Software /
code /
prosody
File
core/hostmanager.lua @ 2321:7e7484a4e821
Disable SSLv2 by default, it's known to be insecure.
author | Paul Aurich <paul@darkrain42.org> |
---|---|
date | Fri, 04 Dec 2009 09:48:08 -0800 |
parent | 1980:8fceabd84d74 |
child | 2420:6ccd36a95a81 |
child | 2877:1edeb8fe7d14 |
line wrap: on
line source
-- Prosody IM -- Copyright (C) 2008-2009 Matthew Wild -- Copyright (C) 2008-2009 Waqas Hussain -- -- This project is MIT/X11 licensed. Please see the -- COPYING file in the source package for more information. -- local ssl = ssl local hosts = hosts; local configmanager = require "core.configmanager"; local eventmanager = require "core.eventmanager"; local modulemanager = require "core.modulemanager"; local events_new = require "util.events".new; if not _G.prosody.incoming_s2s then require "core.s2smanager"; end local incoming_s2s = _G.prosody.incoming_s2s; -- These are the defaults if not overridden in the config local default_ssl_ctx = { mode = "client", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; }; local default_ssl_ctx_in = { mode = "server", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; }; local log = require "util.logger".init("hostmanager"); local pairs, setmetatable = pairs, setmetatable; module "hostmanager" local hosts_loaded_once; local function load_enabled_hosts(config) local defined_hosts = config or configmanager.getconfig(); for host, host_config in pairs(defined_hosts) do if host ~= "*" and (host_config.core.enabled == nil or host_config.core.enabled) and not host_config.core.component_module then activate(host, host_config); end end eventmanager.fire_event("hosts-activated", defined_hosts); hosts_loaded_once = true; end eventmanager.add_event_hook("server-starting", load_enabled_hosts); function activate(host, host_config) hosts[host] = {type = "local", connected = true, sessions = {}, host = host, s2sout = {}, events = events_new(), disallow_s2s = configmanager.get(host, "core", "disallow_s2s") or (configmanager.get(host, "core", "anonymous_login") and (configmanager.get(host, "core", "disallow_s2s") ~= false)) }; for option_name in pairs(host_config.core) do if option_name:match("_ports$") then log("warn", "%s: Option '%s' has no effect for virtual hosts - put it in global Host \"*\" instead", host, option_name); end end if ssl then local ssl_config = host_config.core.ssl or configmanager.get("*", "core", "ssl"); if ssl_config then hosts[host].ssl_ctx = ssl.newcontext(setmetatable(ssl_config, { __index = default_ssl_ctx })); hosts[host].ssl_ctx_in = ssl.newcontext(setmetatable(ssl_config, { __index = default_ssl_ctx_in })); end end log((hosts_loaded_once and "info") or "debug", "Activated host: %s", host); eventmanager.fire_event("host-activated", host, host_config); end function deactivate(host, reason) local host_session = hosts[host]; log("info", "Deactivating host: %s", host); eventmanager.fire_event("host-deactivating", host, host_session); reason = reason or { condition = "host-gone", text = "This server has stopped serving "..host }; -- Disconnect local users, s2s connections if host_session.sessions then for username, user in pairs(host_session.sessions) do for resource, session in pairs(user.sessions) do log("debug", "Closing connection for %s@%s/%s", username, host, resource); session:close(reason); end end end if host_session.s2sout then for remotehost, session in pairs(host_session.s2sout) do if session.close then log("debug", "Closing outgoing connection to %s", remotehost); if session.srv_hosts then session.srv_hosts = nil; end session:close(reason); end end end for remote_session in pairs(incoming_s2s) do if remote_session.to_host == host then log("debug", "Closing incoming connection from %s", remote_session.from_host or "<unknown>"); remote_session:close(reason); end end if host_session.modules then for module in pairs(host_session.modules) do modulemanager.unload(host, module); end end hosts[host] = nil; eventmanager.fire_event("host-deactivated", host); log("info", "Deactivated host: %s", host); end function getconfig(name) end return _M;