Software /
code /
prosody
File
plugins/mod_admin_socket.lua @ 12659:c0eea4f6c739
usermanager: Add back temporary is_admin to warn about deprecated API usage
Goal: Introduce role-auth with minimal disruption
is_admin() is unsafe in a system with per-session permissions, so it has been
deprecated.
Roll-out approach:
1) First, log a warning when is_admin() is used. It should continue to
function normally, backed by the new role API. Nothing is really using
per-session authz yet, so there is minimal security concern.
The 'strict_deprecate_is_admin' global setting can be set to 'true' to
force a hard failure of is_admin() attempts (it will log an error and
always return false).
2) In some time (at least 1 week), but possibly longer depending on the number
of affected deployments: switch 'strict_deprecate_is_admin' to 'true' by
default. It can still be disabled for systems that need it.
3) Further in the future, before the next release, the option will be removed
and is_admin() will be permanently disabled.
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Mon, 15 Aug 2022 15:25:07 +0100 |
parent | 12418:dd47adf74e93 |
child | 12852:c35afa353f8f |
child | 12887:68df46926c26 |
line wrap: on
line source
module:set_global(); local have_unix, unix = pcall(require, "socket.unix"); if have_unix and type(unix) == "function" then -- COMPAT #1717 -- Before the introduction of datagram support, only the stream socket -- constructor was exported instead of a module table. Due to the lack of a -- proper release of LuaSocket, distros have settled on shipping either the -- last RC tag or some commit since then. -- Here we accomodate both variants. unix = { stream = unix }; end if not have_unix or type(unix) ~= "table" then module:log_status("error", "LuaSocket unix socket support not available or incompatible, ensure it is up to date"); return; end local server = require "net.server"; local adminstream = require "util.adminstream"; local socket_path = module:get_option_path("admin_socket", "prosody.sock", "data"); local sessions = module:shared("sessions"); local function fire_admin_event(session, stanza) local event_data = { origin = session, stanza = stanza; }; local event_name; if stanza.attr.xmlns then event_name = "admin/"..stanza.attr.xmlns..":"..stanza.name; else event_name = "admin/"..stanza.name; end module:log("debug", "Firing %s", event_name); return module:fire_event(event_name, event_data); end module:hook("server-stopping", function () for _, session in pairs(sessions) do session:close("system-shutdown"); end os.remove(socket_path); end); --- Unix domain socket management local conn, sock; local listeners = adminstream.server(sessions, fire_admin_event).listeners; local function accept_connection() module:log("debug", "accepting..."); local client = sock:accept(); if not client then return; end server.wrapclient(client, "unix", 0, listeners, "*a"); end function module.load() sock = unix.stream(); sock:settimeout(0); os.remove(socket_path); local ok, err = sock:bind(socket_path); if not ok then module:log_status("error", "Unable to bind admin socket %s: %s", socket_path, err); return; end local ok, err = sock:listen(); if not ok then module:log_status("error", "Unable to listen on admin socket %s: %s", socket_path, err); return; end if server.wrapserver then conn = server.wrapserver(sock, socket_path, 0, listeners); else conn = server.watchfd(sock:getfd(), accept_connection); end end function module.unload() if conn then conn:close(); end if sock then sock:close(); end os.remove(socket_path); end