aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--core/actions.lua19
-rw-r--r--core/modulemanager.lua19
-rw-r--r--core/sessionmanager.lua1
-rw-r--r--net/httpserver.lua6
-rw-r--r--plugins/mod_actions_http.lua78
-rw-r--r--plugins/mod_bosh.lua97
-rw-r--r--plugins/mod_httpserver.lua2
-rw-r--r--plugins/mod_register.lua30
-rw-r--r--tests/test.lua3
-rw-r--r--tests/test_util_stanza.lua20
-rw-r--r--util/stanza.lua11
11 files changed, 261 insertions, 25 deletions
diff --git a/core/actions.lua b/core/actions.lua
new file mode 100644
index 00000000..d0be5aeb
--- /dev/null
+++ b/core/actions.lua
@@ -0,0 +1,19 @@
+
+local actions = {};
+
+function register(path, t)
+ local curr = actions;
+ for comp in path:gmatch("([^/]+)/") do
+ if curr[comp] == nil then
+ curr[comp] = {};
+ end
+ curr = curr[comp];
+ if type(curr) ~= "table" then
+ return nil, "path-taken";
+ end
+ end
+ curr[path:match("/([^/]+)$")] = t;
+ return true;
+end
+
+return { actions = actions, register= register }; \ No newline at end of file
diff --git a/core/modulemanager.lua b/core/modulemanager.lua
index efb909ac..52fbc65d 100644
--- a/core/modulemanager.lua
+++ b/core/modulemanager.lua
@@ -27,7 +27,7 @@ local addDiscoInfoHandler = require "core.discomanager".addDiscoInfoHandler;
local eventmanager = require "core.eventmanager";
local config = require "core.configmanager";
local multitable_new = require "util.multitable".new;
-
+local register_actions = require "core.actions".register;
local loadfile, pcall = loadfile, pcall;
local setmetatable, setfenv, getfenv = setmetatable, setfenv, getfenv;
@@ -68,11 +68,11 @@ function load_modules_for_host(host)
local disabled_set = {};
if modules_enabled then
if modules_disabled then
- for _, module in pairs(modules_disabled) do
+ for _, module in ipairs(modules_disabled) do
disabled_set[module] = true;
end
end
- for _, module in pairs(modules_enabled) do
+ for _, module in ipairs(modules_enabled) do
if not disabled_set[module] then
load(host, module);
end
@@ -256,4 +256,17 @@ end
--------------------------------------------------------------------
+local actions = {};
+
+function actions.load(params)
+ --return true, "Module loaded ("..params.module.." on "..params.host..")";
+ return load(params.host, params.module);
+end
+
+function actions.unload(params)
+ return unload(params.host, params.module);
+end
+
+register_actions("/modules", actions);
+
return _M;
diff --git a/core/sessionmanager.lua b/core/sessionmanager.lua
index 963de7ce..f04ca29c 100644
--- a/core/sessionmanager.lua
+++ b/core/sessionmanager.lua
@@ -58,6 +58,7 @@ function new_session(conn)
log("info", "open sessions now: ".. open_sessions);
local w = conn.write;
session.send = function (t) w(tostring(t)); end
+ session.ip = conn.ip();
return session;
end
diff --git a/net/httpserver.lua b/net/httpserver.lua
index 3a3c34b4..b9ac7971 100644
--- a/net/httpserver.lua
+++ b/net/httpserver.lua
@@ -126,7 +126,7 @@ local function request_reader(request, data, startpos)
end
if request.state == "body" then
log("debug", "Reading body...")
- if not request.body then request.body = {}; request.havebodylength, request.bodylength = 0, tonumber(request.responseheaders["content-length"]); end
+ if not request.body then request.body = {}; request.havebodylength, request.bodylength = 0, tonumber(request.headers["content-length"]); end
if startpos then
data = data:sub(startpos, -1)
end
@@ -141,7 +141,7 @@ local function request_reader(request, data, startpos)
elseif request.state == "headers" then
log("debug", "Reading headers...")
local pos = startpos;
- local headers = request.responseheaders or {};
+ local headers = request.headers or {};
for line in data:gmatch("(.-)\r\n") do
startpos = (startpos or 1) + #line + 2;
local k, v = line:match("(%S+): (.+)");
@@ -149,7 +149,7 @@ local function request_reader(request, data, startpos)
headers[k:lower()] = v;
-- log("debug", "Header: "..k:lower().." = "..v);
elseif #line == 0 then
- request.responseheaders = headers;
+ request.headers = headers;
break;
else
log("debug", "Unhandled header line: "..line);
diff --git a/plugins/mod_actions_http.lua b/plugins/mod_actions_http.lua
new file mode 100644
index 00000000..43370a41
--- /dev/null
+++ b/plugins/mod_actions_http.lua
@@ -0,0 +1,78 @@
+
+local httpserver = require "net.httpserver";
+local t_concat, t_insert = table.concat, table.insert;
+
+local log = log;
+
+local response_404 = { status = "404 Not Found", body = "<h1>No such action</h1>Sorry, I don't have the action you requested" };
+
+local control = require "core.actions".actions;
+
+
+local urlcodes = setmetatable({}, { __index = function (t, k) t[k] = string.char(tonumber("0x"..k)); return t[k]; end });
+
+local function urldecode(s)
+ return s and (s:gsub("+", " "):gsub("%%([a-fA-F0-9][a-fA-F0-9])", urlcodes));
+end
+
+local function query_to_table(query)
+ if type(query) == "string" and #query > 0 then
+ if query:match("=") then
+ local params = {};
+ for k, v in query:gmatch("&?([^=%?]+)=([^&%?]+)&?") do
+ if k and v then
+ params[urldecode(k)] = urldecode(v);
+ end
+ end
+ return params;
+ else
+ return urldecode(query);
+ end
+ end
+end
+
+
+
+local http_path = { http_base };
+local function handle_request(method, body, request)
+ local path = request.url.path:gsub("^/[^/]+/", "");
+
+ local curr = control;
+
+ for comp in path:gmatch("([^/]+)") do
+ curr = curr[comp];
+ if not curr then
+ return response_404;
+ end
+ end
+
+ if type(curr) == "table" then
+ local s = {};
+ for k,v in pairs(curr) do
+ t_insert(s, tostring(k));
+ t_insert(s, " = ");
+ if type(v) == "function" then
+ t_insert(s, "action")
+ elseif type(v) == "table" then
+ t_insert(s, "list");
+ else
+ t_insert(s, tostring(v));
+ end
+ t_insert(s, "\n");
+ end
+ return t_concat(s);
+ elseif type(curr) == "function" then
+ local params = query_to_table(request.url.query);
+ params.host = request.headers.host:gsub(":%d+", "");
+ local ok, ret1, ret2 = pcall(curr, params);
+ if not ok then
+ return "EPIC FAIL: "..tostring(ret1);
+ elseif not ret1 then
+ return "FAIL: "..tostring(ret2);
+ else
+ return "OK: "..tostring(ret2);
+ end
+ end
+end
+
+httpserver.new{ port = 5280, base = "control", handler = handle_request, ssl = false } \ No newline at end of file
diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua
index b3b4aebb..b5951e96 100644
--- a/plugins/mod_bosh.lua
+++ b/plugins/mod_bosh.lua
@@ -6,27 +6,29 @@ local init_xmlhandlers = require "core.xmlhandlers"
local server = require "net.server";
local httpserver = require "net.httpserver";
local sm = require "core.sessionmanager";
+local sm_destroy_session = sm.destroy_session;
local new_uuid = require "util.uuid".generate;
local fire_event = require "core.eventmanager".fire_event;
local core_process_stanza = core_process_stanza;
local st = require "util.stanza";
local log = require "util.logger".init("bosh");
local stream_callbacks = { stream_tag = "http://jabber.org/protocol/httpbind|body" };
-
+local config = require "core.configmanager";
local xmlns_bosh = "http://jabber.org/protocol/httpbind"; -- (hard-coded into a literal in session.send)
-local BOSH_DEFAULT_HOLD = 1;
-local BOSH_DEFAULT_INACTIVITY = 30;
-local BOSH_DEFAULT_POLLING = 5;
-local BOSH_DEFAULT_REQUESTS = 2;
-local BOSH_DEFAULT_MAXPAUSE = 120;
+local BOSH_DEFAULT_HOLD = tonumber(config.get("*", "core", "bosh_default_hold")) or 1;
+local BOSH_DEFAULT_INACTIVITY = tonumber(config.get("*", "core", "bosh_max_inactivity")) or 60;
+local BOSH_DEFAULT_POLLING = tonumber(config.get("*", "core", "bosh_max_polling")) or 5;
+local BOSH_DEFAULT_REQUESTS = tonumber(config.get("*", "core", "bosh_max_requests")) or 2;
+local BOSH_DEFAULT_MAXPAUSE = tonumber(config.get("*", "core", "bosh_max_pause")) or 300;
local t_insert, t_remove, t_concat = table.insert, table.remove, table.concat;
local os_time = os.time;
local sessions = {};
+local inactive_sessions = {}; -- Sessions which have no open requests
--- Used to respond to idle sessions
+-- Used to respond to idle sessions (those with waiting requests)
local waiting_requests = {};
function on_destroy_request(request)
waiting_requests[request] = nil;
@@ -34,7 +36,6 @@ end
function handle_request(method, body, request)
if (not body) or request.method ~= "POST" then
- --return { status = "200 OK", headers = { ["Content-Type"] = "text/html" }, body = "<html><body>You don't look like a BOSH client to me... what do you want?</body></html>" };
return "<html><body>You really don't look like a BOSH client to me... what do you want?</body></html>";
end
if not method then
@@ -60,19 +61,16 @@ function handle_request(method, body, request)
log("debug", "...sending what is in the buffer")
session.send(t_concat(session.send_buffer));
session.send_buffer = {};
- return;
else
-- or an empty response
log("debug", "...sending an empty response");
session.send("");
- return;
end
elseif #session.send_buffer > 0 then
log("debug", "Session has data in the send buffer, will send now..");
local resp = t_concat(session.send_buffer);
session.send_buffer = {};
session.send(resp);
- return;
end
if not request.destroyed and session.bosh_wait then
@@ -86,8 +84,21 @@ function handle_request(method, body, request)
end
end
+
local function bosh_reset_stream(session) session.notopen = true; end
-local function bosh_close_stream(session, reason) end
+
+local session_close_reply = st.stanza("body", { xmlns = xmlns_bosh, type = "terminate" });
+local function bosh_close_stream(session, reason)
+ (session.log or log)("info", "BOSH client disconnected");
+ session_close_reply.attr.condition = reason;
+ local session_close_reply = tostring(session_close_reply);
+ for _, held_request in ipairs(session.requests) do
+ held_request:send(session_close_reply);
+ held_request:destroy();
+ end
+ sessions[session.sid] = nil;
+ sm_destroy_session(session);
+end
function stream_callbacks.streamopened(request, attr)
print("Attr:")
@@ -95,14 +106,23 @@ function stream_callbacks.streamopened(request, attr)
log("debug", "BOSH body open (sid: %s)", attr.sid);
local sid = attr.sid
if not sid then
- -- TODO: Sanity checks here (rid, to, known host, etc.)
+ -- New session request
request.notopen = nil; -- Signals that we accept this opening tag
+ -- TODO: Sanity checks here (rid, to, known host, etc.)
+ if not hosts[attr.to] then
+ -- Unknown host
+ session_close_reply.attr.condition = "host-unknown";
+ request:send(tostring(session_close_reply));
+ request.notopen = nil
+ return;
+ end
+
-- New session
sid = tostring(new_uuid());
local session = { type = "c2s_unauthed", conn = {}, sid = sid, rid = attr.rid, host = attr.to, bosh_version = attr.ver, bosh_wait = attr.wait, streamid = sid,
- bosh_hold = BOSH_DEFAULT_HOLD,
- requests = { }, send_buffer = {}, reset_stream = bosh_reset_stream, close = bosh_close_stream };
+ bosh_hold = BOSH_DEFAULT_HOLD, bosh_max_inactive = BOSH_DEFAULT_INACTIVITY,
+ requests = { }, send_buffer = {}, reset_stream = bosh_reset_stream, close = bosh_close_stream, dispatch_stanza = core_process_stanza };
sessions[sid] = session;
log("info", "New BOSH session, assigned it sid '%s'", sid);
local r, send_buffer = session.requests, session.send_buffer;
@@ -133,6 +153,10 @@ function stream_callbacks.streamopened(request, attr)
end
elseif s ~= "" then
log("debug", "Saved to send buffer because there are %d open requests", #r);
+ if session.bosh_max_inactive and not inactive_sessions[session] then
+ inactive_sessions[session] = os_time();
+ (session.log or log)("debug", "BOSH session marked as inactive at %d", inactive_sessions[session]);
+ end
-- Hmm, no requests are open :(
t_insert(session.send_buffer, tostring(s));
log("debug", "There are now %d things in the send_buffer", #session.send_buffer);
@@ -145,7 +169,7 @@ function stream_callbacks.streamopened(request, attr)
fire_event("stream-features", session, features);
--xmpp:version='1.0' xmlns:xmpp='urn:xmpp:xbosh'
local response = st.stanza("body", { xmlns = xmlns_bosh,
- inactivity = "30", polling = "5", requests = "2", hold = tostring(session.bosh_hold), maxpause = "120",
+ inactivity = tostring(BOSH_DEFAULT_INACTIVITY), polling = tostring(BOSH_DEFAULT_POLLING), requests = tostring(BOSH_DEFAULT_REQUESTS), hold = tostring(session.bosh_hold), maxpause = "120",
sid = sid, ver = '1.6', from = session.host, secure = 'true', ["xmpp:version"] = "1.0",
["xmlns:xmpp"] = "urn:xmpp:xbosh", ["xmlns:stream"] = "http://etherx.jabber.org/streams" }):add_child(features);
request:send(tostring(response));
@@ -163,6 +187,19 @@ function stream_callbacks.streamopened(request, attr)
return;
end
+ if attr.type == "terminate" then
+ -- Client wants to end this session
+ session:close();
+ request.notopen = nil;
+ return;
+ end
+
+ -- If session was inactive, make sure it is now marked as not
+ if #session.requests == 0 then
+ (session.log or log)("debug", "BOSH client now active again at %d", os_time());
+ inactive_sessions[session] = nil;
+ end
+
if session.notopen then
local features = st.stanza("stream:features");
fire_event("stream-features", session, features);
@@ -200,7 +237,33 @@ function on_timer()
end
end
end
+
+ now = now - 3;
+ for session, inactive_since in pairs(inactive_sessions) do
+ if session.bosh_max_inactive then
+ if now - inactive_since > session.bosh_max_inactive then
+ (session.log or log)("debug", "BOSH client inactive too long, destroying session at %d", now);
+ sessions[session.sid] = nil;
+ inactive_sessions[session] = nil;
+ sm_destroy_session(session, "BOSH client silent for over "..session.bosh_max_inactive.." seconds");
+ end
+ else
+ inactive_sessions[session] = nil;
+ end
+ end
+end
+
+local ports = config.get(module.host, "core", "bosh_ports") or { 5280 };
+for _, options in ipairs(ports) do
+ local port, base, ssl, interface = 5280, "http-bind", false, nil;
+ if type(options) == "number" then
+ port = options;
+ elseif type(options) == "table" then
+ port, base, ssl, interface = options.port or 5280, options.path or "http-bind", options.ssl or false, options.interface;
+ elseif type(options) == "string" then
+ base = options;
+ end
+ httpserver.new{ port = port, base = base, handler = handle_request, ssl = ssl }
end
-httpserver.new{ port = 5280, base = "http-bind", handler = handle_request, ssl = false}
server.addtimer(on_timer);
diff --git a/plugins/mod_httpserver.lua b/plugins/mod_httpserver.lua
index 02a9fd78..2bcdab43 100644
--- a/plugins/mod_httpserver.lua
+++ b/plugins/mod_httpserver.lua
@@ -1,4 +1,6 @@
+local httpserver = require "net.httpserver";
+
local open = io.open;
local t_concat = table.concat;
diff --git a/plugins/mod_register.lua b/plugins/mod_register.lua
index 377bf153..44bbf700 100644
--- a/plugins/mod_register.lua
+++ b/plugins/mod_register.lua
@@ -23,6 +23,7 @@ local st = require "util.stanza";
local usermanager_user_exists = require "core.usermanager".user_exists;
local usermanager_create_user = require "core.usermanager".create_user;
local datamanager_store = require "util.datamanager".store;
+local os_time = os.time;
module:add_feature("jabber:iq:register");
@@ -93,6 +94,15 @@ module:add_iq_handler("c2s", "jabber:iq:register", function (session, stanza)
end;
end);
+local recent_ips = {};
+local min_seconds_between_registrations = config.get(module.host, "core", "min_seconds_between_registrations");
+local whitelist_only = config.get(module.host, "core", "whitelist_registration_only");
+local whitelisted_ips = config.get(module.host, "core", "registration_whitelist") or { "127.0.0.1" };
+local blacklisted_ips = config.get(module.host, "core", "registration_blacklist") or {};
+
+for _, ip in ipairs(whitelisted_ips) do whitelisted_ips[ip] = true; end
+for _, ip in ipairs(blacklisted_ips) do blacklisted_ips[ip] = true; end
+
module:add_iq_handler("c2s_unauthed", "jabber:iq:register", function (session, stanza)
if config.get(module.host, "core", "allow_registration") == false then
session.send(st.error_reply(stanza, "cancel", "service-unavailable"));
@@ -112,6 +122,26 @@ module:add_iq_handler("c2s_unauthed", "jabber:iq:register", function (session, s
local username = query:child_with_name("username");
local password = query:child_with_name("password");
if username and password then
+ -- Check that the user is not blacklisted or registering too often
+ if blacklisted_ips[session.ip] or (whitelist_only and not whitelisted_ips[session.ip]) then
+ session.send(st.error_reply(stanza, "cancel", "not-acceptable"));
+ return;
+ elseif min_seconds_between_registrations and not whitelisted_ips[session.ip] then
+ if not recent_ips[session.ip] then
+ recent_ips[session.ip] = { time = os_time(), count = 1 };
+ else
+
+ local ip = recent_ips[session.ip];
+ ip.count = ip.count + 1;
+
+ if os_time() - ip.time < min_seconds_between_registrations then
+ ip.time = os_time();
+ session.send(st.error_reply(stanza, "cancel", "not-acceptable"));
+ return;
+ end
+ ip.time = os_time();
+ end
+ end
-- FIXME shouldn't use table.concat
username = table.concat(username);
password = table.concat(password);
diff --git a/tests/test.lua b/tests/test.lua
index eb209219..bc1e1979 100644
--- a/tests/test.lua
+++ b/tests/test.lua
@@ -25,7 +25,8 @@ function run_all_tests()
dotest "core.stanza_router"
dotest "core.s2smanager"
dotest "core.configmanager"
-
+ dotest "util.stanza"
+
dosingletest("test_sasl.lua", "latin1toutf8");
end
diff --git a/tests/test_util_stanza.lua b/tests/test_util_stanza.lua
new file mode 100644
index 00000000..f4c4810a
--- /dev/null
+++ b/tests/test_util_stanza.lua
@@ -0,0 +1,20 @@
+
+function preserialize(preserialize, st)
+ local stanza = st.stanza("message", { a = "a" });
+ local stanza2 = preserialize(stanza);
+ assert_is(stanza2 and stanza.name, "preserialize returns a stanza");
+ assert_is_not(stanza2.tags, "Preserialized stanza has no tag list");
+ assert_is_not(stanza2.last_add, "Preserialized stanza has no last_add marker");
+ assert_is_not(getmetatable(stanza2), "Preserialized stanza has no metatable");
+end
+
+function deserialize(deserialize, st)
+ local stanza = st.stanza("message", { a = "a" });
+
+ local stanza2 = deserialize(st.preserialize(stanza));
+ assert_is(stanza2 and stanza.name, "deserialize returns a stanza");
+ assert_is(stanza2.last_add, "Deserialized stanza is missing last_add for adding child tags");
+ assert_table(stanza2.attr, "Deserialized stanza has attributes");
+ assert_equal(stanza2.attr.a, "a", "Deserialized stanza retains attributes");
+ assert_table(getmetatable(stanza2), "Deserialized stanza has metatable");
+end
diff --git a/util/stanza.lua b/util/stanza.lua
index 6af7e2b2..14a8f395 100644
--- a/util/stanza.lua
+++ b/util/stanza.lua
@@ -87,11 +87,17 @@ function stanza_mt:add_child(child)
end
function stanza_mt:child_with_name(name)
- for _, child in ipairs(self) do
+ for _, child in ipairs(self.tags) do
if child.name == name then return child; end
end
end
+function stanza_mt:child_with_ns(ns)
+ for _, child in ipairs(self.tags) do
+ if child.attr.xmlns == ns then return child; end
+ end
+end
+
function stanza_mt:children()
local i = 0;
return function (a)
@@ -199,6 +205,9 @@ function deserialize(stanza)
end
end
stanza.tags = tags;
+ if not stanza.last_add then
+ stanza.last_add = {};
+ end
end
end