--- a/mod_muc_log/mod_muc_log.lua Sun Nov 01 14:37:28 2009 +0100
+++ b/mod_muc_log/mod_muc_log.lua Sun Nov 01 16:42:04 2009 +0100
@@ -13,6 +13,8 @@
local data_load, data_store, data_getpath = datamanager.load, datamanager.store, datamanager.getpath;
local datastore = "muc_log";
local config = {};
+local verifyAuthRequest = module:require "verifyhttpauth".verifyHttpAuthRequest;
+
--[[ LuaFileSystem
@@ -421,7 +423,7 @@
return generateDayListSiteContentByRoom(bareRoomJid); -- fallback
end
end
-
+local requests = {};
function handle_request(method, body, request)
local query = splitQuery(request.url.query);
local node, host = grepRoomJid(request.url.path);
@@ -437,7 +439,17 @@
if room._data ~= nil and room._data.subject ~= nil then
subject = room._data.subject;
end
- return createDoc(parseDay(bare, subject, query));
+ local doc = createDoc(parseDay(bare, subject, query));
+ local id = "thisIsTheId";
+ requests[id] = request;
+ requests[id].doc = doc;
+
+ verifyAuthRequest(request.url.path .. "?" .. request.url.query, "thilo@cestona.ro", id, function (id, confirmed)
+ if confirmed and requests[id] then
+ requests[id].send(requests[id].doc);
+ end
+ end)
+ return true;
end
else
return createDoc(generateRoomListSiteContent());
@@ -448,7 +460,7 @@
return;
end
-config = config_get(module:get_host(), "core", "muc_log");
+config = config_get(module:get_host(), "core", "muc_log") or {};
httpserver.new_from_config({ config.http_port or true }, handle_request, { base = "muc_log" });
--- a/mod_proxy65/mod_proxy65.lua Sun Nov 01 14:37:28 2009 +0100
+++ b/mod_proxy65/mod_proxy65.lua Sun Nov 01 16:42:04 2009 +0100
@@ -21,6 +21,7 @@
local proxy_port = config_get(host, "core", "proxy65_port") or 5000;
local proxy_interface = config_get(host, "core", "proxy65_interface") or "*";
local proxy_address = config_get(host, "core", "proxy65_address") or (proxy_interface ~= "*" and proxy_interface) or host;
+local proxy_acl = config_get(host, "core", "proxy65_acl");
local connlistener = { default_port = proxy_port, default_interface = proxy_interface, default_mode = "*a" };
@@ -126,16 +127,42 @@
return reply;
end
-local function get_stream_host(stanza)
+local function get_stream_host(origin, stanza)
local reply = replies_cache.stream_host;
+ local err_reply = replies_cache.stream_host_err;
local sid = stanza.tags[1].attr.sid;
- if reply == nil then
- reply = st.iq({type="result", from=host})
- :query("http://jabber.org/protocol/bytestreams")
- :tag("streamhost", {jid=host, host=proxy_address, port=proxy_port}); -- TODO get the correct data
- replies_cache.stream_host = reply;
+ local allow = false;
+
+ if proxy_acl then
+ for _, acl in ipairs(proxy_acl) do
+ local acl_node, acl_host, acl_resource = jid_split(acl);
+ if ((acl_node ~= nil and acl_node == origin.username) or acl_node == nil) and
+ ((acl_host ~= nil and acl_host == origin.host) or acl_host == nil) and
+ ((acl_resource ~= nil and acl_resource == origin.resource) or acl_resource == nil) then
+ allow = true;
+ end
+ end
+ else
+ allow = true;
end
-
+ if allow == true then
+ if reply == nil then
+ reply = st.iq({type="result", from=host})
+ :query("http://jabber.org/protocol/bytestreams")
+ :tag("streamhost", {jid=host, host=proxy_address, port=proxy_port});
+ replies_cache.stream_host = reply;
+ end
+ else
+ module:log("debug", "Denying use of proxy for %s@%s/%s", tostring(origin.username), tostring(origin.host), tostring(origin.resource));
+ if err_reply == nil then
+ err_reply = st.iq({type="error", from=host})
+ :query("http://jabber.org/protocol/bytestreams")
+ :tag("error", {code='403', type='auth'})
+ :tag("forbidden", {xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'});
+ replies_cache.stream_host_err = err_reply;
+ end
+ reply = err_reply;
+ end
reply.attr.id = stanza.attr.id;
reply.attr.to = stanza.attr.from;
reply.tags[1].attr.sid = sid;
@@ -179,7 +206,7 @@
origin.send(get_disco_items(stanza));
return true;
elseif xmlns == "http://jabber.org/protocol/bytestreams" then
- origin.send(get_stream_host(stanza));
+ origin.send(get_stream_host(origin, stanza));
return true;
end
elseif stanza.name == "iq" and type == "set" then