1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
|
<<<<<<< local
-- The code in this file should be self-explanatory, though the logic is horrible
-- for more info on that, see doc/stanza_routing.txt, which attempts to condense
-- the rules from the RFCs (mainly 3921)
require "core.servermanager"
local log = require "util.logger".init("stanzarouter")
local st = require "util.stanza";
local send = require "core.sessionmanager".send_to_session;
-- local send_s2s = require "core.s2smanager".send_to_host;
local user_exists = require "core.usermanager".user_exists;
local jid_split = require "util.jid".split;
local print, debug = print, debug;
function core_process_stanza(origin, stanza)
log("debug", "Received: "..tostring(stanza))
-- TODO verify validity of stanza (as well as JID validity)
if stanza.name == "iq" and not(#stanza.tags == 1 and stanza.tags[1].attr.xmlns) then
if stanza.attr.type == "set" or stanza.attr.type == "get" then
error("Invalid IQ");
elseif #stanza.tags > 1 or not(stanza.attr.type == "error" or stanza.attr.type == "result") then
error("Invalid IQ");
end
end
if origin.type == "c2s" and not origin.full_jid
and not(stanza.name == "iq" and stanza.tags[1].name == "bind"
and stanza.tags[1].attr.xmlns == "urn:ietf:params:xml:ns:xmpp-bind") then
error("Client MUST bind resource after auth");
end
local to = stanza.attr.to;
stanza.attr.from = origin.full_jid; -- quick fix to prevent impersonation (FIXME this would be incorrect when the origin is not c2s)
-- TODO also, stazas should be returned to their original state before the function ends
-- TODO presence subscriptions
if not to then
core_handle_stanza(origin, stanza);
elseif hosts[to] and hosts[to].type == "local" then
core_handle_stanza(origin, stanza);
elseif stanza.name == "iq" and not select(3, jid_split(to)) then
core_handle_stanza(origin, stanza);
elseif origin.type == "c2s" then
core_route_stanza(origin, stanza);
end
end
-- This function handles stanzas which are not routed any further,
-- that is, they are handled by this server
function core_handle_stanza(origin, stanza)
-- Handlers
if origin.type == "c2s" or origin.type == "c2s_unauthed" then
local session = origin;
if stanza.name == "presence" and origin.roster then
if stanza.attr.type == nil or stanza.attr.type == "available" or stanza.attr.type == "unavailable" then
for jid in pairs(origin.roster) do -- broadcast to all interested contacts
local subscription = origin.roster[jid].subscription;
if subscription == "both" or subscription == "from" then
stanza.attr.to = jid;
core_route_stanza(origin, stanza);
end
end
local node, host = jid_split(stanza.attr.from);
for _, res in pairs(hosts[host].sessions[node].sessions) do -- broadcast to all resources and from resources
if res ~= origin then
if res.full_jid then -- to resource. FIXME is this check correct? Maybe it should be res.presence
stanza.attr.to = res.full_jid;
core_route_stanza(origin, stanza);
end
if res.presence then -- from all resources for which we have presence
res.presence.attr.to = origin.full_jid;
core_route_stanza(res, res.presence);
res.presence.attr.to = nil;
end
end
end
if not origin.presence then -- presence probes on initial presence
local probe = st.presence({from = origin.full_jid, type = "probe"});
for jid in pairs(origin.roster) do
local subscription = origin.roster[jid].subscription;
if subscription == "both" or subscription == "to" then
probe.attr.to = jid;
core_route_stanza(origin, probe);
end
end
-- TODO resend subscription requests
end
origin.presence = stanza;
stanza.attr.to = nil; -- reset it
else
-- TODO error, bad type
end
else
log("debug", "Routing stanza to local");
handle_stanza(session, stanza);
end
end
end
function is_authorized_to_see_presence(origin, username, host)
local roster = datamanager.load(username, host, "roster") or {};
local item = roster[origin.username.."@"..origin.host];
return item and (item.subscription == "both" or item.subscription == "from");
end
function core_route_stanza(origin, stanza)
-- Hooks
--- ...later
-- Deliver
local to = stanza.attr.to;
local node, host, resource = jid_split(to);
if stanza.name == "presence" and (stanza.attr.type ~= nil and stanza.attr.type ~= "unavailable") then resource = nil; end
local host_session = hosts[host]
if host_session and host_session.type == "local" then
-- Local host
local user = host_session.sessions[node];
if user then
local res = user.sessions[resource];
if not res then
-- if we get here, resource was not specified or was unavailable
if stanza.name == "presence" then
if stanza.attr.type ~= nil and stanza.attr.type ~= "unavailable" then
if stanza.attr.type == "probe" then
if is_authorized_to_see_presence(origin, node, host) then
for k in pairs(user.sessions) do -- return presence for all resources
if user.sessions[k].presence then
local pres = user.sessions[k].presence;
pres.attr.to = origin.full_jid;
pres.attr.from = user.sessions[k].full_jid;
send(origin, pres);
pres.attr.to = nil;
pres.attr.from = nil;
end
end
else
send(origin, st.presence({from=user.."@"..host, to=origin.username.."@"..origin.host, type="unsubscribed"}));
end
elseif stanza.attr.type == "subscribe" then
-- TODO
elseif stanza.attr.type == "unsubscribe" then
-- TODO
elseif stanza.attr.type == "subscribed" then
-- TODO
elseif stanza.attr.type == "unsubscribed" then
-- TODO
end -- discard any other type
else -- sender is available or unavailable
for k in pairs(user.sessions) do -- presence broadcast to all user resources
if user.sessions[k].full_jid then
stanza.attr.to = user.sessions[k].full_jid;
send(user.sessions[k], stanza);
end
end
end
elseif stanza.name == "message" then -- select a resource to recieve message
for k in pairs(user.sessions) do
if user.sessions[k].full_jid then
res = user.sessions[k];
break;
end
end
-- TODO find resource with greatest priority
send(res, stanza);
else
-- TODO send IQ error
end
else
-- User + resource is online...
stanza.attr.to = res.full_jid;
send(res, stanza); -- Yay \o/
end
else
-- user not online
if user_exists(node, host) then
if stanza.name == "presence" then
if stanza.attr.type == "probe" and is_authorized_to_see_presence(origin, node, host) then -- FIXME what to do for not c2s?
-- TODO send last recieved unavailable presence
else
-- TODO send unavailable presence
end
elseif stanza.name == "message" then
-- TODO send message error, or store offline messages
elseif stanza.name == "iq" then
-- TODO send IQ error
end
else -- user does not exist
-- TODO we would get here for nodeless JIDs too. Do something fun maybe? Echo service? Let plugins use xmpp:server/resource addresses?
if stanza.name == "presence" then
if stanza.attr.type == "probe" then
send(origin, st.presence({from = user.."@"..host, to = origin.username.."@"..origin.host, type = "unsubscribed"}));
end
-- else ignore
else
send(origin, st.error_reply(stanza, "cancel", "service-unavailable"));
end
end
end
else
-- Remote host
if host_session then
-- Send to session
else
-- Need to establish the connection
end
end
stanza.attr.to = to; -- reset
end
function handle_stanza_toremote(stanza)
log("error", "Stanza bound for remote host, but s2s is not implemented");
end
=======
-- The code in this file should be self-explanatory, though the logic is horrible
-- for more info on that, see doc/stanza_routing.txt, which attempts to condense
-- the rules from the RFCs (mainly 3921)
require "core.servermanager"
local log = require "util.logger".init("stanzarouter")
local st = require "util.stanza";
local send = require "core.sessionmanager".send_to_session;
-- local send_s2s = require "core.s2smanager".send_to_host;
local user_exists = require "core.usermanager".user_exists;
local jid_split = require "util.jid".split;
local print = print;
function core_process_stanza(origin, stanza)
log("debug", "Received: "..tostring(stanza))
-- TODO verify validity of stanza (as well as JID validity)
if stanza.name == "iq" and not(#stanza.tags == 1 and stanza.tags[1].attr.xmlns) then
if stanza.attr.type == "set" or stanza.attr.type == "get" then
error("Invalid IQ");
elseif #stanza.tags > 1 or not(stanza.attr.type == "error" or stanza.attr.type == "result") then
error("Invalid IQ");
end
end
if origin.type == "c2s" and not origin.full_jid
and not(stanza.name == "iq" and stanza.tags[1].name == "bind"
and stanza.tags[1].attr.xmlns == "urn:ietf:params:xml:ns:xmpp-bind") then
error("Client MUST bind resource after auth");
end
local to = stanza.attr.to;
stanza.attr.from = origin.full_jid; -- quick fix to prevent impersonation (FIXME this would be incorrect when the origin is not c2s)
-- TODO also, stazas should be returned to their original state before the function ends
-- TODO presence subscriptions
if not to then
core_handle_stanza(origin, stanza);
elseif hosts[to] and hosts[to].type == "local" then
core_handle_stanza(origin, stanza);
elseif stanza.name == "iq" and not select(3, jid_split(to)) then
core_handle_stanza(origin, stanza);
elseif origin.type == "c2s" then
core_route_stanza(origin, stanza);
end
end
-- This function handles stanzas which are not routed any further,
-- that is, they are handled by this server
function core_handle_stanza(origin, stanza)
-- Handlers
if origin.type == "c2s" or origin.type == "c2s_unauthed" then
local session = origin;
if stanza.name == "presence" and origin.roster then
if stanza.attr.type == nil or stanza.attr.type == "available" or stanza.attr.type == "unavailable" then
for jid in pairs(origin.roster) do -- broadcast to all interested contacts
local subscription = origin.roster[jid].subscription;
if subscription == "both" or subscription == "from" then
stanza.attr.to = jid;
core_route_stanza(origin, stanza);
end
end
--[[local node, host = jid_split(stanza.attr.from);
for _, res in pairs(hosts[host].sessions[node].sessions) do -- broadcast to all resources
if res.full_jid then
res = user.sessions[k];
break;
end
end]]
if not origin.presence then -- presence probes on initial presence
local probe = st.presence({from = origin.full_jid, type = "probe"});
for jid in pairs(origin.roster) do
local subscription = origin.roster[jid].subscription;
if subscription == "both" or subscription == "to" then
probe.attr.to = jid;
core_route_stanza(origin, probe);
end
end
end
origin.presence = stanza;
stanza.attr.to = nil; -- reset it
else
-- TODO error, bad type
end
else
log("debug", "Routing stanza to local");
handle_stanza(session, stanza);
end
end
end
-- TODO: Does this function belong here?
function is_authorized_to_see_presence(origin, username, host)
local roster = datamanager.load(username, host, "roster") or {};
local item = roster[origin.username.."@"..origin.host];
return item and (item.subscription == "both" or item.subscription == "from");
end
function core_route_stanza(origin, stanza)
-- Hooks
--- ...later
-- Deliver
local to = stanza.attr.to;
local node, host, resource = jid_split(to);
if stanza.name == "presence" and stanza.attr.type == "probe" then resource = nil; end
local host_session = hosts[host]
if host_session and host_session.type == "local" then
-- Local host
local user = host_session.sessions[node];
if user then
local res = user.sessions[resource];
if not res then
-- if we get here, resource was not specified or was unavailable
if stanza.name == "presence" then
if stanza.attr.type == "probe" then
if is_authorized_to_see_presence(origin, node, host) then
for k in pairs(user.sessions) do -- return presence for all resources
if user.sessions[k].presence then
local pres = user.sessions[k].presence;
pres.attr.to = origin.full_jid;
pres.attr.from = user.sessions[k].full_jid;
send(origin, pres);
pres.attr.to = nil;
pres.attr.from = nil;
end
end
else
send(origin, st.presence({from = user.."@"..host, to = origin.username.."@"..origin.host, type = "unsubscribed"}));
end
else
for k in pairs(user.sessions) do -- presence broadcast to all user resources
if user.sessions[k].full_jid then
stanza.attr.to = user.sessions[k].full_jid;
send(user.sessions[k], stanza);
end
end
end
elseif stanza.name == "message" then -- select a resource to recieve message
for k in pairs(user.sessions) do
if user.sessions[k].full_jid then
res = user.sessions[k];
break;
end
end
-- TODO find resource with greatest priority
send(res, stanza);
else
-- TODO send IQ error
end
else
-- User + resource is online...
stanza.attr.to = res.full_jid;
send(res, stanza); -- Yay \o/
end
else
-- user not online
if user_exists(node, host) then
if stanza.name == "presence" then
if stanza.attr.type == "probe" and is_authorized_to_see_presence(origin, node, host) then -- FIXME what to do for not c2s?
-- TODO send last recieved unavailable presence
else
-- TODO send unavailable presence
end
elseif stanza.name == "message" then
-- TODO send message error, or store offline messages
elseif stanza.name == "iq" then
-- TODO send IQ error
end
else -- user does not exist
-- TODO we would get here for nodeless JIDs too. Do something fun maybe? Echo service? Let plugins use xmpp:server/resource addresses?
if stanza.name == "presence" then
if stanza.attr.type == "probe" then
send(origin, st.presence({from = user.."@"..host, to = origin.username.."@"..origin.host, type = "unsubscribed"}));
end
-- else ignore
else
send(origin, st.error_reply(stanza, "cancel", "service-unavailable"));
end
end
end
else
-- Remote host
send_s2s(origin.host, host, stanza);
end
stanza.attr.to = to; -- reset
end
function handle_stanza_toremote(stanza)
log("error", "Stanza bound for remote host, but s2s is not implemented");
end
>>>>>>> other
|
