From 339e74b1b9961f14dc289656973997d6583771d9 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Fri, 22 Mar 2013 14:18:23 +0000 Subject: s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event --- core/s2smanager.lua | 75 ++--------------------------------------------------- 1 file changed, 2 insertions(+), 73 deletions(-) (limited to 'core/s2smanager.lua') diff --git a/core/s2smanager.lua b/core/s2smanager.lua index 86389d8d..b034fcae 100644 --- a/core/s2smanager.lua +++ b/core/s2smanager.lua @@ -9,15 +9,13 @@ local hosts = hosts; -local tostring, pairs, ipairs, getmetatable, newproxy, setmetatable - = tostring, pairs, ipairs, getmetatable, newproxy, setmetatable; +local tostring, pairs, getmetatable, newproxy, setmetatable + = tostring, pairs, getmetatable, newproxy, setmetatable; local logger_init = require "util.logger".init; local log = logger_init("s2smanager"); -local config = require "core.configmanager"; - local prosody = _G.prosody; incoming_s2s = {}; prosody.incoming_s2s = incoming_s2s; @@ -49,75 +47,6 @@ function new_outgoing(from_host, to_host, connect) return host_session; end -function make_authenticated(session, host) - if not session.secure then - local local_host = session.direction == "incoming" and session.to_host or session.from_host; - if config.get(local_host, "core", "s2s_require_encryption") then - session:close({ - condition = "policy-violation", - text = "Encrypted server-to-server communication is required but was not " - ..((session.direction == "outgoing" and "offered") or "used") - }); - end - end - if session.type == "s2sout_unauthed" then - session.type = "s2sout"; - elseif session.type == "s2sin_unauthed" then - session.type = "s2sin"; - if host then - if not session.hosts[host] then session.hosts[host] = {}; end - session.hosts[host].authed = true; - end - elseif session.type == "s2sin" and host then - if not session.hosts[host] then session.hosts[host] = {}; end - session.hosts[host].authed = true; - else - return false; - end - session.log("debug", "connection %s->%s is now authenticated for %s", session.from_host, session.to_host, host); - - mark_connected(session); - - return true; -end - --- Stream is authorised, and ready for normal stanzas -function mark_connected(session) - local sendq, send = session.sendq, session.sends2s; - - local from, to = session.from_host, session.to_host; - - session.log("info", "%s s2s connection %s->%s complete", session.direction, from, to); - - local event_data = { session = session }; - if session.type == "s2sout" then - fire_event("s2sout-established", event_data); - hosts[from].events.fire_event("s2sout-established", event_data); - else - local host_session = hosts[to]; - session.send = function(stanza) - return host_session.events.fire_event("route/remote", { from_host = to, to_host = from, stanza = stanza }); - end; - - fire_event("s2sin-established", event_data); - hosts[to].events.fire_event("s2sin-established", event_data); - end - - if session.direction == "outgoing" then - if sendq then - session.log("debug", "sending %d queued stanzas across new outgoing connection to %s", #sendq, session.to_host); - for i, data in ipairs(sendq) do - send(data[1]); - sendq[i] = nil; - end - session.sendq = nil; - end - - session.ip_hosts = nil; - session.srv_hosts = nil; - end -end - local resting_session = { -- Resting, not dead destroyed = true; type = "s2s_destroyed"; -- cgit v1.2.3