1 files changed, 86 insertions, 42 deletions
diff --git a/plugins/mod_c2s.lua b/plugins/mod_c2s.lua
index 2848f92f..7f0d1b01 100644
--- a/plugins/mod_c2s.lua
+++ b/plugins/mod_c2s.lua
@@ -1,7 +1,7 @@
 -- Prosody IM
 -- Copyright (C) 2008-2010 Matthew Wild
 -- Copyright (C) 2008-2010 Waqas Hussain
--- 
+--
 -- This project is MIT/X11 licensed. Please see the
 -- COPYING file in the source package for more information.
 --
@@ -23,20 +23,29 @@ local xmlns_xmpp_streams = "urn:ietf:params:xml:ns:xmpp-streams";
 
 local log = module._log;
 
-local c2s_timeout = module:get_option_number("c2s_timeout");
+local c2s_timeout = module:get_option_number("c2s_timeout", 300);
 local stream_close_timeout = module:get_option_number("c2s_close_timeout", 5);
 local opt_keepalives = module:get_option_boolean("c2s_tcp_keepalives", module:get_option_boolean("tcp_keepalives", true));
 
+local measure_connections = module:measure("connections", "amount");
+
 local sessions = module:shared("sessions");
 local core_process_stanza = prosody.core_process_stanza;
 local hosts = prosody.hosts;
 
-local stream_callbacks = { default_ns = "jabber:client", handlestanza = core_process_stanza };
+local stream_callbacks = { default_ns = "jabber:client" };
 local listener = {};
 
+module:hook("stats-update", function ()
+	local count = 0;
+	for _ in pairs(sessions) do
+		count = count + 1;
+	end
+	measure_connections(count);
+end);
+
 --- Stream events handlers
 local stream_xmlns_attr = {xmlns='urn:ietf:params:xml:ns:xmpp-streams'};
-local default_stream_attr = { ["xmlns:stream"] = "http://etherx.jabber.org/streams", xmlns = stream_callbacks.default_ns, version = "1.0", id = "" };
 
 function stream_callbacks.streamopened(session, attr)
 	local send = session.send;
@@ -57,15 +66,13 @@ function stream_callbacks.streamopened(session, attr)
 	session.streamid = uuid_generate();
 	(session.log or session)("debug", "Client sent opening <stream:stream> to %s", session.host);
 
-	if not hosts[session.host] or not hosts[session.host].users then
+	if not hosts[session.host] or not hosts[session.host].modules.c2s then
 		-- We don't serve this host...
 		session:close{ condition = "host-unknown", text = "This server does not serve "..tostring(session.host)};
 		return;
 	end
 
-	send("<?xml version='1.0'?>"..st.stanza("stream:stream", {
-		xmlns = 'jabber:client', ["xmlns:stream"] = 'http://etherx.jabber.org/streams';
-		id = session.streamid, from = session.host, version = '1.0', ["xml:lang"] = 'en' }):top_tag());
+	session:open_stream();
 
 	(session.log or log)("debug", "Sent reply <stream:stream> to client");
 	session.notopen = nil;
@@ -74,21 +81,27 @@ function stream_callbacks.streamopened(session, attr)
 	-- since we now have a new stream header, session is secured
 	if session.secure == false then
 		session.secure = true;
+		session.encrypted = true;
 
-		-- Check if TLS compression is used
 		local sock = session.conn:socket();
 		if sock.info then
-			session.compressed = sock:info"compression";
-		elseif sock.compression then
-			session.compressed = sock:compression(); --COMPAT mw/luasec-hg
+			local info = sock:info();
+			(session.log or log)("info", "Stream encrypted (%s with %s)", info.protocol, info.cipher);
+			session.compressed = info.compression;
+		else
+			(session.log or log)("info", "Stream encrypted");
+			session.compressed = sock.compression and sock:compression(); --COMPAT mw/luasec-hg
 		end
 	end
 
 	local features = st.stanza("stream:features");
 	hosts[session.host].events.fire_event("stream-features", { origin = session, features = features });
-	module:fire_event("stream-features", session, features);
-
-	send(features);
+	if features.tags[1] or session.full_jid then
+		send(features);
+	else
+		(session.log or log)("warn", "No stream features to offer");
+		session:close{ condition = "undefined-condition", text = "No stream features to proceed with" };
+	end
 end
 
 function stream_callbacks.streamclosed(session)
@@ -134,8 +147,7 @@ local function session_close(session, reason)
 	local log = session.log or log;
 	if session.conn then
 		if session.notopen then
-			session.send("<?xml version='1.0'?>");
-			session.send(st.stanza("stream:stream", default_stream_attr):top_tag());
+			session:open_stream();
 		end
 		if reason then -- nil == no err, initiated by us, false == initiated by client
 			local stream_error = st.stanza("stream:error");
@@ -158,31 +170,31 @@ local function session_close(session, reason)
 			log("debug", "Disconnecting client, <stream:error> is: %s", stream_error);
 			session.send(stream_error);
 		end
-		
+
 		session.send("</stream:stream>");
 		function session.send() return false; end
-		
-		local reason = (reason and (reason.name or reason.text or reason.condition)) or reason;
-		session.log("info", "c2s stream for %s closed: %s", session.full_jid or ("<"..session.ip..">"), reason or "session closed");
+
+		local reason_text = (reason and (reason.name or reason.text or reason.condition)) or reason;
+		session.log("debug", "c2s stream for %s closed: %s", session.full_jid or session.ip or "<unknown>", reason_text or "session closed");
 
 		-- Authenticated incoming stream may still be sending us stanzas, so wait for </stream:stream> from remote
 		local conn = session.conn;
-		if reason == nil and not session.notopen and session.type == "c2s" then
+		if reason_text == nil and not session.notopen and session.type == "c2s" then
 			-- Grace time to process data from authenticated cleanly-closed stream
 			add_task(stream_close_timeout, function ()
 				if not session.destroyed then
 					session.log("warn", "Failed to receive a stream close response, closing connection anyway...");
-					sm_destroy_session(session, reason);
+					sm_destroy_session(session, reason_text);
 					conn:close();
 				end
 			end);
 		else
-			sm_destroy_session(session, reason);
+			sm_destroy_session(session, reason_text);
 			conn:close();
 		end
 	else
-		local reason = (reason and (reason.name or reason.text or reason.condition)) or reason;
-		sm_destroy_session(session, reason);
+		local reason_text = (reason and (reason.name or reason.text or reason.condition)) or reason;
+		sm_destroy_session(session, reason_text);
 	end
 end
 
@@ -190,22 +202,35 @@ module:hook_global("user-deleted", function(event)
 	local username, host = event.username, event.host;
 	local user = hosts[host].sessions[username];
 	if user and user.sessions then
-		for jid, session in pairs(user.sessions) do
+		for _, session in pairs(user.sessions) do
 			session:close{ condition = "not-authorized", text = "Account deleted" };
 		end
 	end
 end, 200);
 
+module:hook_global("user-password-changed", function(event)
+	local username, host, resource = event.username, event.host, event.resource;
+	local user = hosts[host].sessions[username];
+	if user and user.sessions then
+		for r, session in pairs(user.sessions) do
+			if r ~= resource then
+				session:close{ condition = "reset", text = "Password changed" };
+			end
+		end
+	end
+end, 200);
+
 --- Port listener
 function listener.onconnect(conn)
 	local session = sm_new_session(conn);
 	sessions[conn] = session;
-	
+
 	session.log("info", "Client connected");
-	
+
 	-- Client is using legacy SSL (otherwise mod_tls sets this flag)
 	if conn:ssl() then
 		session.secure = true;
+		session.encrypted = true;
 
 		-- Check if TLS compression is used
 		local sock = conn:socket();
@@ -215,34 +240,37 @@ function listener.onconnect(conn)
 			session.compressed = sock:compression(); --COMPAT mw/luasec-hg
 		end
 	end
-	
+
 	if opt_keepalives then
 		conn:setoption("keepalive", opt_keepalives);
 	end
-	
+
 	session.close = session_close;
-	
+
 	local stream = new_xmpp_stream(session, stream_callbacks);
 	session.stream = stream;
 	session.notopen = true;
-	
+
 	function session.reset_stream()
 		session.notopen = true;
 		session.stream:reset();
 	end
-	
+
 	local filter = session.filter;
 	function session.data(data)
-		data = filter("bytes/in", data);
+		-- Parse the data, which will store stanzas in session.pending_stanzas
 		if data then
-			local ok, err = stream:feed(data);
-			if ok then return; end
-			log("debug", "Received invalid XML (%s) %d bytes: %s", tostring(err), #data, data:sub(1, 300):gsub("[\r\n]+", " "):gsub("[%z\1-\31]", "_"));
-			session:close("not-well-formed");
+			data = filter("bytes/in", data);
+			if data then
+				local ok, err = stream:feed(data);
+				if not ok then
+					log("debug", "Received invalid XML (%s) %d bytes: %s", tostring(err), #data, data:sub(1, 300):gsub("[\r\n]+", " "):gsub("[%z\1-\31]", "_"));
+					session:close("not-well-formed");
+				end
+			end
 		end
 	end
 
-	
 	if c2s_timeout then
 		add_task(c2s_timeout, function ()
 			if session.type == "c2s_unauthed" then
@@ -271,14 +299,30 @@ function listener.ondisconnect(conn, err)
 	end
 end
 
+function listener.onreadtimeout(conn)
+	local session = sessions[conn];
+	if session then
+		return (hosts[session.host] or prosody).events.fire_event("c2s-read-timeout", { session = session });
+	end
+end
+
+local function keepalive(event)
+	local session = event.session;
+	if not session.notopen then
+		return event.session.send(' ');
+	end
+end
+
 function listener.associate_session(conn, session)
 	sessions[conn] = session;
 end
 
-function listener.ondetach(conn)
-	sessions[conn] = nil;
+function module.add_host(module)
+	module:hook("c2s-read-timeout", keepalive, -1);
 end
 
+module:hook("c2s-read-timeout", keepalive, -1);
+
 module:hook("server-stopping", function(event)
 	local reason = event.reason;
 	for _, session in pairs(sessions) do