diff options
Diffstat (limited to 'util')
-rw-r--r-- | util/dataforms.lua | 9 | ||||
-rw-r--r-- | util/dependencies.lua | 18 | ||||
-rw-r--r-- | util/indexedbheap.lua | 157 | ||||
-rw-r--r-- | util/paths.lua | 38 | ||||
-rw-r--r-- | util/pluginloader.lua | 8 | ||||
-rw-r--r-- | util/prosodyctl.lua | 4 | ||||
-rw-r--r-- | util/sasl.lua | 14 | ||||
-rw-r--r-- | util/timer.lua | 62 | ||||
-rw-r--r-- | util/x509.lua | 23 | ||||
-rw-r--r-- | util/xmppstream.lua | 109 |
10 files changed, 417 insertions, 25 deletions
diff --git a/util/dataforms.lua b/util/dataforms.lua index b38d0e27..c352858c 100644 --- a/util/dataforms.lua +++ b/util/dataforms.lua @@ -94,6 +94,15 @@ function form_t.form(layout, data, formtype) end end + local media = field.media; + if media then + form:tag("media", { xmlns = "urn:xmpp:media-element", height = media.height, width = media.width }); + for _, val in ipairs(media) do + form:tag("uri", { type = val.type }):text(val.uri):up() + end + form:up(); + end + if field.required then form:tag("required"):up(); end diff --git a/util/dependencies.lua b/util/dependencies.lua index 109a3332..ea19d9a8 100644 --- a/util/dependencies.lua +++ b/util/dependencies.lua @@ -49,6 +49,14 @@ package.preload["util.ztact"] = function () end; function check_dependencies() + if _VERSION ~= "Lua 5.1" then + print "***********************************" + print("Unsupported Lua version: ".._VERSION); + print("Only Lua 5.1 is supported."); + print "***********************************" + return false; + end + local fatal; local lxp = softreq "lxp" @@ -140,7 +148,15 @@ function log_warnings() if not pcall(lxp.new, { StartDoctypeDecl = false }) then log("error", "The version of LuaExpat on your system leaves Prosody " .."vulnerable to denial-of-service attacks. You should upgrade to " - .."LuaExpat 1.1.1 or higher as soon as possible. See " + .."LuaExpat 1.3.0 or higher as soon as possible. See " + .."http://prosody.im/doc/depends#luaexpat for more information."); + end + if not lxp.new({}).getcurrentbytecount then + log("error", "The version of LuaExpat on your system does not support " + .."stanza size limits, which may leave servers on untrusted " + .."networks (e.g. the internet) vulnerable to denial-of-service " + .."attacks. You should upgrade to LuaExpat 1.3.0 or higher as " + .."soon as possible. See " .."http://prosody.im/doc/depends#luaexpat for more information."); end end diff --git a/util/indexedbheap.lua b/util/indexedbheap.lua new file mode 100644 index 00000000..c60861e8 --- /dev/null +++ b/util/indexedbheap.lua @@ -0,0 +1,157 @@ + +local setmetatable = setmetatable; +local math_floor = math.floor; +local t_remove = table.remove; + +local function _heap_insert(self, item, sync, item2, index) + local pos = #self + 1; + while true do + local half_pos = math_floor(pos / 2); + if half_pos == 0 or item > self[half_pos] then break; end + self[pos] = self[half_pos]; + sync[pos] = sync[half_pos]; + index[sync[pos]] = pos; + pos = half_pos; + end + self[pos] = item; + sync[pos] = item2; + index[item2] = pos; +end + +local function _percolate_up(self, k, sync, index) + local tmp = self[k]; + local tmp_sync = sync[k]; + while k ~= 1 do + local parent = math_floor(k/2); + if tmp < self[parent] then break; end + self[k] = self[parent]; + sync[k] = sync[parent]; + index[sync[k]] = k; + k = parent; + end + self[k] = tmp; + sync[k] = tmp_sync; + index[tmp_sync] = k; + return k; +end + +local function _percolate_down(self, k, sync, index) + local tmp = self[k]; + local tmp_sync = sync[k]; + local size = #self; + local child = 2*k; + while 2*k <= size do + if child ~= size and self[child] > self[child + 1] then + child = child + 1; + end + if tmp > self[child] then + self[k] = self[child]; + sync[k] = sync[child]; + index[sync[k]] = k; + else + break; + end + + k = child; + child = 2*k; + end + self[k] = tmp; + sync[k] = tmp_sync; + index[tmp_sync] = k; + return k; +end + +local function _heap_pop(self, sync, index) + local size = #self; + if size == 0 then return nil; end + + local result = self[1]; + local result_sync = sync[1]; + index[result_sync] = nil; + if size == 1 then + self[1] = nil; + sync[1] = nil; + return result, result_sync; + end + self[1] = t_remove(self); + sync[1] = t_remove(sync); + index[sync[1]] = 1; + + _percolate_down(self, 1, sync, index); + + return result, result_sync; +end + +local indexed_heap = {}; + +function indexed_heap:insert(item, priority, id) + if id == nil then + id = self.current_id; + self.current_id = id + 1; + end + self.items[id] = item; + _heap_insert(self.priorities, priority, self.ids, id, self.index); + return id; +end +function indexed_heap:pop() + local priority, id = _heap_pop(self.priorities, self.ids, self.index); + if id then + local item = self.items[id]; + self.items[id] = nil; + return priority, item, id; + end +end +function indexed_heap:peek() + return self.priorities[1]; +end +function indexed_heap:reprioritize(id, priority) + local k = self.index[id]; + if k == nil then return; end + self.priorities[k] = priority; + + k = _percolate_up(self.priorities, k, self.ids, self.index); + k = _percolate_down(self.priorities, k, self.ids, self.index); +end +function indexed_heap:remove_index(k) + local result = self.priorities[k]; + if result == nil then return; end + + local result_sync = self.ids[k]; + local item = self.items[result_sync]; + local size = #self.priorities; + + self.priorities[k] = self.priorities[size]; + self.ids[k] = self.ids[size]; + self.index[self.ids[k]] = k; + + t_remove(self.priorities); + t_remove(self.ids); + + self.index[result_sync] = nil; + self.items[result_sync] = nil; + + if size > k then + k = _percolate_up(self.priorities, k, self.ids, self.index); + k = _percolate_down(self.priorities, k, self.ids, self.index); + end + + return result, item, result_sync; +end +function indexed_heap:remove(id) + return self:remove_index(self.index[id]); +end + +local mt = { __index = indexed_heap }; + +local _M = { + create = function() + return setmetatable({ + ids = {}; -- heap of ids, sync'd with priorities + items = {}; -- map id->items + priorities = {}; -- heap of priorities + index = {}; -- map of id->index of id in ids + current_id = 1.5 + }, mt); + end +}; +return _M; diff --git a/util/paths.lua b/util/paths.lua new file mode 100644 index 00000000..3e5744df --- /dev/null +++ b/util/paths.lua @@ -0,0 +1,38 @@ +local path_sep = package.config:sub(1,1); + +local path_util = {} + +-- Helper function to resolve relative paths (needed by config) +function path_util.resolve_relative_path(parent_path, path) + if path then + -- Some normalization + parent_path = parent_path:gsub("%"..path_sep.."+$", ""); + path = path:gsub("^%.%"..path_sep.."+", ""); + + local is_relative; + if path_sep == "/" and path:sub(1,1) ~= "/" then + is_relative = true; + elseif path_sep == "\\" and (path:sub(1,1) ~= "/" and (path:sub(2,3) ~= ":\\" and path:sub(2,3) ~= ":/")) then + is_relative = true; + end + if is_relative then + return parent_path..path_sep..path; + end + end + return path; +end + +-- Helper function to convert a glob to a Lua pattern +function path_util.glob_to_pattern(glob) + return "^"..glob:gsub("[%p*?]", function (c) + if c == "*" then + return ".*"; + elseif c == "?" then + return "."; + else + return "%"..c; + end + end).."$"; +end + +return path_util; diff --git a/util/pluginloader.lua b/util/pluginloader.lua index b894f527..b9b3e207 100644 --- a/util/pluginloader.lua +++ b/util/pluginloader.lua @@ -39,10 +39,10 @@ function load_resource(plugin, resource) resource = resource or "mod_"..plugin..".lua"; local names = { - "mod_"..plugin.."/"..plugin.."/"..resource; -- mod_hello/hello/mod_hello.lua - "mod_"..plugin.."/"..resource; -- mod_hello/mod_hello.lua - plugin.."/"..resource; -- hello/mod_hello.lua - resource; -- mod_hello.lua + "mod_"..plugin..dir_sep..plugin..dir_sep..resource; -- mod_hello/hello/mod_hello.lua + "mod_"..plugin..dir_sep..resource; -- mod_hello/mod_hello.lua + plugin..dir_sep..resource; -- hello/mod_hello.lua + resource; -- mod_hello.lua }; return load_file(names); diff --git a/util/prosodyctl.lua b/util/prosodyctl.lua index fe862114..d59c163c 100644 --- a/util/prosodyctl.lua +++ b/util/prosodyctl.lua @@ -189,8 +189,8 @@ function getpid() return false, "no-pidfile"; end - local modules_enabled = set.new(config.get("*", "modules_enabled")); - if not modules_enabled:contains("posix") then + local modules_enabled = set.new(config.get("*", "modules_disabled")); + if prosody.platform ~= "posix" or modules_enabled:contains("posix") then return false, "no-posix"; end diff --git a/util/sasl.lua b/util/sasl.lua index c8490842..b91e29a6 100644 --- a/util/sasl.lua +++ b/util/sasl.lua @@ -100,14 +100,16 @@ end function method:mechanisms() local current_mechs = {}; for mech, _ in pairs(self.mechs) do - if mechanism_channelbindings[mech] and self.profile.cb then - local ok = false; - for cb_name, _ in pairs(self.profile.cb) do - if mechanism_channelbindings[mech][cb_name] then - ok = true; + if mechanism_channelbindings[mech] then + if self.profile.cb then + local ok = false; + for cb_name, _ in pairs(self.profile.cb) do + if mechanism_channelbindings[mech][cb_name] then + ok = true; + end end + if ok == true then current_mechs[mech] = true; end end - if ok == true then current_mechs[mech] = true; end else current_mechs[mech] = true; end diff --git a/util/timer.lua b/util/timer.lua index 0e10e144..23bd6a37 100644 --- a/util/timer.lua +++ b/util/timer.lua @@ -6,6 +6,8 @@ -- COPYING file in the source package for more information. -- +local indexedbheap = require "util.indexedbheap"; +local log = require "util.logger".init("timer"); local server = require "net.server"; local math_min = math.min local math_huge = math.huge @@ -13,6 +15,9 @@ local get_time = require "socket".gettime; local t_insert = table.insert; local pairs = pairs; local type = type; +local debug_traceback = debug.traceback; +local tostring = tostring; +local xpcall = xpcall; local data = {}; local new_data = {}; @@ -78,6 +83,61 @@ else end end -add_task = _add_task; +--add_task = _add_task; + +local h = indexedbheap.create(); +local params = {}; +local next_time = nil; +local _id, _callback, _now, _param; +local function _call() return _callback(_now, _id, _param); end +local function _traceback_handler(err) log("error", "Traceback[timer]: %s", debug_traceback(tostring(err), 2)); end +local function _on_timer(now) + local peek; + while true do + peek = h:peek(); + if peek == nil or peek > now then break; end + local _; + _, _callback, _id = h:pop(); + _now = now; + _param = params[_id]; + params[_id] = nil; + --item(now, id, _param); -- FIXME pcall + local success, err = xpcall(_call, _traceback_handler); + if success and type(err) == "number" then + h:insert(_callback, err + now, _id); -- re-add + params[_id] = _param; + end + end + next_time = peek; + if peek ~= nil then + return peek - now; + end +end +function add_task(delay, callback, param) + local current_time = get_time(); + local event_time = current_time + delay; + + local id = h:insert(callback, event_time); + params[id] = param; + if next_time == nil or event_time < next_time then + next_time = event_time; + _add_task(next_time - current_time, _on_timer); + end + return id; +end +function stop(id) + params[id] = nil; + return h:remove(id); +end +function reschedule(id, delay) + local current_time = get_time(); + local event_time = current_time + delay; + h:reprioritize(id, delay); + if next_time == nil or event_time < next_time then + next_time = event_time; + _add_task(next_time - current_time, _on_timer); + end + return id; +end return _M; diff --git a/util/x509.lua b/util/x509.lua index 857f02a4..5e1b49e5 100644 --- a/util/x509.lua +++ b/util/x509.lua @@ -20,11 +20,9 @@ local nameprep = require "util.encodings".stringprep.nameprep; local idna_to_ascii = require "util.encodings".idna.to_ascii; +local base64 = require "util.encodings".base64; local log = require "util.logger".init("x509"); -local pairs, ipairs = pairs, ipairs; local s_format = string.format; -local t_insert = table.insert; -local t_concat = table.concat; module "x509" @@ -214,4 +212,23 @@ function verify_identity(host, service, cert) return false end +local pat = "%-%-%-%-%-BEGIN ([A-Z ]+)%-%-%-%-%-\r?\n".. +"([0-9A-Za-z+/=\r\n]*)\r?\n%-%-%-%-%-END %1%-%-%-%-%-"; + +function pem2der(pem) + local typ, data = pem:match(pat); + if typ and data then + return base64.decode(data), typ; + end +end + +local wrap = ('.'):rep(64); +local envelope = "-----BEGIN %s-----\n%s\n-----END %s-----\n" + +function der2pem(data, typ) + typ = typ and typ:upper() or "CERTIFICATE"; + data = base64.encode(data); + return s_format(envelope, typ, data:gsub(wrap, '%0\n', (#data-1)/64), typ); +end + return _M; diff --git a/util/xmppstream.lua b/util/xmppstream.lua index 550170c9..6982aae3 100644 --- a/util/xmppstream.lua +++ b/util/xmppstream.lua @@ -6,7 +6,6 @@ -- COPYING file in the source package for more information. -- - local lxp = require "lxp"; local st = require "util.stanza"; local stanza_mt = st.stanza_mt; @@ -20,6 +19,10 @@ local setmetatable = setmetatable; -- COMPAT: w/LuaExpat 1.1.0 local lxp_supports_doctype = pcall(lxp.new, { StartDoctypeDecl = false }); +local lxp_supports_xmldecl = pcall(lxp.new, { XmlDecl = false }); +local lxp_supports_bytecount = not not lxp.new({}).getcurrentbytecount; + +local default_stanza_size_limit = 1024*1024*10; -- 10MB module "xmppstream" @@ -40,13 +43,16 @@ local ns_pattern = "^([^"..ns_separator.."]*)"..ns_separator.."?(.*)$"; _M.ns_separator = ns_separator; _M.ns_pattern = ns_pattern; -function new_sax_handlers(session, stream_callbacks) +local function dummy_cb() end + +function new_sax_handlers(session, stream_callbacks, cb_handleprogress) local xml_handlers = {}; local cb_streamopened = stream_callbacks.streamopened; local cb_streamclosed = stream_callbacks.streamclosed; local cb_error = stream_callbacks.error or function(session, e, stanza) error("XML stream error: "..tostring(e)..(stanza and ": "..tostring(stanza) or ""),2); end; local cb_handlestanza = stream_callbacks.handlestanza; + cb_handleprogress = cb_handleprogress or dummy_cb; local stream_ns = stream_callbacks.stream_ns or xmlns_streams; local stream_tag = stream_callbacks.stream_tag or "stream"; @@ -59,6 +65,7 @@ function new_sax_handlers(session, stream_callbacks) local stack = {}; local chardata, stanza = {}; + local stanza_size = 0; local non_streamns_depth = 0; function xml_handlers:StartElement(tagname, attr) if stanza and #chardata > 0 then @@ -87,10 +94,17 @@ function new_sax_handlers(session, stream_callbacks) end if not stanza then --if we are not currently inside a stanza + if lxp_supports_bytecount then + stanza_size = self:getcurrentbytecount(); + end if session.notopen then if tagname == stream_tag then non_streamns_depth = 0; if cb_streamopened then + if lxp_supports_bytecount then + cb_handleprogress(stanza_size); + stanza_size = 0; + end cb_streamopened(session, attr); end else @@ -105,6 +119,9 @@ function new_sax_handlers(session, stream_callbacks) stanza = setmetatable({ name = name, attr = attr, tags = {} }, stanza_mt); else -- we are inside a stanza, so add a tag + if lxp_supports_bytecount then + stanza_size = stanza_size + self:getcurrentbytecount(); + end t_insert(stack, stanza); local oldstanza = stanza; stanza = setmetatable({ name = name, attr = attr, tags = {} }, stanza_mt); @@ -112,12 +129,45 @@ function new_sax_handlers(session, stream_callbacks) t_insert(oldstanza.tags, stanza); end end + if lxp_supports_xmldecl then + function xml_handlers:XmlDecl(version, encoding, standalone) + if lxp_supports_bytecount then + cb_handleprogress(self:getcurrentbytecount()); + end + end + end + function xml_handlers:StartCdataSection() + if lxp_supports_bytecount then + if stanza then + stanza_size = stanza_size + self:getcurrentbytecount(); + else + cb_handleprogress(self:getcurrentbytecount()); + end + end + end + function xml_handlers:EndCdataSection() + if lxp_supports_bytecount then + if stanza then + stanza_size = stanza_size + self:getcurrentbytecount(); + else + cb_handleprogress(self:getcurrentbytecount()); + end + end + end function xml_handlers:CharacterData(data) if stanza then + if lxp_supports_bytecount then + stanza_size = stanza_size + self:getcurrentbytecount(); + end t_insert(chardata, data); + elseif lxp_supports_bytecount then + cb_handleprogress(self:getcurrentbytecount()); end end function xml_handlers:EndElement(tagname) + if lxp_supports_bytecount then + stanza_size = stanza_size + self:getcurrentbytecount() + end if non_streamns_depth > 0 then non_streamns_depth = non_streamns_depth - 1; end @@ -129,6 +179,10 @@ function new_sax_handlers(session, stream_callbacks) end -- Complete stanza if #stack == 0 then + if lxp_supports_bytecount then + cb_handleprogress(stanza_size); + end + stanza_size = 0; if tagname ~= stream_error_tag then cb_handlestanza(session, stanza); else @@ -159,7 +213,7 @@ function new_sax_handlers(session, stream_callbacks) xml_handlers.ProcessingInstruction = restricted_handler; local function reset() - stanza, chardata = nil, {}; + stanza, chardata, stanza_size = nil, {}, 0; stack = {}; end @@ -170,19 +224,58 @@ function new_sax_handlers(session, stream_callbacks) return xml_handlers, { reset = reset, set_session = set_session }; end -function new(session, stream_callbacks) - local handlers, meta = new_sax_handlers(session, stream_callbacks); - local parser = new_parser(handlers, ns_separator); +function new(session, stream_callbacks, stanza_size_limit) + -- Used to track parser progress (e.g. to enforce size limits) + local n_outstanding_bytes = 0; + local handle_progress; + if lxp_supports_bytecount then + function handle_progress(n_parsed_bytes) + n_outstanding_bytes = n_outstanding_bytes - n_parsed_bytes; + end + stanza_size_limit = stanza_size_limit or default_stanza_size_limit; + elseif stanza_size_limit then + error("Stanza size limits are not supported on this version of LuaExpat") + end + + local handlers, meta = new_sax_handlers(session, stream_callbacks, handle_progress); + local parser = new_parser(handlers, ns_separator, false); local parse = parser.parse; + function session.open_stream(session, from, to) + local send = session.sends2s or session.send; + + local attr = { + ["xmlns:stream"] = "http://etherx.jabber.org/streams", + ["xml:lang"] = "en", + xmlns = stream_callbacks.default_ns, + version = session.version and (session.version > 0 and "1.0" or nil), + id = session.streamid or "", + from = from or session.host, to = to, + }; + if session.stream_attrs then + session:stream_attrs(from, to, attr) + end + send("<?xml version='1.0'?>"); + send(st.stanza("stream:stream", attr):top_tag()); + return true; + end + return { reset = function () - parser = new_parser(handlers, ns_separator); + parser = new_parser(handlers, ns_separator, false); parse = parser.parse; + n_outstanding_bytes = 0; meta.reset(); end, feed = function (self, data) - return parse(parser, data); + if lxp_supports_bytecount then + n_outstanding_bytes = n_outstanding_bytes + #data; + end + local ok, err = parse(parser, data); + if lxp_supports_bytecount and n_outstanding_bytes > stanza_size_limit then + return nil, "stanza-too-large"; + end + return ok, err; end, set_session = meta.set_session; }; |