aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--net/dns.lua12
-rw-r--r--plugins/mod_bosh.lua1
-rw-r--r--plugins/mod_console.lua2
-rw-r--r--plugins/mod_register.lua4
-rwxr-xr-xprosody72
-rw-r--r--util/sasl/digest-md5.lua3
6 files changed, 50 insertions, 44 deletions
diff --git a/net/dns.lua b/net/dns.lua
index 04b2cf22..c50e893c 100644
--- a/net/dns.lua
+++ b/net/dns.lua
@@ -726,21 +726,21 @@ function resolver:receive(rset) -- - - - - - - - - - - - - - - - - receive
local packet = sock:receive();
if packet then
response = self:decode(packet);
- if response then
+ if response and self.active[response.header.id]
+ and self.active[response.header.id][response.question.raw] then
--print('received response');
--self.print(response);
- for i,section in pairs({ 'answer', 'authority', 'additional' }) do
- for j,rr in pairs(response[section]) do
+ for j,rr in pairs(response.answer) do
+ if rr.name:sub(-#response.question[1].name, -1) == response.question[1].name then
self:remember(rr, response.question[1].type)
end
end
-- retire the query
local queries = self.active[response.header.id];
- if queries[response.question.raw] then
- queries[response.question.raw] = nil;
- end
+ queries[response.question.raw] = nil;
+
if not next(queries) then self.active[response.header.id] = nil; end
if not next(self.active) then self:closeall(); end
diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua
index af13bde9..3e41ef7b 100644
--- a/plugins/mod_bosh.lua
+++ b/plugins/mod_bosh.lua
@@ -254,6 +254,7 @@ function stream_callbacks.handlestanza(request, stanza)
if stanza.attr.xmlns == xmlns_bosh then
stanza.attr.xmlns = "jabber:client";
end
+ session.ip = request.handler.ip();
core_process_stanza(session, stanza);
end
end
diff --git a/plugins/mod_console.lua b/plugins/mod_console.lua
index 5a092298..82045232 100644
--- a/plugins/mod_console.lua
+++ b/plugins/mod_console.lua
@@ -650,3 +650,5 @@ if option and option ~= "short" and option ~= "full" and option ~= "graphic" the
end
end
end
+
+prosody.net_activate_ports("console", "console", {5582}, "tcp");
diff --git a/plugins/mod_register.lua b/plugins/mod_register.lua
index 22724130..2ae01fed 100644
--- a/plugins/mod_register.lua
+++ b/plugins/mod_register.lua
@@ -117,7 +117,9 @@ module:add_iq_handler("c2s_unauthed", "jabber:iq:register", function (session, s
local password = query:child_with_name("password");
if username and password then
-- Check that the user is not blacklisted or registering too often
- if blacklisted_ips[session.ip] or (whitelist_only and not whitelisted_ips[session.ip]) then
+ if not session.ip then
+ module:log("debug", "User's IP not known; can't apply blacklist/whitelist");
+ elseif blacklisted_ips[session.ip] or (whitelist_only and not whitelisted_ips[session.ip]) then
session.send(st.error_reply(stanza, "cancel", "not-acceptable", "You are not allowed to register an account."));
return;
elseif min_seconds_between_registrations and not whitelisted_ips[session.ip] then
diff --git a/prosody b/prosody
index e22e5945..ae9cd2fc 100755
--- a/prosody
+++ b/prosody
@@ -153,6 +153,40 @@ function init_global_state()
prosody.events.fire_event("server-stopping", {reason = reason});
server.setquitting(true);
end
+
+ -- Load SSL settings from config, and create a ctx table
+ local global_ssl_ctx = rawget(_G, "ssl") and config.get("*", "core", "ssl");
+ if global_ssl_ctx then
+ local default_ssl_ctx = { mode = "server", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none"; };
+ setmetatable(global_ssl_ctx, { __index = default_ssl_ctx });
+ end
+
+ local cl = require "net.connlisteners";
+ function prosody.net_activate_ports(option, listener, default, conntype)
+ conntype = conntype or (global_ssl_ctx and "tls") or "tcp";
+ if not cl.get(listener) then return; end
+ local ports = config.get("*", "core", option.."_ports") or default;
+ if type(ports) == "number" then ports = {ports} end;
+
+ if type(ports) ~= "table" then
+ log("error", "core."..option.." is not a table");
+ else
+ for _, port in ipairs(ports) do
+ if type(port) ~= "number" then
+ log("error", "Non-numeric "..option.."_ports: "..tostring(port));
+ else
+ cl.start(listener, {
+ ssl = conntype ~= "tcp" and global_ssl_ctx,
+ port = port,
+ interface = config.get("*", "core", option.."_interface")
+ or cl.get(listener).default_interface
+ or config.get("*", "core", "interface"),
+ type = conntype
+ });
+ end
+ end
+ end
+ end
end
function read_version()
@@ -220,45 +254,11 @@ function prepare_to_start()
eventmanager.fire_event("server-starting");
prosody.events.fire_event("server-starting");
- -- Load SSL settings from config, and create a ctx table
- local global_ssl_ctx = rawget(_G, "ssl") and config.get("*", "core", "ssl");
- if global_ssl_ctx then
- local default_ssl_ctx = { mode = "server", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none"; };
- setmetatable(global_ssl_ctx, { __index = default_ssl_ctx });
- end
-
- local cl = require "net.connlisteners";
-- start listening on sockets
- function prosody.net_activate_ports(option, listener, default, conntype)
- if not cl.get(listener) then return; end
- local ports = config.get("*", "core", option.."_ports") or default;
- if type(ports) == "number" then ports = {ports} end;
-
- if type(ports) ~= "table" then
- log("error", "core."..option.." is not a table");
- else
- for _, port in ipairs(ports) do
- if type(port) ~= "number" then
- log("error", "Non-numeric "..option.."_ports: "..tostring(port));
- else
- cl.start(listener, {
- ssl = conntype ~= "tcp" and global_ssl_ctx,
- port = port,
- interface = config.get("*", "core", option.."_interface")
- or cl.get(listener).default_interface
- or config.get("*", "core", "interface"),
- type = conntype
- });
- end
- end
- end
- end
-
- prosody.net_activate_ports("c2s", "xmppclient", {5222}, (global_ssl_ctx and "tls") or "tcp");
- prosody.net_activate_ports("s2s", "xmppserver", {5269}, (global_ssl_ctx and "tls") or "tcp");
+ prosody.net_activate_ports("c2s", "xmppclient", {5222});
+ prosody.net_activate_ports("s2s", "xmppserver", {5269});
prosody.net_activate_ports("component", "xmppcomponent", {}, "tcp");
prosody.net_activate_ports("legacy_ssl", "xmppclient", {}, "ssl");
- prosody.net_activate_ports("console", "console", {5582}, "tcp");
prosody.start_time = os.time();
end
diff --git a/util/sasl/digest-md5.lua b/util/sasl/digest-md5.lua
index e80ed63a..557858b3 100644
--- a/util/sasl/digest-md5.lua
+++ b/util/sasl/digest-md5.lua
@@ -101,7 +101,8 @@ local function digest(self, message)
end
local function parse(data)
local message = {}
- for k, v in s_gmatch(data, [[([%w%-]+)="?([^",]*)"?,?]]) do -- FIXME The hacky regex makes me shudder
+ -- COMPAT: %z in the pattern to work around jwchat bug (sends "charset=utf-8\0")
+ for k, v in gmatch(data, [[([%w%-]+)="?([^",%z]*)"?,?]]) do -- FIXME The hacky regex makes me shudder
message[k] = v;
end
return message;