From aa2c7c578a713f6a6de80508badb2b832b968108 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Fri, 24 May 2013 18:37:07 +0100 Subject: mod_bosh: Some very minor whitespace/layout fixes --- plugins/mod_bosh.lua | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'plugins/mod_bosh.lua') diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua index 19f191c8..bd39daa5 100644 --- a/plugins/mod_bosh.lua +++ b/plugins/mod_bosh.lua @@ -1,7 +1,7 @@ -- Prosody IM -- Copyright (C) 2008-2010 Matthew Wild -- Copyright (C) 2008-2010 Waqas Hussain --- +-- -- This project is MIT/X11 licensed. Please see the -- COPYING file in the source package for more information. -- @@ -218,7 +218,7 @@ local function bosh_close_stream(session, reason) held_request.headers = default_headers; held_request:send(response_body); end - sessions[session.sid] = nil; + sessions[session.sid] = nil; inactive_sessions[session] = nil; sm_destroy_session(session); end @@ -291,7 +291,8 @@ function stream_callbacks.streamopened(context, attr) body_attr.hold = tostring(session.bosh_hold); body_attr.authid = sid; body_attr.secure = "true"; - body_attr.ver = '1.6'; from = session.host; + body_attr.ver = '1.6'; + body_attr.from = session.host; body_attr["xmlns:xmpp"] = "urn:xmpp:xbosh"; body_attr["xmpp:version"] = "1.0"; end -- cgit v1.2.3 From de91cf38b186b4cd02863e84f69c513b83c85ebb Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Fri, 24 May 2013 18:38:36 +0100 Subject: mod_bosh: rename variable for clarity --- plugins/mod_bosh.lua | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'plugins/mod_bosh.lua') diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua index bd39daa5..57abebb2 100644 --- a/plugins/mod_bosh.lua +++ b/plugins/mod_bosh.lua @@ -364,8 +364,8 @@ function stream_callbacks.handlestanza(context, stanza) end end -function stream_callbacks.streamclosed(request) - local session = sessions[request.sid]; +function stream_callbacks.streamclosed(context) + local session = sessions[context.sid]; if session then session.bosh_processing = false; if #session.send_buffer > 0 then -- cgit v1.2.3 From 885b4a7e2a8565d7d9fa9a1fd97723dc4af0d129 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Wed, 5 Jun 2013 21:37:33 +0100 Subject: mod_bosh: Remove some very verbose logging --- plugins/mod_bosh.lua | 3 --- 1 file changed, 3 deletions(-) (limited to 'plugins/mod_bosh.lua') diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua index 03355564..3c5e18f0 100644 --- a/plugins/mod_bosh.lua +++ b/plugins/mod_bosh.lua @@ -139,9 +139,6 @@ function handle_POST(event) local r = session.requests; log("debug", "Session %s has %d out of %d requests open", context.sid, #r, session.bosh_hold); log("debug", "and there are %d things in the send_buffer:", #session.send_buffer); - for i, thing in ipairs(session.send_buffer) do - log("debug", " %s", tostring(thing)); - end if #r > session.bosh_hold then -- We are holding too many requests, send what's in the buffer, log("debug", "We are holding too many requests, so..."); -- cgit v1.2.3 From b174c0dba2d13e37a17ccb71a124063e2873215d Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Wed, 5 Jun 2013 21:39:56 +0100 Subject: mod_bosh: Return errors when appropriate (invalid XML, missing sid) --- plugins/mod_bosh.lua | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'plugins/mod_bosh.lua') diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua index 3c5e18f0..90522031 100644 --- a/plugins/mod_bosh.lua +++ b/plugins/mod_bosh.lua @@ -123,7 +123,10 @@ function handle_POST(event) -- In particular, the streamopened() stream callback is where -- much of the session logic happens, because it's where we first -- get to see the 'sid' of this request. - stream:feed(body); + if not stream:feed(body) then + module:log("warn", "Error parsing BOSH payload") + return 400; + end -- Stanzas (if any) in the request have now been processed, and -- we take care of the high-level BOSH logic here, including @@ -174,6 +177,8 @@ function handle_POST(event) return true; -- Inform http server we shall reply later end end + module:log("warn", "Unable to associate request with a session (incomplete request?)"); + return 400; end -- cgit v1.2.3 From 70b2041049db1b148951d77993bba41646dc2f33 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Wed, 5 Jun 2013 21:41:27 +0100 Subject: mod_bosh: Clean up handling of response headers, set them only in one place --- plugins/mod_bosh.lua | 46 +++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) (limited to 'plugins/mod_bosh.lua') diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua index 90522031..ec8c59f5 100644 --- a/plugins/mod_bosh.lua +++ b/plugins/mod_bosh.lua @@ -35,24 +35,9 @@ local BOSH_DEFAULT_REQUESTS = module:get_option_number("bosh_max_requests", 2); local bosh_max_wait = module:get_option_number("bosh_max_wait", 120); local consider_bosh_secure = module:get_option_boolean("consider_bosh_secure"); - -local default_headers = { ["Content-Type"] = "text/xml; charset=utf-8", ["Connection"] = "keep-alive" }; - local cross_domain = module:get_option("cross_domain_bosh", false); -if cross_domain then - default_headers["Access-Control-Allow-Methods"] = "GET, POST, OPTIONS"; - default_headers["Access-Control-Allow-Headers"] = "Content-Type"; - default_headers["Access-Control-Max-Age"] = "7200"; - if cross_domain == true then - default_headers["Access-Control-Allow-Origin"] = "*"; - elseif type(cross_domain) == "table" then - cross_domain = table.concat(cross_domain, ", "); - end - if type(cross_domain) == "string" then - default_headers["Access-Control-Allow-Origin"] = cross_domain; - end -end +if type(cross_domain) == "table" then cross_domain = table.concat(cross_domain, ", "); end local trusted_proxies = module:get_option_set("trusted_proxies", {"127.0.0.1"})._items; @@ -100,11 +85,22 @@ function on_destroy_request(request) end end +local function set_cross_domain_headers(response) + local headers = response.headers; + headers.access_control_allow_methods = "GET, POST, OPTIONS"; + headers.access_control_allow_headers = "Content-Type"; + headers.access_control_max_age = "7200"; + + if cross_domain == true then + headers.access_control_allow_origin = "*"; + else + headers.access_control_allow_origin = cross_domain; + end + return response; +end + function handle_OPTIONS(request) - local headers = {}; - for k,v in pairs(default_headers) do headers[k] = v; end - headers["Content-Type"] = nil; - return { headers = headers, body = "" }; + return set_cross_domain_headers(request.response); end function handle_POST(event) @@ -117,6 +113,13 @@ function handle_POST(event) local context = { request = request, response = response, notopen = true }; local stream = new_xmpp_stream(context, stream_callbacks); response.context = context; + + local headers = response.headers; + headers.content_type = "text/xml; charset=utf-8"; + + if cross_domain then + set_cross_domain_headers(response); + end -- stream:feed() calls the stream_callbacks, so all stanzas in -- the body are processed in this next line before it returns. @@ -217,7 +220,6 @@ local function bosh_close_stream(session, reason) local response_body = tostring(close_reply); for _, held_request in ipairs(session.requests) do - held_request.headers = default_headers; held_request:send(response_body); end sessions[session.sid] = nil; @@ -311,7 +313,6 @@ function stream_callbacks.streamopened(context, attr) if not session then -- Unknown sid log("info", "Client tried to use sid '%s' which we don't know about", sid); - response.headers = default_headers; response:send(tostring(st.stanza("body", { xmlns = xmlns_bosh, type = "terminate", condition = "item-not-found" }))); context.notopen = nil; return; @@ -381,7 +382,6 @@ function stream_callbacks.error(context, error) log("debug", "Error parsing BOSH request payload; %s", error); if not context.sid then local response = context.response; - response.headers = default_headers; response.status_code = 400; response:send(); return; -- cgit v1.2.3 From 2d2b6df7cb2a17d00bc2074186a8c06c2702fd2a Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Thu, 6 Jun 2013 14:48:41 +0100 Subject: mod_bosh: Remove another place we set headers, fixes #348 --- plugins/mod_bosh.lua | 1 - 1 file changed, 1 deletion(-) (limited to 'plugins/mod_bosh.lua') diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua index ec8c59f5..d0202b7d 100644 --- a/plugins/mod_bosh.lua +++ b/plugins/mod_bosh.lua @@ -281,7 +281,6 @@ function stream_callbacks.streamopened(context, attr) local oldest_request = r[1]; if oldest_request and not session.bosh_processing then log("debug", "We have an open request, so sending on that"); - oldest_request.headers = default_headers; local body_attr = { xmlns = "http://jabber.org/protocol/httpbind", ["xmlns:stream"] = "http://etherx.jabber.org/streams"; type = session.bosh_terminate and "terminate" or nil; -- cgit v1.2.3 From e3784f09b95ea6afff43005cce671d4092589442 Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Fri, 7 Jun 2013 13:21:38 -0400 Subject: mod_bosh: Rename event handler argument to event, not request. --- plugins/mod_bosh.lua | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'plugins/mod_bosh.lua') diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua index 00da914c..095ba4a3 100644 --- a/plugins/mod_bosh.lua +++ b/plugins/mod_bosh.lua @@ -99,8 +99,8 @@ local function set_cross_domain_headers(response) return response; end -function handle_OPTIONS(request) - return set_cross_domain_headers(request.response); +function handle_OPTIONS(event) + return set_cross_domain_headers(event.response); end function handle_POST(event) -- cgit v1.2.3 From a22bd3606b9c4e5017d00f9d80512d70e2bf4f6f Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Fri, 7 Jun 2013 13:24:56 -0400 Subject: mod_bosh: Return empty string from the OPTIONS event handler, don't return the response object itself. --- plugins/mod_bosh.lua | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'plugins/mod_bosh.lua') diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua index 095ba4a3..48d16df1 100644 --- a/plugins/mod_bosh.lua +++ b/plugins/mod_bosh.lua @@ -100,7 +100,8 @@ local function set_cross_domain_headers(response) end function handle_OPTIONS(event) - return set_cross_domain_headers(event.response); + set_cross_domain_headers(event.response); + return ""; end function handle_POST(event) -- cgit v1.2.3 From 8e44ad94a9cb442bd7a03830a2a8548c3833fe68 Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Fri, 7 Jun 2013 14:20:13 -0400 Subject: mod_bosh: Only return CORS headers if the Origin header is received, and CORS is enabled. --- plugins/mod_bosh.lua | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'plugins/mod_bosh.lua') diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua index 48d16df1..04d85e60 100644 --- a/plugins/mod_bosh.lua +++ b/plugins/mod_bosh.lua @@ -100,7 +100,9 @@ local function set_cross_domain_headers(response) end function handle_OPTIONS(event) - set_cross_domain_headers(event.response); + if cross_domain and event.request.headers.origin then + set_cross_domain_headers(event.response); + end return ""; end @@ -118,7 +120,7 @@ function handle_POST(event) local headers = response.headers; headers.content_type = "text/xml; charset=utf-8"; - if cross_domain then + if cross_domain and event.request.headers.origin then set_cross_domain_headers(response); end -- cgit v1.2.3 From 67161986600abebddbb9654ed2a4e8756172da8f Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Fri, 7 Jun 2013 16:26:08 -0400 Subject: mod_bosh: Don't tostring() stream:features when passing to session.send(). --- plugins/mod_bosh.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins/mod_bosh.lua') diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua index 04d85e60..d8109602 100644 --- a/plugins/mod_bosh.lua +++ b/plugins/mod_bosh.lua @@ -352,7 +352,7 @@ function stream_callbacks.streamopened(context, attr) local features = st.stanza("stream:features"); hosts[session.host].events.fire_event("stream-features", { origin = session, features = features }); fire_event("stream-features", session, features); - session.send(tostring(features)); + session.send(features); session.notopen = nil; end end -- cgit v1.2.3 From 38e6533cbd5ba91acc581b3f0821a5c878d3d1d2 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Sat, 8 Jun 2013 18:08:18 +0100 Subject: mod_bosh: Make waiting_requests and dead_sessions shared to preserve across reloads --- plugins/mod_bosh.lua | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'plugins/mod_bosh.lua') diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua index d8109602..e3a1050b 100644 --- a/plugins/mod_bosh.lua +++ b/plugins/mod_bosh.lua @@ -62,7 +62,7 @@ local os_time = os.time; local sessions, inactive_sessions = module:shared("sessions", "inactive_sessions"); -- Used to respond to idle sessions (those with waiting requests) -local waiting_requests = {}; +local waiting_requests = module:shared("waiting_requests"); function on_destroy_request(request) log("debug", "Request destroyed: %s", tostring(request)); waiting_requests[request] = nil; @@ -397,7 +397,7 @@ function stream_callbacks.error(context, error) end end -local dead_sessions = {}; +local dead_sessions = module:shared("dead_sessions"); function on_timer() -- log("debug", "Checking for requests soon to timeout..."); -- Identify requests timing out within the next few seconds -- cgit v1.2.3 From 87170a4fde14e43ed61bddd045642d96a77f47c4 Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Tue, 11 Jun 2013 12:55:47 -0400 Subject: mod_bosh: Reduce a little code. --- plugins/mod_bosh.lua | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) (limited to 'plugins/mod_bosh.lua') diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua index e3a1050b..9a612ae0 100644 --- a/plugins/mod_bosh.lua +++ b/plugins/mod_bosh.lua @@ -37,6 +37,7 @@ local bosh_max_wait = module:get_option_number("bosh_max_wait", 120); local consider_bosh_secure = module:get_option_boolean("consider_bosh_secure"); local cross_domain = module:get_option("cross_domain_bosh", false); +if cross_domain == true then cross_domain = "*"; end if type(cross_domain) == "table" then cross_domain = table.concat(cross_domain, ", "); end local trusted_proxies = module:get_option_set("trusted_proxies", {"127.0.0.1"})._items; @@ -90,12 +91,7 @@ local function set_cross_domain_headers(response) headers.access_control_allow_methods = "GET, POST, OPTIONS"; headers.access_control_allow_headers = "Content-Type"; headers.access_control_max_age = "7200"; - - if cross_domain == true then - headers.access_control_allow_origin = "*"; - else - headers.access_control_allow_origin = cross_domain; - end + headers.access_control_allow_origin = cross_domain; return response; end -- cgit v1.2.3 From cab180216b49e1c6f1f0e847357df58436551643 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Mon, 15 Jul 2013 11:44:49 +0100 Subject: mod_bosh, mod_c2s: No longer fire stream-features globally (nobody uses it, and shared modules make it easy for global modules to hook per-host now) --- plugins/mod_bosh.lua | 1 - 1 file changed, 1 deletion(-) (limited to 'plugins/mod_bosh.lua') diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua index d8717d18..d109547e 100644 --- a/plugins/mod_bosh.lua +++ b/plugins/mod_bosh.lua @@ -349,7 +349,6 @@ function stream_callbacks.streamopened(context, attr) if session.notopen then local features = st.stanza("stream:features"); hosts[session.host].events.fire_event("stream-features", { origin = session, features = features }); - fire_event("stream-features", session, features); session.send(features); session.notopen = nil; end -- cgit v1.2.3 From 1d833bb80779ed9c9e1d7ec6c7fab231ebf48182 Mon Sep 17 00:00:00 2001 From: Florian Zeitz Date: Fri, 9 Aug 2013 17:48:21 +0200 Subject: Remove all trailing whitespace --- plugins/mod_bosh.lua | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) (limited to 'plugins/mod_bosh.lua') diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua index d109547e..ca67db73 100644 --- a/plugins/mod_bosh.lua +++ b/plugins/mod_bosh.lua @@ -78,7 +78,7 @@ function on_destroy_request(request) break; end end - + -- If this session now has no requests open, mark it as inactive local max_inactive = session.bosh_max_inactive; if max_inactive and #requests == 0 then @@ -121,7 +121,7 @@ function handle_POST(event) if cross_domain and event.request.headers.origin then set_cross_domain_headers(response); end - + -- stream:feed() calls the stream_callbacks, so all stanzas in -- the body are processed in this next line before it returns. -- In particular, the streamopened() stream callback is where @@ -131,7 +131,7 @@ function handle_POST(event) module:log("warn", "Error parsing BOSH payload") return 400; end - + -- Stanzas (if any) in the request have now been processed, and -- we take care of the high-level BOSH logic here, including -- giving a response or putting the request "on hold". @@ -164,7 +164,7 @@ function handle_POST(event) session.send_buffer = {}; session.send(resp); end - + if not response.finished then -- We're keeping this request open, to respond later log("debug", "Have nothing to say, so leaving request unanswered for now"); @@ -172,7 +172,7 @@ function handle_POST(event) waiting_requests[response] = os_time() + session.bosh_wait; end end - + if session.bosh_terminate then session.log("debug", "Closing session with %d requests open", #session.requests); session:close(); @@ -192,10 +192,10 @@ local stream_xmlns_attr = { xmlns = "urn:ietf:params:xml:ns:xmpp-streams" }; local function bosh_close_stream(session, reason) (session.log or log)("info", "BOSH client disconnected"); - + local close_reply = st.stanza("body", { xmlns = xmlns_bosh, type = "terminate", ["xmlns:stream"] = xmlns_streams }); - + if reason then close_reply.attr.condition = "remote-stream-error"; @@ -236,7 +236,7 @@ function stream_callbacks.streamopened(context, attr) if not sid then -- New session request context.notopen = nil; -- Signals that we accept this opening tag - + -- TODO: Sanity checks here (rid, to, known host, etc.) if not hosts[attr.to] then -- Unknown host @@ -246,7 +246,7 @@ function stream_callbacks.streamopened(context, attr) response:send(tostring(close_reply)); return; end - + -- New session sid = new_uuid(); local session = { @@ -259,9 +259,9 @@ function stream_callbacks.streamopened(context, attr) ip = get_ip_from_request(request); }; sessions[sid] = session; - + local filter = initialize_filters(session); - + session.log("debug", "BOSH session created for request from %s", session.ip); log("info", "New BOSH session, assigned it sid '%s'", sid); @@ -308,7 +308,7 @@ function stream_callbacks.streamopened(context, attr) end request.sid = sid; end - + local session = sessions[sid]; if not session then -- Unknown sid @@ -317,7 +317,7 @@ function stream_callbacks.streamopened(context, attr) context.notopen = nil; return; end - + if session.rid then local rid = tonumber(attr.rid); local diff = rid - session.rid; @@ -334,7 +334,7 @@ function stream_callbacks.streamopened(context, attr) end session.rid = rid; end - + if attr.type == "terminate" then -- Client wants to end this session, which we'll do -- after processing any stanzas in this request @@ -388,7 +388,7 @@ function stream_callbacks.error(context, error) response:send(); return; end - + local session = sessions[context.sid]; if error == "stream-error" then -- Remote stream error, we close normally session:close(); @@ -412,7 +412,7 @@ function on_timer() end end end - + now = now - 3; local n_dead_sessions = 0; for session, close_after in pairs(inactive_sessions) do -- cgit v1.2.3