author | Matthew Wild <mwild1@gmail.com> |
Tue, 14 Oct 2014 10:59:27 +0100 | |
changeset 6476 | 7c8f58d2b331 |
parent 6429 | e5945fb5b71f |
parent 6474 | 95d93c4f9d40 |
child 6605 | 61b6a4fc65f1 |
child 6610 | 64e6b88b6b21 |
permissions | -rw-r--r-- |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 |
-- Prosody IM |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 |
-- Copyright (C) 2008-2010 Matthew Wild |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 |
-- Copyright (C) 2008-2010 Waqas Hussain |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
4 |
-- |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 |
-- This project is MIT/X11 licensed. Please see the |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 |
-- COPYING file in the source package for more information. |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 |
-- |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 |
module:set_global(); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 |
|
4755
844019f369a5
mod_s2s: Fix imports and remove some unused variables
Matthew Wild <mwild1@gmail.com>
parents:
4752
diff
changeset
|
11 |
local prosody = prosody; |
844019f369a5
mod_s2s: Fix imports and remove some unused variables
Matthew Wild <mwild1@gmail.com>
parents:
4752
diff
changeset
|
12 |
local hosts = prosody.hosts; |
5013
ab693eea0869
mod_admin_adhoc, mod_admin_telnet, mod_bosh, mod_c2s, mod_component, mod_pep, mod_presence, mod_roster, mod_s2s: Import core_post_stanza from the global prosody table.
Kim Alvefur <zash@zash.se>
parents:
4997
diff
changeset
|
13 |
local core_process_stanza = prosody.core_process_stanza; |
4755
844019f369a5
mod_s2s: Fix imports and remove some unused variables
Matthew Wild <mwild1@gmail.com>
parents:
4752
diff
changeset
|
14 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 |
local tostring, type = tostring, type; |
4578
da0528c59c52
mod_s2s: Add missing local table.insert
Kim Alvefur <zash@zash.se>
parents:
4576
diff
changeset
|
16 |
local t_insert = table.insert; |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 |
local xpcall, traceback = xpcall, debug.traceback; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 |
local add_task = require "util.timer".add_task; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 |
local st = require "util.stanza"; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 |
local initialize_filters = require "util.filters".initialize; |
4568
aae7a62671de
mod_s2s: port functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4555
diff
changeset
|
22 |
local nameprep = require "util.encodings".stringprep.nameprep; |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 |
local new_xmpp_stream = require "util.xmppstream".new; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 |
local s2s_new_incoming = require "core.s2smanager".new_incoming; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 |
local s2s_new_outgoing = require "core.s2smanager".new_outgoing; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 |
local s2s_destroy_session = require "core.s2smanager".destroy_session; |
4568
aae7a62671de
mod_s2s: port functionality once in s2smanager.
Florian Zeitz <florob@babelmonkeys.de>
parents:
4555
diff
changeset
|
27 |
local uuid_gen = require "util.uuid".generate; |
5362
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
28 |
local fire_global_event = prosody.events.fire_event; |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 |
local s2sout = module:require("s2sout"); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 |
|
4997
61083e2b1392
mod_s2s: Bump s2s_timeout to 90, to allow for the TCP timeout (in most cases) - this allows us to continue to try other targets
Matthew Wild <mwild1@gmail.com>
parents:
4996
diff
changeset
|
32 |
local connect_timeout = module:get_option_number("s2s_timeout", 90); |
4969
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
33 |
local stream_close_timeout = module:get_option_number("s2s_close_timeout", 5); |
5522
3912c9264ef0
mod_s2s: Obey tcp_keepalives option for s2s too, and make it individually configurable through s2s_tcp_keepalives (thanks yeled)
Matthew Wild <mwild1@gmail.com>
parents:
5505
diff
changeset
|
34 |
local opt_keepalives = module:get_option_boolean("s2s_tcp_keepalives", module:get_option_boolean("tcp_keepalives", true)); |
5363
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
35 |
local secure_auth = module:get_option_boolean("s2s_secure_auth", false); -- One day... |
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
36 |
local secure_domains, insecure_domains = |
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
37 |
module:get_option_set("s2s_secure_domains", {})._items, module:get_option_set("s2s_insecure_domains", {})._items; |
5594
ad66ee47b674
mod_s2s: Fix interaction between s2s_secure_auth and s2s_require_encryption, in particular ensure that when s2s_require_encryption is NOT set, do not require encryption on s2s_insecure_domains.
Matthew Wild <mwild1@gmail.com>
parents:
5533
diff
changeset
|
38 |
local require_encryption = module:get_option_boolean("s2s_require_encryption", false); |
5362
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
39 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
40 |
local sessions = module:shared("sessions"); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
41 |
|
4752 | 42 |
local log = module._log; |
43 |
||
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 |
--- Handle stanzas to remote domains |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
45 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
46 |
local bouncy_stanzas = { message = true, presence = true, iq = true }; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
47 |
local function bounce_sendq(session, reason) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
48 |
local sendq = session.sendq; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
49 |
if not sendq then return; end |
6474
95d93c4f9d40
mod_s2s: Capitalize log message
Kim Alvefur <zash@zash.se>
parents:
6380
diff
changeset
|
50 |
session.log("info", "Sending error replies for "..#sendq.." queued stanzas because of failed outgoing connection to "..tostring(session.to_host)); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
51 |
local dummy = { |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
52 |
type = "s2sin"; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
53 |
send = function(s) |
4755
844019f369a5
mod_s2s: Fix imports and remove some unused variables
Matthew Wild <mwild1@gmail.com>
parents:
4752
diff
changeset
|
54 |
(session.log or log)("error", "Replying to to an s2s error reply, please report this! Traceback: %s", traceback()); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
55 |
end; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
56 |
dummy = true; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
57 |
}; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
58 |
for i, data in ipairs(sendq) do |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
59 |
local reply = data[2]; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
60 |
if reply and not(reply.attr.xmlns) and bouncy_stanzas[reply.name] then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
61 |
reply.attr.type = "error"; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
62 |
reply:tag("error", {type = "cancel"}) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
63 |
:tag("remote-server-not-found", {xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas"}):up(); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
64 |
if reason then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
65 |
reply:tag("text", {xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas"}) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
66 |
:text("Server-to-server connection failed: "..reason):up(); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
67 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
68 |
core_process_stanza(dummy, reply); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
69 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
70 |
sendq[i] = nil; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
71 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
72 |
session.sendq = nil; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
73 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
74 |
|
4818
3bda6fc02652
mod_s2s: Become a shared module (yay)
Matthew Wild <mwild1@gmail.com>
parents:
4814
diff
changeset
|
75 |
-- Handles stanzas to existing s2s sessions |
3bda6fc02652
mod_s2s: Become a shared module (yay)
Matthew Wild <mwild1@gmail.com>
parents:
4814
diff
changeset
|
76 |
function route_to_existing_session(event) |
4580
351936a8de4a
mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent.
Kim Alvefur <zash@zash.se>
parents:
4578
diff
changeset
|
77 |
local from_host, to_host, stanza = event.from_host, event.to_host, event.stanza; |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
78 |
if not hosts[from_host] then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
79 |
log("warn", "Attempt to send stanza from %s - a host we don't serve", from_host); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
80 |
return false; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
81 |
end |
5390
b3c8757ee4f4
mod_s2s: Prevent s2s to and from hosts we serve locally
Kim Alvefur <zash@zash.se>
parents:
5389
diff
changeset
|
82 |
if hosts[to_host] then |
b3c8757ee4f4
mod_s2s: Prevent s2s to and from hosts we serve locally
Kim Alvefur <zash@zash.se>
parents:
5389
diff
changeset
|
83 |
log("warn", "Attempt to route stanza to a remote %s - a host we do serve?!", from_host); |
b3c8757ee4f4
mod_s2s: Prevent s2s to and from hosts we serve locally
Kim Alvefur <zash@zash.se>
parents:
5389
diff
changeset
|
84 |
return false; |
b3c8757ee4f4
mod_s2s: Prevent s2s to and from hosts we serve locally
Kim Alvefur <zash@zash.se>
parents:
5389
diff
changeset
|
85 |
end |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
86 |
local host = hosts[from_host].s2sout[to_host]; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
87 |
if host then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
88 |
-- We have a connection to this host already |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
89 |
if host.type == "s2sout_unauthed" and (stanza.name ~= "db:verify" or not host.dialback_key) then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
90 |
(host.log or log)("debug", "trying to send over unauthed s2sout to "..to_host); |
4580
351936a8de4a
mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent.
Kim Alvefur <zash@zash.se>
parents:
4578
diff
changeset
|
91 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
92 |
-- Queue stanza until we are able to send it |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
93 |
if host.sendq then t_insert(host.sendq, {tostring(stanza), stanza.attr.type ~= "error" and stanza.attr.type ~= "result" and st.reply(stanza)}); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
94 |
else host.sendq = { {tostring(stanza), stanza.attr.type ~= "error" and stanza.attr.type ~= "result" and st.reply(stanza)} }; end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
95 |
host.log("debug", "stanza [%s] queued ", stanza.name); |
4630
9502c0224caf
mod_s2s: Queuing a stanza constitutes handling it.
Paul Aurich <paul@darkrain42.org>
parents:
4625
diff
changeset
|
96 |
return true; |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
97 |
elseif host.type == "local" or host.type == "component" then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
98 |
log("error", "Trying to send a stanza to ourselves??") |
4755
844019f369a5
mod_s2s: Fix imports and remove some unused variables
Matthew Wild <mwild1@gmail.com>
parents:
4752
diff
changeset
|
99 |
log("error", "Traceback: %s", traceback()); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
100 |
log("error", "Stanza: %s", tostring(stanza)); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
101 |
return false; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
102 |
else |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
103 |
(host.log or log)("debug", "going to send stanza to "..to_host.." from "..from_host); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
104 |
-- FIXME |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
105 |
if host.from_host ~= from_host then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
106 |
log("error", "WARNING! This might, possibly, be a bug, but it might not..."); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
107 |
log("error", "We are going to send from %s instead of %s", tostring(host.from_host), tostring(from_host)); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
108 |
end |
4968
a6d3ac11a7af
mod_s2s: Don't treat a stanza as delivered if session.sends2s() returns false
Matthew Wild <mwild1@gmail.com>
parents:
4960
diff
changeset
|
109 |
if host.sends2s(stanza) then |
4993
5243b74a4cbb
Hopefully inert commit to clean up logging across a number of modules, removing all cases of concatenation when building log messages
Matthew Wild <mwild1@gmail.com>
parents:
4988
diff
changeset
|
110 |
host.log("debug", "stanza sent over %s", host.type); |
4968
a6d3ac11a7af
mod_s2s: Don't treat a stanza as delivered if session.sends2s() returns false
Matthew Wild <mwild1@gmail.com>
parents:
4960
diff
changeset
|
111 |
return true; |
a6d3ac11a7af
mod_s2s: Don't treat a stanza as delivered if session.sends2s() returns false
Matthew Wild <mwild1@gmail.com>
parents:
4960
diff
changeset
|
112 |
end |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
113 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
114 |
end |
4818
3bda6fc02652
mod_s2s: Become a shared module (yay)
Matthew Wild <mwild1@gmail.com>
parents:
4814
diff
changeset
|
115 |
end |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
116 |
|
4818
3bda6fc02652
mod_s2s: Become a shared module (yay)
Matthew Wild <mwild1@gmail.com>
parents:
4814
diff
changeset
|
117 |
-- Create a new outgoing session for a stanza |
3bda6fc02652
mod_s2s: Become a shared module (yay)
Matthew Wild <mwild1@gmail.com>
parents:
4814
diff
changeset
|
118 |
function route_to_new_session(event) |
4580
351936a8de4a
mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent.
Kim Alvefur <zash@zash.se>
parents:
4578
diff
changeset
|
119 |
local from_host, to_host, stanza = event.from_host, event.to_host, event.stanza; |
351936a8de4a
mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent.
Kim Alvefur <zash@zash.se>
parents:
4578
diff
changeset
|
120 |
log("debug", "opening a new outgoing connection for this stanza"); |
351936a8de4a
mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent.
Kim Alvefur <zash@zash.se>
parents:
4578
diff
changeset
|
121 |
local host_session = s2s_new_outgoing(from_host, to_host); |
351936a8de4a
mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent.
Kim Alvefur <zash@zash.se>
parents:
4578
diff
changeset
|
122 |
|
351936a8de4a
mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent.
Kim Alvefur <zash@zash.se>
parents:
4578
diff
changeset
|
123 |
-- Store in buffer |
351936a8de4a
mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent.
Kim Alvefur <zash@zash.se>
parents:
4578
diff
changeset
|
124 |
host_session.bounce_sendq = bounce_sendq; |
351936a8de4a
mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent.
Kim Alvefur <zash@zash.se>
parents:
4578
diff
changeset
|
125 |
host_session.sendq = { {tostring(stanza), stanza.attr.type ~= "error" and stanza.attr.type ~= "result" and st.reply(stanza)} }; |
351936a8de4a
mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent.
Kim Alvefur <zash@zash.se>
parents:
4578
diff
changeset
|
126 |
log("debug", "stanza [%s] queued until connection complete", tostring(stanza.name)); |
351936a8de4a
mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent.
Kim Alvefur <zash@zash.se>
parents:
4578
diff
changeset
|
127 |
s2sout.initiate_connection(host_session); |
351936a8de4a
mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent.
Kim Alvefur <zash@zash.se>
parents:
4578
diff
changeset
|
128 |
if (not host_session.connecting) and (not host_session.conn) then |
351936a8de4a
mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent.
Kim Alvefur <zash@zash.se>
parents:
4578
diff
changeset
|
129 |
log("warn", "Connection to %s failed already, destroying session...", to_host); |
4621
0445a543ae57
mod_s2s: Don't bounce sendq on failed connections since it's handled by s2smanager
Kim Alvefur <zash@zash.se>
parents:
4601
diff
changeset
|
130 |
s2s_destroy_session(host_session, "Connection failed"); |
4580
351936a8de4a
mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent.
Kim Alvefur <zash@zash.se>
parents:
4578
diff
changeset
|
131 |
return false; |
351936a8de4a
mod_s2s: Split send_to_host() into two route/remote hooks, one for already exsisting sessions and one for non-existent.
Kim Alvefur <zash@zash.se>
parents:
4578
diff
changeset
|
132 |
end |
4581
d2eb5962d235
mod_s2s: return true when we sent the stanza, or initiated a new s2sout
Kim Alvefur <zash@zash.se>
parents:
4580
diff
changeset
|
133 |
return true; |
4818
3bda6fc02652
mod_s2s: Become a shared module (yay)
Matthew Wild <mwild1@gmail.com>
parents:
4814
diff
changeset
|
134 |
end |
3bda6fc02652
mod_s2s: Become a shared module (yay)
Matthew Wild <mwild1@gmail.com>
parents:
4814
diff
changeset
|
135 |
|
5669
9345c161481f
mod_c2s, mod_s2s: Fire an event on read timeouts
Kim Alvefur <zash@zash.se>
parents:
5661
diff
changeset
|
136 |
local function keepalive(event) |
9345c161481f
mod_c2s, mod_s2s: Fire an event on read timeouts
Kim Alvefur <zash@zash.se>
parents:
5661
diff
changeset
|
137 |
return event.session.sends2s(' '); |
9345c161481f
mod_c2s, mod_s2s: Fire an event on read timeouts
Kim Alvefur <zash@zash.se>
parents:
5661
diff
changeset
|
138 |
end |
9345c161481f
mod_c2s, mod_s2s: Fire an event on read timeouts
Kim Alvefur <zash@zash.se>
parents:
5661
diff
changeset
|
139 |
|
5713
5cf6dedf36f4
mod_s2s: Add missing global hook for read-timeout
Kim Alvefur <zash@zash.se>
parents:
5669
diff
changeset
|
140 |
module:hook("s2s-read-timeout", keepalive, -1); |
5cf6dedf36f4
mod_s2s: Add missing global hook for read-timeout
Kim Alvefur <zash@zash.se>
parents:
5669
diff
changeset
|
141 |
|
4818
3bda6fc02652
mod_s2s: Become a shared module (yay)
Matthew Wild <mwild1@gmail.com>
parents:
4814
diff
changeset
|
142 |
function module.add_host(module) |
3bda6fc02652
mod_s2s: Become a shared module (yay)
Matthew Wild <mwild1@gmail.com>
parents:
4814
diff
changeset
|
143 |
if module:get_option_boolean("disallow_s2s", false) then |
4834
878f75ccc4fb
mod_s2s, mod_auth_anonymous, hostmanager: Remove disallow_s2s flag, deprecate the config option of the same name (disable mod_s2s instead), and add 'allow_anonymous_s2s' to separately control s2s for anonymous users
Matthew Wild <mwild1@gmail.com>
parents:
4822
diff
changeset
|
144 |
module:log("warn", "The 'disallow_s2s' config option is deprecated, please see http://prosody.im/doc/s2s#disabling"); |
4818
3bda6fc02652
mod_s2s: Become a shared module (yay)
Matthew Wild <mwild1@gmail.com>
parents:
4814
diff
changeset
|
145 |
return nil, "This host has disallow_s2s set"; |
3bda6fc02652
mod_s2s: Become a shared module (yay)
Matthew Wild <mwild1@gmail.com>
parents:
4814
diff
changeset
|
146 |
end |
5454
5f69fddf6fb9
mod_s2s: Adjust priority of route/remote hooks to negative values (like most other internal hooks)
Kim Alvefur <zash@zash.se>
parents:
5423
diff
changeset
|
147 |
module:hook("route/remote", route_to_existing_session, -1); |
5f69fddf6fb9
mod_s2s: Adjust priority of route/remote hooks to negative values (like most other internal hooks)
Kim Alvefur <zash@zash.se>
parents:
5423
diff
changeset
|
148 |
module:hook("route/remote", route_to_new_session, -10); |
5362
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
149 |
module:hook("s2s-authenticated", make_authenticated, -1); |
5669
9345c161481f
mod_c2s, mod_s2s: Fire an event on read timeouts
Kim Alvefur <zash@zash.se>
parents:
5661
diff
changeset
|
150 |
module:hook("s2s-read-timeout", keepalive, -1); |
6146
ac4f8770d9aa
mod_s2s: Follow XMPP Core on when a stream is to be considered ready
Kim Alvefur <zash@zash.se>
parents:
6085
diff
changeset
|
151 |
module:hook_stanza("http://etherx.jabber.org/streams", "features", function (session, stanza) |
ac4f8770d9aa
mod_s2s: Follow XMPP Core on when a stream is to be considered ready
Kim Alvefur <zash@zash.se>
parents:
6085
diff
changeset
|
152 |
if session.type == "s2sout" then |
ac4f8770d9aa
mod_s2s: Follow XMPP Core on when a stream is to be considered ready
Kim Alvefur <zash@zash.se>
parents:
6085
diff
changeset
|
153 |
-- Stream is authenticated and we are seem to be done with feature negotiation, |
ac4f8770d9aa
mod_s2s: Follow XMPP Core on when a stream is to be considered ready
Kim Alvefur <zash@zash.se>
parents:
6085
diff
changeset
|
154 |
-- so the stream is ready for stanzas. RFC 6120 Section 4.3 |
ac4f8770d9aa
mod_s2s: Follow XMPP Core on when a stream is to be considered ready
Kim Alvefur <zash@zash.se>
parents:
6085
diff
changeset
|
155 |
mark_connected(session); |
6404
166d1bd8fc38
core.stanza_router, mod_s2s: Move handling of S2S features to mod_s2s from stanza_router
Kim Alvefur <zash@zash.se>
parents:
6382
diff
changeset
|
156 |
return true; |
6429
e5945fb5b71f
mod_s2s: Close s2s connections that can not proceed due to mod_dialback not being present
Kim Alvefur <zash@zash.se>
parents:
6404
diff
changeset
|
157 |
elseif not session.dialback_verifying then |
e5945fb5b71f
mod_s2s: Close s2s connections that can not proceed due to mod_dialback not being present
Kim Alvefur <zash@zash.se>
parents:
6404
diff
changeset
|
158 |
session.log("warn", "No SASL EXTERNAL offer and Dialback doesn't seem to be enabled, giving up"); |
e5945fb5b71f
mod_s2s: Close s2s connections that can not proceed due to mod_dialback not being present
Kim Alvefur <zash@zash.se>
parents:
6404
diff
changeset
|
159 |
session:close(); |
e5945fb5b71f
mod_s2s: Close s2s connections that can not proceed due to mod_dialback not being present
Kim Alvefur <zash@zash.se>
parents:
6404
diff
changeset
|
160 |
return false; |
6146
ac4f8770d9aa
mod_s2s: Follow XMPP Core on when a stream is to be considered ready
Kim Alvefur <zash@zash.se>
parents:
6085
diff
changeset
|
161 |
end |
ac4f8770d9aa
mod_s2s: Follow XMPP Core on when a stream is to be considered ready
Kim Alvefur <zash@zash.se>
parents:
6085
diff
changeset
|
162 |
end, -1); |
5362
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
163 |
end |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
164 |
|
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
165 |
-- Stream is authorised, and ready for normal stanzas |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
166 |
function mark_connected(session) |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
167 |
local sendq, send = session.sendq, session.sends2s; |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
168 |
|
5362
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
169 |
local from, to = session.from_host, session.to_host; |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
170 |
|
5800
3a48acbcb7f3
mod_s2s: Captitalize log messages that begin with a stream direction
Kim Alvefur <zash@zash.se>
parents:
5776
diff
changeset
|
171 |
session.log("info", "%s s2s connection %s->%s complete", session.direction:gsub("^.", string.upper), from, to); |
5362
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
172 |
|
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
173 |
local event_data = { session = session }; |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
174 |
if session.type == "s2sout" then |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
175 |
fire_global_event("s2sout-established", event_data); |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
176 |
hosts[from].events.fire_event("s2sout-established", event_data); |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
177 |
else |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
178 |
local host_session = hosts[to]; |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
179 |
session.send = function(stanza) |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
180 |
return host_session.events.fire_event("route/remote", { from_host = to, to_host = from, stanza = stanza }); |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
181 |
end; |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
182 |
|
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
183 |
fire_global_event("s2sin-established", event_data); |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
184 |
hosts[to].events.fire_event("s2sin-established", event_data); |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
185 |
end |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
186 |
|
5362
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
187 |
if session.direction == "outgoing" then |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
188 |
if sendq then |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
189 |
session.log("debug", "sending %d queued stanzas across new outgoing connection to %s", #sendq, session.to_host); |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
190 |
for i, data in ipairs(sendq) do |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
191 |
send(data[1]); |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
192 |
sendq[i] = nil; |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
193 |
end |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
194 |
session.sendq = nil; |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
195 |
end |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
196 |
|
5362
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
197 |
session.ip_hosts = nil; |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
198 |
session.srv_hosts = nil; |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
199 |
end |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
200 |
end |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
201 |
|
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
202 |
function make_authenticated(event) |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
203 |
local session, host = event.session, event.host; |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
204 |
if not session.secure then |
5594
ad66ee47b674
mod_s2s: Fix interaction between s2s_secure_auth and s2s_require_encryption, in particular ensure that when s2s_require_encryption is NOT set, do not require encryption on s2s_insecure_domains.
Matthew Wild <mwild1@gmail.com>
parents:
5533
diff
changeset
|
205 |
if require_encryption or (secure_auth and not(insecure_domains[host])) or secure_domains[host] then |
5362
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
206 |
session:close({ |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
207 |
condition = "policy-violation", |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
208 |
text = "Encrypted server-to-server communication is required but was not " |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
209 |
..((session.direction == "outgoing" and "offered") or "used") |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
210 |
}); |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
211 |
end |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
212 |
end |
5390
b3c8757ee4f4
mod_s2s: Prevent s2s to and from hosts we serve locally
Kim Alvefur <zash@zash.se>
parents:
5389
diff
changeset
|
213 |
if hosts[host] then |
b3c8757ee4f4
mod_s2s: Prevent s2s to and from hosts we serve locally
Kim Alvefur <zash@zash.se>
parents:
5389
diff
changeset
|
214 |
session:close({ condition = "undefined-condition", text = "Attempt to authenticate as a host we serve" }); |
b3c8757ee4f4
mod_s2s: Prevent s2s to and from hosts we serve locally
Kim Alvefur <zash@zash.se>
parents:
5389
diff
changeset
|
215 |
end |
5362
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
216 |
if session.type == "s2sout_unauthed" then |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
217 |
session.type = "s2sout"; |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
218 |
elseif session.type == "s2sin_unauthed" then |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
219 |
session.type = "s2sin"; |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
220 |
if host then |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
221 |
if not session.hosts[host] then session.hosts[host] = {}; end |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
222 |
session.hosts[host].authed = true; |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
223 |
end |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
224 |
elseif session.type == "s2sin" and host then |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
225 |
if not session.hosts[host] then session.hosts[host] = {}; end |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
226 |
session.hosts[host].authed = true; |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
227 |
else |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
228 |
return false; |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
229 |
end |
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
230 |
session.log("debug", "connection %s->%s is now authenticated for %s", session.from_host, session.to_host, host); |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
231 |
|
6146
ac4f8770d9aa
mod_s2s: Follow XMPP Core on when a stream is to be considered ready
Kim Alvefur <zash@zash.se>
parents:
6085
diff
changeset
|
232 |
if (session.type == "s2sout" and session.external_auth ~= "succeeded") or session.type == "s2sin" then |
ac4f8770d9aa
mod_s2s: Follow XMPP Core on when a stream is to be considered ready
Kim Alvefur <zash@zash.se>
parents:
6085
diff
changeset
|
233 |
-- Stream either used dialback for authentication or is an incoming stream. |
ac4f8770d9aa
mod_s2s: Follow XMPP Core on when a stream is to be considered ready
Kim Alvefur <zash@zash.se>
parents:
6085
diff
changeset
|
234 |
mark_connected(session); |
ac4f8770d9aa
mod_s2s: Follow XMPP Core on when a stream is to be considered ready
Kim Alvefur <zash@zash.se>
parents:
6085
diff
changeset
|
235 |
end |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
236 |
|
5362
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
237 |
return true; |
4818
3bda6fc02652
mod_s2s: Become a shared module (yay)
Matthew Wild <mwild1@gmail.com>
parents:
4814
diff
changeset
|
238 |
end |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
239 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
240 |
--- Helper to check that a session peer's certificate is valid |
6301
2fdd71b08126
mod_dialback: Short-circuit dialback auth if certificate is considered valid
Kim Alvefur <zash@zash.se>
parents:
6259
diff
changeset
|
241 |
function check_cert_status(session) |
5387
1130887e0d41
mod_s2s: session.from_host does not allways exist on incoming connections, true and nil or "our hostname" does not evaluate to what we want here
Kim Alvefur <zash@zash.se>
parents:
5368
diff
changeset
|
242 |
local host = session.direction == "outgoing" and session.to_host or session.from_host |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
243 |
local conn = session.conn:socket() |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
244 |
local cert |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
245 |
if conn.getpeercertificate then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
246 |
cert = conn:getpeercertificate() |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
247 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
248 |
|
5363
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
249 |
return module:fire_event("s2s-check-certificate", { host = host, session = session, cert = cert }); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
250 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
251 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
252 |
--- XMPP stream event handlers |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
253 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
254 |
local stream_callbacks = { default_ns = "jabber:server", handlestanza = core_process_stanza }; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
255 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
256 |
local xmlns_xmpp_streams = "urn:ietf:params:xml:ns:xmpp-streams"; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
257 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
258 |
function stream_callbacks.streamopened(session, attr) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
259 |
local send = session.sends2s; |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
260 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
261 |
session.version = tonumber(attr.version) or 0; |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
262 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
263 |
-- TODO: Rename session.secure to session.encrypted |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
264 |
if session.secure == false then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
265 |
session.secure = true; |
5859
e327f2d4e09f
mod_c2s, mod_s2s: Set session.encrypted as session.secure does not allways mean encrypted (eg consider_bosh_secure)
Kim Alvefur <zash@zash.se>
parents:
5801
diff
changeset
|
266 |
session.encrypted = true; |
5173
b22d24b5a89a
mod_s2s: Detect TLS compression
Kim Alvefur <zash@zash.se>
parents:
5120
diff
changeset
|
267 |
|
b22d24b5a89a
mod_s2s: Detect TLS compression
Kim Alvefur <zash@zash.se>
parents:
5120
diff
changeset
|
268 |
local sock = session.conn:socket(); |
b22d24b5a89a
mod_s2s: Detect TLS compression
Kim Alvefur <zash@zash.se>
parents:
5120
diff
changeset
|
269 |
if sock.info then |
5764
969e0a054795
mod_c2s, mod_s2s: Log a message that stream encryption has been enabled with some details
Kim Alvefur <zash@zash.se>
parents:
5713
diff
changeset
|
270 |
local info = sock:info(); |
5801
224644752bf4
mod_c2s, mod_s2s: Log cipher and encryption info in a more compact and (hopefully) less confusing way
Kim Alvefur <zash@zash.se>
parents:
5800
diff
changeset
|
271 |
(session.log or log)("info", "Stream encrypted (%s with %s)", info.protocol, info.cipher); |
5764
969e0a054795
mod_c2s, mod_s2s: Log a message that stream encryption has been enabled with some details
Kim Alvefur <zash@zash.se>
parents:
5713
diff
changeset
|
272 |
session.compressed = info.compression; |
969e0a054795
mod_c2s, mod_s2s: Log a message that stream encryption has been enabled with some details
Kim Alvefur <zash@zash.se>
parents:
5713
diff
changeset
|
273 |
else |
969e0a054795
mod_c2s, mod_s2s: Log a message that stream encryption has been enabled with some details
Kim Alvefur <zash@zash.se>
parents:
5713
diff
changeset
|
274 |
(session.log or log)("info", "Stream encrypted"); |
969e0a054795
mod_c2s, mod_s2s: Log a message that stream encryption has been enabled with some details
Kim Alvefur <zash@zash.se>
parents:
5713
diff
changeset
|
275 |
session.compressed = sock.compression and sock:compression(); --COMPAT mw/luasec-hg |
5173
b22d24b5a89a
mod_s2s: Detect TLS compression
Kim Alvefur <zash@zash.se>
parents:
5120
diff
changeset
|
276 |
end |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
277 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
278 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
279 |
if session.direction == "incoming" then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
280 |
-- Send a reply stream header |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
281 |
|
4589
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
282 |
-- Validate to/from |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
283 |
local to, from = nameprep(attr.to), nameprep(attr.from); |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
284 |
if not to and attr.to then -- COMPAT: Some servers do not reliably set 'to' (especially on stream restarts) |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
285 |
session:close({ condition = "improper-addressing", text = "Invalid 'to' address" }); |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
286 |
return; |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
287 |
end |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
288 |
if not from and attr.from then -- COMPAT: Some servers do not reliably set 'from' (especially on stream restarts) |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
289 |
session:close({ condition = "improper-addressing", text = "Invalid 'from' address" }); |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
290 |
return; |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
291 |
end |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
292 |
|
4589
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
293 |
-- Set session.[from/to]_host if they have not been set already and if |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
294 |
-- this session isn't already authenticated |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
295 |
if session.type == "s2sin_unauthed" and from and not session.from_host then |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
296 |
session.from_host = from; |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
297 |
elseif from ~= session.from_host then |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
298 |
session:close({ condition = "improper-addressing", text = "New stream 'from' attribute does not match original" }); |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
299 |
return; |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
300 |
end |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
301 |
if session.type == "s2sin_unauthed" and to and not session.to_host then |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
302 |
session.to_host = to; |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
303 |
elseif to ~= session.to_host then |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
304 |
session:close({ condition = "improper-addressing", text = "New stream 'to' attribute does not match original" }); |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
305 |
return; |
8553d822f417
mod_s2s: streamopened(): Tighter validation around stream 'to' and 'from' attributes, and only set to_host and from_host if they aren't set already and if the session hasn't already been authenticated
Matthew Wild <mwild1@gmail.com>
parents:
4587
diff
changeset
|
306 |
end |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
307 |
|
4820
c65edd3bb334
mod_s2s: Cache to_host and from_host in local variables, and use these instead of repeated lookups
Matthew Wild <mwild1@gmail.com>
parents:
4819
diff
changeset
|
308 |
-- For convenience we'll put the sanitised values into these variables |
c65edd3bb334
mod_s2s: Cache to_host and from_host in local variables, and use these instead of repeated lookups
Matthew Wild <mwild1@gmail.com>
parents:
4819
diff
changeset
|
309 |
to, from = session.to_host, session.from_host; |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
310 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
311 |
session.streamid = uuid_gen(); |
4590
883611842d3a
mod_s2s: Log the entire stream header.
Kim Alvefur <zash@zash.se>
parents:
4587
diff
changeset
|
312 |
(session.log or log)("debug", "Incoming s2s received %s", st.stanza("stream:stream", attr):top_tag()); |
4820
c65edd3bb334
mod_s2s: Cache to_host and from_host in local variables, and use these instead of repeated lookups
Matthew Wild <mwild1@gmail.com>
parents:
4819
diff
changeset
|
313 |
if to then |
c65edd3bb334
mod_s2s: Cache to_host and from_host in local variables, and use these instead of repeated lookups
Matthew Wild <mwild1@gmail.com>
parents:
4819
diff
changeset
|
314 |
if not hosts[to] then |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
315 |
-- Attempting to connect to a host we don't serve |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
316 |
session:close({ |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
317 |
condition = "host-unknown"; |
4820
c65edd3bb334
mod_s2s: Cache to_host and from_host in local variables, and use these instead of repeated lookups
Matthew Wild <mwild1@gmail.com>
parents:
4819
diff
changeset
|
318 |
text = "This host does not serve "..to |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
319 |
}); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
320 |
return; |
4834
878f75ccc4fb
mod_s2s, mod_auth_anonymous, hostmanager: Remove disallow_s2s flag, deprecate the config option of the same name (disable mod_s2s instead), and add 'allow_anonymous_s2s' to separately control s2s for anonymous users
Matthew Wild <mwild1@gmail.com>
parents:
4822
diff
changeset
|
321 |
elseif not hosts[to].modules.s2s then |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
322 |
-- Attempting to connect to a host that disallows s2s |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
323 |
session:close({ |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
324 |
condition = "policy-violation"; |
4834
878f75ccc4fb
mod_s2s, mod_auth_anonymous, hostmanager: Remove disallow_s2s flag, deprecate the config option of the same name (disable mod_s2s instead), and add 'allow_anonymous_s2s' to separately control s2s for anonymous users
Matthew Wild <mwild1@gmail.com>
parents:
4822
diff
changeset
|
325 |
text = "Server-to-server communication is disabled for this host"; |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
326 |
}); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
327 |
return; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
328 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
329 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
330 |
|
5390
b3c8757ee4f4
mod_s2s: Prevent s2s to and from hosts we serve locally
Kim Alvefur <zash@zash.se>
parents:
5389
diff
changeset
|
331 |
if hosts[from] then |
b3c8757ee4f4
mod_s2s: Prevent s2s to and from hosts we serve locally
Kim Alvefur <zash@zash.se>
parents:
5389
diff
changeset
|
332 |
session:close({ condition = "undefined-condition", text = "Attempt to connect from a host we serve" }); |
b3c8757ee4f4
mod_s2s: Prevent s2s to and from hosts we serve locally
Kim Alvefur <zash@zash.se>
parents:
5389
diff
changeset
|
333 |
return; |
b3c8757ee4f4
mod_s2s: Prevent s2s to and from hosts we serve locally
Kim Alvefur <zash@zash.se>
parents:
5389
diff
changeset
|
334 |
end |
b3c8757ee4f4
mod_s2s: Prevent s2s to and from hosts we serve locally
Kim Alvefur <zash@zash.se>
parents:
5389
diff
changeset
|
335 |
|
5363
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
336 |
if session.secure and not session.cert_chain_status then |
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
337 |
if check_cert_status(session) == false then |
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
338 |
return; |
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
339 |
end |
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
340 |
end |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
341 |
|
5533
df3c78221f26
mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338
Matthew Wild <mwild1@gmail.com>
parents:
5522
diff
changeset
|
342 |
session:open_stream(session.to_host, session.from_host) |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
343 |
if session.version >= 1.0 then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
344 |
local features = st.stanza("stream:features"); |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
345 |
|
4820
c65edd3bb334
mod_s2s: Cache to_host and from_host in local variables, and use these instead of repeated lookups
Matthew Wild <mwild1@gmail.com>
parents:
4819
diff
changeset
|
346 |
if to then |
c65edd3bb334
mod_s2s: Cache to_host and from_host in local variables, and use these instead of repeated lookups
Matthew Wild <mwild1@gmail.com>
parents:
4819
diff
changeset
|
347 |
hosts[to].events.fire_event("s2s-stream-features", { origin = session, features = features }); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
348 |
else |
5975
0d219631d47b
mod_s2s: Include IP in log messages, if host is unavailable
Florian Zeitz <florob@babelmonkeys.de>
parents:
5769
diff
changeset
|
349 |
(session.log or log)("warn", "No 'to' on stream header from %s means we can't offer any features", from or session.ip or "unknown host"); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
350 |
end |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
351 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
352 |
log("debug", "Sending stream features: %s", tostring(features)); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
353 |
send(features); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
354 |
end |
6359
c74670b3be53
mod_s2s: Mark stream as opened earlier for outgoing connections, fixes double stream headers on policy failures
Kim Alvefur <zash@zash.se>
parents:
5975
diff
changeset
|
355 |
session.notopen = nil; |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
356 |
elseif session.direction == "outgoing" then |
6359
c74670b3be53
mod_s2s: Mark stream as opened earlier for outgoing connections, fixes double stream headers on policy failures
Kim Alvefur <zash@zash.se>
parents:
5975
diff
changeset
|
357 |
session.notopen = nil; |
6378
3cec0eef0b70
mod_s2s: Close offending s2s streams missing an 'id' attribute with a stream error instead of throwing an unhandled error
Kim Alvefur <zash@zash.se>
parents:
6364
diff
changeset
|
358 |
if not attr.id then |
3cec0eef0b70
mod_s2s: Close offending s2s streams missing an 'id' attribute with a stream error instead of throwing an unhandled error
Kim Alvefur <zash@zash.se>
parents:
6364
diff
changeset
|
359 |
log("error", "Stream response did not give us a stream id!"); |
3cec0eef0b70
mod_s2s: Close offending s2s streams missing an 'id' attribute with a stream error instead of throwing an unhandled error
Kim Alvefur <zash@zash.se>
parents:
6364
diff
changeset
|
360 |
session:close({ condition = "undefined-condition", text = "Missing stream ID" }); |
3cec0eef0b70
mod_s2s: Close offending s2s streams missing an 'id' attribute with a stream error instead of throwing an unhandled error
Kim Alvefur <zash@zash.se>
parents:
6364
diff
changeset
|
361 |
return; |
3cec0eef0b70
mod_s2s: Close offending s2s streams missing an 'id' attribute with a stream error instead of throwing an unhandled error
Kim Alvefur <zash@zash.se>
parents:
6364
diff
changeset
|
362 |
end |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
363 |
session.streamid = attr.id; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
364 |
|
5363
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
365 |
if session.secure and not session.cert_chain_status then |
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
366 |
if check_cert_status(session) == false then |
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
367 |
return; |
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
368 |
end |
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
369 |
end |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
370 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
371 |
-- Send unauthed buffer |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
372 |
-- (stanzas which are fine to send before dialback) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
373 |
-- Note that this is *not* the stanza queue (which |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
374 |
-- we can only send if auth succeeds) :) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
375 |
local send_buffer = session.send_buffer; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
376 |
if send_buffer and #send_buffer > 0 then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
377 |
log("debug", "Sending s2s send_buffer now..."); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
378 |
for i, data in ipairs(send_buffer) do |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
379 |
session.sends2s(tostring(data)); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
380 |
send_buffer[i] = nil; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
381 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
382 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
383 |
session.send_buffer = nil; |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
384 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
385 |
-- If server is pre-1.0, don't wait for features, just do dialback |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
386 |
if session.version < 1.0 then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
387 |
if not session.dialback_verifying then |
5341
760c22c822be
mod_s2s, mod_dialback: Rename s2s-authenticate-legacy event to s2sout-authenticate-legacy for clarity. Also, hello!
Matthew Wild <mwild1@gmail.com>
parents:
5307
diff
changeset
|
388 |
hosts[session.from_host].events.fire_event("s2sout-authenticate-legacy", { origin = session }); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
389 |
else |
5362
612467e263af
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
Matthew Wild <mwild1@gmail.com>
parents:
5351
diff
changeset
|
390 |
mark_connected(session); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
391 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
392 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
393 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
394 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
395 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
396 |
function stream_callbacks.streamclosed(session) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
397 |
(session.log or log)("debug", "Received </stream:stream>"); |
4988
29bdf68ad142
mod_s2s: Adjust session:close() in line with mod_c2s's - fixes waiting for </stream:stream> if it has already been sent by the peer
Matthew Wild <mwild1@gmail.com>
parents:
4969
diff
changeset
|
398 |
session:close(false); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
399 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
400 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
401 |
function stream_callbacks.error(session, error, data) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
402 |
if error == "no-stream" then |
6364
4e93e8768c36
mod_c2s, mod_s2s: Log received invalid stream headers
Matthew Wild <mwild1@gmail.com>
parents:
6362
diff
changeset
|
403 |
session.log("debug", "Invalid opening stream header (%s)", (data:gsub("^([^\1]+)\1", "{%1}"))); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
404 |
session:close("invalid-namespace"); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
405 |
elseif error == "parse-error" then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
406 |
session.log("debug", "Server-to-server XML parse error: %s", tostring(error)); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
407 |
session:close("not-well-formed"); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
408 |
elseif error == "stream-error" then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
409 |
local condition, text = "undefined-condition"; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
410 |
for child in data:children() do |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
411 |
if child.attr.xmlns == xmlns_xmpp_streams then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
412 |
if child.name ~= "text" then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
413 |
condition = child.name; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
414 |
else |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
415 |
text = child:get_text(); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
416 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
417 |
if condition ~= "undefined-condition" and text then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
418 |
break; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
419 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
420 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
421 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
422 |
text = condition .. (text and (" ("..text..")") or ""); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
423 |
session.log("info", "Session closed by remote with error: %s", text); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
424 |
session:close(nil, text); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
425 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
426 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
427 |
|
5505
0b6a99e6c1b1
mod_c2s, mod_s2s, net.http, net.http.server: Improve tracebacks (omit traceback function), to make it clearer where an error occured
Matthew Wild <mwild1@gmail.com>
parents:
5474
diff
changeset
|
428 |
local function handleerr(err) log("error", "Traceback[s2s]: %s", traceback(tostring(err), 2)); end |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
429 |
function stream_callbacks.handlestanza(session, stanza) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
430 |
if stanza.attr.xmlns == "jabber:client" then --COMPAT: Prosody pre-0.6.2 may send jabber:client |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
431 |
stanza.attr.xmlns = nil; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
432 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
433 |
stanza = session.filter("stanzas/in", stanza); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
434 |
if stanza then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
435 |
return xpcall(function () return core_process_stanza(session, stanza) end, handleerr); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
436 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
437 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
438 |
|
4625
325965bafae1
mod_c2s, mod_s2s: Drop default_port and default_mode from listener objects (default_port is deprecated, and default_mode already defaults to *a)
Matthew Wild <mwild1@gmail.com>
parents:
4622
diff
changeset
|
439 |
local listener = {}; |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
440 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
441 |
--- Session methods |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
442 |
local stream_xmlns_attr = {xmlns='urn:ietf:params:xml:ns:xmpp-streams'}; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
443 |
local function session_close(session, reason, remote_reason) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
444 |
local log = session.log or log; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
445 |
if session.conn then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
446 |
if session.notopen then |
5533
df3c78221f26
mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338
Matthew Wild <mwild1@gmail.com>
parents:
5522
diff
changeset
|
447 |
if session.direction == "incoming" then |
df3c78221f26
mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338
Matthew Wild <mwild1@gmail.com>
parents:
5522
diff
changeset
|
448 |
session:open_stream(session.to_host, session.from_host); |
df3c78221f26
mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338
Matthew Wild <mwild1@gmail.com>
parents:
5522
diff
changeset
|
449 |
else |
df3c78221f26
mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338
Matthew Wild <mwild1@gmail.com>
parents:
5522
diff
changeset
|
450 |
session:open_stream(session.from_host, session.to_host); |
df3c78221f26
mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338
Matthew Wild <mwild1@gmail.com>
parents:
5522
diff
changeset
|
451 |
end |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
452 |
end |
4988
29bdf68ad142
mod_s2s: Adjust session:close() in line with mod_c2s's - fixes waiting for </stream:stream> if it has already been sent by the peer
Matthew Wild <mwild1@gmail.com>
parents:
4969
diff
changeset
|
453 |
if reason then -- nil == no err, initiated by us, false == initiated by remote |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
454 |
if type(reason) == "string" then -- assume stream error |
5975
0d219631d47b
mod_s2s: Include IP in log messages, if host is unavailable
Florian Zeitz <florob@babelmonkeys.de>
parents:
5769
diff
changeset
|
455 |
log("debug", "Disconnecting %s[%s], <stream:error> is: %s", session.host or session.ip or "(unknown host)", session.type, reason); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
456 |
session.sends2s(st.stanza("stream:error"):tag(reason, {xmlns = 'urn:ietf:params:xml:ns:xmpp-streams' })); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
457 |
elseif type(reason) == "table" then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
458 |
if reason.condition then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
459 |
local stanza = st.stanza("stream:error"):tag(reason.condition, stream_xmlns_attr):up(); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
460 |
if reason.text then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
461 |
stanza:tag("text", stream_xmlns_attr):text(reason.text):up(); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
462 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
463 |
if reason.extra then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
464 |
stanza:add_child(reason.extra); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
465 |
end |
5975
0d219631d47b
mod_s2s: Include IP in log messages, if host is unavailable
Florian Zeitz <florob@babelmonkeys.de>
parents:
5769
diff
changeset
|
466 |
log("debug", "Disconnecting %s[%s], <stream:error> is: %s", session.host or session.ip or "(unknown host)", session.type, tostring(stanza)); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
467 |
session.sends2s(stanza); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
468 |
elseif reason.name then -- a stanza |
4996
164dc19519d8
mod_c2s, mod_s2s: Lower 'Disconnecting X' log messages from 'info' to 'debug'
Matthew Wild <mwild1@gmail.com>
parents:
4993
diff
changeset
|
469 |
log("debug", "Disconnecting %s->%s[%s], <stream:error> is: %s", session.from_host or "(unknown host)", session.to_host or "(unknown host)", session.type, tostring(reason)); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
470 |
session.sends2s(reason); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
471 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
472 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
473 |
end |
4988
29bdf68ad142
mod_s2s: Adjust session:close() in line with mod_c2s's - fixes waiting for </stream:stream> if it has already been sent by the peer
Matthew Wild <mwild1@gmail.com>
parents:
4969
diff
changeset
|
474 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
475 |
session.sends2s("</stream:stream>"); |
4969
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
476 |
function session.sends2s() return false; end |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
477 |
|
4988
29bdf68ad142
mod_s2s: Adjust session:close() in line with mod_c2s's - fixes waiting for </stream:stream> if it has already been sent by the peer
Matthew Wild <mwild1@gmail.com>
parents:
4969
diff
changeset
|
478 |
local reason = remote_reason or (reason and (reason.text or reason.condition)) or reason; |
5800
3a48acbcb7f3
mod_s2s: Captitalize log messages that begin with a stream direction
Kim Alvefur <zash@zash.se>
parents:
5776
diff
changeset
|
479 |
session.log("info", "%s s2s stream %s->%s closed: %s", session.direction:gsub("^.", string.upper), session.from_host or "(unknown host)", session.to_host or "(unknown host)", reason or "stream closed"); |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
480 |
|
4969
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
481 |
-- Authenticated incoming stream may still be sending us stanzas, so wait for </stream:stream> from remote |
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
482 |
local conn = session.conn; |
4988
29bdf68ad142
mod_s2s: Adjust session:close() in line with mod_c2s's - fixes waiting for </stream:stream> if it has already been sent by the peer
Matthew Wild <mwild1@gmail.com>
parents:
4969
diff
changeset
|
483 |
if reason == nil and not session.notopen and session.type == "s2sin" then |
4969
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
484 |
add_task(stream_close_timeout, function () |
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
485 |
if not session.destroyed then |
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
486 |
session.log("warn", "Failed to receive a stream close response, closing connection anyway..."); |
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
487 |
s2s_destroy_session(session, reason); |
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
488 |
conn:close(); |
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
489 |
end |
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
490 |
end); |
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
491 |
else |
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
492 |
s2s_destroy_session(session, reason); |
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
493 |
conn:close(); -- Close immediately, as this is an outgoing connection or is not authed |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
494 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
495 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
496 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
497 |
|
6085
2f911644f527
mod_s2s: Replace open_stream() with function that only adds s2s/dialback attributes to stream header
Kim Alvefur <zash@zash.se>
parents:
6069
diff
changeset
|
498 |
function session_stream_attrs(session, from, to, attr) |
5533
df3c78221f26
mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338
Matthew Wild <mwild1@gmail.com>
parents:
5522
diff
changeset
|
499 |
if not from or (hosts[from] and hosts[from].modules.dialback) then |
5351
901ed253bbf7
mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for opening streams
Kim Alvefur <zash@zash.se>
parents:
5345
diff
changeset
|
500 |
attr["xmlns:db"] = 'jabber:server:dialback'; |
901ed253bbf7
mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for opening streams
Kim Alvefur <zash@zash.se>
parents:
5345
diff
changeset
|
501 |
end |
901ed253bbf7
mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for opening streams
Kim Alvefur <zash@zash.se>
parents:
5345
diff
changeset
|
502 |
end |
901ed253bbf7
mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for opening streams
Kim Alvefur <zash@zash.se>
parents:
5345
diff
changeset
|
503 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
504 |
-- Session initialization logic shared by incoming and outgoing |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
505 |
local function initialize_session(session) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
506 |
local stream = new_xmpp_stream(session, stream_callbacks); |
6255
6167f8bc5a6b
mod_s2s: Decide on log function once
Kim Alvefur <zash@zash.se>
parents:
6146
diff
changeset
|
507 |
local log = session.log or log; |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
508 |
session.stream = stream; |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
509 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
510 |
session.notopen = true; |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
511 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
512 |
function session.reset_stream() |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
513 |
session.notopen = true; |
6362
f5f44504e18b
mod_s2s: Reset stream ID when resetting stream [compliance]
Kim Alvefur <zash@zash.se>
parents:
6359
diff
changeset
|
514 |
session.streamid = nil; |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
515 |
session.stream:reset(); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
516 |
end |
5351
901ed253bbf7
mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for opening streams
Kim Alvefur <zash@zash.se>
parents:
5345
diff
changeset
|
517 |
|
6085
2f911644f527
mod_s2s: Replace open_stream() with function that only adds s2s/dialback attributes to stream header
Kim Alvefur <zash@zash.se>
parents:
6069
diff
changeset
|
518 |
session.stream_attrs = session_stream_attrs; |
6069
446148cad35e
mod_s2s: Revert e626ee2fe106 change, it broke Dialback
Kim Alvefur <zash@zash.se>
parents:
6063
diff
changeset
|
519 |
|
6256
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
520 |
local filter = initialize_filters(session); |
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
521 |
local conn = session.conn; |
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
522 |
local w = conn.write; |
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
523 |
|
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
524 |
function session.sends2s(t) |
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
525 |
log("debug", "sending: %s", t.top_tag and t:top_tag() or t:match("^[^>]*>?")); |
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
526 |
if t.name then |
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
527 |
t = filter("stanzas/out", t); |
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
528 |
end |
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
529 |
if t then |
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
530 |
t = filter("bytes/out", tostring(t)); |
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
531 |
if t then |
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
532 |
return w(conn, t); |
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
533 |
end |
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
534 |
end |
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
535 |
end |
d05627c89c99
mod_s2s: Move filter initialization to common place
Kim Alvefur <zash@zash.se>
parents:
6255
diff
changeset
|
536 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
537 |
function session.data(data) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
538 |
data = filter("bytes/in", data); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
539 |
if data then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
540 |
local ok, err = stream:feed(data); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
541 |
if ok then return; end |
6255
6167f8bc5a6b
mod_s2s: Decide on log function once
Kim Alvefur <zash@zash.se>
parents:
6146
diff
changeset
|
542 |
log("warn", "Received invalid XML: %s", data); |
6167f8bc5a6b
mod_s2s: Decide on log function once
Kim Alvefur <zash@zash.se>
parents:
6146
diff
changeset
|
543 |
log("warn", "Problem was: %s", err); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
544 |
session:close("not-well-formed"); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
545 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
546 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
547 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
548 |
session.close = session_close; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
549 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
550 |
local handlestanza = stream_callbacks.handlestanza; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
551 |
function session.dispatch_stanza(session, stanza) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
552 |
return handlestanza(session, stanza); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
553 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
554 |
|
6259
36f611624987
mod_s2s: Fire a 's2s-created' event when new s2s connections are initialized
Kim Alvefur <zash@zash.se>
parents:
6257
diff
changeset
|
555 |
module:fire_event("s2s-created", { session = session }); |
36f611624987
mod_s2s: Fire a 's2s-created' event when new s2s connections are initialized
Kim Alvefur <zash@zash.se>
parents:
6257
diff
changeset
|
556 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
557 |
add_task(connect_timeout, function () |
4960
8950510ddb2e
mod_s2s: Make unauthed session timeout a little more aggressive... otherwise it's possible for sessions to slip under the net and never get killed off
Matthew Wild <mwild1@gmail.com>
parents:
4906
diff
changeset
|
558 |
if session.type == "s2sin" or session.type == "s2sout" then |
8950510ddb2e
mod_s2s: Make unauthed session timeout a little more aggressive... otherwise it's possible for sessions to slip under the net and never get killed off
Matthew Wild <mwild1@gmail.com>
parents:
4906
diff
changeset
|
559 |
return; -- Ok, we're connected |
5307
d80e56d8805c
mod_s2s: Don't try to close sessions that were destroyed before timeout
Kim Alvefur <zash@zash.se>
parents:
5281
diff
changeset
|
560 |
elseif session.type == "s2s_destroyed" then |
d80e56d8805c
mod_s2s: Don't try to close sessions that were destroyed before timeout
Kim Alvefur <zash@zash.se>
parents:
5281
diff
changeset
|
561 |
return; -- Session already destroyed |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
562 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
563 |
-- Not connected, need to close session and clean up |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
564 |
(session.log or log)("debug", "Destroying incomplete session %s->%s due to inactivity", |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
565 |
session.from_host or "(unknown)", session.to_host or "(unknown)"); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
566 |
session:close("connection-timeout"); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
567 |
end); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
568 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
569 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
570 |
function listener.onconnect(conn) |
5522
3912c9264ef0
mod_s2s: Obey tcp_keepalives option for s2s too, and make it individually configurable through s2s_tcp_keepalives (thanks yeled)
Matthew Wild <mwild1@gmail.com>
parents:
5505
diff
changeset
|
571 |
conn:setoption("keepalive", opt_keepalives); |
4906
89df1f03546a
mod_s2s, s2sout.lib: Send stream header in onconnect()
Matthew Wild <mwild1@gmail.com>
parents:
4873
diff
changeset
|
572 |
local session = sessions[conn]; |
89df1f03546a
mod_s2s, s2sout.lib: Send stream header in onconnect()
Matthew Wild <mwild1@gmail.com>
parents:
4873
diff
changeset
|
573 |
if not session then -- New incoming connection |
89df1f03546a
mod_s2s, s2sout.lib: Send stream header in onconnect()
Matthew Wild <mwild1@gmail.com>
parents:
4873
diff
changeset
|
574 |
session = s2s_new_incoming(conn); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
575 |
sessions[conn] = session; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
576 |
session.log("debug", "Incoming s2s connection"); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
577 |
initialize_session(session); |
4906
89df1f03546a
mod_s2s, s2sout.lib: Send stream header in onconnect()
Matthew Wild <mwild1@gmail.com>
parents:
4873
diff
changeset
|
578 |
else -- Outgoing session connected |
89df1f03546a
mod_s2s, s2sout.lib: Send stream header in onconnect()
Matthew Wild <mwild1@gmail.com>
parents:
4873
diff
changeset
|
579 |
session:open_stream(session.from_host, session.to_host); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
580 |
end |
5661 | 581 |
session.ip = conn:ip(); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
582 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
583 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
584 |
function listener.onincoming(conn, data) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
585 |
local session = sessions[conn]; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
586 |
if session then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
587 |
session.data(data); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
588 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
589 |
end |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
590 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
591 |
function listener.onstatus(conn, status) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
592 |
if status == "ssl-handshake-complete" then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
593 |
local session = sessions[conn]; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
594 |
if session and session.direction == "outgoing" then |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
595 |
session.log("debug", "Sending stream header..."); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
596 |
session:open_stream(session.from_host, session.to_host); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
597 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
598 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
599 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
600 |
|
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
601 |
function listener.ondisconnect(conn, err) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
602 |
local session = sessions[conn]; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
603 |
if session then |
5274
0d08c0965824
mod_s2s: Remove connection from sessions table as soon as we learn it is disconnected. Fixes a connection/session leak.
Matthew Wild <mwild1@gmail.com>
parents:
5173
diff
changeset
|
604 |
sessions[conn] = nil; |
4969
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
605 |
if err and session.direction == "outgoing" and session.notopen then |
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
606 |
(session.log or log)("debug", "s2s connection attempt failed: %s", err); |
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
607 |
if s2sout.attempt_connection(session, err) then |
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
608 |
return; -- Session lives for now |
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
609 |
end |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
610 |
end |
4969
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
611 |
(session.log or log)("debug", "s2s disconnected: %s->%s (%s)", tostring(session.from_host), tostring(session.to_host), tostring(err or "connection closed")); |
15183193c6a6
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
Matthew Wild <mwild1@gmail.com>
parents:
4968
diff
changeset
|
612 |
s2s_destroy_session(session, err); |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
613 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
614 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
615 |
|
5638
c5b7f4858014
mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into detecting if the connection died
Kim Alvefur <zash@zash.se>
parents:
5636
diff
changeset
|
616 |
function listener.onreadtimeout(conn) |
c5b7f4858014
mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into detecting if the connection died
Kim Alvefur <zash@zash.se>
parents:
5636
diff
changeset
|
617 |
local session = sessions[conn]; |
c5b7f4858014
mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into detecting if the connection died
Kim Alvefur <zash@zash.se>
parents:
5636
diff
changeset
|
618 |
if session then |
5669
9345c161481f
mod_c2s, mod_s2s: Fire an event on read timeouts
Kim Alvefur <zash@zash.se>
parents:
5661
diff
changeset
|
619 |
return (hosts[session.host] or prosody).events.fire_event("s2s-read-timeout", { session = session }); |
5638
c5b7f4858014
mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into detecting if the connection died
Kim Alvefur <zash@zash.se>
parents:
5636
diff
changeset
|
620 |
end |
c5b7f4858014
mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into detecting if the connection died
Kim Alvefur <zash@zash.se>
parents:
5636
diff
changeset
|
621 |
end |
c5b7f4858014
mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into detecting if the connection died
Kim Alvefur <zash@zash.se>
parents:
5636
diff
changeset
|
622 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
623 |
function listener.register_outgoing(conn, session) |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
624 |
sessions[conn] = session; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
625 |
initialize_session(session); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
626 |
end |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
627 |
|
6380
4220ffb87b22
net.http, net.http.server, mod_c2s, mod_s2s, mod_component, mod_admin_telnet, mod_net_multiplex: Add ondetach to release connection from 'sessions' table (or equivalent)
Matthew Wild <mwild1@gmail.com>
parents:
6378
diff
changeset
|
628 |
function listener.ondetach(conn) |
4220ffb87b22
net.http, net.http.server, mod_c2s, mod_s2s, mod_component, mod_admin_telnet, mod_net_multiplex: Add ondetach to release connection from 'sessions' table (or equivalent)
Matthew Wild <mwild1@gmail.com>
parents:
6378
diff
changeset
|
629 |
sessions[conn] = nil; |
4220ffb87b22
net.http, net.http.server, mod_c2s, mod_s2s, mod_component, mod_admin_telnet, mod_net_multiplex: Add ondetach to release connection from 'sessions' table (or equivalent)
Matthew Wild <mwild1@gmail.com>
parents:
6378
diff
changeset
|
630 |
end |
4220ffb87b22
net.http, net.http.server, mod_c2s, mod_s2s, mod_component, mod_admin_telnet, mod_net_multiplex: Add ondetach to release connection from 'sessions' table (or equivalent)
Matthew Wild <mwild1@gmail.com>
parents:
6378
diff
changeset
|
631 |
|
5363
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
632 |
function check_auth_policy(event) |
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
633 |
local host, session = event.host, event.session; |
5368
ab31dbb3a415
mod_s2s: Fix variable usage in check_auth_policy (thanks Florob)
Matthew Wild <mwild1@gmail.com>
parents:
5365
diff
changeset
|
634 |
local must_secure = secure_auth; |
ab31dbb3a415
mod_s2s: Fix variable usage in check_auth_policy (thanks Florob)
Matthew Wild <mwild1@gmail.com>
parents:
5365
diff
changeset
|
635 |
|
ab31dbb3a415
mod_s2s: Fix variable usage in check_auth_policy (thanks Florob)
Matthew Wild <mwild1@gmail.com>
parents:
5365
diff
changeset
|
636 |
if not must_secure and secure_domains[host] then |
ab31dbb3a415
mod_s2s: Fix variable usage in check_auth_policy (thanks Florob)
Matthew Wild <mwild1@gmail.com>
parents:
5365
diff
changeset
|
637 |
must_secure = true; |
ab31dbb3a415
mod_s2s: Fix variable usage in check_auth_policy (thanks Florob)
Matthew Wild <mwild1@gmail.com>
parents:
5365
diff
changeset
|
638 |
elseif must_secure and insecure_domains[host] then |
ab31dbb3a415
mod_s2s: Fix variable usage in check_auth_policy (thanks Florob)
Matthew Wild <mwild1@gmail.com>
parents:
5365
diff
changeset
|
639 |
must_secure = false; |
5363
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
640 |
end |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5770
diff
changeset
|
641 |
|
5767 | 642 |
if must_secure and (session.cert_chain_status ~= "valid" or session.cert_identity_status ~= "valid") then |
5975
0d219631d47b
mod_s2s: Include IP in log messages, if host is unavailable
Florian Zeitz <florob@babelmonkeys.de>
parents:
5769
diff
changeset
|
643 |
module:log("warn", "Forbidding insecure connection to/from %s", host or session.ip or "(unknown host)"); |
5408
767ecb0091a6
mod_s2s: Close incoming s2s with stream error when secure and we don't trust their certificate
Matthew Wild <mwild1@gmail.com>
parents:
5390
diff
changeset
|
644 |
if session.direction == "incoming" then |
5474 | 645 |
session:close({ condition = "not-authorized", text = "Your server's certificate is invalid, expired, or not trusted by "..session.to_host }); |
5408
767ecb0091a6
mod_s2s: Close incoming s2s with stream error when secure and we don't trust their certificate
Matthew Wild <mwild1@gmail.com>
parents:
5390
diff
changeset
|
646 |
else -- Close outgoing connections without warning |
767ecb0091a6
mod_s2s: Close incoming s2s with stream error when secure and we don't trust their certificate
Matthew Wild <mwild1@gmail.com>
parents:
5390
diff
changeset
|
647 |
session:close(false); |
767ecb0091a6
mod_s2s: Close incoming s2s with stream error when secure and we don't trust their certificate
Matthew Wild <mwild1@gmail.com>
parents:
5390
diff
changeset
|
648 |
end |
5363
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
649 |
return false; |
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
650 |
end |
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
651 |
end |
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
652 |
|
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
653 |
module:hook("s2s-check-certificate", check_auth_policy, -1); |
f29c26da7ecc
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
Matthew Wild <mwild1@gmail.com>
parents:
5362
diff
changeset
|
654 |
|
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
655 |
s2sout.set_listener(listener); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
656 |
|
5281
815c689f85ad
prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins
Kim Alvefur <zash@zash.se>
parents:
5274
diff
changeset
|
657 |
module:hook("server-stopping", function(event) |
815c689f85ad
prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins
Kim Alvefur <zash@zash.se>
parents:
5274
diff
changeset
|
658 |
local reason = event.reason; |
815c689f85ad
prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins
Kim Alvefur <zash@zash.se>
parents:
5274
diff
changeset
|
659 |
for _, session in pairs(sessions) do |
815c689f85ad
prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins
Kim Alvefur <zash@zash.se>
parents:
5274
diff
changeset
|
660 |
session:close{ condition = "system-shutdown", text = reason }; |
815c689f85ad
prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins
Kim Alvefur <zash@zash.se>
parents:
5274
diff
changeset
|
661 |
end |
815c689f85ad
prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins
Kim Alvefur <zash@zash.se>
parents:
5274
diff
changeset
|
662 |
end,500); |
815c689f85ad
prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins
Kim Alvefur <zash@zash.se>
parents:
5274
diff
changeset
|
663 |
|
815c689f85ad
prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins
Kim Alvefur <zash@zash.se>
parents:
5274
diff
changeset
|
664 |
|
815c689f85ad
prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins
Kim Alvefur <zash@zash.se>
parents:
5274
diff
changeset
|
665 |
|
5120
bcabea740c00
mod_{admin_telnet,c2s,component,http,net_multiplex,s2s}: Use module:provides() instead of module:add_item().
Waqas Hussain <waqas20@gmail.com>
parents:
5013
diff
changeset
|
666 |
module:provides("net", { |
4610
171051f9dd00
mod_c2s: Use module:add_item() to add the net-provider for portmanager
Matthew Wild <mwild1@gmail.com>
parents:
4601
diff
changeset
|
667 |
name = "s2s"; |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
668 |
listener = listener; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
669 |
default_port = 5269; |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
670 |
encryption = "starttls"; |
4620
e9dc6ae68c69
mod_c2s, mod_s2s: Add multiplex support
Matthew Wild <mwild1@gmail.com>
parents:
4610
diff
changeset
|
671 |
multiplex = { |
e9dc6ae68c69
mod_c2s, mod_s2s: Add multiplex support
Matthew Wild <mwild1@gmail.com>
parents:
4610
diff
changeset
|
672 |
pattern = "^<.*:stream.*%sxmlns%s*=%s*(['\"])jabber:server%1.*>"; |
e9dc6ae68c69
mod_c2s, mod_s2s: Add multiplex support
Matthew Wild <mwild1@gmail.com>
parents:
4610
diff
changeset
|
673 |
}; |
4555
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
674 |
}); |
3dce04129693
s2smanager, mod_s2s, mod_s2s/s2sout: Split connection handling out of s2smanager into mod_s2s, and further split connection logic for s2sout to a module lib, s2sout.lib.lua
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
675 |