prosody
f41e1cfe92f4
plugins/mod_component.lua
Software / code / prosody
Comparison
plugins/mod_component.lua @ 3531:f41e1cfe92f4
mod_component: Updated to use the new events API.
| author | Waqas Hussain <waqas20@gmail.com> |
|---|---|
| date | Sat, 16 Oct 2010 06:38:38 +0500 |
| parent | 3503:85e511e01d3c |
| child | 3540:bc139431830b |
comparison
equal
deleted
inserted
replaced
| 3530:73909cca846c | 3531:f41e1cfe92f4 |
|---|---|
| 21 local st = require "util.stanza"; | 21 local st = require "util.stanza"; |
| 22 | 22 |
| 23 local log = module._log; | 23 local log = module._log; |
| 24 | 24 |
| 25 --- Handle authentication attempts by components | 25 --- Handle authentication attempts by components |
| 26 function handle_component_auth(session, stanza) | 26 function handle_component_auth(event) |
| 27 local session, stanza = event.origin, event.stanza; | |
| 28 | |
| 29 if session.type ~= "component" then return; end | |
| 30 | |
| 27 log("info", "Handling component auth"); | 31 log("info", "Handling component auth"); |
| 28 if (not session.host) or #stanza.tags > 0 then | 32 if (not session.host) or #stanza.tags > 0 then |
| 29 (session.log or log)("warn", "Component handshake invalid"); | 33 (session.log or log)("warn", "Component handshake invalid"); |
| 30 session:close("not-authorized"); | 34 session:close("not-authorized"); |
| 31 return; | 35 return true; |
| 32 end | 36 end |
| 33 | 37 |
| 34 local secret = config.get(session.host, "core", "component_secret"); | 38 local secret = config.get(session.host, "core", "component_secret"); |
| 35 if not secret then | 39 if not secret then |
| 36 (session.log or log)("warn", "Component attempted to identify as %s, but component_secret is not set", session.host); | 40 (session.log or log)("warn", "Component attempted to identify as %s, but component_secret is not set", session.host); |
| 37 session:close("not-authorized"); | 41 session:close("not-authorized"); |
| 38 return; | 42 return true; |
| 39 end | 43 end |
| 40 | 44 |
| 41 local supplied_token = t_concat(stanza); | 45 local supplied_token = t_concat(stanza); |
| 42 local calculated_token = sha1(session.streamid..secret, true); | 46 local calculated_token = sha1(session.streamid..secret, true); |
| 43 if supplied_token:lower() ~= calculated_token:lower() then | 47 if supplied_token:lower() ~= calculated_token:lower() then |
| 44 log("info", "Component for %s authentication failed", session.host); | 48 log("info", "Component for %s authentication failed", session.host); |
| 45 session:close{ condition = "not-authorized", text = "Given token does not match calculated token" }; | 49 session:close{ condition = "not-authorized", text = "Given token does not match calculated token" }; |
| 46 return; | 50 return true; |
| 47 end | 51 end |
| 48 | 52 |
| 49 | 53 |
| 50 -- Authenticated now | 54 -- Authenticated now |
| 51 log("info", "Component authenticated: %s", session.host); | 55 log("info", "Component authenticated: %s", session.host); |
| 67 log("error", "Multiple components bound to the same address, first one wins (TODO: Implement stanza distribution)"); | 71 log("error", "Multiple components bound to the same address, first one wins (TODO: Implement stanza distribution)"); |
| 68 end | 72 end |
| 69 | 73 |
| 70 -- Signal successful authentication | 74 -- Signal successful authentication |
| 71 session.send(st.stanza("handshake")); | 75 session.send(st.stanza("handshake")); |
| 76 return true; | |
| 72 end | 77 end |
| 73 | 78 |
| 74 module:add_handler("component", "handshake", "jabber:component:accept", handle_component_auth); | 79 module:hook("stanza/jabber:component:accept:handshake", handle_component_auth); |
