Merge 0.9->trunk

7 files changed, 60 insertions, 51 deletions

diff --git a/core/certmanager.lua b/core/certmanager.lua
index 20a6d609..a9f8b644 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -17,10 +17,11 @@ local prosody = prosody;
 local resolve_path = configmanager.resolve_relative_path;
 local config_path = prosody.paths.config;
 
-local luasec_has_noticket;
+local luasec_has_noticket, luasec_has_verifyext;
 if ssl then
 	local luasec_major, luasec_minor = ssl._VERSION:match("^(%d+)%.(%d+)");
 	luasec_has_noticket = tonumber(luasec_major)>0 or tonumber(luasec_minor)>=4;
+	luasec_has_verifyext = tonumber(luasec_major)>0 or tonumber(luasec_minor)>=5;
 end
 
 module "certmanager"
@@ -28,8 +29,16 @@ module "certmanager"
 -- Global SSL options if not overridden per-host
 local default_ssl_config = configmanager.get("*", "core", "ssl");
 local default_capath = "/etc/ssl/certs";
-local default_verify = (ssl and ssl.x509 and { "peer", "client_once", "continue", "ignore_purpose" }) or "none";
+local default_verify = (ssl and ssl.x509 and { "peer", "client_once", }) or "none";
 local default_options = { "no_sslv2", luasec_has_noticket and "no_ticket" or nil };
+local default_verifyext = { "lsec_continue", "lsec_ignore_purpose" };
+
+if not luasec_has_verifyext and ssl.x509 then
+	-- COMPAT mw/luasec-hg
+	for i=1,#default_verifyext do -- Remove lsec_ prefix
+		default_verify[#default_verify+1] = default_verifyext[i]:sub(6);
+	end
+end
 
 function create_context(host, mode, user_ssl_config)
 	user_ssl_config = user_ssl_config or default_ssl_config;
@@ -46,6 +55,7 @@ function create_context(host, mode, user_ssl_config)
 		capath = resolve_path(config_path, user_ssl_config.capath or default_capath);
 		cafile = resolve_path(config_path, user_ssl_config.cafile);
 		verify = user_ssl_config.verify or default_verify;
+		verifyext = user_ssl_config.verifyext or default_verifyext;
 		options = user_ssl_config.options or default_options;
 		depth = user_ssl_config.depth;
 	};
diff --git a/net/server_event.lua b/net/server_event.lua
index f2626f5f..e69530ff 100644
--- a/net/server_event.lua
+++ b/net/server_event.lua
@@ -6,7 +6,6 @@
 			notes:
 			-- when using luaevent, never register 2 or more EV_READ at one socket, same for EV_WRITE
 			-- you cant even register a new EV_READ/EV_WRITE callback inside another one
-			-- never call eventcallback:close( ) from inside eventcallback
 			-- to do some of the above, use timeout events or something what will called from outside
 			-- dont let garbagecollect eventcallbacks, as long they are running
 			-- when using luasec, there are 4 cases of timeout errors: wantread or wantwrite during reading or writing
@@ -121,14 +120,8 @@ do
 			self.position = new_position or self.position
 			return self.position;
 	end
-	function interface_mt:_close() -- regs event to start self:_destroy()
-			local callback = function( )
-				self:_destroy();
-				self.eventclose = nil
-				return -1
-			end
-			self.eventclose = addevent( base, nil, EV_TIMEOUT, callback, 0 )
-			return true
+	function interface_mt:_close()
+		return self:_destroy();
 	end
 	
 	function interface_mt:_start_connection(plainssl) -- should be called from addclient
@@ -248,7 +241,7 @@ do
 			debug( "closing client with id:", self.id, self.fatalerror )
 			self:_lock( true, true, true )  -- first of all, lock the interface to avoid further actions
 			local _
-			_ = self.eventread and self.eventread:close( )  -- close events; this must be called outside of the event callbacks!
+			_ = self.eventread and self.eventread:close( )
 			if self.type == "client" then
 				_ = self.eventwrite and self.eventwrite:close( )
 				_ = self.eventhandshake and self.eventhandshake:close( )
@@ -258,7 +251,7 @@ do
 				_ = self.eventwritetimeout and self.eventwritetimeout:close( )
 				_ = self.eventreadtimeout and self.eventreadtimeout:close( )
 				_ = self.ondisconnect and self:ondisconnect( self.fatalerror ~= "client to close" and self.fatalerror)  -- call ondisconnect listener (wont be the case if handshake failed on connect)
-				_ = self.conn and self.conn:close( ) -- close connection, must also be called outside of any socket registered events!
+				_ = self.conn and self.conn:close( ) -- close connection
 				_ = self._server and self._server:counter(-1);
 				self.eventread, self.eventwrite = nil, nil
 				self.eventstarthandshake, self.eventhandshake, self.eventclose = nil, nil, nil
@@ -342,7 +335,7 @@ do
 			debug( "try to close server with id:", tostring(self.id))
 			self.fatalerror = "server to close"
 			self:_lock( true )
-			self:_close( 0 )  -- add new event to remove the server interface
+			self:_close( 0 )
 			return true
 		end
 	end
diff --git a/net/server_select.lua b/net/server_select.lua
index 8cb4e235..97b9f199 100644
--- a/net/server_select.lua
+++ b/net/server_select.lua
@@ -185,6 +185,9 @@ wrapserver = function( listeners, socket, ip, serverport, pattern, sslctx, maxco
 	end
 	handler.remove = function( )
 		connections = connections - 1
+		if handler then
+			handler.resume( )
+		end
 	end
 	handler.close = function()
 		socket:close( )
@@ -197,6 +200,25 @@ wrapserver = function( listeners, socket, ip, serverport, pattern, sslctx, maxco
 		--mem_free( )
 		out_put "server.lua: closed server handler and removed sockets from list"
 	end
+	handler.pause = function()
+		if not handler.paused then
+			socket:close( )
+			_sendlistlen = removesocket( _sendlist, socket, _sendlistlen )
+			_readlistlen = removesocket( _readlist, socket, _readlistlen )
+			_socketlist[ socket ] = nil
+			socket = nil;
+			handler.paused = true;
+		end
+	end
+	handler.resume = function()
+		if handler.paused then
+			socket = socket_bind( ip, serverport );
+			socket:settimeout( 0 )
+			_readlistlen = addsocket(_readlist, socket, _readlistlen)
+			_socketlist[ socket ] = handler
+			handler.paused = false;
+		end
+	end
 	handler.ip = function( )
 		return ip
 	end
@@ -208,6 +230,7 @@ wrapserver = function( listeners, socket, ip, serverport, pattern, sslctx, maxco
 	end
 	handler.readbuffer = function( )
 		if connections > maxconnections then
+			handler.pause( )
 			out_put( "server.lua: refused new client connection: server full" )
 			return false
 		end
diff --git a/plugins/mod_admin_telnet.lua b/plugins/mod_admin_telnet.lua
index 12ab2355..e1b90684 100644
--- a/plugins/mod_admin_telnet.lua
+++ b/plugins/mod_admin_telnet.lua
@@ -149,6 +149,7 @@ function console_listener.onincoming(conn, data)
 	end
 
 	for line in data:gmatch("[^\n]*[\n\004]") do
+		if session.closed then return end
 		console:process_line(session, line);
 		session.send(string.char(0));
 	end
@@ -168,6 +169,7 @@ end
 
 function commands.bye(session)
 	session.print("See you! :)");
+	session.closed = true;
 	session.disconnect();
 end
 commands.quit, commands.exit = commands.bye, commands.bye;
diff --git a/plugins/mod_c2s.lua b/plugins/mod_c2s.lua
index 72085113..89d678ca 100644
--- a/plugins/mod_c2s.lua
+++ b/plugins/mod_c2s.lua
@@ -265,6 +265,15 @@ function listener.associate_session(conn, session)
 	sessions[conn] = session;
 end
 
+module:hook("server-stopping", function(event)
+	local reason = event.reason;
+	for _, session in pairs(sessions) do
+		session:close{ condition = "system-shutdown", text = reason };
+	end
+end, 1000);
+
+
+
 module:provides("net", {
 	name = "c2s";
 	listener = listener;
diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua
index 788a64af..ad628a9b 100644
--- a/plugins/mod_s2s/mod_s2s.lua
+++ b/plugins/mod_s2s/mod_s2s.lua
@@ -506,6 +506,15 @@ end
 
 s2sout.set_listener(listener);
 
+module:hook("server-stopping", function(event)
+	local reason = event.reason;
+	for _, session in pairs(sessions) do
+		session:close{ condition = "system-shutdown", text = reason };
+	end
+end,500);
+
+
+
 module:provides("net", {
 	name = "s2s";
 	listener = listener;
diff --git a/prosody b/prosody
index c1606874..da77719d 100755
--- a/prosody
+++ b/prosody
@@ -374,43 +374,6 @@ end
 function cleanup()
 	log("info", "Shutdown status: Cleaning up");
 	prosody.events.fire_event("server-cleanup");
-	
-	-- Ok, we're quitting I know, but we
-	-- need to do some tidying before we go :)
-	server.setquitting(false);
-	
-	log("info", "Shutdown status: Closing all active sessions");
-	for hostname, host in pairs(hosts) do
-		log("debug", "Shutdown status: Closing client connections for %s", hostname)
-		if host.sessions then
-			local reason = { condition = "system-shutdown", text = "Server is shutting down" };
-			if prosody.shutdown_reason then
-				reason.text = reason.text..": "..prosody.shutdown_reason;
-			end
-			for username, user in pairs(host.sessions) do
-				for resource, session in pairs(user.sessions) do
-					log("debug", "Closing connection for %s@%s/%s", username, hostname, resource);
-					session:close(reason);
-				end
-			end
-		end
-	
-		log("debug", "Shutdown status: Closing outgoing s2s connections from %s", hostname);
-		if host.s2sout then
-			for remotehost, session in pairs(host.s2sout) do
-				if session.close then
-					session:close("system-shutdown");
-				else
-					log("warn", "Unable to close outgoing s2s session to %s, no session:close()?!", remotehost);
-				end
-			end
-		end
-	end
-
-	log("info", "Shutdown status: Closing all server connections");
-	server.closeall();
-	
-	server.setquitting(true);
 end
 
 -- Are you ready? :)