea5e46601cfb prosodyctl: check turn: show relayed address(es) in verbose mode Matthew Wild <mwild1@gmail.com> parents: 12373 diff changeset	165 result.relayed_addresses = alloc_response:get_xor_relayed_addresses();
ea5e46601cfb prosodyctl: check turn: show relayed address(es) in verbose mode Matthew Wild <mwild1@gmail.com> parents: 12373 diff changeset	166
12372 1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	167 if not ping_service then
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	168 -- Success! We won't be running the relay test.
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	169 return result;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	170 end
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	171
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	172 -- Run the relay test - i.e. send a binding request to ping_service
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	173 -- and receive a response.
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	174
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	175 -- Resolve the IP of the ping service
12373 5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service Matthew Wild <mwild1@gmail.com> parents: 12372 diff changeset	176 local ping_host, ping_port = ping_service:match("^([^:]+):(%d+)$");
5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service Matthew Wild <mwild1@gmail.com> parents: 12372 diff changeset	177 if ping_host then
5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service Matthew Wild <mwild1@gmail.com> parents: 12372 diff changeset	178 ping_port = tonumber(ping_port);
5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service Matthew Wild <mwild1@gmail.com> parents: 12372 diff changeset	179 else
5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service Matthew Wild <mwild1@gmail.com> parents: 12372 diff changeset	180 -- Only a hostname specified, use default STUN port
5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service Matthew Wild <mwild1@gmail.com> parents: 12372 diff changeset	181 ping_host, ping_port = ping_service, 3478;
5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service Matthew Wild <mwild1@gmail.com> parents: 12372 diff changeset	182 end
12416 19fd28239e73 prosodyctl: check turn: Fail with error if our own address is supplied for the ping test Matthew Wild <mwild1@gmail.com> parents: 12414 diff changeset	183
19fd28239e73 prosodyctl: check turn: Fail with error if our own address is supplied for the ping test Matthew Wild <mwild1@gmail.com> parents: 12414 diff changeset	184 if ping_host == turn_service.host then
19fd28239e73 prosodyctl: check turn: Fail with error if our own address is supplied for the ping test Matthew Wild <mwild1@gmail.com> parents: 12414 diff changeset	185 result.error = ("Unable to perform ping test: please supply an external STUN server address. See https://prosody.im/doc/turn#prosodyctl-check");
19fd28239e73 prosodyctl: check turn: Fail with error if our own address is supplied for the ping test Matthew Wild <mwild1@gmail.com> parents: 12414 diff changeset	186 return result;
19fd28239e73 prosodyctl: check turn: Fail with error if our own address is supplied for the ping test Matthew Wild <mwild1@gmail.com> parents: 12414 diff changeset	187 end
19fd28239e73 prosodyctl: check turn: Fail with error if our own address is supplied for the ping test Matthew Wild <mwild1@gmail.com> parents: 12414 diff changeset	188
12373 5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service Matthew Wild <mwild1@gmail.com> parents: 12372 diff changeset	189 local ping_service_ip, err = socket.dns.toip(ping_host);
12372 1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	190 if not ping_service_ip then
12379 6ac3c580c00d prosodyctl: check turn: Clearer error when unable to resolve external service host Matthew Wild <mwild1@gmail.com> parents: 12377 diff changeset	191 result.error = "Unable to resolve ping service hostname: "..err;
12372 1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	192 return result;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	193 end
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	194
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	195 -- Ask the TURN server to allow packets from the ping service IP
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	196 local perm_request = stun.new_packet("create-permission");
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	197 perm_request:add_xor_peer_address(ping_service_ip);
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	198 perm_request:add_attribute("username", turn_user);
12382 574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce Matthew Wild <mwild1@gmail.com> parents: 12381 diff changeset	199 if realm then
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce Matthew Wild <mwild1@gmail.com> parents: 12381 diff changeset	200 perm_request:add_attribute("realm", realm);
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce Matthew Wild <mwild1@gmail.com> parents: 12381 diff changeset	201 end
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce Matthew Wild <mwild1@gmail.com> parents: 12381 diff changeset	202 if nonce then
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce Matthew Wild <mwild1@gmail.com> parents: 12381 diff changeset	203 perm_request:add_attribute("nonce", nonce);
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce Matthew Wild <mwild1@gmail.com> parents: 12381 diff changeset	204 end
12372 1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	205 perm_request:add_message_integrity(key);
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	206 sock:send(perm_request:serialize());
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	207
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	208 local perm_response, err = receive_packet();
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	209 if not perm_response then
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	210 result.error = "No response from TURN server when requesting peer permission: "..err;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	211 return result;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	212 elseif perm_response:is_err_resp() then
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	213 result.error = ("TURN permission request failed: %d (%s)"):format(perm_response:get_error());
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	214 return result;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	215 elseif not perm_response:is_success_resp() then
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	216 result.error = ("Unexpected TURN response: %d (%s)"):format(perm_response:get_type());
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	217 return result;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	218 end
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	219
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	220 -- Ask the TURN server to relay a STUN binding request to the ping server
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	221 local ping_data = stun.new_packet("binding"):serialize();
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	222
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	223 local ping_request = stun.new_packet("send", "indication");
12373 5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service Matthew Wild <mwild1@gmail.com> parents: 12372 diff changeset	224 ping_request:add_xor_peer_address(ping_service_ip, ping_port);
12372 1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	225 ping_request:add_attribute("data", ping_data);
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	226 ping_request:add_attribute("username", turn_user);
12382 574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce Matthew Wild <mwild1@gmail.com> parents: 12381 diff changeset	227 if realm then
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce Matthew Wild <mwild1@gmail.com> parents: 12381 diff changeset	228 ping_request:add_attribute("realm", realm);
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce Matthew Wild <mwild1@gmail.com> parents: 12381 diff changeset	229 end
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce Matthew Wild <mwild1@gmail.com> parents: 12381 diff changeset	230 if nonce then
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce Matthew Wild <mwild1@gmail.com> parents: 12381 diff changeset	231 ping_request:add_attribute("nonce", nonce);
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce Matthew Wild <mwild1@gmail.com> parents: 12381 diff changeset	232 end
12372 1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	233 ping_request:add_message_integrity(key);
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	234 sock:send(ping_request:serialize());
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	235
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	236 local ping_response, err = receive_packet();
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	237 if not ping_response then
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	238 result.error = "No response from ping server ("..ping_service_ip.."): "..err;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	239 return result;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	240 elseif not ping_response:is_indication() or select(2, ping_response:get_method()) ~= "data" then
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	241 result.error = ("Unexpected TURN response: %s %s"):format(select(2, ping_response:get_method()), select(2, ping_response:get_type()));
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	242 return result;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	243 end
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	244
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	245 local pong_data = ping_response:get_attribute("data");
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	246 if not pong_data then
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	247 result.error = "No data relayed from remote server";
12466 9ee41552bca0 util.prosodyctl: check turn: ensure a result is always returned from a check (thanks eTaurus) Matthew Wild <mwild1@gmail.com> parents: 12441 diff changeset	248 return result;
12372 1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	249 end
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	250 local pong = stun.new_packet():deserialize(pong_data);
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	251
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	252 result.external_ip_pong = pong:get_xor_mapped_address();
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	253 if not result.external_ip_pong then
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	254 result.error = "Ping server did not return an address";
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	255 return result;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	256 end
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	257
12390 71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT Matthew Wild <mwild1@gmail.com> parents: 12385 diff changeset	258 local relay_address_found, relay_port_matches;
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT Matthew Wild <mwild1@gmail.com> parents: 12385 diff changeset	259 for _, relayed_address in ipairs(result.relayed_addresses) do
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT Matthew Wild <mwild1@gmail.com> parents: 12385 diff changeset	260 if relayed_address.address == result.external_ip_pong.address then
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT Matthew Wild <mwild1@gmail.com> parents: 12385 diff changeset	261 relay_address_found = true;
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT Matthew Wild <mwild1@gmail.com> parents: 12385 diff changeset	262 relay_port_matches = result.external_ip_pong.port == relayed_address.port;
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT Matthew Wild <mwild1@gmail.com> parents: 12385 diff changeset	263 end
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT Matthew Wild <mwild1@gmail.com> parents: 12385 diff changeset	264 end
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT Matthew Wild <mwild1@gmail.com> parents: 12385 diff changeset	265 if not relay_address_found then
12383 a9b6ed86b573 prosodyctl: check turn: improve warning text to suggest issues Matthew Wild <mwild1@gmail.com> parents: 12382 diff changeset	266 table.insert(result.warnings, "TURN external IP vs relay address mismatch! Is the TURN server behind a NAT and misconfigured?");
12390 71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT Matthew Wild <mwild1@gmail.com> parents: 12385 diff changeset	267 elseif not relay_port_matches then
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT Matthew Wild <mwild1@gmail.com> parents: 12385 diff changeset	268 table.insert(result.warnings, "External port does not match reported relay port! This is probably caused by a NAT in front of the TURN server.");
12383 a9b6ed86b573 prosodyctl: check turn: improve warning text to suggest issues Matthew Wild <mwild1@gmail.com> parents: 12382 diff changeset	269 end
a9b6ed86b573 prosodyctl: check turn: improve warning text to suggest issues Matthew Wild <mwild1@gmail.com> parents: 12382 diff changeset	270
12372 1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	271 --
12357 cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	272
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	273 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	274 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	275
11779 f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	276 local function skip_bare_jid_hosts(host)
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	277 if jid_split(host) then
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	278 -- See issue #779
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	279 return false;
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	280 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	281 return true;
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	282 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	283
12372 1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	284 local check_opts = {
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	285 short_params = {
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	286 h = "help", v = "verbose";
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	287 };
12376 10353ad0ca7a prosodyctl: check: Slightly improved argument handling Matthew Wild <mwild1@gmail.com> parents: 12375 diff changeset	288 value_params = {
10353ad0ca7a prosodyctl: check: Slightly improved argument handling Matthew Wild <mwild1@gmail.com> parents: 12375 diff changeset	289 ping = true;
10353ad0ca7a prosodyctl: check: Slightly improved argument handling Matthew Wild <mwild1@gmail.com> parents: 12375 diff changeset	290 };
12372 1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	291 };
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	292
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	293 local function check(arg)
12372 1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	294 if arg[1] == "help" or arg[1] == "--help" then
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	295 show_usage([[check]], [[Perform basic checks on your Prosody installation]]);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	296 return 1;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	297 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	298 local what = table.remove(arg, 1);
12376 10353ad0ca7a prosodyctl: check: Slightly improved argument handling Matthew Wild <mwild1@gmail.com> parents: 12375 diff changeset	299 local opts, opts_err, opts_info = parse_args(arg, check_opts);
10353ad0ca7a prosodyctl: check: Slightly improved argument handling Matthew Wild <mwild1@gmail.com> parents: 12375 diff changeset	300 if opts_err == "missing-value" then
10353ad0ca7a prosodyctl: check: Slightly improved argument handling Matthew Wild <mwild1@gmail.com> parents: 12375 diff changeset	301 print("Error: Expected a value after '"..opts_info.."'");
10353ad0ca7a prosodyctl: check: Slightly improved argument handling Matthew Wild <mwild1@gmail.com> parents: 12375 diff changeset	302 return 1;
10353ad0ca7a prosodyctl: check: Slightly improved argument handling Matthew Wild <mwild1@gmail.com> parents: 12375 diff changeset	303 elseif opts_err == "param-not-found" then
10353ad0ca7a prosodyctl: check: Slightly improved argument handling Matthew Wild <mwild1@gmail.com> parents: 12375 diff changeset	304 print("Error: Unknown parameter: "..opts_info);
10353ad0ca7a prosodyctl: check: Slightly improved argument handling Matthew Wild <mwild1@gmail.com> parents: 12375 diff changeset	305 return 1;
10353ad0ca7a prosodyctl: check: Slightly improved argument handling Matthew Wild <mwild1@gmail.com> parents: 12375 diff changeset	306 end
12975 d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	307 local array = require "prosody.util.array";
d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	308 local set = require "prosody.util.set";
d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	309 local it = require "prosody.util.iterators";
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	310 local ok = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	311 local function disabled_hosts(host, conf) return host ~= "*" and conf.enabled ~= false; end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	312 local function enabled_hosts() return it.filter(disabled_hosts, pairs(configmanager.getconfig())); end
12357 cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	313 if not (what == nil or what == "disabled" or what == "config" or what == "dns" or what == "certs" or what == "connectivity" or what == "turn") then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	314 show_warning("Don't know how to check '%s'. Try one of 'config', 'dns', 'certs', 'disabled', 'turn' or 'connectivity'.", what);
11779 f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	315 show_warning("Note: The connectivity check will connect to a remote server.");
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	316 return 1;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	317 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	318 if not what or what == "disabled" then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	319 local disabled_hosts_set = set.new();
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	320 for host, host_options in it.filter("*", pairs(configmanager.getconfig())) do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	321 if host_options.enabled == false then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	322 disabled_hosts_set:add(host);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	323 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	324 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	325 if not disabled_hosts_set:empty() then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	326 local msg = "Checks will be skipped for these disabled hosts: %s";
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	327 if what then msg = "These hosts are disabled: %s"; end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	328 show_warning(msg, tostring(disabled_hosts_set));
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	329 if what then return 0; end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	330 print""
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	331 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	332 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	333 if not what or what == "config" then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	334 print("Checking config...");
12441 dc6263625069 prosodyctl: check config: Report paths of loaded configuration files (fixed #1729) Matthew Wild <mwild1@gmail.com> parents: 12416 diff changeset	335
dc6263625069 prosodyctl: check config: Report paths of loaded configuration files (fixed #1729) Matthew Wild <mwild1@gmail.com> parents: 12416 diff changeset	336 if what == "config" then
dc6263625069 prosodyctl: check config: Report paths of loaded configuration files (fixed #1729) Matthew Wild <mwild1@gmail.com> parents: 12416 diff changeset	337 local files = configmanager.files();
dc6263625069 prosodyctl: check config: Report paths of loaded configuration files (fixed #1729) Matthew Wild <mwild1@gmail.com> parents: 12416 diff changeset	338 print(" The following configuration files have been loaded:");
dc6263625069 prosodyctl: check config: Report paths of loaded configuration files (fixed #1729) Matthew Wild <mwild1@gmail.com> parents: 12416 diff changeset	339 print(" - "..table.concat(files, "\n - "));
dc6263625069 prosodyctl: check config: Report paths of loaded configuration files (fixed #1729) Matthew Wild <mwild1@gmail.com> parents: 12416 diff changeset	340 end
dc6263625069 prosodyctl: check config: Report paths of loaded configuration files (fixed #1729) Matthew Wild <mwild1@gmail.com> parents: 12416 diff changeset	341
11798 ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	342 local obsolete = set.new({ --> remove
12118 30d55809d9a6 util.prosodyctl.check: Add some more obsolete settings Kim Alvefur <zash@zash.se> parents: 12099 diff changeset	343 "archive_cleanup_interval",
30d55809d9a6 util.prosodyctl.check: Add some more obsolete settings Kim Alvefur <zash@zash.se> parents: 12099 diff changeset	344 "dns_timeout",
30d55809d9a6 util.prosodyctl.check: Add some more obsolete settings Kim Alvefur <zash@zash.se> parents: 12099 diff changeset	345 "muc_log_cleanup_interval",
30d55809d9a6 util.prosodyctl.check: Add some more obsolete settings Kim Alvefur <zash@zash.se> parents: 12099 diff changeset	346 "s2s_dns_resolvers",
30d55809d9a6 util.prosodyctl.check: Add some more obsolete settings Kim Alvefur <zash@zash.se> parents: 12099 diff changeset	347 "setgid",
30d55809d9a6 util.prosodyctl.check: Add some more obsolete settings Kim Alvefur <zash@zash.se> parents: 12099 diff changeset	348 "setuid",
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	349 });
12159 aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	350 local function instead_use(kind, name, value)
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	351 if kind == "option" then
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	352 if value then
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	353 return string.format("instead, use '%s = %q'", name, value);
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	354 else
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	355 return string.format("instead, use '%s'", name);
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	356 end
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	357 elseif kind == "module" then
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	358 return string.format("instead, add %q to '%s'", name, value or "modules_enabled");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	359 elseif kind == "community" then
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	360 return string.format("instead, add %q from %s", name, value or "prosody-modules");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	361 end
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	362 return kind
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	363 end
11798 ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	364 local deprecated_replacements = {
12159 aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	365 anonymous_login = instead_use("option", "authentication", "anonymous");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	366 daemonize = "instead, use the --daemonize/-D or --foreground/-F command line flags";
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	367 disallow_s2s = instead_use("module", "s2s");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	368 no_daemonize = "instead, use the --daemonize/-D or --foreground/-F command line flags";
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	369 require_encryption = "instead, use 'c2s_require_encryption' and 's2s_require_encryption'";
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	370 vcard_compatibility = instead_use("community", "mod_compat_vcard");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	371 use_libevent = instead_use("option", "network_backend", "event");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	372 whitelist_registration_only = instead_use("option", "allowlist_registration_only");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	373 registration_whitelist = instead_use("option", "registration_allowlist");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	374 registration_blacklist = instead_use("option", "registration_blocklist");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions Kim Alvefur <zash@zash.se> parents: 12158 diff changeset	375 blacklist_on_registration_throttle_overload = instead_use("blocklist_on_registration_throttle_overload");
12898 4255db0f8e58 util.prosodyctl.check: Suggest 'http_cors_override' instead of older CORS settings Kim Alvefur <zash@zash.se> parents: 12842 diff changeset	376 cross_domain_bosh = "instead, use 'http_cors_override', see https://prosody.im/doc/http#cross-domain-cors-support";
4255db0f8e58 util.prosodyctl.check: Suggest 'http_cors_override' instead of older CORS settings Kim Alvefur <zash@zash.se> parents: 12842 diff changeset	377 cross_domain_websocket = "instead, use 'http_cors_override', see https://prosody.im/doc/http#cross-domain-cors-support";
11798 ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	378 };
11800 60018637f5d4 util.prosodyctl.check: Nudge towards plural port options Kim Alvefur <zash@zash.se> parents: 11799 diff changeset	379 -- FIXME all the singular _port and _interface options are supposed to be deprecated too
11798 ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	380 local deprecated_ports = { bosh = "http", legacy_ssl = "c2s_direct_tls" };
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	381 local port_suffixes = set.new({ "port", "ports", "interface", "interfaces", "ssl" });
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	382 for port, replacement in pairs(deprecated_ports) do
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	383 for suffix in port_suffixes do
11800 60018637f5d4 util.prosodyctl.check: Nudge towards plural port options Kim Alvefur <zash@zash.se> parents: 11799 diff changeset	384 local rsuffix = (suffix == "port" or suffix == "interface") and suffix.."s" or suffix;
12158 7ff3699c1653 util.prosodyctl.check: Move word to ease future translations Kim Alvefur <zash@zash.se> parents: 12157 diff changeset	385 deprecated_replacements[port.."_"..suffix] = "instead, use '"..replacement.."_"..rsuffix.."'"
11798 ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	386 end
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	387 end
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	388 local deprecated = set.new(array.collect(it.keys(deprecated_replacements)));
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	389 local known_global_options = set.new({
11635 1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	390 "access_control_allow_credentials",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	391 "access_control_allow_headers",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	392 "access_control_allow_methods",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	393 "access_control_max_age",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	394 "admin_socket",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	395 "body_size_limit",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	396 "bosh_max_inactivity",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	397 "bosh_max_polling",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	398 "bosh_max_wait",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	399 "buffer_size_limit",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	400 "c2s_close_timeout",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	401 "c2s_stanza_size_limit",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	402 "c2s_tcp_keepalives",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	403 "c2s_timeout",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	404 "component_stanza_size_limit",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	405 "component_tcp_keepalives",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	406 "consider_bosh_secure",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	407 "consider_websocket_secure",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	408 "console_banner",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	409 "console_prettyprint_settings",
11634 a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	410 "daemonize",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	411 "gc",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	412 "http_default_host",
11635 1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	413 "http_errors_always_show",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	414 "http_errors_default_message",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	415 "http_errors_detailed",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	416 "http_errors_messages",
11833 bd86ab8122d9 util.prosodyctl.check: Add two known globals from mod_http Kim Alvefur <zash@zash.se> parents: 11827 diff changeset	417 "http_max_buffer_size",
bd86ab8122d9 util.prosodyctl.check: Add two known globals from mod_http Kim Alvefur <zash@zash.se> parents: 11827 diff changeset	418 "http_max_content_size",
11634 a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	419 "installer_plugin_path",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	420 "limits",
11635 1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	421 "limits_resolution",
11634 a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	422 "log",
11635 1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	423 "multiplex_buffer_size",
11634 a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	424 "network_backend",
11635 1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	425 "network_default_read_size",
11634 a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	426 "network_settings",
11940 2d82e4245aa3 util.prosodyctl.check: Add mod_http_openmetrics settings to known globals Kim Alvefur <zash@zash.se> parents: 11925 diff changeset	427 "openmetrics_allow_cidr",
2d82e4245aa3 util.prosodyctl.check: Add mod_http_openmetrics settings to known globals Kim Alvefur <zash@zash.se> parents: 11925 diff changeset	428 "openmetrics_allow_ips",
11634 a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	429 "pidfile",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	430 "plugin_paths",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	431 "plugin_server",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	432 "prosodyctl_timeout",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	433 "prosody_group",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	434 "prosody_user",
11635 1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	435 "run_as_root",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	436 "s2s_close_timeout",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	437 "s2s_insecure_domains",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	438 "s2s_require_encryption",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	439 "s2s_secure_auth",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	440 "s2s_secure_domains",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	441 "s2s_stanza_size_limit",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	442 "s2s_tcp_keepalives",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	443 "s2s_timeout",
11634 a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	444 "statistics",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	445 "statistics_config",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	446 "statistics_interval",
11635 1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	447 "tcp_keepalives",
12099 b344edad61d3 core.certmanager: Rename preset option to 'tls_preset' Kim Alvefur <zash@zash.se> parents: 11957 diff changeset	448 "tls_profile",
11635 1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	449 "trusted_proxies",
11634 a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	450 "umask",
11635 1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	451 "use_dane",
11634 a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	452 "use_ipv4",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form Kim Alvefur <zash@zash.se> parents: 11617 diff changeset	453 "use_ipv6",
11635 1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	454 "websocket_frame_buffer_limit",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	455 "websocket_frame_fragment_limit",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	456 "websocket_get_response_body",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins Kim Alvefur <zash@zash.se> parents: 11634 diff changeset	457 "websocket_get_response_text",
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	458 });
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	459 local config = configmanager.getconfig();
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	460 -- Check that we have any global options (caused by putting a host at the top)
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	461 if it.count(it.filter("log", pairs(config["*"]))) == 0 then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	462 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	463 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	464 print(" No global options defined. Perhaps you have put a host definition at the top")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	465 print(" of the config file? They should be at the bottom, see https://prosody.im/doc/configure#overview");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	466 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	467 if it.count(enabled_hosts()) == 0 then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	468 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	469 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	470 if it.count(it.filter("*", pairs(config))) == 0 then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	471 print(" No hosts are defined, please add at least one VirtualHost section")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	472 elseif config["*"]["enabled"] == false then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	473 print(" No hosts are enabled. Remove enabled = false from the global section or put enabled = true under at least one VirtualHost section")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	474 else
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	475 print(" All hosts are disabled. Remove enabled = false from at least one VirtualHost section")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	476 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	477 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	478 if not config["*"].modules_enabled then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	479 print(" No global modules_enabled is set?");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	480 local suggested_global_modules;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	481 for host, options in enabled_hosts() do --luacheck: ignore 213/host
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	482 if not options.component_module and options.modules_enabled then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	483 suggested_global_modules = set.intersection(suggested_global_modules or set.new(options.modules_enabled), set.new(options.modules_enabled));
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	484 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	485 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	486 if suggested_global_modules and not suggested_global_modules:empty() then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	487 print(" Consider moving these modules into modules_enabled in the global section:")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	488 print(" "..tostring(suggested_global_modules / function (x) return ("%q"):format(x) end));
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	489 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	490 print();
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	491 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	492
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	493 do -- Check for modules enabled both normally and as components
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	494 local modules = set.new(config["*"]["modules_enabled"]);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	495 for host, options in enabled_hosts() do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	496 local component_module = options.component_module;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	497 if component_module and modules:contains(component_module) then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	498 print((" mod_%s is enabled both in modules_enabled and as Component %q %q"):format(component_module, host, component_module));
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	499 print(" This means the service is enabled on all VirtualHosts as well as the Component.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	500 print(" Are you sure this what you want? It may cause unexpected behaviour.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	501 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	502 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	503 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	504
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	505 -- Check for global options under hosts
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	506 local global_options = set.new(it.to_array(it.keys(config["*"])));
11798 ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	507 local obsolete_global_options = set.intersection(global_options, obsolete);
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	508 if not obsolete_global_options:empty() then
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	509 print("");
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	510 print(" You have some obsolete options you can remove from the global section:");
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	511 print(" "..tostring(obsolete_global_options))
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	512 ok = false;
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	513 end
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	514 local deprecated_global_options = set.intersection(global_options, deprecated);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	515 if not deprecated_global_options:empty() then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	516 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	517 print(" You have some deprecated options in the global section:");
11798 ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	518 for option in deprecated_global_options do
12158 7ff3699c1653 util.prosodyctl.check: Move word to ease future translations Kim Alvefur <zash@zash.se> parents: 12157 diff changeset	519 print((" '%s' -- %s"):format(option, deprecated_replacements[option]));
11798 ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684 Kim Alvefur <zash@zash.se> parents: 11783 diff changeset	520 end
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	521 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	522 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	523 for host, options in it.filter(function (h) return h ~= "*" end, pairs(configmanager.getconfig())) do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	524 local host_options = set.new(it.to_array(it.keys(options)));
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	525 local misplaced_options = set.intersection(host_options, known_global_options);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	526 for name in pairs(options) do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	527 if name:match("^interfaces?")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	528 or name:match("_ports?$") or name:match("_interfaces?$")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	529 or (name:match("_ssl$") and not name:match("^[cs]2s_ssl$")) then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	530 misplaced_options:add(name);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	531 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	532 end
11799 8c9ec2db1d95 util.prosodyctl.check: Fix to not treat some options as misplaced Kim Alvefur <zash@zash.se> parents: 11798 diff changeset	533 -- FIXME These _could_ be misplaced, but we would have to check where the corresponding module is loaded to be sure
8c9ec2db1d95 util.prosodyctl.check: Fix to not treat some options as misplaced Kim Alvefur <zash@zash.se> parents: 11798 diff changeset	534 misplaced_options:exclude(set.new({ "external_service_port", "turn_external_port" }));
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	535 if not misplaced_options:empty() then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	536 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	537 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	538 local n = it.count(misplaced_options);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	539 print(" You have "..n.." option"..(n>1 and "s " or " ").."set under "..host.." that should be");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	540 print(" in the global section of the config file, above any VirtualHost or Component definitions,")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	541 print(" see https://prosody.im/doc/configure#overview for more information.")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	542 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	543 print(" You need to move the following option"..(n>1 and "s" or "")..": "..table.concat(it.to_array(misplaced_options), ", "));
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	544 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	545 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	546 for host, options in enabled_hosts() do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	547 local host_options = set.new(it.to_array(it.keys(options)));
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	548 local subdomain = host:match("^[^.]+");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	549 if not(host_options:contains("component_module")) and (subdomain == "jabber" or subdomain == "xmpp"
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	550 or subdomain == "chat" or subdomain == "im") then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	551 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	552 print(" Suggestion: If "..host.. " is a new host with no real users yet, consider renaming it now to");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	553 print(" "..host:gsub("^[^.]+%.", "")..". You can use SRV records to redirect XMPP clients and servers to "..host..".");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	554 print(" For more information see: https://prosody.im/doc/dns");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	555 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	556 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	557 local all_modules = set.new(config["*"].modules_enabled);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	558 local all_options = set.new(it.to_array(it.keys(config["*"])));
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	559 for host in enabled_hosts() do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	560 all_options:include(set.new(it.to_array(it.keys(config[host]))));
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	561 all_modules:include(set.new(config[host].modules_enabled));
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	562 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	563 for mod in all_modules do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	564 if mod:match("^mod_") then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	565 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	566 print(" Modules in modules_enabled should not have the 'mod_' prefix included.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	567 print(" Change '"..mod.."' to '"..mod:match("^mod_(.*)").."'.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	568 elseif mod:match("^auth_") then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	569 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	570 print(" Authentication modules should not be added to modules_enabled,");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	571 print(" but be specified in the 'authentication' option.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	572 print(" Remove '"..mod.."' from modules_enabled and instead add");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	573 print(" authentication = '"..mod:match("^auth_(.*)").."'");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	574 print(" For more information see https://prosody.im/doc/authentication");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	575 elseif mod:match("^storage_") then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	576 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	577 print(" storage modules should not be added to modules_enabled,");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	578 print(" but be specified in the 'storage' option.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	579 print(" Remove '"..mod.."' from modules_enabled and instead add");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	580 print(" storage = '"..mod:match("^storage_(.*)").."'");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	581 print(" For more information see https://prosody.im/doc/storage");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	582 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	583 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	584 if all_modules:contains("vcard") and all_modules:contains("vcard_legacy") then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	585 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	586 print(" Both mod_vcard_legacy and mod_vcard are enabled but they conflict");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	587 print(" with each other. Remove one.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	588 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	589 if all_modules:contains("pep") and all_modules:contains("pep_simple") then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	590 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	591 print(" Both mod_pep_simple and mod_pep are enabled but they conflict");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	592 print(" with each other. Remove one.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	593 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	594 for host, host_config in pairs(config) do --luacheck: ignore 213/host
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	595 if type(rawget(host_config, "storage")) == "string" and rawget(host_config, "default_storage") then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	596 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	597 print(" The 'default_storage' option is not needed if 'storage' is set to a string.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	598 break;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	599 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	600 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	601 local require_encryption = set.intersection(all_options, set.new({
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	602 "require_encryption", "c2s_require_encryption", "s2s_require_encryption"
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	603 })):empty();
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	604 local ssl = dependencies.softreq"ssl";
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	605 if not ssl then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	606 if not require_encryption then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	607 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	608 print(" You require encryption but LuaSec is not available.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	609 print(" Connections will fail.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	610 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	611 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	612 elseif not ssl.loadcertificate then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	613 if all_options:contains("s2s_secure_auth") then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	614 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	615 print(" You have set s2s_secure_auth but your version of LuaSec does ");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	616 print(" not support certificate validation, so all s2s connections will");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	617 print(" fail.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	618 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	619 elseif all_options:contains("s2s_secure_domains") then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	620 local secure_domains = set.new();
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	621 for host in enabled_hosts() do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	622 if config[host].s2s_secure_auth == true then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	623 secure_domains:add("*");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	624 else
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	625 secure_domains:include(set.new(config[host].s2s_secure_domains));
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	626 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	627 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	628 if not secure_domains:empty() then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	629 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	630 print(" You have set s2s_secure_domains but your version of LuaSec does ");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	631 print(" not support certificate validation, so s2s connections to/from ");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	632 print(" these domains will fail.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	633 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	634 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	635 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	636 elseif require_encryption and not all_modules:contains("tls") then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	637 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	638 print(" You require encryption but mod_tls is not enabled.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	639 print(" Connections will fail.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	640 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	641 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	642
12317 b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	643 do
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	644 local global_modules = set.new(config["*"].modules_enabled);
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	645 local registration_enabled_hosts = {};
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	646 for host in enabled_hosts() do
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	647 local host_modules = set.new(config[host].modules_enabled) + global_modules;
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	648 local allow_registration = config[host].allow_registration;
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	649 local mod_register = host_modules:contains("register");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	650 local mod_register_ibr = host_modules:contains("register_ibr");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	651 local mod_invites_register = host_modules:contains("invites_register");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	652 local registration_invite_only = config[host].registration_invite_only;
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	653 local is_vhost = not config[host].component_module;
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	654 if is_vhost and (mod_register_ibr or (mod_register and allow_registration))
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	655 and not (mod_invites_register and registration_invite_only) then
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	656 table.insert(registration_enabled_hosts, host);
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	657 end
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	658 end
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	659 if #registration_enabled_hosts > 0 then
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	660 table.sort(registration_enabled_hosts);
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	661 print("");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	662 print(" Public registration is enabled on:");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	663 print(" "..table.concat(registration_enabled_hosts, ", "));
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	664 print("");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	665 print(" If this is intentional, review our guidelines on running a public server");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	666 print(" at https://prosody.im/doc/public_servers - otherwise, consider switching to");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	667 print(" invite-based registration, which is more secure.");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	668 end
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	669 end
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config' Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	670
12318 239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	671 do
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	672 local orphan_components = {};
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	673 local referenced_components = set.new();
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	674 local enabled_hosts_set = set.new();
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	675 for host, host_options in it.filter("*", pairs(configmanager.getconfig())) do
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	676 if host_options.enabled ~= false then
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	677 enabled_hosts_set:add(host);
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	678 for _, disco_item in ipairs(host_options.disco_items or {}) do
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	679 referenced_components:add(disco_item[1]);
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	680 end
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	681 end
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	682 end
12414 a93e65784f2c prosodyctl: check config: Skip bare JID components in orphan check Matthew Wild <mwild1@gmail.com> parents: 12390 diff changeset	683 for host, host_config in it.filter(skip_bare_jid_hosts, enabled_hosts()) do
12318 239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	684 local is_component = not not host_config.component_module;
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	685 if is_component then
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	686 local parent_domain = host:match("^[^.]+%.(.+)$");
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	687 local is_orphan = not (enabled_hosts_set:contains(parent_domain) or referenced_components:contains(host));
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	688 if is_orphan then
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	689 table.insert(orphan_components, host);
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	690 end
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	691 end
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	692 end
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	693 if #orphan_components > 0 then
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	694 table.sort(orphan_components);
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	695 print("");
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	696 print(" Your configuration contains the following unreferenced components:\n");
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	697 print(" "..table.concat(orphan_components, "\n "));
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	698 print("");
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	699 print(" Clients may not be able to discover these services because they are not linked to");
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	700 print(" any VirtualHost. They are automatically linked if they are direct subdomains of a");
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	701 print(" VirtualHost. Alternatively, you can explicitly link them using the disco_items option.");
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	702 print(" For more information see https://prosody.im/doc/modules/mod_disco#items");
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	703 end
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	704 end
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items Matthew Wild <mwild1@gmail.com> parents: 12317 diff changeset	705
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	706 print("Done.\n");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	707 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	708 if not what or what == "dns" then
12975 d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	709 local dns = require "prosody.net.dns";
10971 3cdb4a7cb406 util.prosodyctl.check: Use net.unbound for DNS if available Kim Alvefur <zash@zash.se> parents: 10932 diff changeset	710 pcall(function ()
12975 d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	711 local unbound = require"prosody.net.unbound";
11645 3be346c5b940 util.prosodyctl.check: Reload unbound to ensure hosts.txt is ignored Kim Alvefur <zash@zash.se> parents: 11635 diff changeset	712 dns = unbound.dns;
10971 3cdb4a7cb406 util.prosodyctl.check: Use net.unbound for DNS if available Kim Alvefur <zash@zash.se> parents: 10932 diff changeset	713 end)
12975 d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	714 local idna = require "prosody.util.encodings".idna;
d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	715 local ip = require "prosody.util.ip";
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	716 local c2s_ports = set.new(configmanager.get("*", "c2s_ports") or {5222});
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	717 local s2s_ports = set.new(configmanager.get("*", "s2s_ports") or {5269});
11778 f254fd16218a mod_c2s: Rename Direct TLS listener 'c2s_direct_tls' for clarity Kim Alvefur <zash@zash.se> parents: 11777 diff changeset	718 local c2s_tls_ports = set.new(configmanager.get("*", "c2s_direct_tls_ports") or {});
11776 1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	719 local s2s_tls_ports = set.new(configmanager.get("*", "s2s_direct_tls_ports") or {});
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	720
12230 f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704 Kim Alvefur <zash@zash.se> parents: 12218 diff changeset	721 if set.new(configmanager.get("*", "modules_enabled")):contains("net_multiplex") then
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704 Kim Alvefur <zash@zash.se> parents: 12218 diff changeset	722 local multiplex_ports = set.new(configmanager.get("*", "ports") or {});
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704 Kim Alvefur <zash@zash.se> parents: 12218 diff changeset	723 local multiplex_tls_ports = set.new(configmanager.get("*", "ssl_ports") or {});
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704 Kim Alvefur <zash@zash.se> parents: 12218 diff changeset	724 if not multiplex_ports:empty() then
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704 Kim Alvefur <zash@zash.se> parents: 12218 diff changeset	725 c2s_ports = c2s_ports + multiplex_ports;
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704 Kim Alvefur <zash@zash.se> parents: 12218 diff changeset	726 s2s_ports = s2s_ports + multiplex_ports;
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704 Kim Alvefur <zash@zash.se> parents: 12218 diff changeset	727 end
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704 Kim Alvefur <zash@zash.se> parents: 12218 diff changeset	728 if not multiplex_tls_ports:empty() then
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704 Kim Alvefur <zash@zash.se> parents: 12218 diff changeset	729 c2s_tls_ports = c2s_tls_ports + multiplex_tls_ports;
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704 Kim Alvefur <zash@zash.se> parents: 12218 diff changeset	730 s2s_tls_ports = s2s_tls_ports + multiplex_tls_ports;
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704 Kim Alvefur <zash@zash.se> parents: 12218 diff changeset	731 end
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704 Kim Alvefur <zash@zash.se> parents: 12218 diff changeset	732 end
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704 Kim Alvefur <zash@zash.se> parents: 12218 diff changeset	733
11776 1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	734 local c2s_srv_required, s2s_srv_required, c2s_tls_srv_required, s2s_tls_srv_required;
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	735 if not c2s_ports:contains(5222) then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	736 c2s_srv_required = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	737 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	738 if not s2s_ports:contains(5269) then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	739 s2s_srv_required = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	740 end
11615 8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	741 if not c2s_tls_ports:empty() then
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	742 c2s_tls_srv_required = true;
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	743 end
11776 1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	744 if not s2s_tls_ports:empty() then
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	745 s2s_tls_srv_required = true;
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	746 end
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	747
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	748 local problem_hosts = set.new();
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	749
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	750 local external_addresses, internal_addresses = set.new(), set.new();
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	751
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	752 local fqdn = socket.dns.tohostname(socket.dns.gethostname());
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	753 if fqdn then
13121 332e95f75dbb util.prosodyctl.check: Fix error where hostname can't be turned into A label Kim Alvefur <zash@zash.se> parents: 12898 diff changeset	754 local fqdn_a = idna.to_ascii(fqdn);
332e95f75dbb util.prosodyctl.check: Fix error where hostname can't be turned into A label Kim Alvefur <zash@zash.se> parents: 12898 diff changeset	755 if fqdn_a then
332e95f75dbb util.prosodyctl.check: Fix error where hostname can't be turned into A label Kim Alvefur <zash@zash.se> parents: 12898 diff changeset	756 local res = dns.lookup(fqdn_a, "A");
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	757 if res then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	758 for _, record in ipairs(res) do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	759 external_addresses:add(record.a);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	760 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	761 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	762 end
13121 332e95f75dbb util.prosodyctl.check: Fix error where hostname can't be turned into A label Kim Alvefur <zash@zash.se> parents: 12898 diff changeset	763 if fqdn_a then
332e95f75dbb util.prosodyctl.check: Fix error where hostname can't be turned into A label Kim Alvefur <zash@zash.se> parents: 12898 diff changeset	764 local res = dns.lookup(fqdn_a, "AAAA");
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	765 if res then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	766 for _, record in ipairs(res) do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	767 external_addresses:add(record.aaaa);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	768 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	769 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	770 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	771 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	772
12975 d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	773 local local_addresses = require"prosody.util.net".local_addresses() or {};
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	774
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	775 for addr in it.values(local_addresses) do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	776 if not ip.new_ip(addr).private then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	777 external_addresses:add(addr);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	778 else
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	779 internal_addresses:add(addr);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	780 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	781 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	782
12320 f0be98bab9dd prosodyctl: check dns: Allow admin to specify undiscoverable external IPs in config Matthew Wild <mwild1@gmail.com> parents: 12319 diff changeset	783 -- Allow admin to specify additional (e.g. undiscoverable) IP addresses in the config
f0be98bab9dd prosodyctl: check dns: Allow admin to specify undiscoverable external IPs in config Matthew Wild <mwild1@gmail.com> parents: 12319 diff changeset	784 for _, address in ipairs(configmanager.get("*", "external_addresses") or {}) do
f0be98bab9dd prosodyctl: check dns: Allow admin to specify undiscoverable external IPs in config Matthew Wild <mwild1@gmail.com> parents: 12319 diff changeset	785 external_addresses:add(address);
f0be98bab9dd prosodyctl: check dns: Allow admin to specify undiscoverable external IPs in config Matthew Wild <mwild1@gmail.com> parents: 12319 diff changeset	786 end
f0be98bab9dd prosodyctl: check dns: Allow admin to specify undiscoverable external IPs in config Matthew Wild <mwild1@gmail.com> parents: 12319 diff changeset	787
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	788 if external_addresses:empty() then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	789 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	790 print(" Failed to determine the external addresses of this server. Checks may be inaccurate.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	791 c2s_srv_required, s2s_srv_required = true, true;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	792 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	793
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	794 local v6_supported = not not socket.tcp6;
11924 53e68227c2c0 util.prosodyctl.check: Respect use_ipv4/v6 in proxy65 check Kim Alvefur <zash@zash.se> parents: 11923 diff changeset	795 local use_ipv4 = configmanager.get("*", "use_ipv4") ~= false;
53e68227c2c0 util.prosodyctl.check: Respect use_ipv4/v6 in proxy65 check Kim Alvefur <zash@zash.se> parents: 11923 diff changeset	796 local use_ipv6 = v6_supported and configmanager.get("*", "use_ipv6") ~= false;
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	797
11655 bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too Kim Alvefur <zash@zash.se> parents: 11654 diff changeset	798 local function trim_dns_name(n)
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too Kim Alvefur <zash@zash.se> parents: 11654 diff changeset	799 return (n:gsub("%.$", ""));
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too Kim Alvefur <zash@zash.se> parents: 11654 diff changeset	800 end
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too Kim Alvefur <zash@zash.se> parents: 11654 diff changeset	801
12319 8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes Matthew Wild <mwild1@gmail.com> parents: 12318 diff changeset	802 local unknown_addresses = set.new();
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes Matthew Wild <mwild1@gmail.com> parents: 12318 diff changeset	803
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	804 for jid, host_options in enabled_hosts() do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	805 local all_targets_ok, some_targets_ok = true, false;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	806 local node, host = jid_split(jid);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	807
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	808 local modules, component_module = modulemanager.get_modules_for_host(host);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	809 if component_module then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	810 modules:add(component_module);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	811 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	812
12842 3edd39c55a8a prosodyctl check dns: Check for Direct TLS SRV records even if not configured (fix #1793) Kim Alvefur <zash@zash.se> parents: 12520 diff changeset	813 -- TODO Refactor these DNS SRV checks since they are very similar
3edd39c55a8a prosodyctl check dns: Check for Direct TLS SRV records even if not configured (fix #1793) Kim Alvefur <zash@zash.se> parents: 12520 diff changeset	814 -- FIXME Suggest concrete actionable steps to correct issues so that
3edd39c55a8a prosodyctl check dns: Check for Direct TLS SRV records even if not configured (fix #1793) Kim Alvefur <zash@zash.se> parents: 12520 diff changeset	815 -- users don't have to copy-paste the message into the support chat and
3edd39c55a8a prosodyctl check dns: Check for Direct TLS SRV records even if not configured (fix #1793) Kim Alvefur <zash@zash.se> parents: 12520 diff changeset	816 -- ask what to do about it.
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	817 local is_component = not not host_options.component_module;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	818 print("Checking DNS for "..(is_component and "component" or "host").." "..jid.."...");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	819 if node then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	820 print("Only the domain part ("..host..") is used in DNS.")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	821 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	822 local target_hosts = set.new();
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	823 if modules:contains("c2s") then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	824 local res = dns.lookup("_xmpp-client._tcp."..idna.to_ascii(host)..".", "SRV");
11613 c8a9f77d48fd util.prosodyctl.check: Fix for net.dns vs unbound API difference Kim Alvefur <zash@zash.se> parents: 11612 diff changeset	825 if res and #res > 0 then
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	826 for _, record in ipairs(res) do
10932 ea4a7619058f util.prosodyctl.check: Fix traceback by handling SRV '.' target to Kim Alvefur <zash@zash.se> parents: 10871 diff changeset	827 if record.srv.target == "." then -- TODO is this an error if mod_c2s is enabled?
ea4a7619058f util.prosodyctl.check: Fix traceback by handling SRV '.' target to Kim Alvefur <zash@zash.se> parents: 10871 diff changeset	828 print(" 'xmpp-client' service disabled by pointing to '.'"); -- FIXME Explain better what this is
ea4a7619058f util.prosodyctl.check: Fix traceback by handling SRV '.' target to Kim Alvefur <zash@zash.se> parents: 10871 diff changeset	829 break;
ea4a7619058f util.prosodyctl.check: Fix traceback by handling SRV '.' target to Kim Alvefur <zash@zash.se> parents: 10871 diff changeset	830 end
11655 bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too Kim Alvefur <zash@zash.se> parents: 11654 diff changeset	831 local target = trim_dns_name(record.srv.target);
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too Kim Alvefur <zash@zash.se> parents: 11654 diff changeset	832 target_hosts:add(target);
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	833 if not c2s_ports:contains(record.srv.port) then
11655 bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too Kim Alvefur <zash@zash.se> parents: 11654 diff changeset	834 print(" SRV target "..target.." contains unknown client port: "..record.srv.port);
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	835 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	836 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	837 else
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	838 if c2s_srv_required then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	839 print(" No _xmpp-client SRV record found for "..host..", but it looks like you need one.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	840 all_targets_ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	841 else
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	842 target_hosts:add(host);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	843 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	844 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	845 end
12842 3edd39c55a8a prosodyctl check dns: Check for Direct TLS SRV records even if not configured (fix #1793) Kim Alvefur <zash@zash.se> parents: 12520 diff changeset	846 if modules:contains("c2s") then
11615 8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	847 local res = dns.lookup("_xmpps-client._tcp."..idna.to_ascii(host)..".", "SRV");
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	848 if res and #res > 0 then
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	849 for _, record in ipairs(res) do
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	850 if record.srv.target == "." then -- TODO is this an error if mod_c2s is enabled?
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	851 print(" 'xmpps-client' service disabled by pointing to '.'"); -- FIXME Explain better what this is
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	852 break;
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	853 end
11655 bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too Kim Alvefur <zash@zash.se> parents: 11654 diff changeset	854 local target = trim_dns_name(record.srv.target);
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too Kim Alvefur <zash@zash.se> parents: 11654 diff changeset	855 target_hosts:add(target);
11615 8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	856 if not c2s_tls_ports:contains(record.srv.port) then
11655 bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too Kim Alvefur <zash@zash.se> parents: 11654 diff changeset	857 print(" SRV target "..target.." contains unknown Direct TLS client port: "..record.srv.port);
11615 8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	858 end
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	859 end
12842 3edd39c55a8a prosodyctl check dns: Check for Direct TLS SRV records even if not configured (fix #1793) Kim Alvefur <zash@zash.se> parents: 12520 diff changeset	860 elseif c2s_tls_srv_required then
11615 8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	861 print(" No _xmpps-client SRV record found for "..host..", but it looks like you need one.");
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	862 all_targets_ok = false;
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	863 end
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records Kim Alvefur <zash@zash.se> parents: 11613 diff changeset	864 end
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	865 if modules:contains("s2s") then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	866 local res = dns.lookup("_xmpp-server._tcp."..idna.to_ascii(host)..".", "SRV");
11613 c8a9f77d48fd util.prosodyctl.check: Fix for net.dns vs unbound API difference Kim Alvefur <zash@zash.se> parents: 11612 diff changeset	867 if res and #res > 0 then
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	868 for _, record in ipairs(res) do
10932 ea4a7619058f util.prosodyctl.check: Fix traceback by handling SRV '.' target to Kim Alvefur <zash@zash.se> parents: 10871 diff changeset	869 if record.srv.target == "." then -- TODO Is this an error if mod_s2s is enabled?
ea4a7619058f util.prosodyctl.check: Fix traceback by handling SRV '.' target to Kim Alvefur <zash@zash.se> parents: 10871 diff changeset	870 print(" 'xmpp-server' service disabled by pointing to '.'"); -- FIXME Explain better what this is
ea4a7619058f util.prosodyctl.check: Fix traceback by handling SRV '.' target to Kim Alvefur <zash@zash.se> parents: 10871 diff changeset	871 break;
ea4a7619058f util.prosodyctl.check: Fix traceback by handling SRV '.' target to Kim Alvefur <zash@zash.se> parents: 10871 diff changeset	872 end
11655 bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too Kim Alvefur <zash@zash.se> parents: 11654 diff changeset	873 local target = trim_dns_name(record.srv.target);
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too Kim Alvefur <zash@zash.se> parents: 11654 diff changeset	874 target_hosts:add(target);
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	875 if not s2s_ports:contains(record.srv.port) then
11655 bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too Kim Alvefur <zash@zash.se> parents: 11654 diff changeset	876 print(" SRV target "..target.." contains unknown server port: "..record.srv.port);
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	877 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	878 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	879 else
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	880 if s2s_srv_required then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	881 print(" No _xmpp-server SRV record found for "..host..", but it looks like you need one.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	882 all_targets_ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	883 else
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	884 target_hosts:add(host);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	885 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	886 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	887 end
12842 3edd39c55a8a prosodyctl check dns: Check for Direct TLS SRV records even if not configured (fix #1793) Kim Alvefur <zash@zash.se> parents: 12520 diff changeset	888 if modules:contains("s2s") then
11776 1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	889 local res = dns.lookup("_xmpps-server._tcp."..idna.to_ascii(host)..".", "SRV");
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	890 if res and #res > 0 then
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	891 for _, record in ipairs(res) do
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	892 if record.srv.target == "." then -- TODO is this an error if mod_s2s is enabled?
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	893 print(" 'xmpps-server' service disabled by pointing to '.'"); -- FIXME Explain better what this is
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	894 break;
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	895 end
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	896 local target = trim_dns_name(record.srv.target);
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	897 target_hosts:add(target);
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	898 if not s2s_tls_ports:contains(record.srv.port) then
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	899 print(" SRV target "..target.." contains unknown Direct TLS server port: "..record.srv.port);
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	900 end
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	901 end
12842 3edd39c55a8a prosodyctl check dns: Check for Direct TLS SRV records even if not configured (fix #1793) Kim Alvefur <zash@zash.se> parents: 12520 diff changeset	902 elseif s2s_tls_srv_required then
11776 1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	903 print(" No _xmpps-server SRV record found for "..host..", but it looks like you need one.");
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	904 all_targets_ok = false;
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	905 end
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records Kim Alvefur <zash@zash.se> parents: 11655 diff changeset	906 end
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	907 if target_hosts:empty() then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	908 target_hosts:add(host);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	909 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	910
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	911 if target_hosts:contains("localhost") then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	912 print(" Target 'localhost' cannot be accessed from other servers");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	913 target_hosts:remove("localhost");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	914 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	915
12217 39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	916 local function check_address(target)
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	917 local A, AAAA = dns.lookup(idna.to_ascii(target), "A"), dns.lookup(idna.to_ascii(target), "AAAA");
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	918 local prob = {};
12231 ca8453129ade util.prosodyctl.check: Fix A/AAAA check for proxy65 and http Kim Alvefur <zash@zash.se> parents: 12230 diff changeset	919 if use_ipv4 and not (A and #A > 0) then table.insert(prob, "A"); end
ca8453129ade util.prosodyctl.check: Fix A/AAAA check for proxy65 and http Kim Alvefur <zash@zash.se> parents: 12230 diff changeset	920 if use_ipv6 and not (AAAA and #AAAA > 0) then table.insert(prob, "AAAA"); end
12217 39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	921 return prob;
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	922 end
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	923
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	924 if modules:contains("proxy65") then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	925 local proxy65_target = configmanager.get(host, "proxy65_address") or host;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	926 if type(proxy65_target) == "string" then
12217 39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	927 local prob = check_address(proxy65_target);
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	928 if #prob > 0 then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	929 print(" File transfer proxy "..proxy65_target.." has no "..table.concat(prob, "/")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	930 .." record. Create one or set 'proxy65_address' to the correct host/IP.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	931 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	932 else
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	933 print(" proxy65_address for "..host.." should be set to a string, unable to perform DNS check");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	934 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	935 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	936
12217 39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	937 local known_http_modules = set.new { "bosh"; "http_files"; "http_file_share"; "http_openmetrics"; "websocket" };
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	938 local function contains_match(hayset, needle)
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	939 for member in hayset do if member:find(needle) then return true end end
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	940 end
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	941
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	942 if modules:contains("http") or not set.intersection(modules, known_http_modules):empty()
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	943 or contains_match(modules, "^http_") or contains_match(modules, "_web$") then
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	944
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	945 local http_host = configmanager.get(host, "http_host") or host;
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	946 local http_internal_host = http_host;
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	947 local http_url = configmanager.get(host, "http_external_url");
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	948 if http_url then
12218 0795e1ccf3d8 util.prosodyctl.check: Fix use of LuaSocket URL parser Kim Alvefur <zash@zash.se> parents: 12217 diff changeset	949 local url_parse = require "socket.url".parse;
12217 39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	950 local external_url_parts = url_parse(http_url);
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	951 if external_url_parts then
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	952 http_host = external_url_parts.host;
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	953 else
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	954 print(" The 'http_external_url' setting is not a valid URL");
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	955 end
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	956 end
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	957
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	958 local prob = check_address(http_host);
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	959 if #prob > 1 then
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	960 print(" HTTP service " .. http_host .. " has no " .. table.concat(prob, "/") .. " record. Create one or change "
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	961 .. (http_url and "'http_external_url'" or "'http_host'").." to the correct host.");
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	962 end
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	963
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	964 if http_host ~= http_internal_host then
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	965 print(" Ensure the reverse proxy sets the HTTP Host header to '" .. http_internal_host .. "'");
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	966 end
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	967 end
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks Kim Alvefur <zash@zash.se> parents: 12159 diff changeset	968
11652 887d7b15e21b util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false Kim Alvefur <zash@zash.se> parents: 11651 diff changeset	969 if not use_ipv4 and not use_ipv6 then
887d7b15e21b util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false Kim Alvefur <zash@zash.se> parents: 11651 diff changeset	970 print(" Both IPv6 and IPv4 are disabled, Prosody will not listen on any ports");
887d7b15e21b util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false Kim Alvefur <zash@zash.se> parents: 11651 diff changeset	971 print(" nor be able to connect to any remote servers.");
887d7b15e21b util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false Kim Alvefur <zash@zash.se> parents: 11651 diff changeset	972 all_targets_ok = false;
887d7b15e21b util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false Kim Alvefur <zash@zash.se> parents: 11651 diff changeset	973 end
887d7b15e21b util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false Kim Alvefur <zash@zash.se> parents: 11651 diff changeset	974
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	975 for target_host in target_hosts do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	976 local host_ok_v4, host_ok_v6;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	977 do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	978 local res = dns.lookup(idna.to_ascii(target_host), "A");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	979 if res then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	980 for _, record in ipairs(res) do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	981 if external_addresses:contains(record.a) then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	982 some_targets_ok = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	983 host_ok_v4 = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	984 elseif internal_addresses:contains(record.a) then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	985 host_ok_v4 = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	986 some_targets_ok = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	987 print(" "..target_host.." A record points to internal address, external connections might fail");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	988 else
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	989 print(" "..target_host.." A record points to unknown address "..record.a);
12319 8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes Matthew Wild <mwild1@gmail.com> parents: 12318 diff changeset	990 unknown_addresses:add(record.a);
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	991 all_targets_ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	992 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	993 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	994 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	995 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	996 do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	997 local res = dns.lookup(idna.to_ascii(target_host), "AAAA");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	998 if res then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	999 for _, record in ipairs(res) do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1000 if external_addresses:contains(record.aaaa) then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1001 some_targets_ok = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1002 host_ok_v6 = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1003 elseif internal_addresses:contains(record.aaaa) then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1004 host_ok_v6 = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1005 some_targets_ok = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1006 print(" "..target_host.." AAAA record points to internal address, external connections might fail");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1007 else
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1008 print(" "..target_host.." AAAA record points to unknown address "..record.aaaa);
12319 8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes Matthew Wild <mwild1@gmail.com> parents: 12318 diff changeset	1009 unknown_addresses:add(record.aaaa);
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1010 all_targets_ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1011 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1012 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1013 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1014 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1015
11653 51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX Kim Alvefur <zash@zash.se> parents: 11652 diff changeset	1016 if host_ok_v4 and not use_ipv4 then
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX Kim Alvefur <zash@zash.se> parents: 11652 diff changeset	1017 print(" Host "..target_host.." does seem to resolve to this server but IPv4 has been disabled");
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX Kim Alvefur <zash@zash.se> parents: 11652 diff changeset	1018 all_targets_ok = false;
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX Kim Alvefur <zash@zash.se> parents: 11652 diff changeset	1019 end
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX Kim Alvefur <zash@zash.se> parents: 11652 diff changeset	1020
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX Kim Alvefur <zash@zash.se> parents: 11652 diff changeset	1021 if host_ok_v6 and not use_ipv6 then
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX Kim Alvefur <zash@zash.se> parents: 11652 diff changeset	1022 print(" Host "..target_host.." does seem to resolve to this server but IPv6 has been disabled");
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX Kim Alvefur <zash@zash.se> parents: 11652 diff changeset	1023 all_targets_ok = false;
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX Kim Alvefur <zash@zash.se> parents: 11652 diff changeset	1024 end
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX Kim Alvefur <zash@zash.se> parents: 11652 diff changeset	1025
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1026 local bad_protos = {}
11651 c9f46d28ed7e util.prosodyctl.check: Silence IP protocol mismatches when disabled Kim Alvefur <zash@zash.se> parents: 11645 diff changeset	1027 if use_ipv4 and not host_ok_v4 then
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1028 table.insert(bad_protos, "IPv4");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1029 end
11651 c9f46d28ed7e util.prosodyctl.check: Silence IP protocol mismatches when disabled Kim Alvefur <zash@zash.se> parents: 11645 diff changeset	1030 if use_ipv6 and not host_ok_v6 then
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1031 table.insert(bad_protos, "IPv6");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1032 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1033 if #bad_protos > 0 then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1034 print(" Host "..target_host.." does not seem to resolve to this server ("..table.concat(bad_protos, "/")..")");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1035 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1036 if host_ok_v6 and not v6_supported then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1037 print(" Host "..target_host.." has AAAA records, but your version of LuaSocket does not support IPv6.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1038 print(" Please see https://prosody.im/doc/ipv6 for more information.");
11925 3e0d03a74285 util.prosodyctl.check: Highlight inconsistency of AAAA records and use_ipv6=false Kim Alvefur <zash@zash.se> parents: 11924 diff changeset	1039 elseif host_ok_v6 and not use_ipv6 then
3e0d03a74285 util.prosodyctl.check: Highlight inconsistency of AAAA records and use_ipv6=false Kim Alvefur <zash@zash.se> parents: 11924 diff changeset	1040 print(" Host "..target_host.." has AAAA records, but IPv6 is disabled.");
3e0d03a74285 util.prosodyctl.check: Highlight inconsistency of AAAA records and use_ipv6=false Kim Alvefur <zash@zash.se> parents: 11924 diff changeset	1041 -- TODO Tell them to drop the AAAA records or enable IPv6?
3e0d03a74285 util.prosodyctl.check: Highlight inconsistency of AAAA records and use_ipv6=false Kim Alvefur <zash@zash.se> parents: 11924 diff changeset	1042 print(" Please see https://prosody.im/doc/ipv6 for more information.");
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1043 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1044 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1045 if not all_targets_ok then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1046 print(" "..(some_targets_ok and "Only some" or "No").." targets for "..host.." appear to resolve to this server.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1047 if is_component then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1048 print(" DNS records are necessary if you want users on other servers to access this component.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1049 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1050 problem_hosts:add(host);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1051 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1052 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1053 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1054 if not problem_hosts:empty() then
12319 8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes Matthew Wild <mwild1@gmail.com> parents: 12318 diff changeset	1055 if not unknown_addresses:empty() then
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes Matthew Wild <mwild1@gmail.com> parents: 12318 diff changeset	1056 print("");
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes Matthew Wild <mwild1@gmail.com> parents: 12318 diff changeset	1057 print("Some of your DNS records point to unknown IP addresses. This may be expected if your server");
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes Matthew Wild <mwild1@gmail.com> parents: 12318 diff changeset	1058 print("is behind a NAT or proxy. The unrecognized addresses were:");
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes Matthew Wild <mwild1@gmail.com> parents: 12318 diff changeset	1059 print("");
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes Matthew Wild <mwild1@gmail.com> parents: 12318 diff changeset	1060 print(" Unrecognized: "..tostring(unknown_addresses));
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes Matthew Wild <mwild1@gmail.com> parents: 12318 diff changeset	1061 print("");
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes Matthew Wild <mwild1@gmail.com> parents: 12318 diff changeset	1062 print("The addresses we found on this system are:");
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes Matthew Wild <mwild1@gmail.com> parents: 12318 diff changeset	1063 print("");
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes Matthew Wild <mwild1@gmail.com> parents: 12318 diff changeset	1064 print(" Internal: "..tostring(internal_addresses));
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes Matthew Wild <mwild1@gmail.com> parents: 12318 diff changeset	1065 print(" External: "..tostring(external_addresses));
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes Matthew Wild <mwild1@gmail.com> parents: 12318 diff changeset	1066 end
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1067 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1068 print("For more information about DNS configuration please see https://prosody.im/doc/dns");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1069 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1070 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1071 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1072 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1073 if not what or what == "certs" then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1074 local cert_ok;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1075 print"Checking certificates..."
12975 d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	1076 local x509_verify_identity = require"prosody.util.x509".verify_identity;
d10957394a3c util: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 12899 diff changeset	1077 local create_context = require "prosody.core.certmanager".create_context;
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1078 local ssl = dependencies.softreq"ssl";
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1079 -- local datetime_parse = require"util.datetime".parse_x509;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1080 local load_cert = ssl and ssl.loadcertificate;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1081 -- or ssl.cert_from_pem
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1082 if not ssl then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1083 print("LuaSec not available, can't perform certificate checks")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1084 if what == "certs" then cert_ok = false end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1085 elseif not load_cert then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1086 print("This version of LuaSec (" .. ssl._VERSION .. ") does not support certificate checking");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1087 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1088 else
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1089 for host in it.filter(skip_bare_jid_hosts, enabled_hosts()) do
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1090 print("Checking certificate for "..host);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1091 -- First, let's find out what certificate this host uses.
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1092 local host_ssl_config = configmanager.rawget(host, "ssl")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1093 or configmanager.rawget(host:match("%.(.*)"), "ssl");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1094 local global_ssl_config = configmanager.rawget("*", "ssl");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1095 local ok, err, ssl_config = create_context(host, "server", host_ssl_config, global_ssl_config);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1096 if not ok then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1097 print(" Error: "..err);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1098 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1099 elseif not ssl_config.certificate then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1100 print(" No 'certificate' found for "..host)
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1101 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1102 elseif not ssl_config.key then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1103 print(" No 'key' found for "..host)
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1104 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1105 else
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1106 local key, err = io.open(ssl_config.key); -- Permissions check only
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1107 if not key then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1108 print(" Could not open "..ssl_config.key..": "..err);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1109 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1110 else
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1111 key:close();
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1112 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1113 local cert_fh, err = io.open(ssl_config.certificate); -- Load the file.
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1114 if not cert_fh then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1115 print(" Could not open "..ssl_config.certificate..": "..err);
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1116 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1117 else
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1118 print(" Certificate: "..ssl_config.certificate)
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1119 local cert = load_cert(cert_fh:read"*a"); cert_fh:close();
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1120 if not cert:validat(os.time()) then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1121 print(" Certificate has expired.")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1122 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1123 elseif not cert:validat(os.time() + 86400) then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1124 print(" Certificate expires within one day.")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1125 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1126 elseif not cert:validat(os.time() + 86400*7) then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1127 print(" Certificate expires within one week.")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1128 elseif not cert:validat(os.time() + 86400*31) then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1129 print(" Certificate expires within one month.")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1130 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1131 if configmanager.get(host, "component_module") == nil
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1132 and not x509_verify_identity(host, "_xmpp-client", cert) then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1133 print(" Not valid for client connections to "..host..".")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1134 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1135 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1136 if (not (configmanager.get(host, "anonymous_login")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1137 or configmanager.get(host, "authentication") == "anonymous"))
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1138 and not x509_verify_identity(host, "_xmpp-server", cert) then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1139 print(" Not valid for server-to-server connections to "..host..".")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1140 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1141 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1142 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1143 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1144 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1145 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1146 if cert_ok == false then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1147 print("")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1148 print("For more information about certificates please see https://prosody.im/doc/certificates");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1149 ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1150 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1151 print("")
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1152 end
11779 f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1153 -- intentionally not doing this by default
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1154 if what == "connectivity" then
11782 d93107de52dd util.prosodyctl.check: Ignore unused "ok" variable [luacheck] Kim Alvefur <zash@zash.se> parents: 11780 diff changeset	1155 local _, prosody_is_running = is_prosody_running();
11780 98ae95235775 util.prosodyctl.check: Refuse to do ojn test unless prosody is running Kim Alvefur <zash@zash.se> parents: 11779 diff changeset	1156 if configmanager.get("*", "pidfile") and not prosody_is_running then
98ae95235775 util.prosodyctl.check: Refuse to do ojn test unless prosody is running Kim Alvefur <zash@zash.se> parents: 11779 diff changeset	1157 print("Prosody does not appear to be running, which is required for this test.");
98ae95235775 util.prosodyctl.check: Refuse to do ojn test unless prosody is running Kim Alvefur <zash@zash.se> parents: 11779 diff changeset	1158 print("Start it and then try again.");
98ae95235775 util.prosodyctl.check: Refuse to do ojn test unless prosody is running Kim Alvefur <zash@zash.se> parents: 11779 diff changeset	1159 return 1;
98ae95235775 util.prosodyctl.check: Refuse to do ojn test unless prosody is running Kim Alvefur <zash@zash.se> parents: 11779 diff changeset	1160 end
98ae95235775 util.prosodyctl.check: Refuse to do ojn test unless prosody is running Kim Alvefur <zash@zash.se> parents: 11779 diff changeset	1161
11827 2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1162 local checker = "observe.jabber.network";
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1163 local probe_instance;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1164 local probe_modules = {
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1165 ["xmpp-client"] = "c2s_normal_auth";
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1166 ["xmpp-server"] = "s2s_normal";
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1167 ["xmpps-client"] = nil; -- TODO
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1168 ["xmpps-server"] = nil; -- TODO
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1169 };
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1170 local probe_settings = configmanager.get("*", "connectivity_probe");
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1171 if type(probe_settings) == "string" then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1172 probe_instance = probe_settings;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1173 elseif type(probe_settings) == "table" and type(probe_settings.url) == "string" then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1174 probe_instance = probe_settings.url;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1175 if type(probe_settings.modules) == "table" then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1176 probe_modules = probe_settings.modules;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1177 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1178 elseif probe_settings ~= nil then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1179 print("The 'connectivity_probe' setting not understood.");
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1180 print("Expected an URL or a table with 'url' and 'modules' fields");
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1181 print("See https://prosody.im/doc/prosodyctl#check for more information."); -- FIXME
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1182 return 1;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1183 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1184
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1185 local check_api;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1186 if probe_instance then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1187 local parsed_url = socket_url.parse(probe_instance);
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1188 if not parsed_url then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1189 print(("'connectivity_probe' is not a valid URL: %q"):format(probe_instance));
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1190 print("Set it to the URL of an XMPP Blackbox Exporter instance and try again");
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1191 return 1;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1192 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1193 checker = parsed_url.host;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1194
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1195 function check_api(protocol, host)
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1196 local target = socket_url.build({scheme="xmpp",path=host});
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1197 local probe_module = probe_modules[protocol];
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1198 if not probe_module then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1199 return nil, "Checking protocol '"..protocol.."' is currently unsupported";
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1200 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1201 return check_probe(probe_instance, probe_module, target);
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1202 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1203 else
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1204 check_api = check_ojn;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1205 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1206
11779 f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1207 for host in it.filter(skip_bare_jid_hosts, enabled_hosts()) do
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1208 local modules, component_module = modulemanager.get_modules_for_host(host);
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1209 if component_module then
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1210 modules:add(component_module)
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1211 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1212
11827 2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check Kim Alvefur <zash@zash.se> parents: 11826 diff changeset	1213 print("Checking external connectivity for "..host.." via "..checker)
11779 f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1214 local function check_connectivity(protocol)
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1215 local success, err = check_api(protocol, host);
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1216 if not success and err ~= nil then
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1217 print((" %s: Failed to request check at API: %s"):format(protocol, err))
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1218 elseif success then
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1219 print((" %s: Works"):format(protocol))
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1220 else
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1221 print((" %s: Check service failed to establish (secure) connection"):format(protocol))
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1222 ok = false
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1223 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1224 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1225
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1226 if modules:contains("c2s") then
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1227 check_connectivity("xmpp-client")
11957 3a7ce7df7806 util.prosodyctl.check: Support direct TLS connectivity checks Kim Alvefur <zash@zash.se> parents: 11940 diff changeset	1228 if configmanager.get("*", "c2s_direct_tls_ports") then
3a7ce7df7806 util.prosodyctl.check: Support direct TLS connectivity checks Kim Alvefur <zash@zash.se> parents: 11940 diff changeset	1229 check_connectivity("xmpps-client");
3a7ce7df7806 util.prosodyctl.check: Support direct TLS connectivity checks Kim Alvefur <zash@zash.se> parents: 11940 diff changeset	1230 end
11779 f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1231 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1232
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1233 if modules:contains("s2s") then
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1234 check_connectivity("xmpp-server")
11957 3a7ce7df7806 util.prosodyctl.check: Support direct TLS connectivity checks Kim Alvefur <zash@zash.se> parents: 11940 diff changeset	1235 if configmanager.get("*", "s2s_direct_tls_ports") then
3a7ce7df7806 util.prosodyctl.check: Support direct TLS connectivity checks Kim Alvefur <zash@zash.se> parents: 11940 diff changeset	1236 check_connectivity("xmpps-server");
3a7ce7df7806 util.prosodyctl.check: Support direct TLS connectivity checks Kim Alvefur <zash@zash.se> parents: 11940 diff changeset	1237 end
11779 f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1238 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1239
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1240 print()
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1241 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1242 print("Note: The connectivity check only checks the reachability of the domain.")
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1243 print("Note: It does not ensure that the check actually reaches this specific prosody instance.")
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network Jonas Schäfer <jonas@wielicki.name> parents: 11778 diff changeset	1244 end
12357 cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1245
12377 317132bca8c0 prosodyctl: check: include TURN checks by default Matthew Wild <mwild1@gmail.com> parents: 12376 diff changeset	1246 if not what or what == "turn" then
12357 cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1247 local turn_enabled_hosts = {};
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1248 local turn_services = {};
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1249
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1250 for host in enabled_hosts() do
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1251 local has_external_turn = modulemanager.get_modules_for_host(host):contains("turn_external");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1252 if has_external_turn then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1253 table.insert(turn_enabled_hosts, host);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1254 local turn_host = configmanager.get(host, "turn_external_host") or host;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1255 local turn_port = configmanager.get(host, "turn_external_port") or 3478;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1256 local turn_secret = configmanager.get(host, "turn_external_secret");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1257 if not turn_secret then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1258 print("Error: Your configuration is missing a turn_external_secret for "..host);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1259 print("Error: TURN will not be advertised for this host.");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1260 ok = false;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1261 else
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1262 local turn_id = ("%s:%d"):format(turn_host, turn_port);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1263 if turn_services[turn_id] and turn_services[turn_id].secret ~= turn_secret then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1264 print("Error: Your configuration contains multiple differing secrets");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1265 print(" for the TURN service at "..turn_id.." - we will only test one.");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1266 elseif not turn_services[turn_id] then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1267 turn_services[turn_id] = {
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1268 host = turn_host;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1269 port = turn_port;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1270 secret = turn_secret;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1271 };
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1272 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1273 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1274 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1275 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1276
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1277 if what == "turn" then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1278 local count = it.count(pairs(turn_services));
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1279 if count == 0 then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1280 print("Error: Unable to find any TURN services configured. Enable mod_turn_external!");
12488 3183f358a88f util.prosodyctl.check: turn: Report lack of TURN services as a problem #1749 Kim Alvefur <zash@zash.se> parents: 12466 diff changeset	1281 ok = false;
12357 cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1282 else
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1283 print("Identified "..tostring(count).." TURN services.");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1284 print("");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1285 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1286 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1287
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1288 for turn_id, turn_service in pairs(turn_services) do
12377 317132bca8c0 prosodyctl: check: include TURN checks by default Matthew Wild <mwild1@gmail.com> parents: 12376 diff changeset	1289 print("Testing TURN service "..turn_id.."...");
12357 cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1290
12372 1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping Matthew Wild <mwild1@gmail.com> parents: 12362 diff changeset	1291 local result = check_turn_service(turn_service, opts.ping);
12357 cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1292 if #result.warnings > 0 then
12381 d999c2b3e289 prosodyctl: check turn: fix formatting of multiple warnings Matthew Wild <mwild1@gmail.com> parents: 12380 diff changeset	1293 print(("%d warnings:\n"):format(#result.warnings));
d999c2b3e289 prosodyctl: check turn: fix formatting of multiple warnings Matthew Wild <mwild1@gmail.com> parents: 12380 diff changeset	1294 print(" "..table.concat(result.warnings, "\n "));
d999c2b3e289 prosodyctl: check turn: fix formatting of multiple warnings Matthew Wild <mwild1@gmail.com> parents: 12380 diff changeset	1295 print("");
12357 cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1296 end
12380 3a702f37e87c prosodyctl: check turn: always show debug info even if test fails Matthew Wild <mwild1@gmail.com> parents: 12379 diff changeset	1297
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails Matthew Wild <mwild1@gmail.com> parents: 12379 diff changeset	1298 if opts.verbose then
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails Matthew Wild <mwild1@gmail.com> parents: 12379 diff changeset	1299 if result.external_ip then
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails Matthew Wild <mwild1@gmail.com> parents: 12379 diff changeset	1300 print(("External IP: %s"):format(result.external_ip.address));
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails Matthew Wild <mwild1@gmail.com> parents: 12379 diff changeset	1301 end
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails Matthew Wild <mwild1@gmail.com> parents: 12379 diff changeset	1302 if result.relayed_addresses then
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails Matthew Wild <mwild1@gmail.com> parents: 12379 diff changeset	1303 for i, relayed_address in ipairs(result.relayed_addresses) do
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails Matthew Wild <mwild1@gmail.com> parents: 12379 diff changeset	1304 print(("Relayed address %d: %s:%d"):format(i, relayed_address.address, relayed_address.port));
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails Matthew Wild <mwild1@gmail.com> parents: 12379 diff changeset	1305 end
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails Matthew Wild <mwild1@gmail.com> parents: 12379 diff changeset	1306 end
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails Matthew Wild <mwild1@gmail.com> parents: 12379 diff changeset	1307 if result.external_ip_pong then
12390 71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT Matthew Wild <mwild1@gmail.com> parents: 12385 diff changeset	1308 print(("TURN external address: %s:%d"):format(result.external_ip_pong.address, result.external_ip_pong.port));
12380 3a702f37e87c prosodyctl: check turn: always show debug info even if test fails Matthew Wild <mwild1@gmail.com> parents: 12379 diff changeset	1309 end
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails Matthew Wild <mwild1@gmail.com> parents: 12379 diff changeset	1310 end
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails Matthew Wild <mwild1@gmail.com> parents: 12379 diff changeset	1311
12357 cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1312 if result.error then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1313 print("Error: "..result.error.."\n");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1314 ok = false;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1315 else
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1316 print("Success!\n");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1317 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1318 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1319 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational Matthew Wild <mwild1@gmail.com> parents: 12233 diff changeset	1320
10871 e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1321 if not ok then
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1322 print("Problems found, see above.");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1323 else
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1324 print("All checks passed, congratulations!");
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1325 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1326 return ok and 0 or 2;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1327 end
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1328
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1329 return {
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1330 check = check;
e5dee71d0ebb prosodyctl+util.prosodyctl.: Start breaking up the ever-growing prosodyctl Matthew Wild <mwild1@gmail.com>* parents: diff changeset	1331 };

prosody

638f627e707f

util/prosodyctl/check.lua

Software / code / prosody

Annotate

util/prosodyctl/check.lua @ 13134:638f627e707f

Software `/` code `/` prosody