From 3b36940c3b484791ad392fa696927d6b5af4346b Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Thu, 24 Jun 2010 03:46:05 +0500 Subject: mod_compression: Lowered a log level. --- plugins/mod_compression.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/mod_compression.lua b/plugins/mod_compression.lua index 5ff4781a..53341492 100644 --- a/plugins/mod_compression.lua +++ b/plugins/mod_compression.lua @@ -55,7 +55,7 @@ module:hook_stanza(xmlns_stream, "features", local algorithm = a[1] if algorithm == "zlib" then session.sends2s(st.stanza("compress", {xmlns=xmlns_compression_protocol}):tag("method"):text("zlib")) - session.log("info", "Enabled compression using zlib.") + session.log("debug", "Enabled compression using zlib.") return true; end end -- cgit v1.2.3 From ee9318ebfb3a999870d7d0239a0f9d824c9bd656 Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Thu, 24 Jun 2010 03:46:52 +0500 Subject: mod_register: Don't disable account before deleting it (unnecessary, and can cause problems). --- plugins/mod_register.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/mod_register.lua b/plugins/mod_register.lua index b8d142f7..40303b57 100644 --- a/plugins/mod_register.lua +++ b/plugins/mod_register.lua @@ -35,7 +35,7 @@ module:add_iq_handler("c2s", "jabber:iq:register", function (session, stanza) local username, host = session.username, session.host; --session.send(st.error_reply(stanza, "cancel", "not-allowed")); --return; - usermanager_set_password(username, host, nil); -- Disable account + --usermanager_set_password(username, host, nil); -- Disable account -- FIXME the disabling currently allows a different user to recreate the account -- we should add an in-memory account block mode when we have threading session.send(st.reply(stanza)); -- cgit v1.2.3 From 82c085f2447f3f72282d98ea99d9ff7cda8903b8 Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Thu, 24 Jun 2010 03:47:35 +0500 Subject: mod_register: Delete the offline store as a list, and delete the privacy store. --- plugins/mod_register.lua | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/plugins/mod_register.lua b/plugins/mod_register.lua index 40303b57..2818e336 100644 --- a/plugins/mod_register.lua +++ b/plugins/mod_register.lua @@ -46,7 +46,7 @@ module:add_iq_handler("c2s", "jabber:iq:register", function (session, stanza) -- TODO datamanager should be able to delete all user data itself datamanager.store(username, host, "vcard", nil); datamanager.store(username, host, "private", nil); - datamanager.store(username, host, "offline", nil); + datamanager.list_store(username, host, "offline", nil); local bare = username.."@"..host; for jid, item in pairs(roster) do if jid and jid ~= "pending" then @@ -59,6 +59,7 @@ module:add_iq_handler("c2s", "jabber:iq:register", function (session, stanza) end end datamanager.store(username, host, "roster", nil); + datamanager.store(username, host, "privacy", nil); datamanager.store(username, host, "accounts", nil); -- delete accounts datastore at the end module:log("info", "User removed their account: %s@%s", username, host); module:fire_event("user-deregistered", { username = username, host = host, source = "mod_register", session = session }); -- cgit v1.2.3 From 3fb552cc7af07cdc8b5b9175d8f518a55ff8bef3 Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Thu, 24 Jun 2010 04:13:01 +0500 Subject: util.sasl_cyrus: Added a table mapping error codes to strings. --- util/sasl_cyrus.lua | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/util/sasl_cyrus.lua b/util/sasl_cyrus.lua index add7fe45..2864a944 100644 --- a/util/sasl_cyrus.lua +++ b/util/sasl_cyrus.lua @@ -27,6 +27,47 @@ local print = print local pcall = pcall local s_match, s_gmatch = string.match, string.gmatch +local sasl_errstring = { + -- SASL result codes -- + [1] = "another step is needed in authentication"; + [0] = "successful result"; + [-1] = "generic failure"; + [-2] = "memory shortage failure"; + [-3] = "overflowed buffer"; + [-4] = "mechanism not supported"; + [-5] = "bad protocol / cancel"; + [-6] = "can't request info until later in exchange"; + [-7] = "invalid parameter supplied"; + [-8] = "transient failure (e.g., weak key)"; + [-9] = "integrity check failed"; + [-12] = "SASL library not initialized"; + + -- client only codes -- + [2] = "needs user interaction"; + [-10] = "server failed mutual authentication step"; + [-11] = "mechanism doesn't support requested feature"; + + -- server only codes -- + [-13] = "authentication failure"; + [-14] = "authorization failure"; + [-15] = "mechanism too weak for this user"; + [-16] = "encryption needed to use mechanism"; + [-17] = "One time use of a plaintext password will enable requested mechanism for user"; + [-18] = "passphrase expired, has to be reset"; + [-19] = "account disabled"; + [-20] = "user not found"; + [-23] = "version mismatch with plug-in"; + [-24] = "remote authentication server unavailable"; + [-26] = "user exists, but no verifier for user"; + + -- codes for password setting -- + [-21] = "passphrase locked"; + [-22] = "requested change was not needed"; + [-27] = "passphrase is too weak for security policy"; + [-28] = "user supplied passwords not permitted"; +}; +setmetatable(sasl_errstring, { __index = function() return "undefined error!" end }); + module "sasl_cyrus" local method = {}; -- cgit v1.2.3 From 33b8a56bf8f1c30d8d8dc8fe2ea44e28e6cb26a2 Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Thu, 24 Jun 2010 04:16:09 +0500 Subject: util.sasl_cyrus: Return error strings using the new table mapping error codes to strings. --- util/sasl_cyrus.lua | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/util/sasl_cyrus.lua b/util/sasl_cyrus.lua index 2864a944..7d35b5e4 100644 --- a/util/sasl_cyrus.lua +++ b/util/sasl_cyrus.lua @@ -166,10 +166,10 @@ function method:process(message) log("debug", "SASL mechanism not available from remote end") return "failure", "invalid-mechanism", "SASL mechanism not available" elseif (err == -13) then -- SASL_BADAUTH - return "failure", "not-authorized", cyrussasl.get_message( self.cyrus ) + return "failure", "not-authorized", sasl_errstring[err]; else - log("debug", "Got SASL error condition %d: %s", err, cyrussasl.get_message( self.cyrus )) - return "failure", "undefined-condition", cyrussasl.get_message( self.cyrus ) + log("debug", "Got SASL error condition %d: %s", err, sasl_errstring[err]); + return "failure", "undefined-condition", sasl_errstring[err]; end end -- cgit v1.2.3 From 5a862cb1afc932a2a72b4f569024dd5aaddcc6b8 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Tue, 29 Jun 2010 20:04:45 +0100 Subject: mod_privacy: Treat stanzas with no 'to' address as going to the user's bare JID (thanks KSid) --- plugins/mod_privacy.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/mod_privacy.lua b/plugins/mod_privacy.lua index ca5d51fa..57538ccd 100644 --- a/plugins/mod_privacy.lua +++ b/plugins/mod_privacy.lua @@ -301,7 +301,7 @@ function checkIfNeedToBeBlocked(e, session) local origin, stanza = e.origin, e.stanza; local privacy_lists = datamanager.load(session.username, session.host, "privacy") or {}; local bare_jid = session.username.."@"..session.host; - local to = stanza.attr.to; + local to = stanza.attr.to or bare_jid; local from = stanza.attr.from; local is_to_user = bare_jid == jid_bare(to); -- cgit v1.2.3