14 files changed, 448 insertions, 45 deletions

diff --git a/util/caps.lua b/util/caps.lua
new file mode 100644
index 00000000..a61e7403
--- /dev/null
+++ b/util/caps.lua
@@ -0,0 +1,61 @@
+-- Prosody IM
+-- Copyright (C) 2008-2010 Matthew Wild
+-- Copyright (C) 2008-2010 Waqas Hussain
+-- 
+-- This project is MIT/X11 licensed. Please see the
+-- COPYING file in the source package for more information.
+--
+
+local base64 = require "util.encodings".base64.encode;
+local sha1 = require "util.hashes".sha1;
+
+local t_insert, t_sort, t_concat = table.insert, table.sort, table.concat;
+local ipairs = ipairs;
+
+module "caps"
+
+function calculate_hash(disco_info)
+	local identities, features, extensions = {}, {}, {};
+	for _, tag in ipairs(disco_info) do
+		if tag.name == "identity" then
+			t_insert(identities, (tag.attr.category or "").."\0"..(tag.attr.type or "").."\0"..(tag.attr["xml:lang"] or "").."\0"..(tag.attr.name or ""));
+		elseif tag.name == "feature" then
+			t_insert(features, tag.attr.var or "");
+		elseif tag.name == "x" and tag.attr.xmlns == "jabber:x:data" then
+			local form = {};
+			local FORM_TYPE;
+			for _, field in ipairs(tag.tags) do
+				if field.name == "field" and field.attr.var then
+					local values = {};
+					for _, val in ipairs(field.tags) do
+						val = #val.tags == 0 and val:get_text();
+						if val then t_insert(values, val); end
+					end
+					t_sort(values);
+					if field.attr.var == "FORM_TYPE" then
+						FORM_TYPE = values[1];
+					elseif #values > 0 then
+						t_insert(form, field.attr.var.."\0"..t_concat(values, "<"));
+					else
+						t_insert(form, field.attr.var);
+					end
+				end
+			end
+			t_sort(form);
+			form = t_concat(form, "<");
+			if FORM_TYPE then form = FORM_TYPE.."\0"..form; end
+			t_insert(extensions, form);
+		end
+	end
+	t_sort(identities);
+	t_sort(features);
+	t_sort(extensions);
+	if #identities > 0 then identities = t_concat(identities, "<"):gsub("%z", "/").."<"; else identities = ""; end
+	if #features > 0 then features = t_concat(features, "<").."<"; else features = ""; end
+	if #extensions > 0 then extensions = t_concat(extensions, "<"):gsub("%z", "<").."<"; else extensions = ""; end
+	local S = identities..features..extensions;
+	local ver = base64(sha1(S));
+	return ver, S;
+end
+
+return _M;
diff --git a/util/dataforms.lua b/util/dataforms.lua
index 5a3b1fb5..7814ada0 100644
--- a/util/dataforms.lua
+++ b/util/dataforms.lua
@@ -67,9 +67,25 @@ function form_t.form(layout, data, formtype)
 					form:tag("value"):text(line):up();
 				end
 			elseif field_type == "list-single" then
+				local has_default = false;
 				for _, val in ipairs(value) do
 					if type(val) == "table" then
 						form:tag("option", { label = val.label }):tag("value"):text(val.value):up():up();
+						if val.default and (not has_default) then
+							form:tag("value"):text(val.value):up();
+							has_default = true;
+						end
+					else
+						form:tag("option", { label= val }):tag("value"):text(tostring(val)):up():up();
+					end
+				end
+			elseif field_type == "list-multi" then
+				for _, val in ipairs(value) do
+					if type(val) == "table" then
+						form:tag("option", { label = val.label }):tag("value"):text(val.value):up():up();
+						if val.default then
+							form:tag("value"):text(val.value):up();
+						end
 					else
 						form:tag("option", { label= val }):tag("value"):text(tostring(val)):up():up();
 					end
@@ -149,6 +165,17 @@ field_readers["text-multi"] =
 field_readers["list-single"] =
 	field_readers["text-single"];
 
+field_readers["list-multi"] =
+	function (field_tag)
+		local result = {};
+		for value_tag in field_tag:childtags() do
+			if value_tag.name == "value" then
+				result[#result+1] = value_tag[1];
+			end
+		end
+		return result;
+	end
+
 field_readers["boolean"] = 
 	function (field_tag)
 		local value = field_tag:child_with_name("value");
diff --git a/util/filters.lua b/util/filters.lua
new file mode 100644
index 00000000..08e683c1
--- /dev/null
+++ b/util/filters.lua
@@ -0,0 +1,68 @@
+-- Prosody IM
+-- Copyright (C) 2008-2010 Matthew Wild
+-- Copyright (C) 2008-2010 Waqas Hussain
+-- 
+-- This project is MIT/X11 licensed. Please see the
+-- COPYING file in the source package for more information.
+--
+
+local t_insert, t_remove = table.insert, table.remove;
+
+module "filters"
+
+function initialize(session)
+	if not session.filters then
+		local filters = {};
+		session.filters = filters;
+		
+		function session.filter(type, data)
+			local filter_list = filters[type];
+			if filter_list then
+				for i = 1, #filter_list do
+					data = filter_list[i](data);
+					if data == nil then break; end
+				end
+			end
+			return data;
+		end
+	end
+	return session.filter;
+end
+
+function add_filter(session, type, callback, priority)
+	if not session.filters then
+		initialize(session);
+	end
+	
+	local filter_list = session.filters[type];
+	if not filter_list then
+		filter_list = {};
+		session.filters[type] = filter_list;
+	end
+	
+	priority = priority or 0;
+	
+	local i = 0;
+	repeat
+		i = i + 1;
+	until not filter_list[i] or filter_list[filter_list[i]] >= priority;
+	
+	t_insert(filter_list, i, callback);
+	filter_list[callback] = priority;
+end
+
+function remove_filter(session, type, callback)
+	if not session.filters then return; end
+	local filter_list = session.filters[type];
+	if filter_list and filter_list[callback] then
+		for i=1, #filter_list do
+			if filter_list[i] == callback then
+				t_remove(filter_list, i);
+				filter_list[callback] = nil;
+				return true;
+			end
+		end
+	end
+end
+
+return _M;
diff --git a/util/iterators.lua b/util/iterators.lua
index 318c1a96..cc504827 100644
--- a/util/iterators.lua
+++ b/util/iterators.lua
@@ -90,6 +90,15 @@ function head(n, f, s, var)
 	end, s;
 end
 
+-- Skip the first n items an iterator returns
+function skip(n, f, s, var)
+	for i=1,n do
+		var = f(s, var);
+	end
+	return f, s, var;
+end
+
+-- Return the last n items an iterator returns
 function tail(n, f, s, var)
 	local results, count = {}, 0;
 	while true do
diff --git a/util/jid.lua b/util/jid.lua
index ba9730fa..9128ce4e 100644
--- a/util/jid.lua
+++ b/util/jid.lua
@@ -78,4 +78,17 @@ function join(node, host, resource)
 	return nil; -- Invalid JID
 end
 
+function compare(jid, acl)
+	-- compare jid to single acl rule
+	-- TODO compare to table of rules?
+	local jid_node, jid_host, jid_resource = _split(jid);
+	local acl_node, acl_host, acl_resource = _split(acl);
+	if ((acl_node ~= nil and acl_node == jid_node) or acl_node == nil) and
+		((acl_host ~= nil and acl_host == jid_host) or acl_host == nil) and
+		((acl_resource ~= nil and acl_resource == jid_resource) or acl_resource == nil) then
+		return true
+	end
+	return false
+end
+
 return _M;
diff --git a/util/logger.lua b/util/logger.lua
index fb0bc37b..22b7e41b 100644
--- a/util/logger.lua
+++ b/util/logger.lua
@@ -103,6 +103,21 @@ function setwriter(f)
 	return ok, ret;
 end
 
+function reset()
+	for k in pairs(name_sinks) do name_sinks[k] = nil; end
+	for level, handler_list in pairs(level_sinks) do
+		-- Clear all handlers for this level
+		for i = 1, #handler_list do
+			handler_list[i] = nil;
+		end
+	end
+	for k in pairs(name_patterns) do name_patterns[k] = nil; end
+
+	for _, modify_hook in pairs(modify_hooks) do
+		modify_hook();
+	end
+end
+
 function add_level_sink(level, sink_function)
 	if not level_sinks[level] then
 		level_sinks[level] = { sink_function };
diff --git a/util/prosodyctl.lua b/util/prosodyctl.lua
index 04d58d1d..7f3ce20e 100644
--- a/util/prosodyctl.lua
+++ b/util/prosodyctl.lua
@@ -21,6 +21,8 @@ local tostring, tonumber = tostring, tonumber;
 
 local CFG_SOURCEDIR = _G.CFG_SOURCEDIR;
 
+local prosody = prosody;
+
 module "prosodyctl"
 
 function adduser(params)
@@ -30,6 +32,11 @@ function adduser(params)
 	elseif not host then
 		return false, "invalid-hostname";
 	end
+
+	local provider = prosody.hosts[host].users;
+	if not(provider) or provider.name == "null" then
+		usermanager.initialize_host(host);
+	end
 	
 	local ok = usermanager.create_user(user, password, host);
 	if not ok then
@@ -39,6 +46,11 @@ function adduser(params)
 end
 
 function user_exists(params)
+	local provider = prosody.hosts[params.host].users;
+	if not(provider) or provider.name == "null" then
+		usermanager.initialize_host(params.host);
+	end
+	
 	return usermanager.user_exists(params.user, params.host);
 end
 
diff --git a/util/roster.lua b/util/roster.lua
new file mode 100644
index 00000000..59af29be
--- /dev/null
+++ b/util/roster.lua
@@ -0,0 +1,19 @@
+module "roster"
+
+local roster = {};
+roster.__index = roster;
+
+function new()
+	return setmetatable({}, roster);
+end
+
+function roster:subscribers()
+end
+
+function roster:subscriptions()
+end
+
+function roster:items()
+end
+
+return _M;
diff --git a/util/sasl.lua b/util/sasl.lua
index 306acc0c..5d1b9f17 100644
--- a/util/sasl.lua
+++ b/util/sasl.lua
@@ -88,18 +88,21 @@ end
 
 -- get a list of possible SASL mechanims to use
 function method:mechanisms()
-	local mechanisms = {}
-	for backend, f in pairs(self.profile) do
-		if backend_mechanism[backend] then
-			for _, mechanism in ipairs(backend_mechanism[backend]) do
-				if not self.restrict:contains(mechanism) then
-					mechanisms[mechanism] = true;
+	local mechanisms = self.mechs;
+	if not mechanisms then
+		mechanisms = {}
+		for backend, f in pairs(self.profile) do
+			if backend_mechanism[backend] then
+				for _, mechanism in ipairs(backend_mechanism[backend]) do
+					if not self.restrict:contains(mechanism) then
+						mechanisms[mechanism] = true;
+					end
 				end
 			end
 		end
+		self.mechs = mechanisms;
 	end
-	self["possible_mechanisms"] = mechanisms;
-	return array.collect(keys(mechanisms));
+	return mechanisms;
 end
 
 -- select a mechanism to use
@@ -108,11 +111,8 @@ function method:select(mechanism)
 		return false;
 	end
 	
-	self.mech_i = mechanisms[mechanism]
-	if self.mech_i == nil then 
-		return false;
-	end
-	return true;
+	self.mech_i = mechanisms[self:mechanisms()[mechanism] and mechanism];
+	return (self.mech_i ~= nil);
 end
 
 -- feed new messages to process into the library
diff --git a/util/sasl/anonymous.lua b/util/sasl/anonymous.lua
index 7b5a5081..6e6f0949 100644
--- a/util/sasl/anonymous.lua
+++ b/util/sasl/anonymous.lua
@@ -20,12 +20,22 @@ module "anonymous"
 
 --=========================
 --SASL ANONYMOUS according to RFC 4505
+
+--[[
+Supported Authentication Backends
+
+anonymous:
+	function(username, realm)
+		return true; --for normal usage just return true; if you don't like the supplied username you can return false.
+	end
+]]
+
 local function anonymous(self, message)
 	local username;
 	repeat
 		username = generate_uuid();
 	until self.profile.anonymous(username, self.realm);
-	self["username"] = username;
+	self.username = username;
 	return "success"
 end
 
diff --git a/util/sasl/plain.lua b/util/sasl/plain.lua
index 39821182..1a2ba01e 100644
--- a/util/sasl/plain.lua
+++ b/util/sasl/plain.lua
@@ -29,7 +29,7 @@ plain:
 	end
 
 plain_test:
-	function(username, realm, password)
+	function(username, password, realm)
 		return true or false, state;
 	end
 ]]
@@ -58,9 +58,9 @@ local function plain(self, message)
 	if self.profile.plain then
 		local correct_password;
 		correct_password, state = self.profile.plain(authentication, self.realm);
-		if correct_password == password then correct = true; else correct = false; end
+		correct = (correct_password == password);
 	elseif self.profile.plain_test then
-		correct, state = self.profile.plain_test(authentication, self.realm, password);
+		correct, state = self.profile.plain_test(authentication, password, self.realm);
 	end
 
 	self.username = authentication
diff --git a/util/sasl/scram.lua b/util/sasl/scram.lua
index 1340423c..de848b3d 100644
--- a/util/sasl/scram.lua
+++ b/util/sasl/scram.lua
@@ -27,7 +27,7 @@ local byte = string.byte;
 module "scram"
 
 --=========================
---SASL SCRAM-SHA-1 according to draft-ietf-sasl-scram-10
+--SASL SCRAM-SHA-1 according to RFC 5802
 
 --[[
 Supported Authentication Backends
@@ -35,7 +35,7 @@ Supported Authentication Backends
 scram_{MECH}:
 	-- MECH being a standard hash name (like those at IANA's hash registry) with '-' replaced with '_'
 	function(username, realm)
-		return salted_password, iteration_count, salt, state;
+		return stored_key, server_key, iteration_count, salt, state;
 	end
 ]]
 
@@ -93,22 +93,21 @@ local function validate_username(username)
 	return username;
 end
 
-local function hashprep( hashname ) 
-	local hash = hashname:lower()
-	hash = hash:gsub("-", "_")
-	return hash
+local function hashprep(hashname)
+	return hashname:lower():gsub("-", "_");
 end
 
-function saltedPasswordSHA1(password, salt, iteration_count)
-	local salted_password
+function getAuthenticationDatabaseSHA1(password, salt, iteration_count)
 	if type(password) ~= "string" or type(salt) ~= "string" or type(iteration_count) ~= "number" then
 		return false, "inappropriate argument types"
 	end
 	if iteration_count < 4096 then
 		log("warn", "Iteration count < 4096 which is the suggested minimum according to RFC 5802.")
 	end
-
-	return true, Hi(hmac_sha1, password, salt, iteration_count);
+	local salted_password = Hi(hmac_sha1, password, salt, iteration_count);
+	local stored_key = sha1(hmac_sha1(salted_password, "Client Key"))
+	local server_key = hmac_sha1(salted_password, "Server Key");
+	return true, stored_key, server_key
 end
 
 local function scram_gen(hash_name, H_f, HMAC_f)
@@ -158,17 +157,18 @@ local function scram_gen(hash_name, H_f, HMAC_f)
 				self.state.iteration_count = default_i;
 
 				local succ = false;
-				succ, self.state.salted_password = saltedPasswordSHA1(password, self.state.salt, default_i, self.state.iteration_count);
+				succ, self.state.stored_key, self.state.server_key = getAuthenticationDatabaseSHA1(password, self.state.salt, default_i, self.state.iteration_count);
 				if not succ then
-					log("error", "Generating salted password failed. Reason: %s", self.state.salted_password);
+					log("error", "Generating authentication database failed. Reason: %s", self.state.stored_key);
 					return "failure", "temporary-auth-failure";
 				end
 			elseif self.profile["scram_"..hashprep(hash_name)] then
-				local salted_password, iteration_count, salt, state = self.profile["scram_"..hashprep(hash_name)](self.state.name, self.realm);
+				local stored_key, server_key, iteration_count, salt, state = self.profile["scram_"..hashprep(hash_name)](self.state.name, self.realm);
 				if state == nil then return "failure", "not-authorized"
 				elseif state == false then return "failure", "account-disabled" end
 				
-				self.state.salted_password = salted_password;
+				self.state.stored_key = stored_key;
+				self.state.server_key = server_key;
 				self.state.iteration_count = iteration_count;
 				self.state.salt = salt
 			end
@@ -190,16 +190,15 @@ local function scram_gen(hash_name, H_f, HMAC_f)
 				return "failure", "malformed-request", "Wrong nonce in client-final-message.";
 			end
 			
-			local SaltedPassword = self.state.salted_password;
-			local ClientKey = HMAC_f(SaltedPassword, "Client Key")
-			local ServerKey = HMAC_f(SaltedPassword, "Server Key")
-			local StoredKey = H_f(ClientKey)
+			local ServerKey = self.state.server_key;
+			local StoredKey = self.state.stored_key;
+			
 			local AuthMessage = "n=" .. s_match(self.state.client_first_message,"n=(.+)") .. "," .. self.state.server_first_message .. "," .. s_match(client_final_message, "(.+),p=.+")
 			local ClientSignature = HMAC_f(StoredKey, AuthMessage)
-			local ClientProof     = binaryXOR(ClientKey, ClientSignature)
+			local ClientKey = binaryXOR(ClientSignature, base64.decode(self.state.proof))
 			local ServerSignature = HMAC_f(ServerKey, AuthMessage)
 
-			if base64.encode(ClientProof) == self.state.proof then
+			if StoredKey == H_f(ClientKey) then
 				local server_final_message = "v="..base64.encode(ServerSignature);
 				self["username"] = self.state.name;
 				return "success", server_final_message;
diff --git a/util/sasl_cyrus.lua b/util/sasl_cyrus.lua
index 7d35b5e4..f5bfcbe9 100644
--- a/util/sasl_cyrus.lua
+++ b/util/sasl_cyrus.lua
@@ -129,20 +129,22 @@ end
 
 -- get a list of possible SASL mechanims to use
 function method:mechanisms()
-	local mechanisms = {}
-	local cyrus_mechs = cyrussasl.listmech(self.cyrus, nil, "", " ", "")
-	for w in s_gmatch(cyrus_mechs, "[^ ]+") do
-		mechanisms[w] = true;
+	local mechanisms = self.mechs;
+	if not mechanisms then
+		mechanisms = {}
+		local cyrus_mechs = cyrussasl.listmech(self.cyrus, nil, "", " ", "")
+		for w in s_gmatch(cyrus_mechs, "[^ ]+") do
+			mechanisms[w] = true;
+		end
+		self.mechs = mechanisms
 	end
-	self.mechs = mechanisms
-	return array.collect(keys(mechanisms));
+	return mechanisms;
 end
 
 -- select a mechanism to use
 function method:select(mechanism)
 	self.mechanism = mechanism;
-	if not self.mechs then self:mechanisms(); end
-	return self.mechs[mechanism];
+	return self:mechanisms()[mechanism];
 end
 
 -- feed new messages to process into the library
diff --git a/util/xmppstream.lua b/util/xmppstream.lua
new file mode 100644
index 00000000..ed5395b5
--- /dev/null
+++ b/util/xmppstream.lua
@@ -0,0 +1,168 @@
+-- Prosody IM
+-- Copyright (C) 2008-2010 Matthew Wild
+-- Copyright (C) 2008-2010 Waqas Hussain
+-- 
+-- This project is MIT/X11 licensed. Please see the
+-- COPYING file in the source package for more information.
+--
+
+
+local lxp = require "lxp";
+local st = require "util.stanza";
+
+local tostring = tostring;
+local t_insert = table.insert;
+local t_concat = table.concat;
+
+local default_log = require "util.logger".init("xmlhandlers");
+
+local error = error;
+
+module "xmppstream"
+
+local new_parser = lxp.new;
+
+local ns_prefixes = {
+	["http://www.w3.org/XML/1998/namespace"] = "xml";
+};
+
+local xmlns_streams = "http://etherx.jabber.org/streams";
+
+local ns_separator = "\1";
+local ns_pattern = "^([^"..ns_separator.."]*)"..ns_separator.."?(.*)$";
+
+function new_sax_handlers(session, stream_callbacks)
+	local xml_handlers = {};
+	
+	local log = session.log or default_log;
+	
+	local cb_streamopened = stream_callbacks.streamopened;
+	local cb_streamclosed = stream_callbacks.streamclosed;
+	local cb_error = stream_callbacks.error or function(session, e) error("XML stream error: "..tostring(e)); end;
+	local cb_handlestanza = stream_callbacks.handlestanza;
+	
+	local stream_ns = stream_callbacks.stream_ns or xmlns_streams;
+	local stream_tag = stream_ns..ns_separator..(stream_callbacks.stream_tag or "stream");
+	local stream_error_tag = stream_ns..ns_separator..(stream_callbacks.error_tag or "error");
+	
+	local stream_default_ns = stream_callbacks.default_ns;
+	
+	local chardata, stanza = {};
+	function xml_handlers:StartElement(tagname, attr)
+		if stanza and #chardata > 0 then
+			-- We have some character data in the buffer
+			stanza:text(t_concat(chardata));
+			chardata = {};
+		end
+		local curr_ns,name = tagname:match(ns_pattern);
+		if name == "" then
+			curr_ns, name = "", curr_ns;
+		end
+
+		if curr_ns ~= stream_default_ns then
+			attr.xmlns = curr_ns;
+		end
+		
+		-- FIXME !!!!!
+		for i=1,#attr do
+			local k = attr[i];
+			attr[i] = nil;
+			local ns, nm = k:match(ns_pattern);
+			if nm ~= "" then
+				ns = ns_prefixes[ns]; 
+				if ns then 
+					attr[ns..":"..nm] = attr[k];
+					attr[k] = nil;
+				end
+			end
+		end
+		
+		if not stanza then --if we are not currently inside a stanza
+			if session.notopen then
+				if tagname == stream_tag then
+					if cb_streamopened then
+						cb_streamopened(session, attr);
+					end
+				else
+					-- Garbage before stream?
+					cb_error(session, "no-stream");
+				end
+				return;
+			end
+			if curr_ns == "jabber:client" and name ~= "iq" and name ~= "presence" and name ~= "message" then
+				cb_error(session, "invalid-top-level-element");
+			end
+			
+			stanza = st.stanza(name, attr);
+		else -- we are inside a stanza, so add a tag
+			attr.xmlns = nil;
+			if curr_ns ~= stream_default_ns then
+				attr.xmlns = curr_ns;
+			end
+			stanza:tag(name, attr);
+		end
+	end
+	function xml_handlers:CharacterData(data)
+		if stanza then
+			t_insert(chardata, data);
+		end
+	end
+	function xml_handlers:EndElement(tagname)
+		if stanza then
+			if #chardata > 0 then
+				-- We have some character data in the buffer
+				stanza:text(t_concat(chardata));
+				chardata = {};
+			end
+			-- Complete stanza
+			if #stanza.last_add == 0 then
+				if tagname ~= stream_error_tag then
+					cb_handlestanza(session, stanza);
+				else
+					cb_error(session, "stream-error", stanza);
+				end
+				stanza = nil;
+			else
+				stanza:up();
+			end
+		else
+			if tagname == stream_tag then
+				if cb_streamclosed then
+					cb_streamclosed(session);
+				end
+			else
+				local curr_ns,name = tagname:match(ns_pattern);
+				if name == "" then
+					curr_ns, name = "", curr_ns;
+				end
+				cb_error(session, "parse-error", "unexpected-element-close", name);
+			end
+			stanza, chardata = nil, {};
+		end
+	end
+	
+	local function reset()
+		stanza, chardata = nil, {};
+	end
+	
+	return xml_handlers, { reset = reset };
+end
+
+function new(session, stream_callbacks)
+	local handlers, meta = new_sax_handlers(session, stream_callbacks);
+	local parser = new_parser(handlers, ns_separator);
+	local parse = parser.parse;
+
+	return {
+		reset = function ()
+			parser = new_parser(handlers, ns_separator);
+			parse = parser.parse;
+			meta.reset();
+		end,
+		feed = function (self, data)
+			return parse(parser, data);
+		end
+	};
+end
+
+return _M;