author | Thijs Alkemade <thijsalkemade@gmail.com> |
Sun, 27 Jan 2013 17:34:16 +0100 | |
changeset 903 | 8a1beff848c1 |
parent 406 | a6d215c73c47 |
child 1252 | 08e50d742392 |
permissions | -rw-r--r-- |
406
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
1 |
-- Prosody IM |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
2 |
-- Copyright (C) 2008-2010 Matthew Wild |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
3 |
-- Copyright (C) 2008-2010 Waqas Hussain |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
4 |
-- |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
5 |
-- This project is MIT/X11 licensed. Please see the |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
6 |
-- COPYING file in the source package for more information. |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
7 |
-- |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
8 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
9 |
if module:get_host_type() ~= "component" then |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
10 |
error("Don't load mod_component manually, it should be for a component, please see http://prosody.im/doc/components", 0); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
11 |
end |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
12 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
13 |
local hosts = _G.hosts; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
14 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
15 |
local t_concat = table.concat; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
16 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
17 |
local sha1 = require "util.hashes".sha1; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
18 |
local st = require "util.stanza"; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
19 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
20 |
local log = module._log; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
21 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
22 |
local sessions = {}; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
23 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
24 |
local function on_destroy(session, err) |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
25 |
if sessions[session] then |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
26 |
sessions[session] = nil; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
27 |
session.on_destroy = nil; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
28 |
end |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
29 |
end |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
30 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
31 |
local last_session; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
32 |
local function handle_stanza(event) |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
33 |
local stanza = event.stanza; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
34 |
if next(sessions) then |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
35 |
stanza.attr.xmlns = nil; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
36 |
last_session = next(sessions, last_session) or next(sessions); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
37 |
last_session.send(stanza); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
38 |
else |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
39 |
log("warn", "Component not connected, bouncing error for: %s", stanza:top_tag()); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
40 |
if stanza.attr.type ~= "error" and stanza.attr.type ~= "result" then |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
41 |
event.origin.send(st.error_reply(stanza, "wait", "service-unavailable", "Component unavailable")); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
42 |
end |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
43 |
end |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
44 |
return true; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
45 |
end |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
46 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
47 |
module:hook("iq/bare", handle_stanza, -1); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
48 |
module:hook("message/bare", handle_stanza, -1); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
49 |
module:hook("presence/bare", handle_stanza, -1); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
50 |
module:hook("iq/full", handle_stanza, -1); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
51 |
module:hook("message/full", handle_stanza, -1); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
52 |
module:hook("presence/full", handle_stanza, -1); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
53 |
module:hook("iq/host", handle_stanza, -1); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
54 |
module:hook("message/host", handle_stanza, -1); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
55 |
module:hook("presence/host", handle_stanza, -1); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
56 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
57 |
--- Handle authentication attempts by components |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
58 |
function handle_component_auth(event) |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
59 |
local session, stanza = event.origin, event.stanza; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
60 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
61 |
if session.type ~= "component" then return; end |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
62 |
if sessions[session] then return; end |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
63 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
64 |
if (not session.host) or #stanza.tags > 0 then |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
65 |
(session.log or log)("warn", "Invalid component handshake for host: %s", session.host); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
66 |
session:close("not-authorized"); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
67 |
return true; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
68 |
end |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
69 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
70 |
local secret = module:get_option("component_secret"); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
71 |
if not secret then |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
72 |
(session.log or log)("warn", "Component attempted to identify as %s, but component_secret is not set", session.host); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
73 |
session:close("not-authorized"); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
74 |
return true; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
75 |
end |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
76 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
77 |
local supplied_token = t_concat(stanza); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
78 |
local calculated_token = sha1(session.streamid..secret, true); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
79 |
if supplied_token:lower() ~= calculated_token:lower() then |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
80 |
log("info", "Component authentication failed for %s", session.host); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
81 |
session:close{ condition = "not-authorized", text = "Given token does not match calculated token" }; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
82 |
return true; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
83 |
end |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
84 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
85 |
-- Add session to sessions table |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
86 |
sessions[session] = true; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
87 |
session.on_destroy = on_destroy; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
88 |
session.component_validate_from = module:get_option_boolean("validate_from_addresses", true); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
89 |
log("info", "Component successfully authenticated: %s", session.host); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
90 |
session.send(st.stanza("handshake")); |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
91 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
92 |
return true; |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
93 |
end |
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
94 |
|
a6d215c73c47
mod_component_roundrobin: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
95 |
module:hook("stanza/jabber:component:accept:handshake", handle_component_auth); |