aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_bosh.lua
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/mod_bosh.lua')
-rw-r--r--plugins/mod_bosh.lua138
1 files changed, 80 insertions, 58 deletions
diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua
index db7ae03e..ceb31a9f 100644
--- a/plugins/mod_bosh.lua
+++ b/plugins/mod_bosh.lua
@@ -44,20 +44,42 @@ local bosh_max_polling = module:get_option_number("bosh_max_polling", 5);
local bosh_max_wait = module:get_option_number("bosh_max_wait", 120);
local consider_bosh_secure = module:get_option_boolean("consider_bosh_secure");
-local cross_domain = module:get_option("cross_domain_bosh", false);
+local cross_domain = module:get_option("cross_domain_bosh");
local stanza_size_limit = module:get_option_number("c2s_stanza_size_limit", 1024*256);
-if cross_domain == true then cross_domain = "*"; end
-if type(cross_domain) == "table" then cross_domain = table.concat(cross_domain, ", "); end
+if cross_domain ~= nil then
+ module:log("info", "The 'cross_domain_bosh' option has been deprecated");
+end
local t_insert, t_remove, t_concat = table.insert, table.remove, table.concat;
-- All sessions, and sessions that have no requests open
local sessions = module:shared("sessions");
+local measure_active = module:measure("active_sessions", "amount");
+local measure_inactive = module:measure("inactive_sessions", "amount");
+local report_bad_host = module:measure("bad_host", "rate");
+local report_bad_sid = module:measure("bad_sid", "rate");
+local report_new_sid = module:measure("new_sid", "rate");
+local report_timeout = module:measure("timeout", "rate");
+
+module:hook("stats-update", function ()
+ local active = 0;
+ local inactive = 0;
+ for _, session in pairs(sessions) do
+ if #session.requests > 0 then
+ active = active + 1;
+ else
+ inactive = inactive + 1;
+ end
+ end
+ measure_active(active);
+ measure_inactive(inactive);
+end);
+
-- Used to respond to idle sessions (those with waiting requests)
function on_destroy_request(request)
- log("debug", "Request destroyed: %s", tostring(request));
+ log("debug", "Request destroyed: %s", request);
local session = sessions[request.context.sid];
if session then
local requests = session.requests;
@@ -74,7 +96,7 @@ function on_destroy_request(request)
if session.inactive_timer then
session.inactive_timer:stop();
end
- session.inactive_timer = module:add_timer(max_inactive, check_inactive, session, request.context,
+ session.inactive_timer = module:add_timer(max_inactive, session_timeout, session, request.context,
"BOSH client silent for over "..max_inactive.." seconds");
(session.log or log)("debug", "BOSH session marked as inactive (for %ds)", max_inactive);
end
@@ -85,31 +107,16 @@ function on_destroy_request(request)
end
end
-function check_inactive(now, session, context, reason) -- luacheck: ignore 212/now
+function session_timeout(now, session, context, reason) -- luacheck: ignore 212/now
if not session.destroyed then
+ report_timeout();
sessions[context.sid] = nil;
sm_destroy_session(session, reason);
end
end
-local function set_cross_domain_headers(response)
- local headers = response.headers;
- headers.access_control_allow_methods = "GET, POST, OPTIONS";
- headers.access_control_allow_headers = "Content-Type";
- headers.access_control_max_age = "7200";
- headers.access_control_allow_origin = cross_domain;
- return response;
-end
-
-function handle_OPTIONS(event)
- if cross_domain and event.request.headers.origin then
- set_cross_domain_headers(event.response);
- end
- return "";
-end
-
function handle_POST(event)
- log("debug", "Handling new request %s: %s\n----------", tostring(event.request), tostring(event.request.body));
+ log("debug", "Handling new request %s: %s\n----------", event.request, event.request.body);
local request, response = event.request, event.response;
response.on_destroy = on_destroy_request;
@@ -122,10 +129,6 @@ function handle_POST(event)
local headers = response.headers;
headers.content_type = "text/xml; charset=utf-8";
- if cross_domain and request.headers.origin then
- set_cross_domain_headers(response);
- end
-
-- stream:feed() calls the stream_callbacks, so all stanzas in
-- the body are processed in this next line before it returns.
-- In particular, the streamopened() stream callback is where
@@ -206,6 +209,7 @@ function handle_POST(event)
return;
end
module:log("warn", "Unable to associate request with a session (incomplete request?)");
+ report_bad_sid();
local close_reply = st.stanza("body", { xmlns = xmlns_bosh, type = "terminate",
["xmlns:stream"] = xmlns_streams, condition = "item-not-found" });
return tostring(close_reply) .. "\n";
@@ -221,7 +225,7 @@ local function bosh_reset_stream(session) session.notopen = true; end
local stream_xmlns_attr = { xmlns = "urn:ietf:params:xml:ns:xmpp-streams" };
local function bosh_close_stream(session, reason)
- (session.log or log)("info", "BOSH client disconnected: %s", tostring((reason and reason.condition or reason) or "session close"));
+ (session.log or log)("info", "BOSH client disconnected: %s", (reason and reason.condition or reason) or "session close");
local close_reply = st.stanza("body", { xmlns = xmlns_bosh, type = "terminate",
["xmlns:stream"] = xmlns_streams });
@@ -232,6 +236,8 @@ local function bosh_close_stream(session, reason)
if type(reason) == "string" then -- assume stream error
close_reply:tag("stream:error")
:tag(reason, {xmlns = xmlns_xmpp_streams});
+ elseif st.is_stanza(reason) then
+ close_reply = reason;
elseif type(reason) == "table" then
if reason.condition then
close_reply:tag("stream:error")
@@ -242,11 +248,9 @@ local function bosh_close_stream(session, reason)
if reason.extra then
close_reply:add_child(reason.extra);
end
- elseif reason.name then -- a stanza
- close_reply = reason;
end
end
- log("info", "Disconnecting client, <stream:error> is: %s", tostring(close_reply));
+ log("info", "Disconnecting client, <stream:error> is: %s", close_reply);
end
local response_body = tostring(close_reply);
@@ -269,9 +273,19 @@ function stream_callbacks.streamopened(context, attr)
-- New session request
context.notopen = nil; -- Signals that we accept this opening tag
+ if not attr.to then
+ log("debug", "BOSH client tried to connect without specifying a host");
+ report_bad_host();
+ local close_reply = st.stanza("body", { xmlns = xmlns_bosh, type = "terminate",
+ ["xmlns:stream"] = xmlns_streams, condition = "improper-addressing" });
+ response:send(tostring(close_reply));
+ return;
+ end
+
local to_host = nameprep(attr.to);
if not to_host then
- log("debug", "BOSH client tried to connect to invalid host: %s", tostring(attr.to));
+ log("debug", "BOSH client tried to connect to invalid host: %s", attr.to);
+ report_bad_host();
local close_reply = st.stanza("body", { xmlns = xmlns_bosh, type = "terminate",
["xmlns:stream"] = xmlns_streams, condition = "improper-addressing" });
response:send(tostring(close_reply));
@@ -279,7 +293,8 @@ function stream_callbacks.streamopened(context, attr)
end
if not prosody.hosts[to_host] then
- log("debug", "BOSH client tried to connect to non-existant host: %s", attr.to);
+ log("debug", "BOSH client tried to connect to non-existent host: %s", attr.to);
+ report_bad_host();
local close_reply = st.stanza("body", { xmlns = xmlns_bosh, type = "terminate",
["xmlns:stream"] = xmlns_streams, condition = "improper-addressing" });
response:send(tostring(close_reply));
@@ -288,6 +303,7 @@ function stream_callbacks.streamopened(context, attr)
if prosody.hosts[to_host].type ~= "local" then
log("debug", "BOSH client tried to connect to %s host: %s", prosody.hosts[to_host].type, attr.to);
+ report_bad_host();
local close_reply = st.stanza("body", { xmlns = xmlns_bosh, type = "terminate",
["xmlns:stream"] = xmlns_streams, condition = "improper-addressing" });
response:send(tostring(close_reply));
@@ -296,7 +312,7 @@ function stream_callbacks.streamopened(context, attr)
local wait = tonumber(attr.wait);
if not rid or (not attr.wait or not wait or wait < 0 or wait % 1 ~= 0) then
- log("debug", "BOSH client sent invalid rid or wait attributes: rid=%s, wait=%s", tostring(attr.rid), tostring(attr.wait));
+ log("debug", "BOSH client sent invalid rid or wait attributes: rid=%s, wait=%s", attr.rid, attr.wait);
local close_reply = st.stanza("body", { xmlns = xmlns_bosh, type = "terminate",
["xmlns:stream"] = xmlns_streams, condition = "bad-request" });
response:send(tostring(close_reply));
@@ -307,6 +323,7 @@ function stream_callbacks.streamopened(context, attr)
-- New session
sid = new_uuid();
+ -- TODO use util.session
local session = {
type = "c2s_unauthed", conn = request.conn, sid = sid, host = attr.to,
rid = rid - 1, -- Hack for initial session setup, "previous" rid was $current_request - 1
@@ -327,6 +344,7 @@ function stream_callbacks.streamopened(context, attr)
session.log("debug", "BOSH session created for request from %s", session.ip);
log("info", "New BOSH session, assigned it sid '%s'", sid);
+ report_new_sid();
module:fire_event("bosh-session", { session = session, request = request });
@@ -341,7 +359,7 @@ function stream_callbacks.streamopened(context, attr)
s.attr.xmlns = "jabber:client";
end
s = filter("stanzas/out", s);
- --log("debug", "Sending BOSH data: %s", tostring(s));
+ --log("debug", "Sending BOSH data: %s", s);
if not s then return true end
t_insert(session.send_buffer, tostring(s));
@@ -381,6 +399,7 @@ function stream_callbacks.streamopened(context, attr)
if not session then
-- Unknown sid
log("info", "Client tried to use sid '%s' which we don't know about", sid);
+ report_bad_sid();
response:send(tostring(st.stanza("body", { xmlns = xmlns_bosh, type = "terminate", condition = "item-not-found" })));
context.notopen = nil;
return;
@@ -443,7 +462,7 @@ function stream_callbacks.streamopened(context, attr)
end
end
-local function handleerr(err) log("error", "Traceback[bosh]: %s", traceback(tostring(err), 2)); end
+local function handleerr(err) log("error", "Traceback[bosh]: %s", traceback(err, 2)); end
function runner_callbacks:error(err) -- luacheck: ignore 212/self
return handleerr(err);
@@ -513,25 +532,28 @@ function stream_callbacks.error(context, error)
end
end
-local GET_response = {
- headers = {
- content_type = "text/html";
- };
- body = [[<html><body>
- <p>It works! Now point your BOSH client to this URL to connect to Prosody.</p>
- <p>For more information see <a href="https://prosody.im/doc/setting_up_bosh">Prosody: Setting up BOSH</a>.</p>
- </body></html>]];
-};
-
-module:depends("http");
-module:provides("http", {
- default_path = "/http-bind";
- route = {
- ["GET"] = GET_response;
- ["GET /"] = GET_response;
- ["OPTIONS"] = handle_OPTIONS;
- ["OPTIONS /"] = handle_OPTIONS;
- ["POST"] = handle_POST;
- ["POST /"] = handle_POST;
- };
-});
+local function GET_response(event)
+ return module:fire_event("http-message", {
+ response = event.response;
+ ---
+ title = "Prosody BOSH endpoint";
+ message = "It works! Now point your BOSH client to this URL to connect to Prosody.";
+ warning = not (consider_bosh_secure or event.request.secure) and "This endpoint is not considered secure!" or nil;
+ -- <p>For more information see <a href="https://prosody.im/doc/setting_up_bosh">Prosody: Setting up BOSH</a>.</p>
+ }) or "This is the Prosody BOSH endpoint.";
+end
+
+function module.add_host(module)
+ module:depends("http");
+ module:provides("http", {
+ default_path = "/http-bind";
+ route = {
+ ["GET"] = GET_response;
+ ["GET /"] = GET_response;
+ ["POST"] = handle_POST;
+ ["POST /"] = handle_POST;
+ };
+ });
+end
+
+module:add_host();