Software / code / prosody
Annotate
plugins/mod_pubsub/commands.lib.lua @ 13801:a5d5fefb8b68 13.0
mod_tls: Enable Prosody's certificate checking for incoming s2s connections (fixes #1916) (thanks Damian, Zash)
Various options in Prosody allow control over the behaviour of the certificate
verification process For example, some deployments choose to allow falling
back to traditional "dialback" authentication (XEP-0220), while others verify
via DANE, hard-coded fingerprints, or other custom plugins.
Implementing this flexibility requires us to override OpenSSL's default
certificate verification, to allow Prosody to verify the certificate itself,
apply custom policies and make decisions based on the outcome.
To enable our custom logic, we have to suppress OpenSSL's default behaviour of
aborting the connection with a TLS alert message. With LuaSec, this can be
achieved by using the verifyext "lsec_continue" flag.
We also need to use the lsec_ignore_purpose flag, because XMPP s2s uses server
certificates as "client" certificates (for mutual TLS verification in outgoing
s2s connections).
Commit 99d2100d2918 moved these settings out of the defaults and into mod_s2s,
because we only really need these changes for s2s, and they should be opt-in,
rather than automatically applied to all TLS services we offer.
That commit was incomplete, because it only added the flags for incoming
direct TLS connections. StartTLS connections are handled by mod_tls, which was
not applying the lsec_* flags. It previously worked because they were already
in the defaults.
This resulted in incoming s2s connections with "invalid" certificates being
aborted early by OpenSSL, even if settings such as `s2s_secure_auth = false`
or DANE were present in the config.
Outgoing s2s connections inherit verify "none" from the defaults, which means
OpenSSL will receive the cert but will not terminate the connection when it is
deemed invalid. This means we don't need lsec_continue there, and we also
don't need lsec_ignore_purpose (because the remote peer is a "server").
Wondering why we can't just use verify "none" for incoming s2s? It's because
in that mode, OpenSSL won't request a certificate from the peer for incoming
connections. Setting verify "peer" is how you ask OpenSSL to request a
certificate from the client, but also what triggers its built-in verification.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Tue, 01 Apr 2025 17:26:56 +0100 |
| parent | 13623:e226f9632a48 |
| rev | line source |
|---|---|
|
13585
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 local it = require "prosody.util.iterators"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 local st = require "prosody.util.stanza"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 local pubsub_lib = module:require("mod_pubsub/pubsub"); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 local function add_commands(get_service) |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 module:add_item("shell-command", { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 section = "pubsub"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 section_desc = "Manage publish/subscribe nodes"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 name = "list_nodes"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 desc = "List nodes on a pubsub service"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 args = { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 { name = "service_jid", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 host_selector = "service_jid"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 handler = function (self, service_jid) --luacheck: ignore 212/self |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 -- luacheck: ignore 431/service |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 local service = get_service(service_jid); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 local nodes = select(2, assert(service:get_nodes(true))); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 local count = 0; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 for node_name in pairs(nodes) do |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 count = count + 1; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 self.session.print(node_name); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 end |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 return true, ("%d nodes"):format(count); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 end; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 }); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 module:add_item("shell-command", { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 section = "pubsub"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 section_desc = "Manage publish/subscribe nodes"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 name = "list_items"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
34 desc = "List items on a pubsub node"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
35 args = { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
36 { name = "service_jid", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
37 { name = "node_name", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
38 }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
39 host_selector = "service_jid"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
40 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
41 handler = function (self, service_jid, node_name) --luacheck: ignore 212/self |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
42 -- luacheck: ignore 431/service |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
43 local service = get_service(service_jid); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 local items = select(2, assert(service:get_items(node_name, true))); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
45 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
46 local count = 0; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
47 for item_name in pairs(items) do |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
48 count = count + 1; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
49 self.session.print(item_name); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
50 end |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
51 return true, ("%d items"):format(count); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
52 end; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
53 }); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
54 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
55 module:add_item("shell-command", { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
56 section = "pubsub"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
57 section_desc = "Manage publish/subscribe nodes"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
58 name = "get_item"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
59 desc = "Show item content on a pubsub node"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
60 args = { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
61 { name = "service_jid", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
62 { name = "node_name", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
63 { name = "item_name", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
64 }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
65 host_selector = "service_jid"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
66 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
67 handler = function (self, service_jid, node_name, item_name) --luacheck: ignore 212/self |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
68 -- luacheck: ignore 431/service |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
69 local service = get_service(service_jid); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
70 local items = select(2, assert(service:get_items(node_name, true))); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
71 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
72 if not items[item_name] then |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
73 return false, "Item not found"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
74 end |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
75 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
76 self.session.print(items[item_name]); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
77 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
78 return true; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
79 end; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
80 }); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
81 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
82 module:add_item("shell-command", { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
83 section = "pubsub"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
84 section_desc = "Manage publish/subscribe nodes"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
85 name = "get_node_config"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
86 desc = "Get the current configuration for a node"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
87 args = { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
88 { name = "service_jid", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
89 { name = "node_name", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
90 { name = "option_name", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
91 }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
92 host_selector = "service_jid"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
93 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
94 handler = function (self, service_jid, node_name, option_name) --luacheck: ignore 212/self |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
95 -- luacheck: ignore 431/service |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
96 local service = get_service(service_jid); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
97 local config = select(2, assert(service:get_node_config(node_name, true))); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
98 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
99 local config_form = pubsub_lib.node_config_form:form(config, "submit"); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
100 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
101 local count = 0; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
102 if option_name then |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
103 count = 1; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
104 local field = config_form:get_child_with_attr("field", nil, "var", option_name); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
105 if not field then |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
106 return false, "option not found"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
107 end |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
108 self.session.print(field:get_child_text("value")); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
109 else |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
110 local opts = {}; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
111 for field in config_form:childtags("field") do |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
112 opts[field.attr.var] = field:get_child_text("value"); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
113 end |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
114 for k, v in it.sorted_pairs(opts) do |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
115 count = count + 1; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
116 self.session.print(k, v); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
117 end |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
118 end |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
119 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
120 return true, ("Showing %d config options"):format(count); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
121 end; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
122 }); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
123 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
124 module:add_item("shell-command", { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
125 section = "pubsub"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
126 section_desc = "Manage publish/subscribe nodes"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
127 name = "set_node_config_option"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
128 desc = "Set a config option on a pubsub node"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
129 args = { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
130 { name = "service_jid", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
131 { name = "node_name", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
132 { name = "option_name", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
133 { name = "option_value", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
134 }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
135 host_selector = "service_jid"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
136 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
137 handler = function (self, service_jid, node_name, option_name, option_value) --luacheck: ignore 212/self |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
138 -- luacheck: ignore 431/service |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
139 local service = get_service(service_jid); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
140 local config = select(2, assert(service:get_node_config(node_name, true))); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
141 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
142 local new_config_form = st.stanza("x", { xmlns = "jabber:x:data" }) |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
143 :tag("field", { var = option_name }) |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
144 :text_tag("value", option_value) |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
145 :up(); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
146 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
147 local new_config = pubsub_lib.node_config_form:data(new_config_form, config); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
148 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
149 assert(service:set_node_config(node_name, true, new_config)); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
150 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
151 local applied_config = select(2, assert(service:get_node_config(node_name, true))); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
152 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
153 local applied_config_form = pubsub_lib.node_config_form:form(applied_config, "submit"); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
154 local applied_field = applied_config_form:get_child_with_attr("field", nil, "var", option_name); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
155 if not applied_field then |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
156 return false, "Unknown config field: "..option_name; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
157 end |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
158 return true, "Applied config: "..applied_field:get_child_text("value"); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
159 end; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
160 }); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
161 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
162 module:add_item("shell-command", { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
163 section = "pubsub"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
164 section_desc = "Manage publish/subscribe nodes"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
165 name = "delete_item"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
166 desc = "Delete a single item from a node"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
167 args = { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
168 { name = "service_jid", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
169 { name = "node_name", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
170 { name = "item_name", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
171 }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
172 host_selector = "service_jid"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
173 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
174 handler = function (self, service_jid, node_name, item_name) --luacheck: ignore 212/self |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
175 -- luacheck: ignore 431/service |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
176 local service = get_service(service_jid); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
177 return assert(service:retract(node_name, true, item_name)); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
178 end; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
179 }); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
180 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
181 module:add_item("shell-command", { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
182 section = "pubsub"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
183 section_desc = "Manage publish/subscribe nodes"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
184 name = "delete_all_items"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
185 desc = "Delete all items from a node"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
186 args = { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
187 { name = "service_jid", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
188 { name = "node_name", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
189 { name = "notify_subscribers", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
190 }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
191 host_selector = "service_jid"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
192 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
193 handler = function (self, service_jid, node_name, notify_subscribers) --luacheck: ignore 212/self |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
194 -- luacheck: ignore 431/service |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
195 local service = get_service(service_jid); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
196 return assert(service:purge(node_name, true, notify_subscribers == "true")); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
197 end; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
198 }); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
199 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
200 module:add_item("shell-command", { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
201 section = "pubsub"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
202 section_desc = "Manage publish/subscribe nodes"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
203 name = "create_node"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
204 desc = "Create a new node"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
205 args = { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
206 { name = "service_jid", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
207 { name = "node_name", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
208 }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
209 host_selector = "service_jid"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
210 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
211 handler = function (self, service_jid, node_name) --luacheck: ignore 212/self |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
212 -- luacheck: ignore 431/service |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
213 local service = get_service(service_jid); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
214 return assert(service:create(node_name, true)); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
215 end; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
216 }); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
217 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
218 module:add_item("shell-command", { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
219 section = "pubsub"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
220 section_desc = "Manage publish/subscribe nodes"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
221 name = "delete_node"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
222 desc = "Delete a node entirely"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
223 args = { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
224 { name = "service_jid", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
225 { name = "node_name", type = "string" }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
226 }; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
227 host_selector = "service_jid"; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
228 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
229 handler = function (self, service_jid, node_name) --luacheck: ignore 212/self |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
230 -- luacheck: ignore 431/service |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
231 local service = get_service(service_jid); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
232 return assert(service:delete(node_name, true)); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
233 end; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
234 }); |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
235 end |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
236 |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
237 return { |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
238 add_commands = add_commands; |
|
8091c1b8023e
mod_pubsub: Expand shell commands to include node/item management
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
239 } |
