Changeset

709:8bb83563cb21

Automated merge with http://waqas.ath.cx:8000/
author Matthew Wild <mwild1@gmail.com>
date Tue, 13 Jan 2009 15:29:00 +0000
parents 708:b72d408f5f15 (current diff) 701:dc67e3cffff4 (diff)
children 710:56f6c115bc69
files core/modulemanager.lua
diffstat 11 files changed, 261 insertions(+), 25 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/core/actions.lua	Tue Jan 13 15:29:00 2009 +0000
@@ -0,0 +1,19 @@
+
+local actions = {};
+
+function register(path, t)
+	local curr = actions;
+	for comp in path:gmatch("([^/]+)/") do
+		if curr[comp] == nil then
+			curr[comp] = {};
+		end
+		curr = curr[comp];
+		if type(curr) ~= "table" then
+			return nil, "path-taken";
+		end
+	end
+	curr[path:match("/([^/]+)$")] = t;
+	return true;
+end
+
+return { actions = actions, register= register };
\ No newline at end of file
--- a/core/modulemanager.lua	Tue Jan 13 20:19:52 2009 +0500
+++ b/core/modulemanager.lua	Tue Jan 13 15:29:00 2009 +0000
@@ -27,7 +27,7 @@
 local eventmanager = require "core.eventmanager";
 local config = require "core.configmanager";
 local multitable_new = require "util.multitable".new;
-
+local register_actions = require "core.actions".register;
 
 local loadfile, pcall = loadfile, pcall;
 local setmetatable, setfenv, getfenv = setmetatable, setfenv, getfenv;
@@ -68,11 +68,11 @@
 	local disabled_set = {};
 	if modules_enabled then
 		if modules_disabled then
-			for _, module in pairs(modules_disabled) do
+			for _, module in ipairs(modules_disabled) do
 				disabled_set[module] = true;
 			end
 		end
-		for _, module in pairs(modules_enabled) do
+		for _, module in ipairs(modules_enabled) do
 			if not disabled_set[module] then
 				load(host, module);
 			end
@@ -256,4 +256,17 @@
 
 --------------------------------------------------------------------
 
+local actions = {};
+
+function actions.load(params)
+	--return true, "Module loaded ("..params.module.." on "..params.host..")";
+	return load(params.host, params.module);
+end
+
+function actions.unload(params)
+	return unload(params.host, params.module);
+end
+
+register_actions("/modules", actions);
+
 return _M;
--- a/core/sessionmanager.lua	Tue Jan 13 20:19:52 2009 +0500
+++ b/core/sessionmanager.lua	Tue Jan 13 15:29:00 2009 +0000
@@ -58,6 +58,7 @@
 	log("info", "open sessions now: ".. open_sessions);
 	local w = conn.write;
 	session.send = function (t) w(tostring(t)); end
+	session.ip = conn.ip();
 	return session;
 end
 
--- a/net/httpserver.lua	Tue Jan 13 20:19:52 2009 +0500
+++ b/net/httpserver.lua	Tue Jan 13 15:29:00 2009 +0000
@@ -126,7 +126,7 @@
 	end
 	if request.state == "body" then
 		log("debug", "Reading body...")
-		if not request.body then request.body = {}; request.havebodylength, request.bodylength = 0, tonumber(request.responseheaders["content-length"]); end
+		if not request.body then request.body = {}; request.havebodylength, request.bodylength = 0, tonumber(request.headers["content-length"]); end
 		if startpos then
 			data = data:sub(startpos, -1)
 		end
@@ -141,7 +141,7 @@
 	elseif request.state == "headers" then
 		log("debug", "Reading headers...")
 		local pos = startpos;
-		local headers = request.responseheaders or {};
+		local headers = request.headers or {};
 		for line in data:gmatch("(.-)\r\n") do
 			startpos = (startpos or 1) + #line + 2;
 			local k, v = line:match("(%S+): (.+)");
@@ -149,7 +149,7 @@
 				headers[k:lower()] = v;
 --				log("debug", "Header: "..k:lower().." = "..v);
 			elseif #line == 0 then
-				request.responseheaders = headers;
+				request.headers = headers;
 				break;
 			else
 				log("debug", "Unhandled header line: "..line);
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/plugins/mod_actions_http.lua	Tue Jan 13 15:29:00 2009 +0000
@@ -0,0 +1,78 @@
+
+local httpserver = require "net.httpserver";
+local t_concat, t_insert = table.concat, table.insert;
+
+local log = log;
+
+local response_404 = { status = "404 Not Found", body = "<h1>No such action</h1>Sorry, I don't have the action you requested" };
+
+local control = require "core.actions".actions;
+
+
+local urlcodes = setmetatable({}, { __index = function (t, k) t[k] = string.char(tonumber("0x"..k)); return t[k]; end });
+
+local function urldecode(s)
+                return s and (s:gsub("+", " "):gsub("%%([a-fA-F0-9][a-fA-F0-9])", urlcodes));
+end
+
+local function query_to_table(query)
+        if type(query) == "string" and #query > 0 then
+                if query:match("=") then
+                        local params = {};
+                        for k, v in query:gmatch("&?([^=%?]+)=([^&%?]+)&?") do
+                                if k and v then
+                                        params[urldecode(k)] = urldecode(v);
+                                end
+                        end
+                        return params;
+                else
+                        return urldecode(query);
+                end
+        end
+end
+
+
+
+local http_path = { http_base };
+local function handle_request(method, body, request)
+	local path = request.url.path:gsub("^/[^/]+/", "");
+	
+	local curr = control;
+	
+	for comp in path:gmatch("([^/]+)") do
+		curr = curr[comp];
+		if not curr then
+			return response_404;
+		end
+	end
+	
+	if type(curr) == "table" then
+		local s = {};
+		for k,v in pairs(curr) do
+			t_insert(s, tostring(k));
+			t_insert(s, " = ");
+			if type(v) == "function" then
+				t_insert(s, "action")
+			elseif type(v) == "table" then
+				t_insert(s, "list");
+			else
+				t_insert(s, tostring(v));
+			end
+			t_insert(s, "\n");
+		end
+		return t_concat(s);
+	elseif type(curr) == "function" then
+		local params = query_to_table(request.url.query);
+		params.host = request.headers.host:gsub(":%d+", "");
+		local ok, ret1, ret2 = pcall(curr, params);
+		if not ok then
+			return "EPIC FAIL: "..tostring(ret1);
+		elseif not ret1 then
+			return "FAIL: "..tostring(ret2);
+		else
+			return "OK: "..tostring(ret2);
+		end
+	end
+end
+
+httpserver.new{ port = 5280, base = "control", handler = handle_request, ssl = false }
\ No newline at end of file
--- a/plugins/mod_bosh.lua	Tue Jan 13 20:19:52 2009 +0500
+++ b/plugins/mod_bosh.lua	Tue Jan 13 15:29:00 2009 +0000
@@ -6,27 +6,29 @@
 local server = require "net.server";
 local httpserver = require "net.httpserver";
 local sm = require "core.sessionmanager";
+local sm_destroy_session = sm.destroy_session;
 local new_uuid = require "util.uuid".generate;
 local fire_event = require "core.eventmanager".fire_event;
 local core_process_stanza = core_process_stanza;
 local st = require "util.stanza";
 local log = require "util.logger".init("bosh");
 local stream_callbacks = { stream_tag = "http://jabber.org/protocol/httpbind|body" };
-
+local config = require "core.configmanager";
 local xmlns_bosh = "http://jabber.org/protocol/httpbind"; -- (hard-coded into a literal in session.send)
 
-local BOSH_DEFAULT_HOLD = 1;
-local BOSH_DEFAULT_INACTIVITY = 30;
-local BOSH_DEFAULT_POLLING = 5;
-local BOSH_DEFAULT_REQUESTS = 2;
-local BOSH_DEFAULT_MAXPAUSE = 120;
+local BOSH_DEFAULT_HOLD = tonumber(config.get("*", "core", "bosh_default_hold")) or 1;
+local BOSH_DEFAULT_INACTIVITY = tonumber(config.get("*", "core", "bosh_max_inactivity")) or 60;
+local BOSH_DEFAULT_POLLING = tonumber(config.get("*", "core", "bosh_max_polling")) or 5;
+local BOSH_DEFAULT_REQUESTS = tonumber(config.get("*", "core", "bosh_max_requests")) or 2;
+local BOSH_DEFAULT_MAXPAUSE = tonumber(config.get("*", "core", "bosh_max_pause")) or 300;
 
 local t_insert, t_remove, t_concat = table.insert, table.remove, table.concat;
 local os_time = os.time;
 
 local sessions = {};
+local inactive_sessions = {}; -- Sessions which have no open requests
 
--- Used to respond to idle sessions
+-- Used to respond to idle sessions (those with waiting requests)
 local waiting_requests = {};
 function on_destroy_request(request)
 	waiting_requests[request] = nil;
@@ -34,7 +36,6 @@
 
 function handle_request(method, body, request)
 	if (not body) or request.method ~= "POST" then
-		--return { status = "200 OK", headers = { ["Content-Type"] = "text/html" }, body = "<html><body>You don't look like a BOSH client to me... what do you want?</body></html>" };
 		return "<html><body>You really don't look like a BOSH client to me... what do you want?</body></html>";
 	end
 	if not method then 
@@ -60,19 +61,16 @@
 				log("debug", "...sending what is in the buffer")
 				session.send(t_concat(session.send_buffer));
 				session.send_buffer = {};
-				return;
 			else
 				-- or an empty response
 				log("debug", "...sending an empty response");
 				session.send("");
-				return;
 			end
 		elseif #session.send_buffer > 0 then
 			log("debug", "Session has data in the send buffer, will send now..");
 			local resp = t_concat(session.send_buffer);
 			session.send_buffer = {};
 			session.send(resp);
-			return;
 		end
 		
 		if not request.destroyed and session.bosh_wait then
@@ -86,8 +84,21 @@
 	end
 end
 
+
 local function bosh_reset_stream(session) session.notopen = true; end
-local function bosh_close_stream(session, reason) end
+
+local session_close_reply = st.stanza("body", { xmlns = xmlns_bosh, type = "terminate" });
+local function bosh_close_stream(session, reason)
+	(session.log or log)("info", "BOSH client disconnected");
+	session_close_reply.attr.condition = reason;
+	local session_close_reply = tostring(session_close_reply);
+	for _, held_request in ipairs(session.requests) do
+		held_request:send(session_close_reply);
+		held_request:destroy();
+	end
+	sessions[session.sid]  = nil;
+	sm_destroy_session(session);
+end
 
 function stream_callbacks.streamopened(request, attr)
 	print("Attr:")
@@ -95,14 +106,23 @@
 	log("debug", "BOSH body open (sid: %s)", attr.sid);
 	local sid = attr.sid
 	if not sid then
+		-- New session request
+		request.notopen = nil; -- Signals that we accept this opening tag
+		
 		-- TODO: Sanity checks here (rid, to, known host, etc.)
-		request.notopen = nil; -- Signals that we accept this opening tag
+		if not hosts[attr.to] then
+			-- Unknown host
+			session_close_reply.attr.condition = "host-unknown";
+			request:send(tostring(session_close_reply));
+			request.notopen = nil
+			return;
+		end
 		
 		-- New session
 		sid = tostring(new_uuid());
 		local session = { type = "c2s_unauthed", conn = {}, sid = sid, rid = attr.rid, host = attr.to, bosh_version = attr.ver, bosh_wait = attr.wait, streamid = sid, 
-						bosh_hold = BOSH_DEFAULT_HOLD,
-						requests = { }, send_buffer = {}, reset_stream = bosh_reset_stream, close = bosh_close_stream };
+						bosh_hold = BOSH_DEFAULT_HOLD, bosh_max_inactive = BOSH_DEFAULT_INACTIVITY,
+						requests = { }, send_buffer = {}, reset_stream = bosh_reset_stream, close = bosh_close_stream, dispatch_stanza = core_process_stanza };
 		sessions[sid] = session;
 		log("info", "New BOSH session, assigned it sid '%s'", sid);
 		local r, send_buffer = session.requests, session.send_buffer;
@@ -133,6 +153,10 @@
 				end
 			elseif s ~= "" then
 				log("debug", "Saved to send buffer because there are %d open requests", #r);
+				if session.bosh_max_inactive and not inactive_sessions[session] then
+					inactive_sessions[session] = os_time();
+					(session.log or log)("debug", "BOSH session marked as inactive at %d", inactive_sessions[session]);
+				end
 				-- Hmm, no requests are open :(
 				t_insert(session.send_buffer, tostring(s));
 				log("debug", "There are now %d things in the send_buffer", #session.send_buffer);
@@ -145,7 +169,7 @@
 		fire_event("stream-features", session, features);
 		--xmpp:version='1.0' xmlns:xmpp='urn:xmpp:xbosh'
 		local response = st.stanza("body", { xmlns = xmlns_bosh, 
-									inactivity = "30", polling = "5", requests = "2", hold = tostring(session.bosh_hold), maxpause = "120", 
+									inactivity = tostring(BOSH_DEFAULT_INACTIVITY), polling = tostring(BOSH_DEFAULT_POLLING), requests = tostring(BOSH_DEFAULT_REQUESTS), hold = tostring(session.bosh_hold), maxpause = "120", 
 									sid = sid, ver  = '1.6', from = session.host, secure = 'true', ["xmpp:version"] = "1.0", 
 									["xmlns:xmpp"] = "urn:xmpp:xbosh", ["xmlns:stream"] = "http://etherx.jabber.org/streams" }):add_child(features);
 		request:send(tostring(response));
@@ -163,6 +187,19 @@
 		return;
 	end
 	
+	if attr.type == "terminate" then
+		-- Client wants to end this session
+		session:close();
+		request.notopen = nil;
+		return;
+	end
+	
+	-- If session was inactive, make sure it is now marked as not
+	if #session.requests == 0 then
+		(session.log or log)("debug", "BOSH client now active again at %d", os_time());
+		inactive_sessions[session] = nil;
+	end
+	
 	if session.notopen then
 		local features = st.stanza("stream:features");
 		fire_event("stream-features", session, features);
@@ -200,7 +237,33 @@
 			end
 		end
 	end
+	
+	now = now - 3;
+	for session, inactive_since in pairs(inactive_sessions) do
+		if session.bosh_max_inactive then
+			if now - inactive_since > session.bosh_max_inactive then
+				(session.log or log)("debug", "BOSH client inactive too long, destroying session at %d", now);
+				sessions[session.sid]  = nil;
+				inactive_sessions[session] = nil;
+				sm_destroy_session(session, "BOSH client silent for over "..session.bosh_max_inactive.." seconds");
+			end
+		else
+			inactive_sessions[session] = nil;
+		end
+	end
 end
 
-httpserver.new{ port = 5280, base = "http-bind", handler = handle_request, ssl = false}
+local ports = config.get(module.host, "core", "bosh_ports") or { 5280 };
+for _, options in ipairs(ports) do
+	local port, base, ssl, interface = 5280, "http-bind", false, nil;
+	if type(options) == "number" then
+		port = options;
+	elseif type(options) == "table" then
+		port, base, ssl, interface = options.port or 5280, options.path or "http-bind", options.ssl or false, options.interface;
+	elseif type(options) == "string" then
+		base = options;
+	end
+	httpserver.new{ port = port, base = base, handler = handle_request, ssl = ssl }
+end
+
 server.addtimer(on_timer);
--- a/plugins/mod_httpserver.lua	Tue Jan 13 20:19:52 2009 +0500
+++ b/plugins/mod_httpserver.lua	Tue Jan 13 15:29:00 2009 +0000
@@ -1,3 +1,5 @@
+
+local httpserver = require "net.httpserver";
 
 local open = io.open;
 local t_concat = table.concat;
--- a/plugins/mod_register.lua	Tue Jan 13 20:19:52 2009 +0500
+++ b/plugins/mod_register.lua	Tue Jan 13 15:29:00 2009 +0000
@@ -23,6 +23,7 @@
 local usermanager_user_exists = require "core.usermanager".user_exists;
 local usermanager_create_user = require "core.usermanager".create_user;
 local datamanager_store = require "util.datamanager".store;
+local os_time = os.time;
 
 module:add_feature("jabber:iq:register");
 
@@ -93,6 +94,15 @@
 	end;
 end);
 
+local recent_ips = {};
+local min_seconds_between_registrations = config.get(module.host, "core", "min_seconds_between_registrations");
+local whitelist_only = config.get(module.host, "core", "whitelist_registration_only");
+local whitelisted_ips = config.get(module.host, "core", "registration_whitelist") or { "127.0.0.1" };
+local blacklisted_ips = config.get(module.host, "core", "registration_blacklist") or {};
+
+for _, ip in ipairs(whitelisted_ips) do whitelisted_ips[ip] = true; end
+for _, ip in ipairs(blacklisted_ips) do blacklisted_ips[ip] = true; end
+
 module:add_iq_handler("c2s_unauthed", "jabber:iq:register", function (session, stanza)
 	if config.get(module.host, "core", "allow_registration") == false then
 		session.send(st.error_reply(stanza, "cancel", "service-unavailable"));
@@ -112,6 +122,26 @@
 				local username = query:child_with_name("username");
 				local password = query:child_with_name("password");
 				if username and password then
+					-- Check that the user is not blacklisted or registering too often
+					if blacklisted_ips[session.ip] or (whitelist_only and not whitelisted_ips[session.ip]) then
+							session.send(st.error_reply(stanza, "cancel", "not-acceptable"));
+							return;
+					elseif min_seconds_between_registrations and not whitelisted_ips[session.ip] then
+						if not recent_ips[session.ip] then
+							recent_ips[session.ip] = { time = os_time(), count = 1 };
+						else
+						
+							local ip = recent_ips[session.ip];
+							ip.count = ip.count + 1;
+							
+							if os_time() - ip.time < min_seconds_between_registrations then
+								ip.time = os_time();
+								session.send(st.error_reply(stanza, "cancel", "not-acceptable"));
+								return;
+							end
+							ip.time = os_time();
+						end
+					end
 					-- FIXME shouldn't use table.concat
 					username = table.concat(username);
 					password = table.concat(password);
--- a/tests/test.lua	Tue Jan 13 20:19:52 2009 +0500
+++ b/tests/test.lua	Tue Jan 13 15:29:00 2009 +0000
@@ -25,7 +25,8 @@
 	dotest "core.stanza_router"
 	dotest "core.s2smanager"
 	dotest "core.configmanager"
-	
+	dotest "util.stanza"
+		
 	dosingletest("test_sasl.lua", "latin1toutf8");
 end
 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/test_util_stanza.lua	Tue Jan 13 15:29:00 2009 +0000
@@ -0,0 +1,20 @@
+
+function preserialize(preserialize, st)
+	local stanza = st.stanza("message", { a = "a" });
+	local stanza2 = preserialize(stanza);
+	assert_is(stanza2 and stanza.name, "preserialize returns a stanza");
+	assert_is_not(stanza2.tags, "Preserialized stanza has no tag list");
+	assert_is_not(stanza2.last_add, "Preserialized stanza has no last_add marker");
+	assert_is_not(getmetatable(stanza2), "Preserialized stanza has no metatable");
+end
+
+function deserialize(deserialize, st)
+	local stanza = st.stanza("message", { a = "a" });
+	
+	local stanza2 = deserialize(st.preserialize(stanza));
+	assert_is(stanza2 and stanza.name, "deserialize returns a stanza");
+	assert_is(stanza2.last_add, "Deserialized stanza is missing last_add for adding child tags");
+	assert_table(stanza2.attr, "Deserialized stanza has attributes");
+	assert_equal(stanza2.attr.a, "a", "Deserialized stanza retains attributes");
+	assert_table(getmetatable(stanza2), "Deserialized stanza has metatable");
+end
--- a/util/stanza.lua	Tue Jan 13 20:19:52 2009 +0500
+++ b/util/stanza.lua	Tue Jan 13 15:29:00 2009 +0000
@@ -87,11 +87,17 @@
 end
 
 function stanza_mt:child_with_name(name)
-	for _, child in ipairs(self) do	
+	for _, child in ipairs(self.tags) do	
 		if child.name == name then return child; end
 	end
 end
 
+function stanza_mt:child_with_ns(ns)
+	for _, child in ipairs(self.tags) do	
+		if child.attr.xmlns == ns then return child; end
+	end
+end
+
 function stanza_mt:children()
 	local i = 0;
 	return function (a)
@@ -199,6 +205,9 @@
 				end
 			end
 			stanza.tags = tags;
+			if not stanza.last_add then
+				stanza.last_add = {};
+			end
 		end
 	end