prosody
cd2cab5400fc
plugins/mod_dialback.lua
Software / code / prosody
Comparison
plugins/mod_dialback.lua @ 621:cd2cab5400fc
Add support for dialback piggy-backing. Fixes #37. Thanks to CShadowRun for helping me test :)
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sat, 13 Dec 2008 17:43:52 +0000 |
| parent | 615:4ae3e81513f3 |
| child | 645:d0a8ff9ba3e0 |
comparison
equal
deleted
inserted
replaced
| 620:9f9f69d67edb | 621:cd2cab5400fc |
|---|---|
| 27 | 27 |
| 28 local log = require "util.logger".init("mod_dialback"); | 28 local log = require "util.logger".init("mod_dialback"); |
| 29 | 29 |
| 30 local xmlns_dialback = "jabber:server:dialback"; | 30 local xmlns_dialback = "jabber:server:dialback"; |
| 31 | 31 |
| 32 local dialback_requests = setmetatable({}, { __mode = 'v' }); | |
| 33 | |
| 32 module:add_handler({"s2sin_unauthed", "s2sin"}, "verify", xmlns_dialback, | 34 module:add_handler({"s2sin_unauthed", "s2sin"}, "verify", xmlns_dialback, |
| 33 function (origin, stanza) | 35 function (origin, stanza) |
| 34 -- We are being asked to verify the key, to ensure it was generated by us | 36 -- We are being asked to verify the key, to ensure it was generated by us |
| 35 log("debug", "verifying dialback key..."); | 37 log("debug", "verifying dialback key..."); |
| 36 local attr = stanza.attr; | 38 local attr = stanza.attr; |
| 45 end | 47 end |
| 46 log("debug", "verified dialback key... it is %s", type); | 48 log("debug", "verified dialback key... it is %s", type); |
| 47 origin.sends2s(st.stanza("db:verify", { from = attr.to, to = attr.from, id = attr.id, type = type }):text(stanza[1])); | 49 origin.sends2s(st.stanza("db:verify", { from = attr.to, to = attr.from, id = attr.id, type = type }):text(stanza[1])); |
| 48 end); | 50 end); |
| 49 | 51 |
| 50 module:add_handler("s2sin_unauthed", "result", xmlns_dialback, | 52 module:add_handler({ "s2sin_unauthed", "s2sin" }, "result", xmlns_dialback, |
| 51 function (origin, stanza) | 53 function (origin, stanza) |
| 52 -- he wants to be identified through dialback | 54 -- he wants to be identified through dialback |
| 53 -- We need to check the key with the Authoritative server | 55 -- We need to check the key with the Authoritative server |
| 54 local attr = stanza.attr; | 56 local attr = stanza.attr; |
| 55 local attr = stanza.attr; | 57 origin.hosts[attr.from] = { dialback_key = stanza[1] }; |
| 56 origin.from_host = attr.from; | 58 |
| 57 origin.to_host = attr.to; | 59 if not hosts[attr.to] then |
| 58 origin.dialback_key = stanza[1]; | 60 -- Not a host that we serve |
| 59 log("debug", "asking %s if key %s belongs to them", origin.from_host, origin.dialback_key); | 61 log("info", "%s tried to connect to %s, which we don't serve", attr.from, attr.to); |
| 60 send_s2s(origin.to_host, origin.from_host, | 62 origin:close("host-unknown"); |
| 61 st.stanza("db:verify", { from = origin.to_host, to = origin.from_host, id = origin.streamid }):text(origin.dialback_key)); | 63 return; |
| 62 hosts[origin.to_host].s2sout[origin.from_host].dialback_verifying = origin; | 64 end |
| 65 | |
| 66 dialback_requests[attr.from] = origin; | |
| 67 | |
| 68 if not origin.from_host then | |
| 69 -- Just used for friendlier logging | |
| 70 origin.from_host = attr.from; | |
| 71 end | |
| 72 if not origin.to_host then | |
| 73 -- Just used for friendlier logging | |
| 74 origin.to_host = attr.to; | |
| 75 end | |
| 76 | |
| 77 log("debug", "asking %s if key %s belongs to them", attr.from, stanza[1]); | |
| 78 send_s2s(attr.to, attr.from, | |
| 79 st.stanza("db:verify", { from = attr.to, to = attr.from, id = origin.streamid }):text(stanza[1])); | |
| 63 end); | 80 end); |
| 64 | 81 |
| 65 module:add_handler({ "s2sout_unauthed", "s2sout" }, "verify", xmlns_dialback, | 82 module:add_handler({ "s2sout_unauthed", "s2sout" }, "verify", xmlns_dialback, |
| 66 function (origin, stanza) | 83 function (origin, stanza) |
| 67 if origin.dialback_verifying then | 84 local attr = stanza.attr; |
| 85 local dialback_verifying = dialback_requests[attr.from]; | |
| 86 if dialback_verifying then | |
| 68 local valid; | 87 local valid; |
| 69 local attr = stanza.attr; | |
| 70 if attr.type == "valid" then | 88 if attr.type == "valid" then |
| 71 s2s_make_authenticated(origin.dialback_verifying); | 89 s2s_make_authenticated(dialback_verifying, attr.from); |
| 72 valid = "valid"; | 90 valid = "valid"; |
| 73 else | 91 else |
| 74 -- Warn the original connection that is was not verified successfully | 92 -- Warn the original connection that is was not verified successfully |
| 75 log("warn", "dialback for "..(origin.dialback_verifying.from_host or "(unknown)").." failed"); | 93 log("warn", "authoritative server for "..(attr.from or "(unknown)").." denied the key"); |
| 76 valid = "invalid"; | 94 valid = "invalid"; |
| 77 end | 95 end |
| 78 if not origin.dialback_verifying.sends2s then | 96 if not dialback_verifying.sends2s then |
| 79 log("warn", "Incoming s2s session %s was closed in the meantime, so we can't notify it of the db result", tostring(origin.dialback_verifying):match("%w+$")); | 97 log("warn", "Incoming s2s session %s was closed in the meantime, so we can't notify it of the db result", tostring(dialback_verifying):match("%w+$")); |
| 80 else | 98 else |
| 81 origin.dialback_verifying.sends2s( | 99 dialback_verifying.sends2s( |
| 82 st.stanza("db:result", { from = attr.to, to = attr.from, id = attr.id, type = valid }) | 100 st.stanza("db:result", { from = attr.to, to = attr.from, id = attr.id, type = valid }) |
| 83 :text(origin.dialback_verifying.dialback_key)); | 101 :text(dialback_verifying.hosts[attr.from].dialback_key)); |
| 84 end | 102 end |
| 103 dialback_requests[attr.from] = nil; | |
| 85 end | 104 end |
| 86 end); | 105 end); |
| 87 | 106 |
| 88 module:add_handler({ "s2sout_unauthed", "s2sout" }, "result", xmlns_dialback, | 107 module:add_handler({ "s2sout_unauthed", "s2sout" }, "result", xmlns_dialback, |
| 89 function (origin, stanza) | 108 function (origin, stanza) |
| 109 -- Remote server is telling us whether we passed dialback | |
| 110 | |
| 111 local attr = stanza.attr; | |
| 112 if not hosts[attr.to] then | |
| 113 origin:close("host-unknown"); | |
| 114 return; | |
| 115 elseif hosts[attr.to].s2sout[attr.from] ~= origin then | |
| 116 -- This isn't right | |
| 117 origin:close("invalid-id"); | |
| 118 return; | |
| 119 end | |
| 90 if stanza.attr.type == "valid" then | 120 if stanza.attr.type == "valid" then |
| 91 s2s_make_authenticated(origin); | 121 s2s_make_authenticated(origin, attr.from); |
| 92 else | 122 else |
| 93 -- FIXME | 123 -- FIXME: Waiting on #33 |
| 94 error("dialback failed!"); | 124 error("dialback failed!"); |
| 95 end | 125 end |
| 96 end); | 126 end); |
