diff options
-rw-r--r-- | core/sessionmanager.lua | 10 | ||||
-rw-r--r-- | plugins/mod_legacyauth.lua | 18 | ||||
-rw-r--r-- | plugins/mod_saslauth.lua | 24 | ||||
-rw-r--r-- | plugins/mod_tls.lua | 7 |
4 files changed, 17 insertions, 42 deletions
diff --git a/core/sessionmanager.lua b/core/sessionmanager.lua index 82a001c1..9fa00212 100644 --- a/core/sessionmanager.lua +++ b/core/sessionmanager.lua @@ -68,9 +68,13 @@ function make_authenticated(session, username) return true; end +-- returns true, nil on success +-- returns nil, err_type, err, err_message on failure function bind_resource(session, resource) - if not session.username then return false, "auth"; end - if session.resource then return false, "constraint"; end -- We don't support binding multiple resources + if not session.username then return nil, "auth", "not-authorized", "Cannot bind resource before authentication"; end + if session.resource then return nil, "cancel", "already-bound", "Cannot bind multiple resources on a single connection"; end + -- We don't support binding multiple resources + resource = resource or uuid_generate(); --FIXME: Randomly-generated resources must be unique per-user, and never conflict with existing @@ -79,7 +83,7 @@ function bind_resource(session, resource) else if hosts[session.host].sessions[session.username].sessions[resource] then -- Resource conflict - return false, "conflict"; -- TODO kick old resource + return nil, "cancel", "conflict", "Resource already exists"; -- TODO kick old resource end end diff --git a/plugins/mod_legacyauth.lua b/plugins/mod_legacyauth.lua index ed698bf2..07e82549 100644 --- a/plugins/mod_legacyauth.lua +++ b/plugins/mod_legacyauth.lua @@ -23,22 +23,10 @@ add_iq_handler("c2s_unauthed", "jabber:iq:auth", -- Authentication successful! local success, err = sessionmanager.make_authenticated(session, username); if success then - success, err = sessionmanager.bind_resource(session, resource); - --FIXME: Reply with error + local err_type, err_msg; + success, err_type, err, err_msg = sessionmanager.bind_resource(session, resource); if not success then - local reply = st.reply(stanza); - reply.attr.type = "error"; - if err == "conflict" then - reply:tag("error", { code = "409", type = "cancel" }) - :tag("conflict", { xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas" }); - elseif err == "constraint" then - reply:tag("error", { code = "409", type = "cancel" }) - :tag("already-bound", { xmlns = "x-lxmppd:extensions:legacyauth" }); - elseif err == "auth" then - reply:tag("error", { code = "401", type = "auth" }) - :tag("not-authorized", { xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas" }); - end - send(session, reply); + session.send(st.error_reply(stanza, err_type, err, err_msg)); return true; end end diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua index 2094867f..7fe84304 100644 --- a/plugins/mod_saslauth.lua +++ b/plugins/mod_saslauth.lua @@ -105,7 +105,6 @@ add_iq_handler("c2s", "urn:ietf:params:xml:ns:xmpp-bind", local resource; if stanza.attr.type == "set" then local bind = stanza.tags[1]; - if bind and bind.attr.xmlns == xmlns_bind then resource = bind:child_with_name("resource"); if resource then @@ -113,26 +112,13 @@ add_iq_handler("c2s", "urn:ietf:params:xml:ns:xmpp-bind", end end end - local success, err = sm_bind_resource(session, resource); + local success, err_type, err, err_msg = sm_bind_resource(session, resource); if not success then - local reply = st.reply(stanza); - reply.attr.type = "error"; - if err == "conflict" then - reply:tag("error", { type = "modify" }) - :tag("conflict", { xmlns = xmlns_stanzas }); - elseif err == "constraint" then - reply:tag("error", { type = "cancel" }) - :tag("resource-constraint", { xmlns = xmlns_stanzas }); - elseif err == "auth" then - reply:tag("error", { type = "cancel" }) - :tag("not-allowed", { xmlns = xmlns_stanzas }); - end - send(session, reply); + session.send(st.error_reply(stanza, err_type, err, err_msg)); else - local reply = st.reply(stanza); - reply:tag("bind", { xmlns = xmlns_bind}) - :tag("jid"):text(session.full_jid); - send(session, reply); + session.send(st.reply(stanza) + :tag("bind", { xmlns = xmlns_bind}) + :tag("jid"):text(session.full_jid)); end end); diff --git a/plugins/mod_tls.lua b/plugins/mod_tls.lua index fe787942..21a35312 100644 --- a/plugins/mod_tls.lua +++ b/plugins/mod_tls.lua @@ -1,13 +1,10 @@ local st = require "util.stanza"; local send = require "core.sessionmanager".send_to_session; -local sm_bind_resource = require "core.sessionmanager".bind_resource; -local sessions = sessions; +--local sessions = sessions; -local usermanager_validate_credentials = require "core.usermanager".validate_credentials; -local t_concat, t_insert = table.concat, table.insert; -local tostring = tostring; +local t_insert = table.insert; local log = require "util.logger".init("mod_starttls"); |