Diff

core/s2smanager.lua @ 1796:5f7b2f940816

s2smanager: Timeout unauthed s2s connections
author Matthew Wild <mwild1@gmail.com>
date Sun, 20 Sep 2009 15:16:25 +0100
parent 1793:1fc6c2822e6b
child 1797:a3b0f21c4e37
child 1805:7e41ad68fe3c
line wrap: on
line diff
--- a/core/s2smanager.lua	Sat Sep 19 17:47:26 2009 +0100
+++ b/core/s2smanager.lua	Sun Sep 20 15:16:25 2009 +0100
@@ -39,6 +39,7 @@
 
 local adns, dns = require "net.adns", require "net.dns";
 
+local connect_timeout = config.get("*", "core", "s2s_timeout") or 60;
 local dns_timeout = config.get("*", "core", "dns_timeout") or 60;
 
 incoming_s2s = {};
@@ -128,6 +129,16 @@
 	local w, log = conn.write, logger_init("s2sin"..tostring(conn):match("[a-f0-9]+$"));
 	session.sends2s = function (t) log("debug", "sending: %s", tostring(t)); w(tostring(t)); end
 	incoming_s2s[session] = true;
+	add_task(connect_timeout, function ()
+		if session.conn ~= conn or
+		   session.type == "s2sin" then
+			return; -- Ok, we're connect[ed|ing]
+		end
+		-- Not connected, need to close session and clean up
+		(session.log or log)("warn", "Destroying incomplete session %s->%s due to inactivity", 
+		    session.from_host or "(unknown)", session.to_host or "(unknown)");
+		session:close("connection-timeout");
+	end);
 	return session;
 end
 
@@ -300,6 +311,17 @@
 	
 	conn.write(format([[<stream:stream xmlns='jabber:server' xmlns:db='jabber:server:dialback' xmlns:stream='http://etherx.jabber.org/streams' from='%s' to='%s' version='1.0' xml:lang='en'>]], from_host, to_host));
 	log("debug", "Connection attempt in progress...");
+	add_task(connect_timeout, function ()
+		if host_session.conn ~= conn or
+		   host_session.type == "s2sout" or
+		   host_session.connecting then
+			return; -- Ok, we're connect[ed|ing]
+		end
+		-- Not connected, need to close session and clean up
+		(host_session.log or log)("warn", "Destroying incomplete session %s->%s due to inactivity", 
+		    host_session.from_host or "(unknown)", host_session.to_host or "(unknown)");
+		host_session:close("connection-timeout");
+	end);
 	return true;
 end