prosody
7a7cc4d98faf
plugins/mod_dialback.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Annotate

plugins/mod_dialback.lua @ 4847:7a7cc4d98faf

mod_dialback: Fix logic bug - we should have both a to and from at this point
author Matthew Wild <mwild1@gmail.com>
date Fri, 11 May 2012 01:54:36 +0100
parent 4846:3bc3498df0a0
child 4848:f7a4920aed6b
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1523
841d61be198f Remove version number from copyright headers
Matthew Wild <mwild1@gmail.com>
parents: 1337
diff changeset
1 -- Prosody IM
2923
b7049746bd29 Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents: 1937
diff changeset
2 -- Copyright (C) 2008-2010 Matthew Wild
b7049746bd29 Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents: 1937
diff changeset
3 -- Copyright (C) 2008-2010 Waqas Hussain
519
cccd610a0ef9 Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents: 438
diff changeset
4 --
758
b1885732e979 GPL->MIT!
Matthew Wild <mwild1@gmail.com>
parents: 645
diff changeset
5 -- This project is MIT/X11 licensed. Please see the
b1885732e979 GPL->MIT!
Matthew Wild <mwild1@gmail.com>
parents: 645
diff changeset
6 -- COPYING file in the source package for more information.
519
cccd610a0ef9 Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents: 438
diff changeset
7 --
cccd610a0ef9 Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents: 438
diff changeset
8
4567
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
9 local format = string.format;
519
cccd610a0ef9 Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents: 438
diff changeset
10
1042
a3d77353c18a mod_*: Fix a load of global accesses
Matthew Wild <mwild1@gmail.com>
parents: 896
diff changeset
11 local hosts = _G.hosts;
191
e64c8a44060f Fix s2s once and for all
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12 local s2s_make_authenticated = require "core.s2smanager".make_authenticated;
e64c8a44060f Fix s2s once and for all
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13
1070
3b066968063b mod_dialback: Use module logger instead of creating a new one
Matthew Wild <mwild1@gmail.com>
parents: 1042
diff changeset
14 local log = module._log;
559
fa4a51fe6442 Remove an incorrect line which I didn't add, and fix the proper way. Corrects the sending of stanzas over unauthed s2sout's. Also fixes mod_dialback to send stanzas and not strings.
Matthew Wild <mwild1@gmail.com>
parents: 519
diff changeset
15
1070
3b066968063b mod_dialback: Use module logger instead of creating a new one
Matthew Wild <mwild1@gmail.com>
parents: 1042
diff changeset
16 local st = require "util.stanza";
4567
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
17 local sha256_hash = require "util.hashes".sha256;
4836
bda0593d3f73 mod_dialback: add better safe then sorry nameprepping to the from attribute.
Marco Cirillo <maranda@lightwitch.org>
parents: 4835
diff changeset
18 local nameprep = require "util.encodings".stringprep.nameprep;
191
e64c8a44060f Fix s2s once and for all
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19
1876
6d33e0521667 mod_dialback: Initiate dialback on incoming stream:features
Matthew Wild <mwild1@gmail.com>
parents: 1523
diff changeset
20 local xmlns_stream = "http://etherx.jabber.org/streams";
191
e64c8a44060f Fix s2s once and for all
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
22 local dialback_requests = setmetatable({}, { __mode = 'v' });
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
23
4567
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
24 function generate_dialback(id, to, from)
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
25 return sha256_hash(id..to..from..hosts[from].dialback_secret, true);
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
26 end
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
27
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
28 function initiate_dialback(session)
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
29 -- generate dialback key
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
30 session.dialback_key = generate_dialback(session.streamid, session.to_host, session.from_host);
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
31 session.sends2s(format("<db:result from='%s' to='%s'>%s</db:result>", session.from_host, session.to_host, session.dialback_key));
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
32 session.log("info", "sent dialback key on outgoing s2s stream");
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
33 end
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
34
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
35 function verify_dialback(id, to, from, key)
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
36 return key == generate_dialback(id, to, from);
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
37 end
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
38
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
39 module:hook("stanza/jabber:server:dialback:verify", function(event)
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
40 local origin, stanza = event.origin, event.stanza;
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
41
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
42 if origin.type == "s2sin_unauthed" or origin.type == "s2sin" then
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
43 -- We are being asked to verify the key, to ensure it was generated by us
1077
d6a885cacd8c mod_dialback: Miscellaneous logging improvements, changing levels, improving messages and using session loggers where possible
Matthew Wild <mwild1@gmail.com>
parents: 1070
diff changeset
44 origin.log("debug", "verifying that dialback key is ours...");
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
45 local attr = stanza.attr;
1337
16c5aa4696ca mod_dialback: Change FIXME comment to COMPAT
Matthew Wild <mwild1@gmail.com>
parents: 1077
diff changeset
46 -- COMPAT: Grr, ejabberd breaks this one too?? it is black and white in XEP-220 example 34
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
47 --if attr.from ~= origin.to_host then error("invalid-from"); end
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
48 local type;
4567
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
49 if verify_dialback(attr.id, attr.from, attr.to, stanza[1]) then
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
50 type = "valid"
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
51 else
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
52 type = "invalid"
1077
d6a885cacd8c mod_dialback: Miscellaneous logging improvements, changing levels, improving messages and using session loggers where possible
Matthew Wild <mwild1@gmail.com>
parents: 1070
diff changeset
53 origin.log("warn", "Asked to verify a dialback key that was incorrect. An imposter is claiming to be %s?", attr.to);
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
54 end
1077
d6a885cacd8c mod_dialback: Miscellaneous logging improvements, changing levels, improving messages and using session loggers where possible
Matthew Wild <mwild1@gmail.com>
parents: 1070
diff changeset
55 origin.log("debug", "verified dialback key... it is %s", type);
560
6c07f15a34f4 Fix the last couple of places where we send strings from mod_dialback
Matthew Wild <mwild1@gmail.com>
parents: 559
diff changeset
56 origin.sends2s(st.stanza("db:verify", { from = attr.to, to = attr.from, id = attr.id, type = type }):text(stanza[1]));
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
57 return true;
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
58 end
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
59 end);
191
e64c8a44060f Fix s2s once and for all
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
60
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
61 module:hook("stanza/jabber:server:dialback:result", function(event)
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
62 local origin, stanza = event.origin, event.stanza;
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
63
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
64 if origin.type == "s2sin_unauthed" or origin.type == "s2sin" then
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
65 -- he wants to be identified through dialback
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
66 -- We need to check the key with the Authoritative server
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
67 local attr = stanza.attr;
4822
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
68 local to, from = attr.to, attr.from;
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
69
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
70 origin.hosts[from] = { dialback_key = stanza[1] };
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
71
4822
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
72 if not hosts[to] then
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
73 -- Not a host that we serve
4822
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
74 origin.log("info", "%s tried to connect to %s, which we don't serve", from, to);
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
75 origin:close("host-unknown");
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
76 return true;
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
77 end
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
78
4822
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
79 dialback_requests[from.."/"..origin.streamid] = origin;
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
80
4822
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
81 -- COMPAT: ejabberd, gmail and perhaps others do not always set 'to' and 'from'
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
82 -- on streams. We fill in the session's to/from here instead.
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
83 if not origin.from_host then
4836
bda0593d3f73 mod_dialback: add better safe then sorry nameprepping to the from attribute.
Marco Cirillo <maranda@lightwitch.org>
parents: 4835
diff changeset
84 origin.from_host = nameprep(attr.from);
4842
88101f652174 Backed out changeset 9f1fb34cd7f8 - obsoleted by 5ef05f32bc42.
Matthew Wild <mwild1@gmail.com>
parents: 4837
diff changeset
85 if not origin.from_host then
88101f652174 Backed out changeset 9f1fb34cd7f8 - obsoleted by 5ef05f32bc42.
Matthew Wild <mwild1@gmail.com>
parents: 4837
diff changeset
86 origin.log("debug", "We need to know where to connect but remote server blindly refuses to tell us and to comply to specs, closing connection.");
88101f652174 Backed out changeset 9f1fb34cd7f8 - obsoleted by 5ef05f32bc42.
Matthew Wild <mwild1@gmail.com>
parents: 4837
diff changeset
87 origin:close("invalid-from");
88101f652174 Backed out changeset 9f1fb34cd7f8 - obsoleted by 5ef05f32bc42.
Matthew Wild <mwild1@gmail.com>
parents: 4837
diff changeset
88 end
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
89 end
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
90 if not origin.to_host then
4837
9f1fb34cd7f8 mod_dialback: make change a bit more wide, encompass to and from and reject with proper addressing when neither are there.
Marco Cirillo <maranda@lightwitch.org>
parents: 4836
diff changeset
91 origin.to_host = nameprep(attr.to);
9f1fb34cd7f8 mod_dialback: make change a bit more wide, encompass to and from and reject with proper addressing when neither are there.
Marco Cirillo <maranda@lightwitch.org>
parents: 4836
diff changeset
92 end
9f1fb34cd7f8 mod_dialback: make change a bit more wide, encompass to and from and reject with proper addressing when neither are there.
Marco Cirillo <maranda@lightwitch.org>
parents: 4836
diff changeset
93
4847
7a7cc4d98faf mod_dialback: Fix logic bug - we should have both a to and from at this point
Matthew Wild <mwild1@gmail.com>
parents: 4846
diff changeset
94 if not origin.from_host or not origin.to_host then
4837
9f1fb34cd7f8 mod_dialback: make change a bit more wide, encompass to and from and reject with proper addressing when neither are there.
Marco Cirillo <maranda@lightwitch.org>
parents: 4836
diff changeset
95 origin.log("debug", "Improper addressing supplied, no to or from?");
9f1fb34cd7f8 mod_dialback: make change a bit more wide, encompass to and from and reject with proper addressing when neither are there.
Marco Cirillo <maranda@lightwitch.org>
parents: 4836
diff changeset
96 origin:close("improper-addressing");
9f1fb34cd7f8 mod_dialback: make change a bit more wide, encompass to and from and reject with proper addressing when neither are there.
Marco Cirillo <maranda@lightwitch.org>
parents: 4836
diff changeset
97 end
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
98
4822
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
99 origin.log("debug", "asking %s if key %s belongs to them", from, stanza[1]);
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
100 module:fire_event("route/remote", {
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
101 from_host = to, to_host = from;
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
102 stanza = st.stanza("db:verify", { from = to, to = from, id = origin.streamid }):text(stanza[1]);
5ef05f32bc42 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
Matthew Wild <mwild1@gmail.com>
parents: 4761
diff changeset
103 });
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
104 return true;
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
105 end
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
106 end);
191
e64c8a44060f Fix s2s once and for all
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
107
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
108 module:hook("stanza/jabber:server:dialback:verify", function(event)
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
109 local origin, stanza = event.origin, event.stanza;
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
110
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
111 if origin.type == "s2sout_unauthed" or origin.type == "s2sout" then
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
112 local attr = stanza.attr;
4314
1e1110840965 mod_dialback: More robust handling of multiple outstanding dialback requests for the same domain, fixes intermittent s2s with some (patched?) ejabberds
Matthew Wild <mwild1@gmail.com>
parents: 4227
diff changeset
113 local dialback_verifying = dialback_requests[attr.from.."/"..(attr.id or "")];
4567
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
114 module:log("debug", tostring(dialback_verifying).." "..attr.from.." "..origin.to_host);
4314
1e1110840965 mod_dialback: More robust handling of multiple outstanding dialback requests for the same domain, fixes intermittent s2s with some (patched?) ejabberds
Matthew Wild <mwild1@gmail.com>
parents: 4227
diff changeset
115 if dialback_verifying and attr.from == origin.to_host then
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
116 local valid;
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
117 if attr.type == "valid" then
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
118 s2s_make_authenticated(dialback_verifying, attr.from);
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
119 valid = "valid";
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
120 else
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
121 -- Warn the original connection that is was not verified successfully
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
122 log("warn", "authoritative server for "..(attr.from or "(unknown)").." denied the key");
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
123 valid = "invalid";
191
e64c8a44060f Fix s2s once and for all
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
124 end
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
125 if not dialback_verifying.sends2s then
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
126 log("warn", "Incoming s2s session %s was closed in the meantime, so we can't notify it of the db result", tostring(dialback_verifying):match("%w+$"));
347
fba39fda0879 Don't error if the original s2s connection has closed before we get the dialback result
Matthew Wild <mwild1@gmail.com>
parents: 260
diff changeset
127 else
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
128 dialback_verifying.sends2s(
560
6c07f15a34f4 Fix the last couple of places where we send strings from mod_dialback
Matthew Wild <mwild1@gmail.com>
parents: 559
diff changeset
129 st.stanza("db:result", { from = attr.to, to = attr.from, id = attr.id, type = valid })
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
130 :text(dialback_verifying.hosts[attr.from].dialback_key));
347
fba39fda0879 Don't error if the original s2s connection has closed before we get the dialback result
Matthew Wild <mwild1@gmail.com>
parents: 260
diff changeset
131 end
4314
1e1110840965 mod_dialback: More robust handling of multiple outstanding dialback requests for the same domain, fixes intermittent s2s with some (patched?) ejabberds
Matthew Wild <mwild1@gmail.com>
parents: 4227
diff changeset
132 dialback_requests[attr.from.."/"..(attr.id or "")] = nil;
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
133 end
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
134 return true;
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
135 end
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
136 end);
191
e64c8a44060f Fix s2s once and for all
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
137
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
138 module:hook("stanza/jabber:server:dialback:result", function(event)
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
139 local origin, stanza = event.origin, event.stanza;
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
140
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
141 if origin.type == "s2sout_unauthed" or origin.type == "s2sout" then
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
142 -- Remote server is telling us whether we passed dialback
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
143
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
144 local attr = stanza.attr;
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
145 if not hosts[attr.to] then
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
146 origin:close("host-unknown");
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
147 return true;
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
148 elseif hosts[attr.to].s2sout[attr.from] ~= origin then
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
149 -- This isn't right
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
150 origin:close("invalid-id");
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
151 return true;
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
152 end
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
153 if stanza.attr.type == "valid" then
621
cd2cab5400fc Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
154 s2s_make_authenticated(origin, attr.from);
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
155 else
4227
6b83ef6ec845 mod_dialback: Use session:close() on dialback failure instead of s2smanager.destroy_session() (thanks Zash)
Matthew Wild <mwild1@gmail.com>
parents: 3534
diff changeset
156 origin:close("not-authorized", "dialback authentication failed");
219
f06e97f525bc Fixed some whitespace.
Waqas Hussain <waqas20@gmail.com>
parents: 191
diff changeset
157 end
3533
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
158 return true;
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
159 end
0385b9f29049 mod_dialback: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
160 end);
1876
6d33e0521667 mod_dialback: Initiate dialback on incoming stream:features
Matthew Wild <mwild1@gmail.com>
parents: 1523
diff changeset
161
3651
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
162 module:hook_stanza("urn:ietf:params:xml:ns:xmpp-sasl", "failure", function (origin, stanza)
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
163 if origin.external_auth == "failed" then
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
164 module:log("debug", "SASL EXTERNAL failed, falling back to dialback");
4567
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
165 initiate_dialback(origin);
3651
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
166 return true;
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
167 end
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
168 end, 100);
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
169
1876
6d33e0521667 mod_dialback: Initiate dialback on incoming stream:features
Matthew Wild <mwild1@gmail.com>
parents: 1523
diff changeset
170 module:hook_stanza(xmlns_stream, "features", function (origin, stanza)
3651
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
171 if not origin.external_auth or origin.external_auth == "failed" then
4587
93a84314c296 mod_dialback, mod_s2s: Log initiation of dialback in mod_dialback
Kim Alvefur <zash@zash.se>
parents: 4586
diff changeset
172 module:log("debug", "Initiating dialback...");
4567
24617f360200 mod_dialback: import util.hashes and functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents: 4316
diff changeset
173 initiate_dialback(origin);
3651
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
174 return true;
337391d34b70 s2s: SASL EXTERNAL
Paul Aurich <paul@darkrain42.org>
parents: 3534
diff changeset
175 end
3534
c68590b13a6d mod_dialback: Fixed indentation.
Waqas Hussain <waqas20@gmail.com>
parents: 3533
diff changeset
176 end, 100);
1937
9c700500f408 mod_dialback: Catch s2s-stream-features and add dialback feature
Matthew Wild <mwild1@gmail.com>
parents: 1876
diff changeset
177
4586
4d63852910ff mod_s2s, mod_dialback: Rename event to s2s-authenticate-legacy
Kim Alvefur <zash@zash.se>
parents: 4584
diff changeset
178 module:hook("s2s-authenticate-legacy", function (event)
4587
93a84314c296 mod_dialback, mod_s2s: Log initiation of dialback in mod_dialback
Kim Alvefur <zash@zash.se>
parents: 4586
diff changeset
179 module:log("debug", "Initiating dialback...");
4584
9a5de6509aa8 mod_s2s, mod_dialback: Event on pre-XMPP streams, so we can try dialback.
Kim Alvefur <zash@zash.se>
parents: 4579
diff changeset
180 initiate_dialback(event.origin);
9a5de6509aa8 mod_s2s, mod_dialback: Event on pre-XMPP streams, so we can try dialback.
Kim Alvefur <zash@zash.se>
parents: 4579
diff changeset
181 return true;
9a5de6509aa8 mod_s2s, mod_dialback: Event on pre-XMPP streams, so we can try dialback.
Kim Alvefur <zash@zash.se>
parents: 4579
diff changeset
182 end, 100);
9a5de6509aa8 mod_s2s, mod_dialback: Event on pre-XMPP streams, so we can try dialback.
Kim Alvefur <zash@zash.se>
parents: 4579
diff changeset
183
1937
9c700500f408 mod_dialback: Catch s2s-stream-features and add dialback feature
Matthew Wild <mwild1@gmail.com>
parents: 1876
diff changeset
184 -- Offer dialback to incoming hosts
9c700500f408 mod_dialback: Catch s2s-stream-features and add dialback feature
Matthew Wild <mwild1@gmail.com>
parents: 1876
diff changeset
185 module:hook("s2s-stream-features", function (data)
4264
fa36e749749c mod_dialback: Remove <optional/> from stream feature, as per latest specs.
Waqas Hussain <waqas20@gmail.com>
parents: 4238
diff changeset
186 data.features:tag("dialback", { xmlns='urn:xmpp:features:dialback' }):up();
3534
c68590b13a6d mod_dialback: Fixed indentation.
Waqas Hussain <waqas20@gmail.com>
parents: 3533
diff changeset
187 end);