aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_c2s.lua
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/mod_c2s.lua')
-rw-r--r--plugins/mod_c2s.lua59
1 files changed, 39 insertions, 20 deletions
diff --git a/plugins/mod_c2s.lua b/plugins/mod_c2s.lua
index c8f54fa7..1a24c27c 100644
--- a/plugins/mod_c2s.lua
+++ b/plugins/mod_c2s.lua
@@ -8,15 +8,15 @@
module:set_global();
-local add_task = require "util.timer".add_task;
-local new_xmpp_stream = require "util.xmppstream".new;
-local nameprep = require "util.encodings".stringprep.nameprep;
-local sessionmanager = require "core.sessionmanager";
-local statsmanager = require "core.statsmanager";
-local st = require "util.stanza";
+local add_task = require "prosody.util.timer".add_task;
+local new_xmpp_stream = require "prosody.util.xmppstream".new;
+local nameprep = require "prosody.util.encodings".stringprep.nameprep;
+local sessionmanager = require "prosody.core.sessionmanager";
+local statsmanager = require "prosody.core.statsmanager";
+local st = require "prosody.util.stanza";
local sm_new_session, sm_destroy_session = sessionmanager.new_session, sessionmanager.destroy_session;
-local uuid_generate = require "util.uuid".generate;
-local async = require "util.async";
+local uuid_generate = require "prosody.util.uuid".generate;
+local async = require "prosody.util.async";
local runner = async.runner;
local tostring, type = tostring, type;
@@ -25,10 +25,10 @@ local xmlns_xmpp_streams = "urn:ietf:params:xml:ns:xmpp-streams";
local log = module._log;
-local c2s_timeout = module:get_option_number("c2s_timeout", 300);
-local stream_close_timeout = module:get_option_number("c2s_close_timeout", 5);
+local c2s_timeout = module:get_option_period("c2s_timeout", "5 minutes");
+local stream_close_timeout = module:get_option_period("c2s_close_timeout", 5);
local opt_keepalives = module:get_option_boolean("c2s_tcp_keepalives", module:get_option_boolean("tcp_keepalives", true));
-local stanza_size_limit = module:get_option_number("c2s_stanza_size_limit", 1024*256);
+local stanza_size_limit = module:get_option_integer("c2s_stanza_size_limit", 1024*256,10000);
local measure_connections = module:metric("gauge", "connections", "", "Established c2s connections", {"host", "type", "ip_family"});
@@ -117,8 +117,7 @@ function stream_callbacks._streamopened(session, attr)
session.secure = true;
session.encrypted = true;
- local sock = session.conn:socket();
- local info = sock.info and sock:info();
+ local info = session.conn:ssl_info();
if type(info) == "table" then
(session.log or log)("info", "Stream encrypted (%s with %s)", info.protocol, info.cipher);
session.compressed = info.compression;
@@ -129,8 +128,13 @@ function stream_callbacks._streamopened(session, attr)
end
local features = st.stanza("stream:features");
- hosts[session.host].events.fire_event("stream-features", { origin = session, features = features });
+ hosts[session.host].events.fire_event("stream-features", { origin = session, features = features, stream = attr });
if features.tags[1] or session.full_jid then
+ if stanza_size_limit then
+ features:reset();
+ features:tag("limits", { xmlns = "urn:xmpp:stream-limits:0" })
+ :text_tag("max-bytes", string.format("%d", stanza_size_limit)):up();
+ end
send(features);
else
if session.secure then
@@ -248,6 +252,9 @@ end
local function disconnect_user_sessions(reason, leave_resource)
return function (event)
local username, host, resource = event.username, event.host, event.resource;
+ if not (hosts[host] and hosts[host].type == "local") then
+ return -- not a local VirtualHost so no sessions
+ end
local user = hosts[host].sessions[username];
if user and user.sessions then
for r, session in pairs(user.sessions) do
@@ -260,8 +267,18 @@ local function disconnect_user_sessions(reason, leave_resource)
end
module:hook_global("user-password-changed", disconnect_user_sessions({ condition = "reset", text = "Password changed" }, true), 200);
-module:hook_global("user-roles-changed", disconnect_user_sessions({ condition = "reset", text = "Roles changed" }), 200);
+module:hook_global("user-role-changed", disconnect_user_sessions({ condition = "reset", text = "Role changed" }), 200);
module:hook_global("user-deleted", disconnect_user_sessions({ condition = "not-authorized", text = "Account deleted" }), 200);
+module:hook_global("user-disabled", disconnect_user_sessions({ condition = "not-authorized", text = "Account disabled" }), 200);
+
+module:hook_global("c2s-session-updated", function (event)
+ sessions[event.session.conn] = event.session;
+ local replaced_conn = event.replaced_conn;
+ if replaced_conn then
+ sessions[replaced_conn] = nil;
+ replaced_conn:close();
+ end
+end);
function runner_callbacks:ready()
if self.data.conn then
@@ -293,10 +310,10 @@ function listener.onconnect(conn)
if conn:ssl() then
session.secure = true;
session.encrypted = true;
+ session.ssl_ctx = conn:sslctx();
-- Check if TLS compression is used
- local sock = conn:socket();
- local info = sock.info and sock:info();
+ local info = conn:ssl_info();
if type(info) == "table" then
(session.log or log)("info", "Stream encrypted (%s with %s)", info.protocol, info.cipher);
session.compressed = info.compression;
@@ -354,11 +371,13 @@ function listener.onconnect(conn)
end
end
- if c2s_timeout then
- add_task(c2s_timeout, function ()
+ if c2s_timeout < math.huge then
+ session.c2s_timeout = add_task(c2s_timeout, function ()
if session.type == "c2s_unauthed" then
(session.log or log)("debug", "Connection still not authenticated after c2s_timeout=%gs, closing it", c2s_timeout);
session:close("connection-timeout");
+ else
+ session.c2s_timeout = nil;
end
end);
end
@@ -426,7 +445,7 @@ module:hook("c2s-read-timeout", keepalive, -1);
module:hook("server-stopping", function(event) -- luacheck: ignore 212/event
-- Close ports
- local pm = require "core.portmanager";
+ local pm = require "prosody.core.portmanager";
for _, netservice in pairs(module.items["net-provider"]) do
pm.unregister_service(netservice.name, netservice);
end