From 929b010f42b2f0cdee194d0c282e4246dfd7083b Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sun, 11 May 2014 18:22:17 +0200 Subject: mod_admin_telnet: Send NUL byte as keepalive on read timeouts --- plugins/mod_admin_telnet.lua | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/plugins/mod_admin_telnet.lua b/plugins/mod_admin_telnet.lua index 71dfa300..6e912ea0 100644 --- a/plugins/mod_admin_telnet.lua +++ b/plugins/mod_admin_telnet.lua @@ -154,6 +154,14 @@ function console_listener.onincoming(conn, data) session.partial_data = data:match("[^\n]+$"); end +function console_listener.onreadtimeout(conn) + local session = sessions[conn]; + if session then + session.send("\0"); + return true; + end +end + function console_listener.ondisconnect(conn, err) local session = sessions[conn]; if session then -- cgit v1.2.3 From 0ee4420961ce3899e326813e9a33ec0fdc78ade7 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sun, 11 May 2014 18:28:00 +0200 Subject: mod_admin_telnet: Split (secure) into (authenticated) + (secure) --- plugins/mod_admin_telnet.lua | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/plugins/mod_admin_telnet.lua b/plugins/mod_admin_telnet.lua index 6e912ea0..bdd2caab 100644 --- a/plugins/mod_admin_telnet.lua +++ b/plugins/mod_admin_telnet.lua @@ -493,8 +493,9 @@ end local function session_flags(session, line) line = line or {}; if session.cert_identity_status == "valid" then - line[#line+1] = "(secure)"; - elseif session.secure then + line[#line+1] = "(authenticated)"; + end + if session.secure then line[#line+1] = "(encrypted)"; end if session.compressed then -- cgit v1.2.3 From 0fb4279fe5d28e501b5dee6ecda12132f78d6ebc Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sun, 11 May 2014 19:03:23 +0200 Subject: mod_admin_telnet: Move extraction of c2s presence info into session_flags() --- plugins/mod_admin_telnet.lua | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/plugins/mod_admin_telnet.lua b/plugins/mod_admin_telnet.lua index bdd2caab..db7c3425 100644 --- a/plugins/mod_admin_telnet.lua +++ b/plugins/mod_admin_telnet.lua @@ -492,6 +492,13 @@ end local function session_flags(session, line) line = line or {}; + if session.type == "c2s" then + local status, priority = "unavailable", tostring(session.priority or "-"); + if session.presence then + status = session.presence:get_child_text("show") or "available"; + end + line[#line+1] = status.."("..priority..")"; + end if session.cert_identity_status == "valid" then line[#line+1] = "(authenticated)"; end @@ -543,11 +550,7 @@ function def_env.c2s:show(match_jid) end if (not match_jid) or jid:match(match_jid) then count = count + 1; - local status, priority = "unavailable", tostring(session.priority or "-"); - if session.presence then - status = session.presence:get_child_text("show") or "available"; - end - print(session_flags(session, { " "..jid.." - "..status.."("..priority..")" })); + print(session_flags(session, { " ", jid })); end end); return true, "Total: "..count.." clients"; -- cgit v1.2.3 From 1158b940357cb909afde16a1d26a44e1c6de8240 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sun, 11 May 2014 18:51:08 +0200 Subject: mod_admin_telnet: Add s2s:show_tls() for showing ciphers used on s2s connections --- plugins/mod_admin_telnet.lua | 26 ++++++++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) diff --git a/plugins/mod_admin_telnet.lua b/plugins/mod_admin_telnet.lua index db7c3425..4bf939e9 100644 --- a/plugins/mod_admin_telnet.lua +++ b/plugins/mod_admin_telnet.lua @@ -223,6 +223,7 @@ function commands.help(session, data) print [[c2s:close(jid) - Close all sessions for the specified JID]] elseif section == "s2s" then print [[s2s:show(domain) - Show all s2s connections for the given domain (or all if no domain given)]] + print [[s2s:show_tls(domain) - Show TLS cipher info for encrypted sessions]] print [[s2s:close(from, to) - Close a connection from one domain to another]] print [[s2s:closeall(host) - Close all the incoming/outgoing s2s sessions to specified host]] elseif section == "module" then @@ -517,6 +518,22 @@ local function session_flags(session, line) return table.concat(line, " "); end +local function tls_info(session, line) + line = line or {}; + if session.secure then + local sock = session.conn and session.conn.socket and session.conn:socket(); + if sock and sock.info then + local info = sock:info(); + line[#line+1] = ("(%s with %s)"):format(info.protocol, info.cipher); + else + line[#line+1] = "(cipher info unavailable)"; + end + else + line[#line+1] = "(insecure)"; + end + return table.concat(line, " "); +end + def_env.c2s = {}; local function show_c2s(callback) @@ -591,8 +608,9 @@ end def_env.s2s = {}; -function def_env.s2s:show(match_jid) +function def_env.s2s:show(match_jid, annotate) local print = self.session.print; + annotate = annotate or session_flags; local count_in, count_out = 0,0; local s2s_list = { }; @@ -610,7 +628,7 @@ function def_env.s2s:show(match_jid) remotehost, localhost = session.from_host or "?", session.to_host or "?"; end local sess_lines = { l = localhost, r = remotehost, - session_flags(session, { "", direction, remotehost or "?", + annotate(session, { "", direction, remotehost or "?", "["..session.type..tostring(session):match("[a-f0-9]*$").."]" })}; if (not match_jid) or remotehost:match(match_jid) or localhost:match(match_jid) then @@ -666,6 +684,10 @@ function def_env.s2s:show(match_jid) return true, "Total: "..count_out.." outgoing, "..count_in.." incoming connections"; end +function def_env.s2s:show_tls(match_jid) + return self:show(match_jid, tls_info); +end + local function print_subject(print, subject) for _, entry in ipairs(subject) do print( -- cgit v1.2.3 From 15f84804a62ded1468b2fea9bd97f74cc0803ed2 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sun, 11 May 2014 19:12:03 +0200 Subject: mod_admin_telnet: Move generation of log tag for s2s:show() (adds it to c2s:show() too) --- plugins/mod_admin_telnet.lua | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/plugins/mod_admin_telnet.lua b/plugins/mod_admin_telnet.lua index 4bf939e9..4a9f74b6 100644 --- a/plugins/mod_admin_telnet.lua +++ b/plugins/mod_admin_telnet.lua @@ -491,8 +491,17 @@ end function def_env.hosts:add(name) end +local function common_info(session, line) + if session.id then + line[#line+1] = "["..session.id.."]" + else + line[#line+1] = "["..session.type..(tostring(session):match("%x*$")).."]" + end +end + local function session_flags(session, line) line = line or {}; + common_info(session, line); if session.type == "c2s" then local status, priority = "unavailable", tostring(session.priority or "-"); if session.presence then @@ -520,6 +529,7 @@ end local function tls_info(session, line) line = line or {}; + common_info(session, line); if session.secure then local sock = session.conn and session.conn.socket and session.conn:socket(); if sock and sock.info then @@ -628,8 +638,7 @@ function def_env.s2s:show(match_jid, annotate) remotehost, localhost = session.from_host or "?", session.to_host or "?"; end local sess_lines = { l = localhost, r = remotehost, - annotate(session, { "", direction, remotehost or "?", - "["..session.type..tostring(session):match("[a-f0-9]*$").."]" })}; + annotate(session, { "", direction, remotehost or "?" })}; if (not match_jid) or remotehost:match(match_jid) or localhost:match(match_jid) then table.insert(s2s_list, sess_lines); -- cgit v1.2.3 From c5395883d6fd6a2e70c1aed5ce68218fe84f7e10 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sun, 11 May 2014 19:13:36 +0200 Subject: mod_admin_telnet: Add c2s:show_tls(), behaves like s2s:show_tls() --- plugins/mod_admin_telnet.lua | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/plugins/mod_admin_telnet.lua b/plugins/mod_admin_telnet.lua index 4a9f74b6..a3352b10 100644 --- a/plugins/mod_admin_telnet.lua +++ b/plugins/mod_admin_telnet.lua @@ -220,6 +220,7 @@ function commands.help(session, data) print [[c2s:show(jid) - Show all client sessions with the specified JID (or all if no JID given)]] print [[c2s:show_insecure() - Show all unencrypted client connections]] print [[c2s:show_secure() - Show all encrypted client connections]] + print [[c2s:show_tls() - Show TLS cipher info for encrypted sessions]] print [[c2s:close(jid) - Close all sessions for the specified JID]] elseif section == "s2s" then print [[s2s:show(domain) - Show all s2s connections for the given domain (or all if no domain given)]] @@ -567,8 +568,9 @@ function def_env.c2s:count(match_jid) return true, "Total: "..count.." clients"; end -function def_env.c2s:show(match_jid) +function def_env.c2s:show(match_jid, annotate) local print, count = self.session.print, 0; + annotate = annotate or session_flags; local curr_host; show_c2s(function (jid, session) if curr_host ~= session.host then @@ -577,7 +579,7 @@ function def_env.c2s:show(match_jid) end if (not match_jid) or jid:match(match_jid) then count = count + 1; - print(session_flags(session, { " ", jid })); + print(annotate(session, { " ", jid })); end end); return true, "Total: "..count.." clients"; @@ -605,6 +607,10 @@ function def_env.c2s:show_secure(match_jid) return true, "Total: "..count.." secure client connections"; end +function def_env.c2s:show_tls(match_jid) + return self:show(match_jid, tls_info); +end + function def_env.c2s:close(match_jid) local count = 0; show_c2s(function (jid, session) -- cgit v1.2.3 From 9ad11cba377175f3120b56201740890fc80e4066 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Mon, 12 May 2014 01:07:40 +0200 Subject: mod_admin_telnet: Show which hosts are components and what type of component in host:list() --- plugins/mod_admin_telnet.lua | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/plugins/mod_admin_telnet.lua b/plugins/mod_admin_telnet.lua index a3352b10..6a8783e2 100644 --- a/plugins/mod_admin_telnet.lua +++ b/plugins/mod_admin_telnet.lua @@ -872,9 +872,19 @@ end function def_env.host:list() local print = self.session.print; local i = 0; + local type; for host in values(array.collect(keys(prosody.hosts)):sort()) do i = i + 1; - print(host); + type = hosts[host].type; + if type == "local" then + print(host); + else + type = module:context(host):get_option_string("component_module", type); + if type ~= "component" then + type = type .. " component"; + end + print(("%s (%s)"):format(host, type)); + end end return true, i.." hosts"; end -- cgit v1.2.3 From a88f746203415474f1fb6cd2c9d4f5b6875f6b17 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Mon, 12 May 2014 01:16:17 +0200 Subject: mod_admin_telnet: Remove dead code --- plugins/mod_admin_telnet.lua | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/plugins/mod_admin_telnet.lua b/plugins/mod_admin_telnet.lua index 6a8783e2..9761d2f3 100644 --- a/plugins/mod_admin_telnet.lua +++ b/plugins/mod_admin_telnet.lua @@ -481,17 +481,6 @@ function def_env.config:reload() return ok, (ok and "Config reloaded (you may need to reload modules to take effect)") or tostring(err); end -def_env.hosts = {}; -function def_env.hosts:list() - for host, host_session in pairs(hosts) do - self.session.print(host); - end - return true, "Done"; -end - -function def_env.hosts:add(name) -end - local function common_info(session, line) if session.id then line[#line+1] = "["..session.id.."]" -- cgit v1.2.3