Software `/` code `/` prosody

Annotate

plugins/mod_s2s/mod_s2s.lua @ 10224:94e341dee51c

core.certmanager: Move EECDH ciphers before EDH in default cipherstring The original intent of having kEDH before kEECDH was that if a `dhparam` file was specified, this would be interpreted as a preference by the admin for old and well-tested Diffie-Hellman key agreement over newer elliptic curve ones. Otherwise the faster elliptic curve ciphersuites would be preferred. This didn't really work as intended since this affects the ClientHello on outgoing s2s connections, leading to some servers using poorly configured kEDH. With Debian shipping OpenSSL settings that enforce a higher security level, this caused interoperability problems with servers that use DH params smaller than 2048 bits. E.g. jabber.org at the time of this writing has 1024 bit DH params. MattJ says > Curves have won, and OpenSSL is less weird about them now

author	Kim Alvefur <zash@zash.se>
date	Sun, 25 Aug 2019 20:22:35 +0200
parent	10120:756b8821007a
child	10226:77f900bbbf25

rev	line source
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	1 -- Prosody IM
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	2 -- Copyright (C) 2008-2010 Matthew Wild
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	3 -- Copyright (C) 2008-2010 Waqas Hussain
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	4 --
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	5 -- This project is MIT/X11 licensed. Please see the
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	6 -- COPYING file in the source package for more information.
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	7 --
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	8
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	9 module:set_global();
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	10
4755 844019f369a5 mod_s2s: Fix imports and remove some unused variables Matthew Wild <mwild1@gmail.com> parents: 4752 diff changeset	11 local prosody = prosody;
844019f369a5 mod_s2s: Fix imports and remove some unused variables Matthew Wild <mwild1@gmail.com> parents: 4752 diff changeset	12 local hosts = prosody.hosts;
5013 ab693eea0869 mod_admin_adhoc, mod_admin_telnet, mod_bosh, mod_c2s, mod_component, mod_pep, mod_presence, mod_roster, mod_s2s: Import core_post_stanza from the global prosody table. Kim Alvefur <zash@zash.se> parents: 4997 diff changeset	13 local core_process_stanza = prosody.core_process_stanza;
4755 844019f369a5 mod_s2s: Fix imports and remove some unused variables Matthew Wild <mwild1@gmail.com> parents: 4752 diff changeset	14
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	15 local tostring, type = tostring, type;
4578 da0528c59c52 mod_s2s: Add missing local table.insert Kim Alvefur <zash@zash.se> parents: 4576 diff changeset	16 local t_insert = table.insert;
8461 0f05d6535dfa mod_s2s: Remove unused local [luacheck] Kim Alvefur <zash@zash.se> parents: 8268 diff changeset	17 local traceback = debug.traceback;
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	18
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	19 local add_task = require "util.timer".add_task;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	20 local st = require "util.stanza";
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	21 local initialize_filters = require "util.filters".initialize;
4568 aae7a62671de mod_s2s: port functionality once in s2smanager. Florian Zeitz <florob@babelmonkeys.de> parents: 4555 diff changeset	22 local nameprep = require "util.encodings".stringprep.nameprep;
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	23 local new_xmpp_stream = require "util.xmppstream".new;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	24 local s2s_new_incoming = require "core.s2smanager".new_incoming;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	25 local s2s_new_outgoing = require "core.s2smanager".new_outgoing;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	26 local s2s_destroy_session = require "core.s2smanager".destroy_session;
4568 aae7a62671de mod_s2s: port functionality once in s2smanager. Florian Zeitz <florob@babelmonkeys.de> parents: 4555 diff changeset	27 local uuid_gen = require "util.uuid".generate;
5362 612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	28 local fire_global_event = prosody.events.fire_event;
7451 464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	29 local runner = require "util.async".runner;
10120 756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	30 local connect = require "net.connect".connect;
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	31 local service = require "net.resolvers.service";
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	32
4997 61083e2b1392 mod_s2s: Bump s2s_timeout to 90, to allow for the TCP timeout (in most cases) - this allows us to continue to try other targets Matthew Wild <mwild1@gmail.com> parents: 4996 diff changeset	33 local connect_timeout = module:get_option_number("s2s_timeout", 90);
4969 15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	34 local stream_close_timeout = module:get_option_number("s2s_close_timeout", 5);
5522 3912c9264ef0 mod_s2s: Obey tcp_keepalives option for s2s too, and make it individually configurable through s2s_tcp_keepalives (thanks yeled) Matthew Wild <mwild1@gmail.com> parents: 5505 diff changeset	35 local opt_keepalives = module:get_option_boolean("s2s_tcp_keepalives", module:get_option_boolean("tcp_keepalives", true));
5363 f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	36 local secure_auth = module:get_option_boolean("s2s_secure_auth", false); -- One day...
f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	37 local secure_domains, insecure_domains =
f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	38 module:get_option_set("s2s_secure_domains", {})._items, module:get_option_set("s2s_insecure_domains", {})._items;
5594 ad66ee47b674 mod_s2s: Fix interaction between s2s_secure_auth and s2s_require_encryption, in particular ensure that when s2s_require_encryption is NOT set, do not require encryption on s2s_insecure_domains. Matthew Wild <mwild1@gmail.com> parents: 5533 diff changeset	39 local require_encryption = module:get_option_boolean("s2s_require_encryption", false);
5362 612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	40
7662 946871f6e3c8 mod_c2s, mod_s2s: Switch connection counting to 'amount' type and enumerate once per statistics interval Kim Alvefur <zash@zash.se> parents: 7642 diff changeset	41 local measure_connections = module:measure("connections", "amount");
8763 67ecff7be011 mod_s2s: Add a counter for IPv6. Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> parents: 8545 diff changeset	42 local measure_ipv6 = module:measure("ipv6", "amount");
6630 6735e2d735d6 mod_c2s, mod_s2s: Collect statistics on number of connections Kim Alvefur <zash@zash.se> parents: 6608 diff changeset	43
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	44 local sessions = module:shared("sessions");
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	45
7451 464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	46 local runner_callbacks = {};
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	47
10120 756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	48 local listener = {};
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	49
4752 27b724a698f8 mod_s2s: Add log() import Matthew Wild <mwild1@gmail.com> parents: 4630 diff changeset	50 local log = module._log;
27b724a698f8 mod_s2s: Add log() import Matthew Wild <mwild1@gmail.com> parents: 4630 diff changeset	51
7662 946871f6e3c8 mod_c2s, mod_s2s: Switch connection counting to 'amount' type and enumerate once per statistics interval Kim Alvefur <zash@zash.se> parents: 7642 diff changeset	52 module:hook("stats-update", function ()
7466 f28fa742def3 mod_c2s, mod_s2s: Bootstrap connection count statistic on module load Kim Alvefur <zash@zash.se> parents: 7449 diff changeset	53 local count = 0;
8763 67ecff7be011 mod_s2s: Add a counter for IPv6. Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> parents: 8545 diff changeset	54 local ipv6 = 0;
67ecff7be011 mod_s2s: Add a counter for IPv6. Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> parents: 8545 diff changeset	55 for _, session in pairs(sessions) do
7466 f28fa742def3 mod_c2s, mod_s2s: Bootstrap connection count statistic on module load Kim Alvefur <zash@zash.se> parents: 7449 diff changeset	56 count = count + 1;
8763 67ecff7be011 mod_s2s: Add a counter for IPv6. Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> parents: 8545 diff changeset	57 if session.ip and session.ip:match(":") then
67ecff7be011 mod_s2s: Add a counter for IPv6. Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> parents: 8545 diff changeset	58 ipv6 = ipv6 + 1;
67ecff7be011 mod_s2s: Add a counter for IPv6. Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> parents: 8545 diff changeset	59 end
7466 f28fa742def3 mod_c2s, mod_s2s: Bootstrap connection count statistic on module load Kim Alvefur <zash@zash.se> parents: 7449 diff changeset	60 end
f28fa742def3 mod_c2s, mod_s2s: Bootstrap connection count statistic on module load Kim Alvefur <zash@zash.se> parents: 7449 diff changeset	61 measure_connections(count);
8763 67ecff7be011 mod_s2s: Add a counter for IPv6. Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> parents: 8545 diff changeset	62 measure_ipv6(ipv6);
7662 946871f6e3c8 mod_c2s, mod_s2s: Switch connection counting to 'amount' type and enumerate once per statistics interval Kim Alvefur <zash@zash.se> parents: 7642 diff changeset	63 end);
7466 f28fa742def3 mod_c2s, mod_s2s: Bootstrap connection count statistic on module load Kim Alvefur <zash@zash.se> parents: 7449 diff changeset	64
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	65 --- Handle stanzas to remote domains
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	66
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	67 local bouncy_stanzas = { message = true, presence = true, iq = true };
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	68 local function bounce_sendq(session, reason)
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	69 local sendq = session.sendq;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	70 if not sendq then return; end
8545 248bab2bd0c9 mod_s2s: Don't use string concatenation when passing values to logging Kim Alvefur <zash@zash.se> parents: 8483 diff changeset	71 session.log("info", "Sending error replies for %d queued stanzas because of failed outgoing connection to %s", #sendq, session.to_host);
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	72 local dummy = {
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	73 type = "s2sin";
8462 60d508f411a1 mod_s2s: Remove unused argument [luacheck] Kim Alvefur <zash@zash.se> parents: 8461 diff changeset	74 send = function ()
4755 844019f369a5 mod_s2s: Fix imports and remove some unused variables Matthew Wild <mwild1@gmail.com> parents: 4752 diff changeset	75 (session.log or log)("error", "Replying to to an s2s error reply, please report this! Traceback: %s", traceback());
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	76 end;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	77 dummy = true;
6626 071611bc4f1d mod_s2s: Catch attempt to close dummy origin of s2s error replies (fixes a top level error) Kim Alvefur <zash@zash.se> parents: 6608 diff changeset	78 close = function ()
071611bc4f1d mod_s2s: Catch attempt to close dummy origin of s2s error replies (fixes a top level error) Kim Alvefur <zash@zash.se> parents: 6608 diff changeset	79 (session.log or log)("error", "Attempting to close the dummy origin of s2s error replies, please report this! Traceback: %s", traceback());
071611bc4f1d mod_s2s: Catch attempt to close dummy origin of s2s error replies (fixes a top level error) Kim Alvefur <zash@zash.se> parents: 6608 diff changeset	80 end;
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	81 };
10115 c0bd5daa9c7f mod_s2s: Distinguish between high and low level errors in bounces Kim Alvefur <zash@zash.se> parents: 10111 diff changeset	82 -- FIXME Allow for more specific error conditions
c0bd5daa9c7f mod_s2s: Distinguish between high and low level errors in bounces Kim Alvefur <zash@zash.se> parents: 10111 diff changeset	83 -- TODO use util.error ?
c0bd5daa9c7f mod_s2s: Distinguish between high and low level errors in bounces Kim Alvefur <zash@zash.se> parents: 10111 diff changeset	84 local error_type = "cancel";
c0bd5daa9c7f mod_s2s: Distinguish between high and low level errors in bounces Kim Alvefur <zash@zash.se> parents: 10111 diff changeset	85 local condition = "remote-server-not-found";
c0bd5daa9c7f mod_s2s: Distinguish between high and low level errors in bounces Kim Alvefur <zash@zash.se> parents: 10111 diff changeset	86 if session.had_stream then -- set when a stream is opened by the remote
c0bd5daa9c7f mod_s2s: Distinguish between high and low level errors in bounces Kim Alvefur <zash@zash.se> parents: 10111 diff changeset	87 error_type, condition = "wait", "remote-server-timeout";
c0bd5daa9c7f mod_s2s: Distinguish between high and low level errors in bounces Kim Alvefur <zash@zash.se> parents: 10111 diff changeset	88 end
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	89 for i, data in ipairs(sendq) do
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	90 local reply = data[2];
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	91 if reply and not(reply.attr.xmlns) and bouncy_stanzas[reply.name] then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	92 reply.attr.type = "error";
10115 c0bd5daa9c7f mod_s2s: Distinguish between high and low level errors in bounces Kim Alvefur <zash@zash.se> parents: 10111 diff changeset	93 reply:tag("error", {type = error_type, by = session.from_host})
c0bd5daa9c7f mod_s2s: Distinguish between high and low level errors in bounces Kim Alvefur <zash@zash.se> parents: 10111 diff changeset	94 :tag(condition, {xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas"}):up();
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	95 if reason then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	96 reply:tag("text", {xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas"})
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	97 :text("Server-to-server connection failed: "..reason):up();
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	98 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	99 core_process_stanza(dummy, reply);
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	100 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	101 sendq[i] = nil;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	102 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	103 session.sendq = nil;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	104 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	105
4818 3bda6fc02652 mod_s2s: Become a shared module (yay) Matthew Wild <mwild1@gmail.com> parents: 4814 diff changeset	106 -- Handles stanzas to existing s2s sessions
3bda6fc02652 mod_s2s: Become a shared module (yay) Matthew Wild <mwild1@gmail.com> parents: 4814 diff changeset	107 function route_to_existing_session(event)
4580 351936a8de4a mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent. Kim Alvefur <zash@zash.se> parents: 4578 diff changeset	108 local from_host, to_host, stanza = event.from_host, event.to_host, event.stanza;
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	109 if not hosts[from_host] then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	110 log("warn", "Attempt to send stanza from %s - a host we don't serve", from_host);
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	111 return false;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	112 end
5390 b3c8757ee4f4 mod_s2s: Prevent s2s to and from hosts we serve locally Kim Alvefur <zash@zash.se> parents: 5389 diff changeset	113 if hosts[to_host] then
b3c8757ee4f4 mod_s2s: Prevent s2s to and from hosts we serve locally Kim Alvefur <zash@zash.se> parents: 5389 diff changeset	114 log("warn", "Attempt to route stanza to a remote %s - a host we do serve?!", from_host);
b3c8757ee4f4 mod_s2s: Prevent s2s to and from hosts we serve locally Kim Alvefur <zash@zash.se> parents: 5389 diff changeset	115 return false;
b3c8757ee4f4 mod_s2s: Prevent s2s to and from hosts we serve locally Kim Alvefur <zash@zash.se> parents: 5389 diff changeset	116 end
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	117 local host = hosts[from_host].s2sout[to_host];
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	118 if host then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	119 -- We have a connection to this host already
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	120 if host.type == "s2sout_unauthed" and (stanza.name ~= "db:verify" or not host.dialback_key) then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	121 (host.log or log)("debug", "trying to send over unauthed s2sout to "..to_host);
4580 351936a8de4a mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent. Kim Alvefur <zash@zash.se> parents: 4578 diff changeset	122
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	123 -- Queue stanza until we are able to send it
8463 d81ebb1ef5ce mod_s2s: Restructure some code Kim Alvefur <zash@zash.se> parents: 8462 diff changeset	124 local queued_item = {
d81ebb1ef5ce mod_s2s: Restructure some code Kim Alvefur <zash@zash.se> parents: 8462 diff changeset	125 tostring(stanza),
d81ebb1ef5ce mod_s2s: Restructure some code Kim Alvefur <zash@zash.se> parents: 8462 diff changeset	126 stanza.attr.type ~= "error" and stanza.attr.type ~= "result" and st.reply(stanza);
d81ebb1ef5ce mod_s2s: Restructure some code Kim Alvefur <zash@zash.se> parents: 8462 diff changeset	127 };
d81ebb1ef5ce mod_s2s: Restructure some code Kim Alvefur <zash@zash.se> parents: 8462 diff changeset	128 if host.sendq then
d81ebb1ef5ce mod_s2s: Restructure some code Kim Alvefur <zash@zash.se> parents: 8462 diff changeset	129 t_insert(host.sendq, queued_item);
d81ebb1ef5ce mod_s2s: Restructure some code Kim Alvefur <zash@zash.se> parents: 8462 diff changeset	130 else
9412 063977461363 mod_s2s: Silence all warnings instead of ignoring the entire module Kim Alvefur <zash@zash.se> parents: 9070 diff changeset	131 -- luacheck: ignore 122
8463 d81ebb1ef5ce mod_s2s: Restructure some code Kim Alvefur <zash@zash.se> parents: 8462 diff changeset	132 host.sendq = { queued_item };
d81ebb1ef5ce mod_s2s: Restructure some code Kim Alvefur <zash@zash.se> parents: 8462 diff changeset	133 end
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	134 host.log("debug", "stanza [%s] queued ", stanza.name);
4630 9502c0224caf mod_s2s: Queuing a stanza constitutes handling it. Paul Aurich <paul@darkrain42.org> parents: 4625 diff changeset	135 return true;
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	136 elseif host.type == "local" or host.type == "component" then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	137 log("error", "Trying to send a stanza to ourselves??")
4755 844019f369a5 mod_s2s: Fix imports and remove some unused variables Matthew Wild <mwild1@gmail.com> parents: 4752 diff changeset	138 log("error", "Traceback: %s", traceback());
10111 0f335815244f plugins: Remove tostring call from logging Kim Alvefur <zash@zash.se> parents: 9854 diff changeset	139 log("error", "Stanza: %s", stanza);
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	140 return false;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	141 else
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	142 -- FIXME
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	143 if host.from_host ~= from_host then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	144 log("error", "WARNING! This might, possibly, be a bug, but it might not...");
8483 6d47b74926dd mod_s2s: Remove tostring() in logging since this is handled by util.format now Kim Alvefur <zash@zash.se> parents: 8463 diff changeset	145 log("error", "We are going to send from %s instead of %s", host.from_host, from_host);
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	146 end
4968 a6d3ac11a7af mod_s2s: Don't treat a stanza as delivered if session.sends2s() returns false Matthew Wild <mwild1@gmail.com> parents: 4960 diff changeset	147 if host.sends2s(stanza) then
a6d3ac11a7af mod_s2s: Don't treat a stanza as delivered if session.sends2s() returns false Matthew Wild <mwild1@gmail.com> parents: 4960 diff changeset	148 return true;
a6d3ac11a7af mod_s2s: Don't treat a stanza as delivered if session.sends2s() returns false Matthew Wild <mwild1@gmail.com> parents: 4960 diff changeset	149 end
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	150 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	151 end
4818 3bda6fc02652 mod_s2s: Become a shared module (yay) Matthew Wild <mwild1@gmail.com> parents: 4814 diff changeset	152 end
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	153
4818 3bda6fc02652 mod_s2s: Become a shared module (yay) Matthew Wild <mwild1@gmail.com> parents: 4814 diff changeset	154 -- Create a new outgoing session for a stanza
3bda6fc02652 mod_s2s: Become a shared module (yay) Matthew Wild <mwild1@gmail.com> parents: 4814 diff changeset	155 function route_to_new_session(event)
4580 351936a8de4a mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent. Kim Alvefur <zash@zash.se> parents: 4578 diff changeset	156 local from_host, to_host, stanza = event.from_host, event.to_host, event.stanza;
351936a8de4a mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent. Kim Alvefur <zash@zash.se> parents: 4578 diff changeset	157 log("debug", "opening a new outgoing connection for this stanza");
351936a8de4a mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent. Kim Alvefur <zash@zash.se> parents: 4578 diff changeset	158 local host_session = s2s_new_outgoing(from_host, to_host);
10120 756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	159 host_session.version = 1;
4580 351936a8de4a mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent. Kim Alvefur <zash@zash.se> parents: 4578 diff changeset	160
351936a8de4a mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent. Kim Alvefur <zash@zash.se> parents: 4578 diff changeset	161 -- Store in buffer
351936a8de4a mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent. Kim Alvefur <zash@zash.se> parents: 4578 diff changeset	162 host_session.bounce_sendq = bounce_sendq;
351936a8de4a mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent. Kim Alvefur <zash@zash.se> parents: 4578 diff changeset	163 host_session.sendq = { {tostring(stanza), stanza.attr.type ~= "error" and stanza.attr.type ~= "result" and st.reply(stanza)} };
10111 0f335815244f plugins: Remove tostring call from logging Kim Alvefur <zash@zash.se> parents: 9854 diff changeset	164 log("debug", "stanza [%s] queued until connection complete", stanza.name);
10120 756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	165 connect(service.new(to_host, "xmpp-server", "tcp", { default_port = 5269 }), listener, nil, { session = host_session });
4581 d2eb5962d235 mod_s2s: return true when we sent the stanza, or initiated a new s2sout Kim Alvefur <zash@zash.se> parents: 4580 diff changeset	166 return true;
4818 3bda6fc02652 mod_s2s: Become a shared module (yay) Matthew Wild <mwild1@gmail.com> parents: 4814 diff changeset	167 end
3bda6fc02652 mod_s2s: Become a shared module (yay) Matthew Wild <mwild1@gmail.com> parents: 4814 diff changeset	168
5669 9345c161481f mod_c2s, mod_s2s: Fire an event on read timeouts Kim Alvefur <zash@zash.se> parents: 5661 diff changeset	169 local function keepalive(event)
9345c161481f mod_c2s, mod_s2s: Fire an event on read timeouts Kim Alvefur <zash@zash.se> parents: 5661 diff changeset	170 return event.session.sends2s(' ');
9345c161481f mod_c2s, mod_s2s: Fire an event on read timeouts Kim Alvefur <zash@zash.se> parents: 5661 diff changeset	171 end
9345c161481f mod_c2s, mod_s2s: Fire an event on read timeouts Kim Alvefur <zash@zash.se> parents: 5661 diff changeset	172
5713 5cf6dedf36f4 mod_s2s: Add missing global hook for read-timeout Kim Alvefur <zash@zash.se> parents: 5669 diff changeset	173 module:hook("s2s-read-timeout", keepalive, -1);
5cf6dedf36f4 mod_s2s: Add missing global hook for read-timeout Kim Alvefur <zash@zash.se> parents: 5669 diff changeset	174
4818 3bda6fc02652 mod_s2s: Become a shared module (yay) Matthew Wild <mwild1@gmail.com> parents: 4814 diff changeset	175 function module.add_host(module)
3bda6fc02652 mod_s2s: Become a shared module (yay) Matthew Wild <mwild1@gmail.com> parents: 4814 diff changeset	176 if module:get_option_boolean("disallow_s2s", false) then
7359 a5a080c12c96 Update every link to the documentation to use HTTPS Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> parents: 7278 diff changeset	177 module:log("warn", "The 'disallow_s2s' config option is deprecated, please see https://prosody.im/doc/s2s#disabling");
4818 3bda6fc02652 mod_s2s: Become a shared module (yay) Matthew Wild <mwild1@gmail.com> parents: 4814 diff changeset	178 return nil, "This host has disallow_s2s set";
3bda6fc02652 mod_s2s: Become a shared module (yay) Matthew Wild <mwild1@gmail.com> parents: 4814 diff changeset	179 end
5454 5f69fddf6fb9 mod_s2s: Adjust priority of route/remote hooks to negative values (like most other internal hooks) Kim Alvefur <zash@zash.se> parents: 5423 diff changeset	180 module:hook("route/remote", route_to_existing_session, -1);
5f69fddf6fb9 mod_s2s: Adjust priority of route/remote hooks to negative values (like most other internal hooks) Kim Alvefur <zash@zash.se> parents: 5423 diff changeset	181 module:hook("route/remote", route_to_new_session, -10);
5362 612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	182 module:hook("s2s-authenticated", make_authenticated, -1);
5669 9345c161481f mod_c2s, mod_s2s: Fire an event on read timeouts Kim Alvefur <zash@zash.se> parents: 5661 diff changeset	183 module:hook("s2s-read-timeout", keepalive, -1);
9412 063977461363 mod_s2s: Silence all warnings instead of ignoring the entire module Kim Alvefur <zash@zash.se> parents: 9070 diff changeset	184 module:hook_stanza("http://etherx.jabber.org/streams", "features", function (session, stanza) -- luacheck: ignore 212/stanza
6146 ac4f8770d9aa mod_s2s: Follow XMPP Core on when a stream is to be considered ready Kim Alvefur <zash@zash.se> parents: 6085 diff changeset	185 if session.type == "s2sout" then
ac4f8770d9aa mod_s2s: Follow XMPP Core on when a stream is to be considered ready Kim Alvefur <zash@zash.se> parents: 6085 diff changeset	186 -- Stream is authenticated and we are seem to be done with feature negotiation,
ac4f8770d9aa mod_s2s: Follow XMPP Core on when a stream is to be considered ready Kim Alvefur <zash@zash.se> parents: 6085 diff changeset	187 -- so the stream is ready for stanzas. RFC 6120 Section 4.3
ac4f8770d9aa mod_s2s: Follow XMPP Core on when a stream is to be considered ready Kim Alvefur <zash@zash.se> parents: 6085 diff changeset	188 mark_connected(session);
6403 166d1bd8fc38 core.stanza_router, mod_s2s: Move handling of S2S features to mod_s2s from stanza_router Kim Alvefur <zash@zash.se> parents: 6382 diff changeset	189 return true;
6426 e5945fb5b71f mod_s2s: Close s2s connections that can not proceed due to mod_dialback not being present Kim Alvefur <zash@zash.se> parents: 6403 diff changeset	190 elseif not session.dialback_verifying then
e5945fb5b71f mod_s2s: Close s2s connections that can not proceed due to mod_dialback not being present Kim Alvefur <zash@zash.se> parents: 6403 diff changeset	191 session.log("warn", "No SASL EXTERNAL offer and Dialback doesn't seem to be enabled, giving up");
e5945fb5b71f mod_s2s: Close s2s connections that can not proceed due to mod_dialback not being present Kim Alvefur <zash@zash.se> parents: 6403 diff changeset	192 session:close();
e5945fb5b71f mod_s2s: Close s2s connections that can not proceed due to mod_dialback not being present Kim Alvefur <zash@zash.se> parents: 6403 diff changeset	193 return false;
6146 ac4f8770d9aa mod_s2s: Follow XMPP Core on when a stream is to be considered ready Kim Alvefur <zash@zash.se> parents: 6085 diff changeset	194 end
ac4f8770d9aa mod_s2s: Follow XMPP Core on when a stream is to be considered ready Kim Alvefur <zash@zash.se> parents: 6085 diff changeset	195 end, -1);
5362 612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	196 end
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	197
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	198 -- Stream is authorised, and ready for normal stanzas
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	199 function mark_connected(session)
8267 42fad8465537 mod_s2s: Use a separate resolver object for each outgoing session Matthew Wild <mwild1@gmail.com> parents: 8234 diff changeset	200
6683 873ad1023eb0 mod_s2s: Don't cache session.sends2s (or do it later), prevents sending data after session was closed Kim Alvefur <zash@zash.se> parents: 6600 diff changeset	201 local sendq = session.sendq;
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	202
5362 612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	203 local from, to = session.from_host, session.to_host;
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	204
5800 3a48acbcb7f3 mod_s2s: Captitalize log messages that begin with a stream direction Kim Alvefur <zash@zash.se> parents: 5776 diff changeset	205 session.log("info", "%s s2s connection %s->%s complete", session.direction:gsub("^.", string.upper), from, to);
5362 612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	206
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	207 local event_data = { session = session };
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	208 if session.type == "s2sout" then
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	209 fire_global_event("s2sout-established", event_data);
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	210 hosts[from].events.fire_event("s2sout-established", event_data);
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	211 else
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	212 local host_session = hosts[to];
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	213 session.send = function(stanza)
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	214 return host_session.events.fire_event("route/remote", { from_host = to, to_host = from, stanza = stanza });
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	215 end;
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	216
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	217 fire_global_event("s2sin-established", event_data);
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	218 hosts[to].events.fire_event("s2sin-established", event_data);
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	219 end
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	220
5362 612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	221 if session.direction == "outgoing" then
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	222 if sendq then
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	223 session.log("debug", "sending %d queued stanzas across new outgoing connection to %s", #sendq, session.to_host);
6683 873ad1023eb0 mod_s2s: Don't cache session.sends2s (or do it later), prevents sending data after session was closed Kim Alvefur <zash@zash.se> parents: 6600 diff changeset	224 local send = session.sends2s;
5362 612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	225 for i, data in ipairs(sendq) do
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	226 send(data[1]);
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	227 sendq[i] = nil;
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	228 end
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	229 session.sendq = nil;
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	230 end
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	231
8919 c46c2942b8fe mod_s2s: Close sockets held by resolver (#1170) Kim Alvefur <zash@zash.se> parents: 8267 diff changeset	232 if session.resolver then
c46c2942b8fe mod_s2s: Close sockets held by resolver (#1170) Kim Alvefur <zash@zash.se> parents: 8267 diff changeset	233 session.resolver._resolver:closeall()
c46c2942b8fe mod_s2s: Close sockets held by resolver (#1170) Kim Alvefur <zash@zash.se> parents: 8267 diff changeset	234 end
8267 42fad8465537 mod_s2s: Use a separate resolver object for each outgoing session Matthew Wild <mwild1@gmail.com> parents: 8234 diff changeset	235 session.resolver = nil;
5362 612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	236 session.ip_hosts = nil;
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	237 session.srv_hosts = nil;
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	238 end
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	239 end
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	240
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	241 function make_authenticated(event)
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	242 local session, host = event.session, event.host;
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	243 if not session.secure then
5594 ad66ee47b674 mod_s2s: Fix interaction between s2s_secure_auth and s2s_require_encryption, in particular ensure that when s2s_require_encryption is NOT set, do not require encryption on s2s_insecure_domains. Matthew Wild <mwild1@gmail.com> parents: 5533 diff changeset	244 if require_encryption or (secure_auth and not(insecure_domains[host])) or secure_domains[host] then
5362 612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	245 session:close({
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	246 condition = "policy-violation",
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	247 text = "Encrypted server-to-server communication is required but was not "
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	248 ..((session.direction == "outgoing" and "offered") or "used")
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	249 });
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	250 end
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	251 end
5390 b3c8757ee4f4 mod_s2s: Prevent s2s to and from hosts we serve locally Kim Alvefur <zash@zash.se> parents: 5389 diff changeset	252 if hosts[host] then
b3c8757ee4f4 mod_s2s: Prevent s2s to and from hosts we serve locally Kim Alvefur <zash@zash.se> parents: 5389 diff changeset	253 session:close({ condition = "undefined-condition", text = "Attempt to authenticate as a host we serve" });
b3c8757ee4f4 mod_s2s: Prevent s2s to and from hosts we serve locally Kim Alvefur <zash@zash.se> parents: 5389 diff changeset	254 end
5362 612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	255 if session.type == "s2sout_unauthed" then
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	256 session.type = "s2sout";
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	257 elseif session.type == "s2sin_unauthed" then
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	258 session.type = "s2sin";
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	259 if host then
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	260 if not session.hosts[host] then session.hosts[host] = {}; end
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	261 session.hosts[host].authed = true;
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	262 end
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	263 elseif session.type == "s2sin" and host then
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	264 if not session.hosts[host] then session.hosts[host] = {}; end
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	265 session.hosts[host].authed = true;
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	266 else
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	267 return false;
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	268 end
612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	269 session.log("debug", "connection %s->%s is now authenticated for %s", session.from_host, session.to_host, host);
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	270
6146 ac4f8770d9aa mod_s2s: Follow XMPP Core on when a stream is to be considered ready Kim Alvefur <zash@zash.se> parents: 6085 diff changeset	271 if (session.type == "s2sout" and session.external_auth ~= "succeeded") or session.type == "s2sin" then
ac4f8770d9aa mod_s2s: Follow XMPP Core on when a stream is to be considered ready Kim Alvefur <zash@zash.se> parents: 6085 diff changeset	272 -- Stream either used dialback for authentication or is an incoming stream.
ac4f8770d9aa mod_s2s: Follow XMPP Core on when a stream is to be considered ready Kim Alvefur <zash@zash.se> parents: 6085 diff changeset	273 mark_connected(session);
ac4f8770d9aa mod_s2s: Follow XMPP Core on when a stream is to be considered ready Kim Alvefur <zash@zash.se> parents: 6085 diff changeset	274 end
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	275
5362 612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	276 return true;
4818 3bda6fc02652 mod_s2s: Become a shared module (yay) Matthew Wild <mwild1@gmail.com> parents: 4814 diff changeset	277 end
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	278
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	279 --- Helper to check that a session peer's certificate is valid
6301 2fdd71b08126 mod_dialback: Short-circuit dialback auth if certificate is considered valid Kim Alvefur <zash@zash.se> parents: 6259 diff changeset	280 function check_cert_status(session)
5387 1130887e0d41 mod_s2s: session.from_host does not allways exist on incoming connections, true and nil or "our hostname" does not evaluate to what we want here Kim Alvefur <zash@zash.se> parents: 5368 diff changeset	281 local host = session.direction == "outgoing" and session.to_host or session.from_host
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	282 local conn = session.conn:socket()
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	283 local cert
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	284 if conn.getpeercertificate then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	285 cert = conn:getpeercertificate()
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	286 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	287
5363 f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	288 return module:fire_event("s2s-check-certificate", { host = host, session = session, cert = cert });
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	289 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	290
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	291 --- XMPP stream event handlers
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	292
7451 464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	293 local stream_callbacks = { default_ns = "jabber:server" };
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	294
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	295 function stream_callbacks.handlestanza(session, stanza)
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	296 stanza = session.filter("stanzas/in", stanza);
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	297 session.thread:run(stanza);
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	298 end
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	299
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	300 local xmlns_xmpp_streams = "urn:ietf:params:xml:ns:xmpp-streams";
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	301
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	302 function stream_callbacks.streamopened(session, attr)
7451 464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	303 -- run _streamopened in async context
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	304 session.thread:run({ attr = attr });
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	305 end
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	306
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	307 function stream_callbacks._streamopened(session, attr)
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	308 session.version = tonumber(attr.version) or 0;
10115 c0bd5daa9c7f mod_s2s: Distinguish between high and low level errors in bounces Kim Alvefur <zash@zash.se> parents: 10111 diff changeset	309 session.had_stream = true; -- Had a stream opened at least once
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	310
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	311 -- TODO: Rename session.secure to session.encrypted
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	312 if session.secure == false then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	313 session.secure = true;
5859 e327f2d4e09f mod_c2s, mod_s2s: Set session.encrypted as session.secure does not allways mean encrypted (eg consider_bosh_secure) Kim Alvefur <zash@zash.se> parents: 5801 diff changeset	314 session.encrypted = true;
5173 b22d24b5a89a mod_s2s: Detect TLS compression Kim Alvefur <zash@zash.se> parents: 5120 diff changeset	315
b22d24b5a89a mod_s2s: Detect TLS compression Kim Alvefur <zash@zash.se> parents: 5120 diff changeset	316 local sock = session.conn:socket();
b22d24b5a89a mod_s2s: Detect TLS compression Kim Alvefur <zash@zash.se> parents: 5120 diff changeset	317 if sock.info then
5764 969e0a054795 mod_c2s, mod_s2s: Log a message that stream encryption has been enabled with some details Kim Alvefur <zash@zash.se> parents: 5713 diff changeset	318 local info = sock:info();
5801 224644752bf4 mod_c2s, mod_s2s: Log cipher and encryption info in a more compact and (hopefully) less confusing way Kim Alvefur <zash@zash.se> parents: 5800 diff changeset	319 (session.log or log)("info", "Stream encrypted (%s with %s)", info.protocol, info.cipher);
5764 969e0a054795 mod_c2s, mod_s2s: Log a message that stream encryption has been enabled with some details Kim Alvefur <zash@zash.se> parents: 5713 diff changeset	320 session.compressed = info.compression;
969e0a054795 mod_c2s, mod_s2s: Log a message that stream encryption has been enabled with some details Kim Alvefur <zash@zash.se> parents: 5713 diff changeset	321 else
969e0a054795 mod_c2s, mod_s2s: Log a message that stream encryption has been enabled with some details Kim Alvefur <zash@zash.se> parents: 5713 diff changeset	322 (session.log or log)("info", "Stream encrypted");
969e0a054795 mod_c2s, mod_s2s: Log a message that stream encryption has been enabled with some details Kim Alvefur <zash@zash.se> parents: 5713 diff changeset	323 session.compressed = sock.compression and sock:compression(); --COMPAT mw/luasec-hg
5173 b22d24b5a89a mod_s2s: Detect TLS compression Kim Alvefur <zash@zash.se> parents: 5120 diff changeset	324 end
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	325 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	326
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	327 if session.direction == "incoming" then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	328 -- Send a reply stream header
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	329
4589 8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	330 -- Validate to/from
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	331 local to, from = nameprep(attr.to), nameprep(attr.from);
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	332 if not to and attr.to then -- COMPAT: Some servers do not reliably set 'to' (especially on stream restarts)
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	333 session:close({ condition = "improper-addressing", text = "Invalid 'to' address" });
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	334 return;
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	335 end
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	336 if not from and attr.from then -- COMPAT: Some servers do not reliably set 'from' (especially on stream restarts)
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	337 session:close({ condition = "improper-addressing", text = "Invalid 'from' address" });
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	338 return;
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	339 end
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	340
4589 8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	341 -- Set session.[from/to]_host if they have not been set already and if
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	342 -- this session isn't already authenticated
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	343 if session.type == "s2sin_unauthed" and from and not session.from_host then
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	344 session.from_host = from;
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	345 elseif from ~= session.from_host then
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	346 session:close({ condition = "improper-addressing", text = "New stream 'from' attribute does not match original" });
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	347 return;
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	348 end
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	349 if session.type == "s2sin_unauthed" and to and not session.to_host then
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	350 session.to_host = to;
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	351 elseif to ~= session.to_host then
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	352 session:close({ condition = "improper-addressing", text = "New stream 'to' attribute does not match original" });
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	353 return;
8553d822f417 mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated Matthew Wild <mwild1@gmail.com> parents: 4587 diff changeset	354 end
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	355
4820 c65edd3bb334 mod_s2s: Cache to_host and from_host in local variables, and use these instead of repeated lookups Matthew Wild <mwild1@gmail.com> parents: 4819 diff changeset	356 -- For convenience we'll put the sanitised values into these variables
c65edd3bb334 mod_s2s: Cache to_host and from_host in local variables, and use these instead of repeated lookups Matthew Wild <mwild1@gmail.com> parents: 4819 diff changeset	357 to, from = session.to_host, session.from_host;
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	358
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	359 session.streamid = uuid_gen();
4590 883611842d3a mod_s2s: Log the entire stream header. Kim Alvefur <zash@zash.se> parents: 4587 diff changeset	360 (session.log or log)("debug", "Incoming s2s received %s", st.stanza("stream:stream", attr):top_tag());
4820 c65edd3bb334 mod_s2s: Cache to_host and from_host in local variables, and use these instead of repeated lookups Matthew Wild <mwild1@gmail.com> parents: 4819 diff changeset	361 if to then
c65edd3bb334 mod_s2s: Cache to_host and from_host in local variables, and use these instead of repeated lookups Matthew Wild <mwild1@gmail.com> parents: 4819 diff changeset	362 if not hosts[to] then
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	363 -- Attempting to connect to a host we don't serve
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	364 session:close({
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	365 condition = "host-unknown";
4820 c65edd3bb334 mod_s2s: Cache to_host and from_host in local variables, and use these instead of repeated lookups Matthew Wild <mwild1@gmail.com> parents: 4819 diff changeset	366 text = "This host does not serve "..to
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	367 });
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	368 return;
4834 878f75ccc4fb mod_s2s, mod_auth_anonymous, hostmanager: Remove disallow_s2s flag, deprecate the config option of the same name (disable mod_s2s instead), and add 'allow_anonymous_s2s' to separately control s2s for anonymous users Matthew Wild <mwild1@gmail.com> parents: 4822 diff changeset	369 elseif not hosts[to].modules.s2s then
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	370 -- Attempting to connect to a host that disallows s2s
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	371 session:close({
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	372 condition = "policy-violation";
4834 878f75ccc4fb mod_s2s, mod_auth_anonymous, hostmanager: Remove disallow_s2s flag, deprecate the config option of the same name (disable mod_s2s instead), and add 'allow_anonymous_s2s' to separately control s2s for anonymous users Matthew Wild <mwild1@gmail.com> parents: 4822 diff changeset	373 text = "Server-to-server communication is disabled for this host";
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	374 });
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	375 return;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	376 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	377 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	378
5390 b3c8757ee4f4 mod_s2s: Prevent s2s to and from hosts we serve locally Kim Alvefur <zash@zash.se> parents: 5389 diff changeset	379 if hosts[from] then
b3c8757ee4f4 mod_s2s: Prevent s2s to and from hosts we serve locally Kim Alvefur <zash@zash.se> parents: 5389 diff changeset	380 session:close({ condition = "undefined-condition", text = "Attempt to connect from a host we serve" });
b3c8757ee4f4 mod_s2s: Prevent s2s to and from hosts we serve locally Kim Alvefur <zash@zash.se> parents: 5389 diff changeset	381 return;
b3c8757ee4f4 mod_s2s: Prevent s2s to and from hosts we serve locally Kim Alvefur <zash@zash.se> parents: 5389 diff changeset	382 end
b3c8757ee4f4 mod_s2s: Prevent s2s to and from hosts we serve locally Kim Alvefur <zash@zash.se> parents: 5389 diff changeset	383
5363 f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	384 if session.secure and not session.cert_chain_status then
f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	385 if check_cert_status(session) == false then
f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	386 return;
f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	387 end
f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	388 end
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	389
5533 df3c78221f26 mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338 Matthew Wild <mwild1@gmail.com> parents: 5522 diff changeset	390 session:open_stream(session.to_host, session.from_host)
6684 53635a91c95c mod_s2s: Mark stream as opened directly after opening stream, prevents session.close opening it again Kim Alvefur <zash@zash.se> parents: 6683 diff changeset	391 session.notopen = nil;
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	392 if session.version >= 1.0 then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	393 local features = st.stanza("stream:features");
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	394
4820 c65edd3bb334 mod_s2s: Cache to_host and from_host in local variables, and use these instead of repeated lookups Matthew Wild <mwild1@gmail.com> parents: 4819 diff changeset	395 if to then
c65edd3bb334 mod_s2s: Cache to_host and from_host in local variables, and use these instead of repeated lookups Matthew Wild <mwild1@gmail.com> parents: 4819 diff changeset	396 hosts[to].events.fire_event("s2s-stream-features", { origin = session, features = features });
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	397 else
5975 0d219631d47b mod_s2s: Include IP in log messages, if host is unavailable Florian Zeitz <florob@babelmonkeys.de> parents: 5769 diff changeset	398 (session.log or log)("warn", "No 'to' on stream header from %s means we can't offer any features", from or session.ip or "unknown host");
6901 ccc452767ec6 mod_s2s: Fire global event for stream features where the remote server has not sent the 'to' stream attribute Kim Alvefur <zash@zash.se> parents: 6848 diff changeset	399 fire_global_event("s2s-stream-features-legacy", { origin = session, features = features });
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	400 end
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	401
6846 7eb166fa1f26 mod_c2s, mod_s2s: Close incoming connections if there are no features to offer on incomplete streams (fixes #285) Kim Alvefur <zash@zash.se> parents: 6685 diff changeset	402 if ( session.type == "s2sin" or session.type == "s2sout" ) or features.tags[1] then
8483 6d47b74926dd mod_s2s: Remove tostring() in logging since this is handled by util.format now Kim Alvefur <zash@zash.se> parents: 8463 diff changeset	403 log("debug", "Sending stream features: %s", features);
6846 7eb166fa1f26 mod_c2s, mod_s2s: Close incoming connections if there are no features to offer on incomplete streams (fixes #285) Kim Alvefur <zash@zash.se> parents: 6685 diff changeset	404 session.sends2s(features);
7eb166fa1f26 mod_c2s, mod_s2s: Close incoming connections if there are no features to offer on incomplete streams (fixes #285) Kim Alvefur <zash@zash.se> parents: 6685 diff changeset	405 else
7865 a8cc495a65dc mod_s2s: Clarify that it is stream features that can't be offered (here too) Kim Alvefur <zash@zash.se> parents: 7679 diff changeset	406 (session.log or log)("warn", "No stream features to offer, giving up");
a8cc495a65dc mod_s2s: Clarify that it is stream features that can't be offered (here too) Kim Alvefur <zash@zash.se> parents: 7679 diff changeset	407 session:close({ condition = "undefined-condition", text = "No stream features to offer" });
6846 7eb166fa1f26 mod_c2s, mod_s2s: Close incoming connections if there are no features to offer on incomplete streams (fixes #285) Kim Alvefur <zash@zash.se> parents: 6685 diff changeset	408 end
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	409 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	410 elseif session.direction == "outgoing" then
6359 c74670b3be53 mod_s2s: Mark stream as opened earlier for outgoing connections, fixes double stream headers on policy failures Kim Alvefur <zash@zash.se> parents: 5975 diff changeset	411 session.notopen = nil;
6378 3cec0eef0b70 mod_s2s: Close offending s2s streams missing an 'id' attribute with a stream error instead of throwing an unhandled error Kim Alvefur <zash@zash.se> parents: 6364 diff changeset	412 if not attr.id then
7677 8613086779fa mod_s2s: Lower log message to 'warn' level, standard for remotely-triggered protocol issues Matthew Wild <mwild1@gmail.com> parents: 7100 diff changeset	413 log("warn", "Stream response did not give us a stream id!");
6378 3cec0eef0b70 mod_s2s: Close offending s2s streams missing an 'id' attribute with a stream error instead of throwing an unhandled error Kim Alvefur <zash@zash.se> parents: 6364 diff changeset	414 session:close({ condition = "undefined-condition", text = "Missing stream ID" });
3cec0eef0b70 mod_s2s: Close offending s2s streams missing an 'id' attribute with a stream error instead of throwing an unhandled error Kim Alvefur <zash@zash.se> parents: 6364 diff changeset	415 return;
3cec0eef0b70 mod_s2s: Close offending s2s streams missing an 'id' attribute with a stream error instead of throwing an unhandled error Kim Alvefur <zash@zash.se> parents: 6364 diff changeset	416 end
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	417 session.streamid = attr.id;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	418
5363 f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	419 if session.secure and not session.cert_chain_status then
f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	420 if check_cert_status(session) == false then
f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	421 return;
f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	422 end
f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	423 end
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	424
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	425 -- Send unauthed buffer
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	426 -- (stanzas which are fine to send before dialback)
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	427 -- Note that this is not the stanza queue (which
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	428 -- we can only send if auth succeeds) :)
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	429 local send_buffer = session.send_buffer;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	430 if send_buffer and #send_buffer > 0 then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	431 log("debug", "Sending s2s send_buffer now...");
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	432 for i, data in ipairs(send_buffer) do
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	433 session.sends2s(tostring(data));
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	434 send_buffer[i] = nil;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	435 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	436 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	437 session.send_buffer = nil;
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	438
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	439 -- If server is pre-1.0, don't wait for features, just do dialback
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	440 if session.version < 1.0 then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	441 if not session.dialback_verifying then
5341 760c22c822be mod_s2s, mod_dialback: Rename s2s-authenticate-legacy event to s2sout-authenticate-legacy for clarity. Also, hello! Matthew Wild <mwild1@gmail.com> parents: 5307 diff changeset	442 hosts[session.from_host].events.fire_event("s2sout-authenticate-legacy", { origin = session });
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	443 else
5362 612467e263af s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild <mwild1@gmail.com> parents: 5351 diff changeset	444 mark_connected(session);
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	445 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	446 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	447 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	448 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	449
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	450 function stream_callbacks.streamclosed(session)
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	451 (session.log or log)("debug", "Received </stream:stream>");
4988 29bdf68ad142 mod_s2s: Adjust session:close() in line with mod_c2s's - fixes waiting for </stream:stream> if it has already been sent by the peer Matthew Wild <mwild1@gmail.com> parents: 4969 diff changeset	452 session:close(false);
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	453 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	454
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	455 function stream_callbacks.error(session, error, data)
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	456 if error == "no-stream" then
6364 4e93e8768c36 mod_c2s, mod_s2s: Log received invalid stream headers Matthew Wild <mwild1@gmail.com> parents: 6362 diff changeset	457 session.log("debug", "Invalid opening stream header (%s)", (data:gsub("^([^\1]+)\1", "{%1}")));
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	458 session:close("invalid-namespace");
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	459 elseif error == "parse-error" then
8483 6d47b74926dd mod_s2s: Remove tostring() in logging since this is handled by util.format now Kim Alvefur <zash@zash.se> parents: 8463 diff changeset	460 session.log("debug", "Server-to-server XML parse error: %s", error);
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	461 session:close("not-well-formed");
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	462 elseif error == "stream-error" then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	463 local condition, text = "undefined-condition";
8233 4e7269c53659 mod_component, mod_s2s: Iterate over child tags instead of child nodes (can include text) in stream error (same as 176b7f4e4ac9) Kim Alvefur <zash@zash.se> parents: 7677 diff changeset	464 for child in data:childtags(nil, xmlns_xmpp_streams) do
4e7269c53659 mod_component, mod_s2s: Iterate over child tags instead of child nodes (can include text) in stream error (same as 176b7f4e4ac9) Kim Alvefur <zash@zash.se> parents: 7677 diff changeset	465 if child.name ~= "text" then
4e7269c53659 mod_component, mod_s2s: Iterate over child tags instead of child nodes (can include text) in stream error (same as 176b7f4e4ac9) Kim Alvefur <zash@zash.se> parents: 7677 diff changeset	466 condition = child.name;
4e7269c53659 mod_component, mod_s2s: Iterate over child tags instead of child nodes (can include text) in stream error (same as 176b7f4e4ac9) Kim Alvefur <zash@zash.se> parents: 7677 diff changeset	467 else
4e7269c53659 mod_component, mod_s2s: Iterate over child tags instead of child nodes (can include text) in stream error (same as 176b7f4e4ac9) Kim Alvefur <zash@zash.se> parents: 7677 diff changeset	468 text = child:get_text();
4e7269c53659 mod_component, mod_s2s: Iterate over child tags instead of child nodes (can include text) in stream error (same as 176b7f4e4ac9) Kim Alvefur <zash@zash.se> parents: 7677 diff changeset	469 end
4e7269c53659 mod_component, mod_s2s: Iterate over child tags instead of child nodes (can include text) in stream error (same as 176b7f4e4ac9) Kim Alvefur <zash@zash.se> parents: 7677 diff changeset	470 if condition ~= "undefined-condition" and text then
4e7269c53659 mod_component, mod_s2s: Iterate over child tags instead of child nodes (can include text) in stream error (same as 176b7f4e4ac9) Kim Alvefur <zash@zash.se> parents: 7677 diff changeset	471 break;
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	472 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	473 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	474 text = condition .. (text and (" ("..text..")") or "");
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	475 session.log("info", "Session closed by remote with error: %s", text);
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	476 session:close(nil, text);
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	477 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	478 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	479
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	480 --- Session methods
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	481 local stream_xmlns_attr = {xmlns='urn:ietf:params:xml:ns:xmpp-streams'};
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	482 local function session_close(session, reason, remote_reason)
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	483 local log = session.log or log;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	484 if session.conn then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	485 if session.notopen then
5533 df3c78221f26 mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338 Matthew Wild <mwild1@gmail.com> parents: 5522 diff changeset	486 if session.direction == "incoming" then
df3c78221f26 mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338 Matthew Wild <mwild1@gmail.com> parents: 5522 diff changeset	487 session:open_stream(session.to_host, session.from_host);
df3c78221f26 mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338 Matthew Wild <mwild1@gmail.com> parents: 5522 diff changeset	488 else
df3c78221f26 mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338 Matthew Wild <mwild1@gmail.com> parents: 5522 diff changeset	489 session:open_stream(session.from_host, session.to_host);
df3c78221f26 mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338 Matthew Wild <mwild1@gmail.com> parents: 5522 diff changeset	490 end
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	491 end
4988 29bdf68ad142 mod_s2s: Adjust session:close() in line with mod_c2s's - fixes waiting for </stream:stream> if it has already been sent by the peer Matthew Wild <mwild1@gmail.com> parents: 4969 diff changeset	492 if reason then -- nil == no err, initiated by us, false == initiated by remote
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	493 if type(reason) == "string" then -- assume stream error
5975 0d219631d47b mod_s2s: Include IP in log messages, if host is unavailable Florian Zeitz <florob@babelmonkeys.de> parents: 5769 diff changeset	494 log("debug", "Disconnecting %s[%s], <stream:error> is: %s", session.host or session.ip or "(unknown host)", session.type, reason);
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	495 session.sends2s(st.stanza("stream:error"):tag(reason, {xmlns = 'urn:ietf:params:xml:ns:xmpp-streams' }));
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	496 elseif type(reason) == "table" then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	497 if reason.condition then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	498 local stanza = st.stanza("stream:error"):tag(reason.condition, stream_xmlns_attr):up();
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	499 if reason.text then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	500 stanza:tag("text", stream_xmlns_attr):text(reason.text):up();
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	501 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	502 if reason.extra then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	503 stanza:add_child(reason.extra);
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	504 end
9412 063977461363 mod_s2s: Silence all warnings instead of ignoring the entire module Kim Alvefur <zash@zash.se> parents: 9070 diff changeset	505 log("debug", "Disconnecting %s[%s], <stream:error> is: %s",
063977461363 mod_s2s: Silence all warnings instead of ignoring the entire module Kim Alvefur <zash@zash.se> parents: 9070 diff changeset	506 session.host or session.ip or "(unknown host)", session.type, stanza);
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	507 session.sends2s(stanza);
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	508 elseif reason.name then -- a stanza
9412 063977461363 mod_s2s: Silence all warnings instead of ignoring the entire module Kim Alvefur <zash@zash.se> parents: 9070 diff changeset	509 log("debug", "Disconnecting %s->%s[%s], <stream:error> is: %s",
063977461363 mod_s2s: Silence all warnings instead of ignoring the entire module Kim Alvefur <zash@zash.se> parents: 9070 diff changeset	510 session.from_host or "(unknown host)", session.to_host or "(unknown host)",
063977461363 mod_s2s: Silence all warnings instead of ignoring the entire module Kim Alvefur <zash@zash.se> parents: 9070 diff changeset	511 session.type, reason);
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	512 session.sends2s(reason);
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	513 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	514 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	515 end
4988 29bdf68ad142 mod_s2s: Adjust session:close() in line with mod_c2s's - fixes waiting for </stream:stream> if it has already been sent by the peer Matthew Wild <mwild1@gmail.com> parents: 4969 diff changeset	516
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	517 session.sends2s("</stream:stream>");
4969 15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	518 function session.sends2s() return false; end
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	519
9412 063977461363 mod_s2s: Silence all warnings instead of ignoring the entire module Kim Alvefur <zash@zash.se> parents: 9070 diff changeset	520 -- luacheck: ignore 422/reason
063977461363 mod_s2s: Silence all warnings instead of ignoring the entire module Kim Alvefur <zash@zash.se> parents: 9070 diff changeset	521 -- FIXME reason should be managed in a place common to c2s, s2s, bosh, component etc
4988 29bdf68ad142 mod_s2s: Adjust session:close() in line with mod_c2s's - fixes waiting for </stream:stream> if it has already been sent by the peer Matthew Wild <mwild1@gmail.com> parents: 4969 diff changeset	522 local reason = remote_reason or (reason and (reason.text or reason.condition)) or reason;
9412 063977461363 mod_s2s: Silence all warnings instead of ignoring the entire module Kim Alvefur <zash@zash.se> parents: 9070 diff changeset	523 session.log("info", "%s s2s stream %s->%s closed: %s", session.direction:gsub("^.", string.upper),
063977461363 mod_s2s: Silence all warnings instead of ignoring the entire module Kim Alvefur <zash@zash.se> parents: 9070 diff changeset	524 session.from_host or "(unknown host)", session.to_host or "(unknown host)", reason or "stream closed");
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	525
4969 15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	526 -- Authenticated incoming stream may still be sending us stanzas, so wait for </stream:stream> from remote
15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	527 local conn = session.conn;
4988 29bdf68ad142 mod_s2s: Adjust session:close() in line with mod_c2s's - fixes waiting for </stream:stream> if it has already been sent by the peer Matthew Wild <mwild1@gmail.com> parents: 4969 diff changeset	528 if reason == nil and not session.notopen and session.type == "s2sin" then
4969 15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	529 add_task(stream_close_timeout, function ()
15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	530 if not session.destroyed then
15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	531 session.log("warn", "Failed to receive a stream close response, closing connection anyway...");
15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	532 s2s_destroy_session(session, reason);
15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	533 conn:close();
15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	534 end
15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	535 end);
15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	536 else
15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	537 s2s_destroy_session(session, reason);
15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	538 conn:close(); -- Close immediately, as this is an outgoing connection or is not authed
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	539 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	540 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	541 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	542
9412 063977461363 mod_s2s: Silence all warnings instead of ignoring the entire module Kim Alvefur <zash@zash.se> parents: 9070 diff changeset	543 function session_stream_attrs(session, from, to, attr) -- luacheck: ignore 212/session
5533 df3c78221f26 mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338 Matthew Wild <mwild1@gmail.com> parents: 5522 diff changeset	544 if not from or (hosts[from] and hosts[from].modules.dialback) then
5351 901ed253bbf7 mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for opening streams Kim Alvefur <zash@zash.se> parents: 5345 diff changeset	545 attr["xmlns:db"] = 'jabber:server:dialback';
901ed253bbf7 mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for opening streams Kim Alvefur <zash@zash.se> parents: 5345 diff changeset	546 end
6602 61b6a4fc65f1 Merge 0.9->0.10 Matthew Wild <mwild1@gmail.com> parents: 6473 6600 diff changeset	547 if not from then
61b6a4fc65f1 Merge 0.9->0.10 Matthew Wild <mwild1@gmail.com> parents: 6473 6600 diff changeset	548 attr.from = '';
61b6a4fc65f1 Merge 0.9->0.10 Matthew Wild <mwild1@gmail.com> parents: 6473 6600 diff changeset	549 end
61b6a4fc65f1 Merge 0.9->0.10 Matthew Wild <mwild1@gmail.com> parents: 6473 6600 diff changeset	550 if not to then
61b6a4fc65f1 Merge 0.9->0.10 Matthew Wild <mwild1@gmail.com> parents: 6473 6600 diff changeset	551 attr.to = '';
61b6a4fc65f1 Merge 0.9->0.10 Matthew Wild <mwild1@gmail.com> parents: 6473 6600 diff changeset	552 end
5351 901ed253bbf7 mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for opening streams Kim Alvefur <zash@zash.se> parents: 5345 diff changeset	553 end
901ed253bbf7 mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for opening streams Kim Alvefur <zash@zash.se> parents: 5345 diff changeset	554
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	555 -- Session initialization logic shared by incoming and outgoing
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	556 local function initialize_session(session)
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	557 local stream = new_xmpp_stream(session, stream_callbacks);
7451 464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	558
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	559 session.thread = runner(function (stanza)
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	560 if stanza.name == nil then
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	561 stream_callbacks._streamopened(session, stanza.attr);
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	562 else
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	563 core_process_stanza(session, stanza);
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	564 end
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	565 end, runner_callbacks, session);
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	566
6255 6167f8bc5a6b mod_s2s: Decide on log function once Kim Alvefur <zash@zash.se> parents: 6146 diff changeset	567 local log = session.log or log;
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	568 session.stream = stream;
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	569
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	570 session.notopen = true;
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	571
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	572 function session.reset_stream()
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	573 session.notopen = true;
6362 f5f44504e18b mod_s2s: Reset stream ID when resetting stream [compliance] Kim Alvefur <zash@zash.se> parents: 6359 diff changeset	574 session.streamid = nil;
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	575 session.stream:reset();
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	576 end
5351 901ed253bbf7 mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for opening streams Kim Alvefur <zash@zash.se> parents: 5345 diff changeset	577
6085 2f911644f527 mod_s2s: Replace open_stream() with function that only adds s2s/dialback attributes to stream header Kim Alvefur <zash@zash.se> parents: 6069 diff changeset	578 session.stream_attrs = session_stream_attrs;
6069 446148cad35e mod_s2s: Revert e626ee2fe106 change, it broke Dialback Kim Alvefur <zash@zash.se> parents: 6063 diff changeset	579
6256 d05627c89c99 mod_s2s: Move filter initialization to common place Kim Alvefur <zash@zash.se> parents: 6255 diff changeset	580 local filter = initialize_filters(session);
d05627c89c99 mod_s2s: Move filter initialization to common place Kim Alvefur <zash@zash.se> parents: 6255 diff changeset	581 local conn = session.conn;
d05627c89c99 mod_s2s: Move filter initialization to common place Kim Alvefur <zash@zash.se> parents: 6255 diff changeset	582 local w = conn.write;
d05627c89c99 mod_s2s: Move filter initialization to common place Kim Alvefur <zash@zash.se> parents: 6255 diff changeset	583
d05627c89c99 mod_s2s: Move filter initialization to common place Kim Alvefur <zash@zash.se> parents: 6255 diff changeset	584 function session.sends2s(t)
9069 22e5f11c778a sessionmanager, mod_s2s: Bring debug line for outgoing stanzas in line with that for incoming Kim Alvefur <zash@zash.se> parents: 9068 diff changeset	585 log("debug", "Sending[%s]: %s", session.type, t.top_tag and t:top_tag() or t:match("^[^>]*>?"));
6256 d05627c89c99 mod_s2s: Move filter initialization to common place Kim Alvefur <zash@zash.se> parents: 6255 diff changeset	586 if t.name then
d05627c89c99 mod_s2s: Move filter initialization to common place Kim Alvefur <zash@zash.se> parents: 6255 diff changeset	587 t = filter("stanzas/out", t);
d05627c89c99 mod_s2s: Move filter initialization to common place Kim Alvefur <zash@zash.se> parents: 6255 diff changeset	588 end
d05627c89c99 mod_s2s: Move filter initialization to common place Kim Alvefur <zash@zash.se> parents: 6255 diff changeset	589 if t then
d05627c89c99 mod_s2s: Move filter initialization to common place Kim Alvefur <zash@zash.se> parents: 6255 diff changeset	590 t = filter("bytes/out", tostring(t));
d05627c89c99 mod_s2s: Move filter initialization to common place Kim Alvefur <zash@zash.se> parents: 6255 diff changeset	591 if t then
d05627c89c99 mod_s2s: Move filter initialization to common place Kim Alvefur <zash@zash.se> parents: 6255 diff changeset	592 return w(conn, t);
d05627c89c99 mod_s2s: Move filter initialization to common place Kim Alvefur <zash@zash.se> parents: 6255 diff changeset	593 end
d05627c89c99 mod_s2s: Move filter initialization to common place Kim Alvefur <zash@zash.se> parents: 6255 diff changeset	594 end
d05627c89c99 mod_s2s: Move filter initialization to common place Kim Alvefur <zash@zash.se> parents: 6255 diff changeset	595 end
d05627c89c99 mod_s2s: Move filter initialization to common place Kim Alvefur <zash@zash.se> parents: 6255 diff changeset	596
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	597 function session.data(data)
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	598 data = filter("bytes/in", data);
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	599 if data then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	600 local ok, err = stream:feed(data);
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	601 if ok then return; end
10111 0f335815244f plugins: Remove tostring call from logging Kim Alvefur <zash@zash.se> parents: 9854 diff changeset	602 log("debug", "Received invalid XML (%s) %d bytes: %q", err, #data, data:sub(1, 300));
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	603 session:close("not-well-formed");
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	604 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	605 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	606
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	607 session.close = session_close;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	608
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	609 local handlestanza = stream_callbacks.handlestanza;
9412 063977461363 mod_s2s: Silence all warnings instead of ignoring the entire module Kim Alvefur <zash@zash.se> parents: 9070 diff changeset	610 function session.dispatch_stanza(session, stanza) -- luacheck: ignore 432/session
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	611 return handlestanza(session, stanza);
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	612 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	613
6259 36f611624987 mod_s2s: Fire a 's2s-created' event when new s2s connections are initialized Kim Alvefur <zash@zash.se> parents: 6257 diff changeset	614 module:fire_event("s2s-created", { session = session });
36f611624987 mod_s2s: Fire a 's2s-created' event when new s2s connections are initialized Kim Alvefur <zash@zash.se> parents: 6257 diff changeset	615
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	616 add_task(connect_timeout, function ()
4960 8950510ddb2e mod_s2s: Make unauthed session timeout a little more aggressive... otherwise it's possible for sessions to slip under the net and never get killed off Matthew Wild <mwild1@gmail.com> parents: 4906 diff changeset	617 if session.type == "s2sin" or session.type == "s2sout" then
8950510ddb2e mod_s2s: Make unauthed session timeout a little more aggressive... otherwise it's possible for sessions to slip under the net and never get killed off Matthew Wild <mwild1@gmail.com> parents: 4906 diff changeset	618 return; -- Ok, we're connected
5307 d80e56d8805c mod_s2s: Don't try to close sessions that were destroyed before timeout Kim Alvefur <zash@zash.se> parents: 5281 diff changeset	619 elseif session.type == "s2s_destroyed" then
d80e56d8805c mod_s2s: Don't try to close sessions that were destroyed before timeout Kim Alvefur <zash@zash.se> parents: 5281 diff changeset	620 return; -- Session already destroyed
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	621 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	622 -- Not connected, need to close session and clean up
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	623 (session.log or log)("debug", "Destroying incomplete session %s->%s due to inactivity",
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	624 session.from_host or "(unknown)", session.to_host or "(unknown)");
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	625 session:close("connection-timeout");
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	626 end);
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	627 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	628
7451 464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	629 function runner_callbacks:ready()
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	630 self.data.log("debug", "Runner %s ready (%s)", self.thread, coroutine.status(self.thread));
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	631 self.data.conn:resume();
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	632 end
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	633
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	634 function runner_callbacks:waiting()
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	635 self.data.log("debug", "Runner %s waiting (%s)", self.thread, coroutine.status(self.thread));
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	636 self.data.conn:pause();
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	637 end
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	638
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	639 function runner_callbacks:error(err)
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	640 (self.data.log or log)("error", "Traceback[s2s]: %s", err);
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	641 end
464a8a8de625 mod_s2s: Add util.async support Kim Alvefur <zash@zash.se> parents: 7450 diff changeset	642
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	643 function listener.onconnect(conn)
5522 3912c9264ef0 mod_s2s: Obey tcp_keepalives option for s2s too, and make it individually configurable through s2s_tcp_keepalives (thanks yeled) Matthew Wild <mwild1@gmail.com> parents: 5505 diff changeset	644 conn:setoption("keepalive", opt_keepalives);
4906 89df1f03546a mod_s2s, s2sout.lib: Send stream header in onconnect() Matthew Wild <mwild1@gmail.com> parents: 4873 diff changeset	645 local session = sessions[conn];
89df1f03546a mod_s2s, s2sout.lib: Send stream header in onconnect() Matthew Wild <mwild1@gmail.com> parents: 4873 diff changeset	646 if not session then -- New incoming connection
89df1f03546a mod_s2s, s2sout.lib: Send stream header in onconnect() Matthew Wild <mwild1@gmail.com> parents: 4873 diff changeset	647 session = s2s_new_incoming(conn);
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	648 sessions[conn] = session;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	649 session.log("debug", "Incoming s2s connection");
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	650 initialize_session(session);
4906 89df1f03546a mod_s2s, s2sout.lib: Send stream header in onconnect() Matthew Wild <mwild1@gmail.com> parents: 4873 diff changeset	651 else -- Outgoing session connected
89df1f03546a mod_s2s, s2sout.lib: Send stream header in onconnect() Matthew Wild <mwild1@gmail.com> parents: 4873 diff changeset	652 session:open_stream(session.from_host, session.to_host);
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	653 end
5661 f226a0d23e85 mod_s2s: Set s2s_session.ip Kim Alvefur <zash@zash.se> parents: 5638 diff changeset	654 session.ip = conn:ip();
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	655 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	656
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	657 function listener.onincoming(conn, data)
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	658 local session = sessions[conn];
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	659 if session then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	660 session.data(data);
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	661 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	662 end
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	663
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	664 function listener.onstatus(conn, status)
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	665 if status == "ssl-handshake-complete" then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	666 local session = sessions[conn];
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	667 if session and session.direction == "outgoing" then
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	668 session.log("debug", "Sending stream header...");
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	669 session:open_stream(session.from_host, session.to_host);
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	670 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	671 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	672 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	673
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	674 function listener.ondisconnect(conn, err)
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	675 local session = sessions[conn];
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	676 if session then
5274 0d08c0965824 mod_s2s: Remove connection from sessions table as soon as we learn it is disconnected. Fixes a connection/session leak. Matthew Wild <mwild1@gmail.com> parents: 5173 diff changeset	677 sessions[conn] = nil;
10120 756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	678 (session.log or log)("debug", "s2s disconnected: %s->%s (%s)", session.from_host, session.to_host, err or "connection closed");
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	679 s2s_destroy_session(session, err);
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	680 end
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	681 end
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	682
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	683 function listener.onfail(data, err)
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	684 local session = data and data.session;
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	685 if session then
4969 15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	686 if err and session.direction == "outgoing" and session.notopen then
15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	687 (session.log or log)("debug", "s2s connection attempt failed: %s", err);
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	688 end
8483 6d47b74926dd mod_s2s: Remove tostring() in logging since this is handled by util.format now Kim Alvefur <zash@zash.se> parents: 8463 diff changeset	689 (session.log or log)("debug", "s2s disconnected: %s->%s (%s)", session.from_host, session.to_host, err or "connection closed");
4969 15183193c6a6 mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. Matthew Wild <mwild1@gmail.com> parents: 4968 diff changeset	690 s2s_destroy_session(session, err);
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	691 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	692 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	693
5638 c5b7f4858014 mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into detecting if the connection died Kim Alvefur <zash@zash.se> parents: 5636 diff changeset	694 function listener.onreadtimeout(conn)
c5b7f4858014 mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into detecting if the connection died Kim Alvefur <zash@zash.se> parents: 5636 diff changeset	695 local session = sessions[conn];
c5b7f4858014 mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into detecting if the connection died Kim Alvefur <zash@zash.se> parents: 5636 diff changeset	696 if session then
7537 a0813737c6fa mod_s2s: Index session after checking if it exists (fixes traceback in case of a connection without a session having a read timeout) Kim Alvefur <zash@zash.se> parents: 7466 diff changeset	697 local host = session.host or session.to_host;
6658 65563530375b mod_s2s: Fire read timeout event on correct virtualhost for incoming connections Kim Alvefur <zash@zash.se> parents: 6630 diff changeset	698 return (hosts[host] or prosody).events.fire_event("s2s-read-timeout", { session = session });
5638 c5b7f4858014 mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into detecting if the connection died Kim Alvefur <zash@zash.se> parents: 5636 diff changeset	699 end
c5b7f4858014 mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into detecting if the connection died Kim Alvefur <zash@zash.se> parents: 5636 diff changeset	700 end
c5b7f4858014 mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into detecting if the connection died Kim Alvefur <zash@zash.se> parents: 5636 diff changeset	701
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	702 function listener.register_outgoing(conn, session)
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	703 sessions[conn] = session;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	704 initialize_session(session);
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	705 end
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	706
6380 4220ffb87b22 net.http, net.http.server, mod_c2s, mod_s2s, mod_component, mod_admin_telnet, mod_net_multiplex: Add ondetach to release connection from 'sessions' table (or equivalent) Matthew Wild <mwild1@gmail.com> parents: 6378 diff changeset	707 function listener.ondetach(conn)
4220ffb87b22 net.http, net.http.server, mod_c2s, mod_s2s, mod_component, mod_admin_telnet, mod_net_multiplex: Add ondetach to release connection from 'sessions' table (or equivalent) Matthew Wild <mwild1@gmail.com> parents: 6378 diff changeset	708 sessions[conn] = nil;
4220ffb87b22 net.http, net.http.server, mod_c2s, mod_s2s, mod_component, mod_admin_telnet, mod_net_multiplex: Add ondetach to release connection from 'sessions' table (or equivalent) Matthew Wild <mwild1@gmail.com> parents: 6378 diff changeset	709 end
4220ffb87b22 net.http, net.http.server, mod_c2s, mod_s2s, mod_component, mod_admin_telnet, mod_net_multiplex: Add ondetach to release connection from 'sessions' table (or equivalent) Matthew Wild <mwild1@gmail.com> parents: 6378 diff changeset	710
10120 756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	711 function listener.onattach(conn, data)
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	712 local session = data and data.session;
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	713 if session then
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	714 session.conn = conn;
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	715 sessions[conn] = session;
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	716 initialize_session(session);
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	717 end
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	718 end
756b8821007a mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections Kim Alvefur <zash@zash.se> parents: 10115 diff changeset	719
5363 f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	720 function check_auth_policy(event)
f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	721 local host, session = event.host, event.session;
5368 ab31dbb3a415 mod_s2s: Fix variable usage in check_auth_policy (thanks Florob) Matthew Wild <mwild1@gmail.com> parents: 5365 diff changeset	722 local must_secure = secure_auth;
ab31dbb3a415 mod_s2s: Fix variable usage in check_auth_policy (thanks Florob) Matthew Wild <mwild1@gmail.com> parents: 5365 diff changeset	723
ab31dbb3a415 mod_s2s: Fix variable usage in check_auth_policy (thanks Florob) Matthew Wild <mwild1@gmail.com> parents: 5365 diff changeset	724 if not must_secure and secure_domains[host] then
ab31dbb3a415 mod_s2s: Fix variable usage in check_auth_policy (thanks Florob) Matthew Wild <mwild1@gmail.com> parents: 5365 diff changeset	725 must_secure = true;
ab31dbb3a415 mod_s2s: Fix variable usage in check_auth_policy (thanks Florob) Matthew Wild <mwild1@gmail.com> parents: 5365 diff changeset	726 elseif must_secure and insecure_domains[host] then
ab31dbb3a415 mod_s2s: Fix variable usage in check_auth_policy (thanks Florob) Matthew Wild <mwild1@gmail.com> parents: 5365 diff changeset	727 must_secure = false;
5363 f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	728 end
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5770 diff changeset	729
5767 3a30ad76a86a mod_s2s: Improve policy check Kim Alvefur <zash@zash.se> parents: 5766 diff changeset	730 if must_secure and (session.cert_chain_status ~= "valid" or session.cert_identity_status ~= "valid") then
5975 0d219631d47b mod_s2s: Include IP in log messages, if host is unavailable Florian Zeitz <florob@babelmonkeys.de> parents: 5769 diff changeset	731 module:log("warn", "Forbidding insecure connection to/from %s", host or session.ip or "(unknown host)");
5408 767ecb0091a6 mod_s2s: Close incoming s2s with stream error when secure and we don't trust their certificate Matthew Wild <mwild1@gmail.com> parents: 5390 diff changeset	732 if session.direction == "incoming" then
5474 11f08a27c417 mod_s2s: Add missing space Kim Alvefur <zash@zash.se> parents: 5454 diff changeset	733 session:close({ condition = "not-authorized", text = "Your server's certificate is invalid, expired, or not trusted by "..session.to_host });
5408 767ecb0091a6 mod_s2s: Close incoming s2s with stream error when secure and we don't trust their certificate Matthew Wild <mwild1@gmail.com> parents: 5390 diff changeset	734 else -- Close outgoing connections without warning
767ecb0091a6 mod_s2s: Close incoming s2s with stream error when secure and we don't trust their certificate Matthew Wild <mwild1@gmail.com> parents: 5390 diff changeset	735 session:close(false);
767ecb0091a6 mod_s2s: Close incoming s2s with stream error when secure and we don't trust their certificate Matthew Wild <mwild1@gmail.com> parents: 5390 diff changeset	736 end
5363 f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	737 return false;
f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	738 end
f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	739 end
f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	740
f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	741 module:hook("s2s-check-certificate", check_auth_policy, -1);
f29c26da7ecc mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) Matthew Wild <mwild1@gmail.com> parents: 5362 diff changeset	742
5281 815c689f85ad prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins Kim Alvefur <zash@zash.se> parents: 5274 diff changeset	743 module:hook("server-stopping", function(event)
815c689f85ad prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins Kim Alvefur <zash@zash.se> parents: 5274 diff changeset	744 local reason = event.reason;
815c689f85ad prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins Kim Alvefur <zash@zash.se> parents: 5274 diff changeset	745 for _, session in pairs(sessions) do
815c689f85ad prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins Kim Alvefur <zash@zash.se> parents: 5274 diff changeset	746 session:close{ condition = "system-shutdown", text = reason };
815c689f85ad prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins Kim Alvefur <zash@zash.se> parents: 5274 diff changeset	747 end
7100 301d58705667 mod_c2s, mod_s2s: Lower priority of session shutdown to negative, so that plugins hooking at the default priority run first (fixes #601) Kim Alvefur <zash@zash.se> parents: 6684 diff changeset	748 end, -200);
5281 815c689f85ad prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins Kim Alvefur <zash@zash.se> parents: 5274 diff changeset	749
815c689f85ad prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins Kim Alvefur <zash@zash.se> parents: 5274 diff changeset	750
815c689f85ad prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins Kim Alvefur <zash@zash.se> parents: 5274 diff changeset	751
5120 bcabea740c00 mod_{admin_telnet,c2s,component,http,net_multiplex,s2s}: Use module:provides() instead of module:add_item(). Waqas Hussain <waqas20@gmail.com> parents: 5013 diff changeset	752 module:provides("net", {
4610 171051f9dd00 mod_c2s: Use module:add_item() to add the net-provider for portmanager Matthew Wild <mwild1@gmail.com> parents: 4601 diff changeset	753 name = "s2s";
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	754 listener = listener;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	755 default_port = 5269;
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	756 encryption = "starttls";
9854 115b5e32d960 mod_tls: Restore querying for certificates on s2s Kim Alvefur <zash@zash.se> parents: 9852 diff changeset	757 ssl_config = { -- FIXME This is not used atm, see mod_tls
9852 6ea3cafb6ac3 core.certmanager: Do not ask for client certificates by default Kim Alvefur <zash@zash.se> parents: 9784 diff changeset	758 verify = { "peer", "client_once", };
6ea3cafb6ac3 core.certmanager: Do not ask for client certificates by default Kim Alvefur <zash@zash.se> parents: 9784 diff changeset	759 };
4620 e9dc6ae68c69 mod_c2s, mod_s2s: Add multiplex support Matthew Wild <mwild1@gmail.com> parents: 4610 diff changeset	760 multiplex = {
e9dc6ae68c69 mod_c2s, mod_s2s: Add multiplex support Matthew Wild <mwild1@gmail.com> parents: 4610 diff changeset	761 pattern = "^<.:stream.%sxmlns%s=%s(['\"])jabber:server%1.*>";
e9dc6ae68c69 mod_c2s, mod_s2s: Add multiplex support Matthew Wild <mwild1@gmail.com> parents: 4610 diff changeset	762 };
4555 3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	763 });
3dce04129693 s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua Matthew Wild <mwild1@gmail.com> parents: diff changeset	764

prosody

94e341dee51c

plugins/mod_s2s/mod_s2s.lua

Software / code / prosody

Annotate

plugins/mod_s2s/mod_s2s.lua @ 10224:94e341dee51c

Software `/` code `/` prosody