prosody
4ea7bd7325be
net/http/errors.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

File

net/http/errors.lua @ 13792:4ea7bd7325be 13.0

core.portmanager: Restore use of per-host 'ssl' for SNI hosts. Fixes #1915. This was an unintentional regression, as per-host 'ssl' options became valid in 0.12 when SNI support was added for direct TLS ports. While we encourage most people to use the simpler automatic certificate selection (and it seems most do, given the overlooking of this bug), there are likely always going to be use cases for manually-configured certificates. The issue was introduced in commit 7e9ebdc75ce4 which inadvertently removed the per-host option checking for SNI.
author Kim Alvefur <zash@zash.se>
date Sat, 29 Mar 2025 22:25:19 +0100
parent 12974:ba409c67353b
line wrap: on
line source

-- This module returns a table that is suitable for use as a util.error registry,
-- and a function to return a util.error object given callback 'code' and 'body'
-- parameters.

local codes = require "prosody.net.http.codes";
local util_error = require "prosody.util.error";

local error_templates = {
	-- This code is used by us to report a client-side or connection error.
	-- Instead of using the code, use the supplied body text to get one of
	-- the more detailed errors below.
	[0] = {
		code = 0, type = "cancel", condition = "internal-server-error";
		text = "Connection or internal error";
	};

	-- These are net.http built-in errors, they are returned in
	-- the body parameter when code == 0
	["cancelled"] = {
		code = 0, type = "cancel", condition = "remote-server-timeout";
		text = "Request cancelled";
	};
	["connection-closed"] = {
		code = 0, type = "wait", condition = "remote-server-timeout";
		text = "Connection closed";
	};
	["certificate-chain-invalid"] = {
		code = 0, type = "cancel", condition = "remote-server-timeout";
		text = "Server certificate not trusted";
	};
	["certificate-verify-failed"] = {
		code = 0, type = "cancel", condition = "remote-server-timeout";
		text = "Server certificate invalid";
	};
	["connection failed"] = {
		code = 0, type = "cancel", condition = "remote-server-not-found";
		text = "Connection failed";
	};
	["invalid-url"] = {
		code = 0, type = "modify", condition = "bad-request";
		text = "Invalid URL";
	};
	["unable to resolve service"] = {
		code = 0, type = "cancel", condition = "remote-server-not-found";
		text = "DNS resolution failed";
	};

	-- This doesn't attempt to map every single HTTP code (not all have sane mappings),
	-- but all the common ones should be covered. XEP-0086 was used as reference for
	-- most of these.
	[400] = { type = "modify", condition = "bad-request" };
	[401] = { type = "auth", condition = "not-authorized" };
	[402] = { type = "auth", condition = "payment-required" };
	[403] = { type = "auth", condition = "forbidden" };
	[404] = { type = "cancel", condition = "item-not-found" };
	[405] = { type = "cancel", condition = "not-allowed" };
	[406] = { type = "modify", condition = "not-acceptable" };
	[407] = { type = "auth", condition = "registration-required" };
	[408] = { type = "wait", condition = "remote-server-timeout" };
	[409] = { type = "cancel", condition = "conflict" };
	[410] = { type = "cancel", condition = "gone" };
	[411] = { type = "modify", condition = "bad-request" };
	[412] = { type = "cancel", condition = "conflict" };
	[413] = { type = "modify", condition = "resource-constraint" };
	[414] = { type = "modify", condition = "resource-constraint" };
	[415] = { type = "cancel", condition = "feature-not-implemented" };
	[416] = { type = "modify", condition = "bad-request" };

	[422] = { type = "modify", condition = "bad-request" };
	[423] = { type = "wait", condition = "resource-constraint" };

	[429] = { type = "wait", condition = "resource-constraint" };
	[431] = { type = "modify", condition = "resource-constraint" };
	[451] = { type = "auth", condition = "forbidden" };

	[500] = { type = "wait", condition = "internal-server-error" };
	[501] = { type = "cancel", condition = "feature-not-implemented" };
	[502] = { type = "wait", condition = "remote-server-timeout" };
	[503] = { type = "cancel", condition = "service-unavailable" };
	[504] = { type = "wait", condition = "remote-server-timeout" };
	[507] = { type = "wait", condition = "resource-constraint" };
	[511] = { type = "auth", condition = "not-authorized" };
};

for k, v in pairs(codes) do
	if error_templates[k] then
		error_templates[k].code = k;
		error_templates[k].text = v;
	else
		error_templates[k] = { type = "cancel", condition = "undefined-condition", text = v, code = k };
	end
end

setmetatable(error_templates, {
	__index = function(_, k)
		if type(k) ~= "number" then
			return nil;
		end
		return {
			type = "cancel";
			condition = "undefined-condition";
			text = codes[k] or (k.." Unassigned");
			code = k;
		};
	end
});

local function new(code, body, context)
	if code == 0 then
		return util_error.new(body, context, error_templates);
	else
		return util_error.new(code, context, error_templates);
	end
end

return {
	registry = error_templates;
	new = new;
};