mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-03 21:27:38 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge 0.11->trunk

Browse source
This commit is contained in:
Kim Alvefur 2019-11-23 23:12:01 +01:00
commit 72f1544f6d
156 changed files with 6219 additions and 2102 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.busted
View file

@ -2,7 +2,7 @@ return {
_all = {
},
default = {
["exclude-tags"] = "mod_bosh,storage";
["exclude-tags"] = "mod_bosh,storage,SLOW";
};
bosh = {
tags = "mod_bosh";

70
.luacheckrc
View file

@ -1,7 +1,8 @@
cache = true
codes = true
ignore = { "411/err", "421/err", "411/ok", "421/ok", "211/_ENV", "431/log", "143/table", "113/unpack" }
ignore = { "411/err", "421/err", "411/ok", "421/ok", "211/_ENV", "431/log", }
std = "lua53c"
max_line_length = 150
read_globals = {
@ -33,7 +34,6 @@ files["plugins/"] = {
"module.name",
"module.host",
"module._log",
"module.log",
"module.event_handlers",
"module.reloading",
"module.saved_state",
@ -64,12 +64,15 @@ files["plugins/"] = {
"module.get_option_scalar",
"module.get_option_set",
"module.get_option_string",
"module.get_status",
"module.handle_items",
"module.hook",
"module.hook_global",
"module.hook_object_event",
"module.hook_tag",
"module.load_resource",
"module.log",
"module.log_status",
"module.measure",
"module.measure_event",
"module.measure_global_event",
@ -79,7 +82,9 @@ files["plugins/"] = {
"module.remove_item",
"module.require",
"module.send",
"module.send_iq",
"module.set_global",
"module.set_status",
"module.shared",
"module.unhook",
"module.unhook_object_event",
@ -126,43 +131,42 @@ if os.getenv("PROSODY_STRICT_LINT") ~= "1" then
unused_secondaries = false
local exclude_files = {
"doc/net.server.lua";
"doc/net.server.lua";
"fallbacks/bit.lua";
"fallbacks/lxp.lua";
"fallbacks/bit.lua";
"fallbacks/lxp.lua";
"net/adns.lua";
"net/cqueues.lua";
"net/dns.lua";
"net/server_select.lua";
"net/cqueues.lua";
"net/dns.lua";
"net/server_select.lua";
"plugins/mod_storage_sql1.lua";
"plugins/mod_storage_sql1.lua";
"spec/core_configmanager_spec.lua";
"spec/core_moduleapi_spec.lua";
"spec/net_http_parser_spec.lua";
"spec/util_events_spec.lua";
"spec/util_http_spec.lua";
"spec/util_ip_spec.lua";
"spec/util_multitable_spec.lua";
"spec/util_rfc6724_spec.lua";
"spec/util_throttle_spec.lua";
"spec/util_xmppstream_spec.lua";
"spec/core_configmanager_spec.lua";
"spec/core_moduleapi_spec.lua";
"spec/net_http_parser_spec.lua";
"spec/util_events_spec.lua";
"spec/util_http_spec.lua";
"spec/util_ip_spec.lua";
"spec/util_multitable_spec.lua";
"spec/util_rfc6724_spec.lua";
"spec/util_throttle_spec.lua";
"spec/util_xmppstream_spec.lua";
"tools/ejabberd2prosody.lua";
"tools/ejabberdsql2prosody.lua";
"tools/erlparse.lua";
"tools/jabberd14sql2prosody.lua";
"tools/migration/migrator.cfg.lua";
"tools/migration/migrator/jabberd14.lua";
"tools/migration/migrator/mtools.lua";
"tools/migration/migrator/prosody_files.lua";
"tools/migration/migrator/prosody_sql.lua";
"tools/migration/prosody-migrator.lua";
"tools/openfire2prosody.lua";
"tools/xep227toprosody.lua";
"tools/ejabberd2prosody.lua";
"tools/ejabberdsql2prosody.lua";
"tools/erlparse.lua";
"tools/jabberd14sql2prosody.lua";
"tools/migration/migrator.cfg.lua";
"tools/migration/migrator/jabberd14.lua";
"tools/migration/migrator/mtools.lua";
"tools/migration/migrator/prosody_files.lua";
"tools/migration/migrator/prosody_sql.lua";
"tools/migration/prosody-migrator.lua";
"tools/openfire2prosody.lua";
"tools/xep227toprosody.lua";
"util/sasl/digest-md5.lua";
"util/sasl/digest-md5.lua";
}
for _, file in ipairs(exclude_files) do
files[file] = { only = {} }

16
CHANGES
View file

@ -1,3 +1,19 @@
TRUNK
=====
- Module statuses
- SNI support (not completely finished)
- CORS handling now provided by mod\_http
- CSI improvements
- mod\_limits: Exempted JIDs
- Archive quotas
- mod\_mimicking
- Rewritten migrator
- SCRAM-SHA-256
- Bi-directional server-to-server (XEP-0288)
- Built-in HTTP server now handles HEAD requests
- MUC presence broadcast controls
0.11.0
======

9
CONTRIBUTING Normal file
View file

@ -0,0 +1,9 @@
Thanks for your interest in contributing to the project!
There are many ways to contribute, such as helping improve the
documentation, reporting bugs, spreading the word or testing the latest
development version.
You can find more information on how to contribute at <https://prosody.im/doc/contributing>
See also the HACKERS and README files.

8
GNUmakefile
View file

@ -21,6 +21,7 @@ MKDIR_PRIVATE=$(MKDIR) -m750
LUACHECK=luacheck
BUSTED=busted
SCANSION=scansion
.PHONY: all test coverage clean install
@ -71,6 +72,13 @@ clean:
test:
$(BUSTED) --lua=$(RUNWITH)
integration-test: all
$(MKDIR) data
$(RUNWITH) prosodyctl --config ./spec/scansion/prosody.cfg.lua start
$(SCANSION) -d ./spec/scansion; R=$$? \
$(RUNWITH) prosodyctl --config ./spec/scansion/prosody.cfg.lua stop \
exit $$R
coverage:
-rm -- luacov.*
$(BUSTED) --lua=$(RUNWITH) -c

2
HACKERS
View file

@ -5,7 +5,7 @@ involved you can join us on our mailing list and discussion rooms. More
information on these at https://prosody.im/discuss
Patches are welcome, though before sending we would appreciate if you read
docs/coding_style.txt for guidelines on how to format your code, and other tips.
docs/coding_style.md for guidelines on how to format your code, and other tips.
Documentation for developers can be found at https://prosody.im/doc/developers

4
README
View file

@ -12,6 +12,7 @@ rapidly prototype new protocols.
Homepage: https://prosody.im/
Download: https://prosody.im/download
Documentation: https://prosody.im/doc/
Issue tracker: https://issues.prosody.im/
Jabber/XMPP Chat:
Address:
@ -26,9 +27,6 @@ Mailing lists:
Development discussion:
https://groups.google.com/group/prosody-dev
Issue tracker changes:
https://groups.google.com/group/prosody-issues
## Installation
See the accompanying INSTALL file for help on building Prosody from source. Alternatively

1
TODO
View file

@ -1,5 +1,4 @@
== 1.0 ==
- Roster providers
- Statistics
- Clustering
- World domination

187
configure vendored
View file

@ -23,7 +23,8 @@ EXCERTS="yes"
PRNG=
PRNGLIBS=
CFLAGS="-fPIC -Wall -pedantic -std=c99"
CFLAGS="-fPIC -std=c99"
CFLAGS="$CFLAGS -Wall -pedantic -Wextra -Wshadow -Wformat=2"
LDFLAGS="-shared"
IDN_LIBRARY="idn"
@ -152,74 +153,8 @@ do
SYSCONFDIR_SET=yes
;;
--ostype)
# TODO make this a switch?
OSPRESET="$value"
if [ "$OSPRESET" = "debian" ]; then
if [ "$LUA_SUFFIX_SET" != "yes" ]; then
LUA_SUFFIX="5.1";
LUA_SUFFIX_SET=yes
fi
if [ "$RUNWITH_SET" != "yes" ]; then
RUNWITH="lua$LUA_SUFFIX";
RUNWITH_SET=yes
fi
LUA_INCDIR="/usr/include/lua$LUA_SUFFIX"
LUA_INCDIR_SET=yes
CFLAGS="$CFLAGS -ggdb"
fi
if [ "$OSPRESET" = "macosx" ]; then
LUA_INCDIR=/usr/local/include;
LUA_INCDIR_SET=yes
LUA_LIBDIR=/usr/local/lib
LUA_LIBDIR_SET=yes
CFLAGS="$CFLAGS -mmacosx-version-min=10.3"
LDFLAGS="-bundle -undefined dynamic_lookup"
fi
if [ "$OSPRESET" = "linux" ]; then
LUA_INCDIR=/usr/local/include;
LUA_INCDIR_SET=yes
LUA_LIBDIR=/usr/local/lib
LUA_LIBDIR_SET=yes
CFLAGS="$CFLAGS -ggdb"
fi
if [ "$OSPRESET" = "freebsd" ] || [ "$OSPRESET" = "openbsd" ]; then
LUA_INCDIR="/usr/local/include/lua51"
LUA_INCDIR_SET=yes
CFLAGS="-Wall -fPIC -I/usr/local/include"
LDFLAGS="-I/usr/local/include -L/usr/local/lib -shared"
LUA_SUFFIX="51"
LUA_SUFFIX_SET=yes
LUA_DIR=/usr/local
LUA_DIR_SET=yes
CC=cc
LD=ld
fi
if [ "$OSPRESET" = "openbsd" ]; then
LUA_INCDIR="/usr/local/include";
LUA_INCDIR_SET="yes"
fi
if [ "$OSPRESET" = "netbsd" ]; then
LUA_INCDIR="/usr/pkg/include/lua-5.1"
LUA_INCDIR_SET=yes
LUA_LIBDIR="/usr/pkg/lib/lua/5.1"
LUA_LIBDIR_SET=yes
CFLAGS="-Wall -fPIC -I/usr/pkg/include"
LDFLAGS="-L/usr/pkg/lib -Wl,-rpath,/usr/pkg/lib -shared"
fi
if [ "$OSPRESET" = "pkg-config" ]; then
if [ "$LUA_SUFFIX_SET" != "yes" ]; then
LUA_SUFFIX="5.1";
LUA_SUFFIX_SET=yes
fi
LUA_CF="$(pkg-config --cflags-only-I lua$LUA_SUFFIX)"
LUA_CF="${LUA_CF#*-I}"
LUA_CF="${LUA_CF%% *}"
if [ "$LUA_CF" != "" ]; then
LUA_INCDIR="$LUA_CF"
LUA_INCDIR_SET=yes
fi
CFLAGS="$CFLAGS"
fi
OSPRESET_SET="yes"
;;
--libdir)
LIBDIR="$value"
@ -237,7 +172,7 @@ do
--lua-version|--with-lua-version)
[ -n "$value" ] || die "Missing value in flag $key."
LUA_VERSION="$value"
[ "$LUA_VERSION" = "5.1" ] || [ "$LUA_VERSION" = "5.2" ] || [ "$LUA_VERSION" = "5.3" ] || die "Invalid Lua version in flag $key."
[ "$LUA_VERSION" = "5.1" ] || [ "$LUA_VERSION" = "5.2" ] || [ "$LUA_VERSION" = "5.3" ] || [ "$LUA_VERSION" = "5.4" ] || die "Invalid Lua version in flag $key."
LUA_VERSION_SET=yes
;;
--with-lua)
@ -318,6 +253,66 @@ do
shift
done
if [ "$OSPRESET_SET" = "yes" ]; then
# TODO make this a switch?
if [ "$OSPRESET" = "debian" ]; then
CFLAGS="$CFLAGS -ggdb"
fi
if [ "$OSPRESET" = "macosx" ]; then
if [ "$LUA_INCDIR_SET" != "yes" ]; then
LUA_INCDIR=/usr/local/include;
LUA_INCDIR_SET=yes
fi
if [ "$LUA_LIBDIR_SET" != "yes" ]; then
LUA_LIBDIR=/usr/local/lib
LUA_LIBDIR_SET=yes
fi
CFLAGS="$CFLAGS -mmacosx-version-min=10.3"
LDFLAGS="-bundle -undefined dynamic_lookup"
fi
if [ "$OSPRESET" = "linux" ]; then
CFLAGS="$CFLAGS -ggdb"
fi
if [ "$OSPRESET" = "freebsd" ] || [ "$OSPRESET" = "openbsd" ]; then
LUA_INCDIR="/usr/local/include/lua51"
LUA_INCDIR_SET=yes
CFLAGS="-Wall -fPIC -I/usr/local/include"
LDFLAGS="-I/usr/local/include -L/usr/local/lib -shared"
LUA_SUFFIX="51"
LUA_SUFFIX_SET=yes
LUA_DIR=/usr/local
LUA_DIR_SET=yes
CC=cc
LD=ld
fi
if [ "$OSPRESET" = "openbsd" ]; then
LUA_INCDIR="/usr/local/include";
LUA_INCDIR_SET="yes"
fi
if [ "$OSPRESET" = "netbsd" ]; then
LUA_INCDIR="/usr/pkg/include/lua-5.1"
LUA_INCDIR_SET=yes
LUA_LIBDIR="/usr/pkg/lib/lua/5.1"
LUA_LIBDIR_SET=yes
CFLAGS="-Wall -fPIC -I/usr/pkg/include"
LDFLAGS="-L/usr/pkg/lib -Wl,-rpath,/usr/pkg/lib -shared"
fi
if [ "$OSPRESET" = "pkg-config" ]; then
if [ "$LUA_SUFFIX_SET" != "yes" ]; then
LUA_SUFFIX="5.1";
LUA_SUFFIX_SET=yes
fi
LUA_CF="$(pkg-config --cflags-only-I lua$LUA_SUFFIX)"
LUA_CF="${LUA_CF#*-I}"
LUA_CF="${LUA_CF%% *}"
if [ "$LUA_CF" != "" ]; then
LUA_INCDIR="$LUA_CF"
LUA_INCDIR_SET=yes
fi
CFLAGS="$CFLAGS"
fi
fi
if [ "$PREFIX_SET" = "yes" ] && [ ! "$SYSCONFDIR_SET" = "yes" ]
then
if [ "$PREFIX" = "/usr" ]
@ -340,7 +335,7 @@ then
fi
detect_lua_version() {
detected_lua=$("$1" -e 'print(_VERSION:match(" (5%.[123])$"))' 2> /dev/null)
detected_lua=$("$1" -e 'print(_VERSION:match(" (5%.[1234])$"))' 2> /dev/null)
if [ "$detected_lua" != "nil" ]
then
if [ "$LUA_VERSION_SET" != "yes" ]
@ -403,8 +398,14 @@ then
elif [ "$LUA_VERSION_SET" = "yes" ] && [ "$LUA_VERSION" = "5.3" ]
then
suffixes="5.3 53 -5.3 -53"
elif [ "$LUA_VERSION_SET" = "yes" ] && [ "$LUA_VERSION" = "5.4" ]
then
suffixes="5.4 54 -5.4 -54"
else
suffixes="5.1 51 -5.1 -51 5.2 52 -5.2 -52 5.3 53 -5.3 -53"
suffixes="5.1 51 -5.1 -51"
suffixes="$suffixes 5.2 52 -5.2 -52"
suffixes="$suffixes 5.3 53 -5.3 -53"
suffixes="$suffixes 5.4 54 -5.4 -54"
fi
for suffix in "" $suffixes
do
@ -464,30 +465,46 @@ then
LUA_LIBDIR="$LUA_DIR/lib"
fi
echo_n "Checking Lua includes... "
lua_h="$LUA_INCDIR/lua.h"
echo_n "Looking for lua.h at $lua_h..."
if [ -f "$lua_h" ]
then
echo "lua.h found in $lua_h"
echo found
else
v_dir="$LUA_INCDIR/lua/$LUA_VERSION"
lua_h="$v_dir/lua.h"
if [ -f "$lua_h" ]
then
echo "lua.h found in $lua_h"
echo "not found"
for postfix in "$LUA_VERSION" "$LUA_SUFFIX"; do
if ! [ "$postfix" = "" ]; then
v_dir="$LUA_INCDIR/lua/$postfix";
else
v_dir="$LUA_INCDIR/lua";
fi
lua_h="$v_dir/lua.h"
echo_n "Looking for lua.h at $lua_h..."
if [ -f "$lua_h" ]
then
LUA_INCDIR="$v_dir"
else
d_dir="$LUA_INCDIR/lua$LUA_VERSION"
echo found
break;
else
echo "not found"
d_dir="$LUA_INCDIR/lua$postfix"
lua_h="$d_dir/lua.h"
echo_n "Looking for lua.h at $lua_h..."
if [ -f "$lua_h" ]
then
echo "lua.h found in $lua_h (Debian/Ubuntu)"
LUA_INCDIR="$d_dir"
echo found
LUA_INCDIR="$d_dir"
break;
else
echo "lua.h not found (looked in $LUA_INCDIR, $v_dir, $d_dir)"
die "You may want to use the flag --with-lua or --with-lua-include. See --help."
echo "not found"
fi
fi
fi
done
if [ ! -f "$lua_h" ]; then
echo "lua.h not found."
echo
die "You may want to use the flag --with-lua or --with-lua-include. See --help."
fi
fi
if [ "$lua_interp_found" = "yes" ]

18
core/certmanager.lua
View file

@ -20,7 +20,6 @@ end
local configmanager = require "core.configmanager";
local log = require "util.logger".init("certmanager");
local ssl_context = ssl.context or softreq"ssl.context";
local ssl_x509 = ssl.x509 or softreq"ssl.x509";
local ssl_newcontext = ssl.newcontext;
local new_config = require"util.sslconfig".new;
local stat = require "lfs".attributes;
@ -106,7 +105,7 @@ local core_defaults = {
capath = "/etc/ssl/certs";
depth = 9;
protocol = "tlsv1+";
verify = (ssl_x509 and { "peer", "client_once", }) or "none";
verify = "none";
options = {
cipher_server_preference = luasec_has.options.cipher_server_preference;
no_ticket = luasec_has.options.no_ticket;
@ -123,8 +122,8 @@ local core_defaults = {
"P-521",
};
ciphers = { -- Enabled ciphers in order of preference:
"HIGH+kEDH", -- Ephemeral Diffie-Hellman key exchange, if a 'dhparam' file is set
"HIGH+kEECDH", -- Ephemeral Elliptic curve Diffie-Hellman key exchange
"HIGH+kEDH", -- Ephemeral Diffie-Hellman key exchange, if a 'dhparam' file is set
"HIGH", -- Other "High strength" ciphers
-- Disabled cipher suites:
"!PSK", -- Pre-Shared Key - not used for XMPP
@ -148,13 +147,6 @@ local path_options = { -- These we pass through resolve_path()
key = true, certificate = true, cafile = true, capath = true, dhparam = true
}
if luasec_version < 5 and ssl_x509 then
-- COMPAT mw/luasec-hg
for i=1,#core_defaults.verifyext do -- Remove lsec_ prefix
core_defaults.verify[#core_defaults.verify+1] = core_defaults.verifyext[i]:sub(6);
end
end
local function create_context(host, mode, ...)
local cfg = new_config();
cfg:apply(core_defaults);
@ -177,8 +169,10 @@ local function create_context(host, mode, ...)
local user_ssl_config = cfg:final();
if mode == "server" then
if not user_ssl_config.certificate then return nil, "No certificate present in SSL/TLS configuration for "..host; end
if not user_ssl_config.key then return nil, "No key present in SSL/TLS configuration for "..host; end
if not user_ssl_config.certificate then
log("info", "No certificate present in SSL/TLS configuration for %s. SNI will be required.", host);
end
if user_ssl_config.certificate and not user_ssl_config.key then return nil, "No key present in SSL/TLS configuration for "..host; end
end
for option in pairs(path_options) do

48
core/configmanager.lua
View file

@ -7,15 +7,16 @@
--
local _G = _G;
local setmetatable, rawget, rawset, io, os, error, dofile, type, pairs =
setmetatable, rawget, rawset, io, os, error, dofile, type, pairs;
local format, math_max = string.format, math.max;
local setmetatable, rawget, rawset, io, os, error, dofile, type, pairs, ipairs =
setmetatable, rawget, rawset, io, os, error, dofile, type, pairs, ipairs;
local format, math_max, t_insert = string.format, math.max, table.insert;
local envload = require"util.envload".envload;
local deps = require"util.dependencies";
local resolve_relative_path = require"util.paths".resolve_relative_path;
local glob_to_pattern = require"util.paths".glob_to_pattern;
local path_sep = package.config:sub(1,1);
local get_traceback_table = require "util.debug".get_traceback_table;
local encodings = deps.softreq"util.encodings";
local nameprep = encodings and encodings.stringprep.nameprep or function (host) return host:lower(); end
@ -100,8 +101,18 @@ end
-- Built-in Lua parser
do
local pcall = _G.pcall;
local function get_line_number(config_file)
local tb = get_traceback_table(nil, 2);
for i = 1, #tb do
if tb[i].info.short_src == config_file then
return tb[i].info.currentline;
end
end
end
parser = {};
function parser.load(data, config_file, config_table)
local set_options = {}; -- set_options[host.."/"..option_name] = true (when the option has been set already in this file)
local warnings = {};
local env;
-- The ' = true' are needed so as not to set off __newindex when we assign the functions below
env = setmetatable({
@ -115,13 +126,26 @@ do
return rawget(_G, k);
end,
__newindex = function (_, k, v)
local host = env.__currenthost or "*";
local option_path = host.."/"..k;
if set_options[option_path] then
t_insert(warnings, ("%s:%d: Duplicate option '%s'"):format(config_file, get_line_number(config_file), k));
end
set_options[option_path] = true;
set(config_table, env.__currenthost or "*", k, v);
end
});
rawset(env, "__currenthost", "*") -- Default is global
function env.VirtualHost(name)
name = nameprep(name);
if not name then
error("Host must have a name", 2);
end
local prepped_name = nameprep(name);
if not prepped_name then
error(format("Name of Host %q contains forbidden characters", name), 0);
end
name = prepped_name;
if rawget(config_table, name) and rawget(config_table[name], "component_module") then
error(format("Host %q clashes with previously defined %s Component %q, for services use a sub-domain like conference.%s",
name, config_table[name].component_module:gsub("^%a+$", { component = "external", muc = "MUC"}), name, name), 0);
@ -139,7 +163,14 @@ do
env.Host, env.host = env.VirtualHost, env.VirtualHost;
function env.Component(name)
name = nameprep(name);
if not name then
error("Component must have a name", 2);
end
local prepped_name = nameprep(name);
if not prepped_name then
error(format("Name of Component %q contains forbidden characters", name), 0);
end
name = prepped_name;
if rawget(config_table, name) and rawget(config_table[name], "defined")
and not rawget(config_table[name], "component_module") then
error(format("Component %q clashes with previously defined Host %q, for services use a sub-domain like conference.%s",
@ -195,6 +226,11 @@ do
if f then
local ret, err = parser.load(f:read("*a"), file, config_table);
if not ret then error(err:gsub("%[string.-%]", file), 0); end
if err then
for _, warning in ipairs(err) do
t_insert(warnings, warning);
end
end
end
if not f then error("Error loading included "..file..": "..err, 0); end
return f, err;
@ -217,7 +253,7 @@ do
return nil, err;
end
return true;
return true, warnings;
end
end

19
core/loggingmanager.lua
View file

@ -18,6 +18,9 @@ local getstyle, getstring = require "util.termcolours".getstyle, require "util.t
local config = require "core.configmanager";
local logger = require "util.logger";
local have_pposix, pposix = pcall(require, "util.pposix");
have_pposix = have_pposix and pposix._VERSION == "0.4.0";
local _ENV = nil;
-- luacheck: std none
@ -232,6 +235,22 @@ local function log_to_console(sink_config)
end
log_sink_types.console = log_to_console;
if have_pposix then
local syslog_opened;
local function log_to_syslog(sink_config) -- luacheck: ignore 212/sink_config
if not syslog_opened then
local facility = sink_config.syslog_facility or config.get("*", "syslog_facility");
pposix.syslog_open(sink_config.syslog_name or "prosody", facility);
syslog_opened = true;
end
local syslog = pposix.syslog_log;
return function (name, level, message, ...)
syslog(level, name, format(message, ...));
end;
end
log_sink_types.syslog = log_to_syslog;
end
local function register_sink_type(name, sink_maker)
local old_sink_maker = log_sink_types[name];
log_sink_types[name] = sink_maker;

120
core/moduleapi.lua
View file

@ -14,13 +14,18 @@ local pluginloader = require "util.pluginloader";
local timer = require "util.timer";
local resolve_relative_path = require"util.paths".resolve_relative_path;
local st = require "util.stanza";
local cache = require "util.cache";
local errutil = require "util.error";
local promise = require "util.promise";
local time_now = require "util.time".now;
local format = require "util.format".format;
local t_insert, t_remove, t_concat = table.insert, table.remove, table.concat;
local error, setmetatable, type = error, setmetatable, type;
local ipairs, pairs, select = ipairs, pairs, select;
local tonumber, tostring = tonumber, tostring;
local require = require;
local pack = table.pack or function(...) return {n=select("#",...), ...}; end -- table.pack is only in 5.2
local pack = table.pack or require "util.table".pack; -- table.pack is only in 5.2
local unpack = table.unpack or unpack; --luacheck: ignore 113 -- renamed in 5.2
local prosody = prosody;
@ -361,6 +366,91 @@ function api:send(stanza, origin)
return core_post_stanza(origin or hosts[self.host], stanza);
end
function api:send_iq(stanza, origin, timeout)
local iq_cache = self._iq_cache;
if not iq_cache then
iq_cache = cache.new(256, function (_, iq)
iq.reject(errutil.new({
type = "wait", condition = "resource-constraint",
text = "evicted from iq tracking cache"
}));
end);
self._iq_cache = iq_cache;
end
local event_type;
if stanza.attr.from == self.host then
event_type = "host";
else -- assume bare since we can't hook full jids
event_type = "bare";
end
local result_event = "iq-result/"..event_type.."/"..stanza.attr.id;
local error_event = "iq-error/"..event_type.."/"..stanza.attr.id;
local cache_key = event_type.."/"..stanza.attr.id;
local p = promise.new(function (resolve, reject)
local function result_handler(event)
if event.stanza.attr.from == stanza.attr.to then
resolve(event);
return true;
end
end
local function error_handler(event)
if event.stanza.attr.from == stanza.attr.to then
reject(errutil.from_stanza(event.stanza), event);
return true;
end
end
if iq_cache:get(cache_key) then
reject(errutil.new({
type = "modify", condition = "conflict",
text = "IQ stanza id attribute already used",
}));
return;
end
self:hook(result_event, result_handler);
self:hook(error_event, error_handler);
local timeout_handle = self:add_timer(timeout or 120, function ()
reject(errutil.new({
type = "wait", condition = "remote-server-timeout",
text = "IQ stanza timed out",
}));
end);
local ok = iq_cache:set(cache_key, {
reject = reject, resolve = resolve,
timeout_handle = timeout_handle,
result_handler = result_handler, error_handler = error_handler;
});
if not ok then
reject(errutil.new({
type = "wait", condition = "internal-server-error",
text = "Could not store IQ tracking data"
}));
return;
end
self:send(stanza, origin);
end);
p:finally(function ()
local iq = iq_cache:get(cache_key);
if iq then
self:unhook(result_event, iq.result_handler);
self:unhook(error_event, iq.error_handler);
iq.timeout_handle:stop();
iq_cache:set(cache_key, nil);
end
end);
return p;
end
function api:broadcast(jids, stanza, iter)
for jid in (iter or it.values)(jids) do
local new_stanza = st.clone(stanza);
@ -432,4 +522,32 @@ function api:measure_global_event(event_name, stat_name)
return self:measure_object_event(prosody.events.wrappers, event_name, stat_name);
end
local status_priorities = { error = 3, warn = 2, info = 1, core = 0 };
function api:set_status(status_type, status_message, override)
local priority = status_priorities[status_type];
if not priority then
self:log("error", "set_status: Invalid status type '%s', assuming 'info'");
status_type, priority = "info", status_priorities.info;
end
local current_priority = status_priorities[self.status_type] or 0;
-- By default an 'error' status can only be overwritten by another 'error' status
if (current_priority >= status_priorities.error and priority < current_priority and override ~= true)
or (override == false and current_priority > priority) then
self:log("debug", "moduleapi: ignoring status [prio %d override %s]: %s", priority, override, status_message);
return;
end
self.status_type, self.status_message, self.status_time = status_type, status_message, time_now();
self:fire_event("module-status/updated", { name = self.name });
end
function api:log_status(level, msg, ...)
self:set_status(level, format(msg, ...));
return self:log(level, msg, ...);
end
function api:get_status()
return self.status_type, self.status_message, self.status_time;
end
return api;

25
core/modulemanager.lua
View file

@ -23,8 +23,24 @@ local debug_traceback = debug.traceback;
local setmetatable, rawget = setmetatable, rawget;
local ipairs, pairs, type, t_insert = ipairs, pairs, type, table.insert;
local autoload_modules = {prosody.platform, "presence", "message", "iq", "offline", "c2s", "s2s", "s2s_auth_certs"};
local component_inheritable_modules = {"tls", "saslauth", "dialback", "iq", "s2s"};
local autoload_modules = {
prosody.platform,
"presence",
"message",
"iq",
"offline",
"c2s",
"s2s",
"s2s_auth_certs",
};
local component_inheritable_modules = {
"tls",
"saslauth",
"dialback",
"iq",
"s2s",
"s2s_bidi",
};
-- We need this to let modules access the real global namespace
local _G = _G;
@ -174,6 +190,7 @@ local function do_load_module(host, module_name, state)
local mod, err = pluginloader.load_code(module_name, nil, pluginenv);
if not mod then
log("error", "Unable to load module '%s': %s", module_name or "nil", err or "nil");
api_instance:set_status("error", "Failed to load (see log)");
return nil, err;
end
@ -187,6 +204,7 @@ local function do_load_module(host, module_name, state)
ok, err = call_module_method(pluginenv, "load");
if not ok then
log("warn", "Error loading module '%s' on '%s': %s", module_name, host, err or "nil");
api_instance:set_status("warn", "Error during load (see log)");
end
end
api_instance.reloading, api_instance.saved_state = nil, nil;
@ -209,6 +227,9 @@ local function do_load_module(host, module_name, state)
if not ok then
modulemap[api_instance.host][module_name] = nil;
log("error", "Error initializing module '%s' on '%s': %s", module_name, host, err or "nil");
api_instance:set_status("warn", "Error during load (see log)");
else
api_instance:set_status("core", "Loaded", false);
end
return ok and pluginenv, err;
end

58
core/portmanager.lua
View file

@ -9,7 +9,8 @@ local set = require "util.set";
local table = table;
local setmetatable, rawset, rawget = setmetatable, rawset, rawget;
local type, tonumber, tostring, ipairs = type, tonumber, tostring, ipairs;
local type, tonumber, ipairs = type, tonumber, ipairs;
local pairs = pairs;
local prosody = prosody;
local fire_event = prosody.events.fire_event;
@ -95,25 +96,25 @@ local function activate(service_name)
}
bind_ports = set.new(type(bind_ports) ~= "table" and { bind_ports } or bind_ports );
local mode, ssl = listener.default_mode or default_mode;
local mode = listener.default_mode or default_mode;
local hooked_ports = {};
for interface in bind_interfaces do
for port in bind_ports do
local port_number = tonumber(port);
if not port_number then
log("error", "Invalid port number specified for service '%s': %s", service_info.name, tostring(port));
log("error", "Invalid port number specified for service '%s': %s", service_info.name, port);
elseif #active_services:search(nil, interface, port_number) > 0 then
log("error", "Multiple services configured to listen on the same port ([%s]:%d): %s, %s", interface, port,
active_services:search(nil, interface, port)[1][1].service.name or "<unnamed>", service_name or "<unnamed>");
else
local err;
local ssl, cfg, err;
-- Create SSL context for this service/port
if service_info.encryption == "ssl" then
local global_ssl_config = config.get("*", "ssl") or {};
local prefix_ssl_config = config.get("*", config_prefix.."ssl") or global_ssl_config;
log("debug", "Creating context for direct TLS service %s on port %d", service_info.name, port);
ssl, err = certmanager.create_context(service_info.name.." port "..port, "server",
ssl, err, cfg = certmanager.create_context(service_info.name.." port "..port, "server",
prefix_ssl_config[interface],
prefix_ssl_config[port],
prefix_ssl_config,
@ -127,7 +128,12 @@ local function activate(service_name)
end
if not err then
-- Start listening on interface+port
local handler, err = server.addserver(interface, port_number, listener, mode, ssl);
local handler, err = server.listen(interface, port_number, listener, {
read_size = mode,
tls_ctx = ssl,
tls_direct = service_info.encryption == "ssl";
sni_hosts = {},
});
if not handler then
log("error", "Failed to open server port %d on %s, %s", port_number, interface,
error_to_friendly_message(service_name, port_number, err));
@ -137,6 +143,7 @@ local function activate(service_name)
active_services:add(service_name, interface, port_number, {
server = handler;
service = service_info;
tls_cfg = cfg;
});
end
end
@ -222,15 +229,54 @@ end
-- Event handlers
local function add_sni_host(host, service)
-- local global_ssl_config = config.get(host, "ssl") or {};
for name, interface, port, n, active_service --luacheck: ignore 213
in active_services:iter(service, nil, nil, nil) do
if active_service.server.hosts and active_service.tls_cfg then
-- local config_prefix = (active_service.config_prefix or name).."_";
-- if config_prefix == "_" then
-- config_prefix = "";
-- end
-- local prefix_ssl_config = config.get(host, config_prefix.."ssl") or global_ssl_config;
-- FIXME only global 'ssl' settings are mixed in here
-- TODO per host and per service settings should be merged in,
-- without overriding the per-host certificate
local ssl, err, cfg = certmanager.create_context(host, "server");
if ssl then
active_service.server.hosts[host] = ssl;
if not active_service.tls_cfg.certificate then
active_service.server.tls_ctx = ssl;
active_service.tls_cfg = cfg;
end
else
log("error", "err = %q", err);
end
end
end
end
prosody.events.add_handler("item-added/net-provider", function (event)
local item = event.item;
register_service(item.name, item);
for host in pairs(prosody.hosts) do
add_sni_host(host, item.name);
end
end);
prosody.events.add_handler("item-removed/net-provider", function (event)
local item = event.item;
unregister_service(item.name, item);
end);
prosody.events.add_handler("host-activated", add_sni_host);
prosody.events.add_handler("host-deactivated", function (host)
for name, interface, port, n, active_service --luacheck: ignore 213
in active_services:iter(nil, nil, nil, nil) do
if active_service.tls_cfg then
active_service.server.hosts[host] = nil;
end
end
end);
return {
activate = activate;
deactivate = deactivate;

28
core/rostermanager.lua
View file

@ -12,6 +12,7 @@
local log = require "util.logger".init("rostermanager");
local new_id = require "util.id".short;
local new_cache = require "util.cache".new;
local pairs = pairs;
local tostring = tostring;
@ -111,6 +112,23 @@ local function load_roster(username, host)
else -- Attempt to load roster for non-loaded user
log("debug", "load_roster: loading for offline user: %s", jid);
end
local roster_cache = hosts[host] and hosts[host].roster_cache;
if not roster_cache then
if hosts[host] then
roster_cache = new_cache(1024);
hosts[host].roster_cache = roster_cache;
end
else
roster = roster_cache:get(jid);
if roster then
log("debug", "load_roster: cache hit");
roster_cache:set(jid, roster);
if user then user.roster = roster; end
return roster;
else
log("debug", "load_roster: cache miss, loading from storage");
end
end
local roster_store = storagemanager.open(host, "roster", "keyval");
local data, err = roster_store:get(username);
roster = data or {};
@ -134,6 +152,10 @@ local function load_roster(username, host)
if not err then
hosts[host].events.fire_event("roster-load", { username = username, host = host, roster = roster });
end
if roster_cache and not user then
log("debug", "load_roster: caching loaded roster");
roster_cache:set(jid, roster);
end
return roster, err;
end
@ -263,15 +285,15 @@ end
function is_contact_pending_in(username, host, jid)
local roster = load_roster(username, host);
return roster[false].pending[jid];
return roster[false].pending[jid] ~= nil;
end
local function set_contact_pending_in(username, host, jid)
local function set_contact_pending_in(username, host, jid, stanza)
local roster = load_roster(username, host);
local item = roster[jid];
if item and (item.subscription == "from" or item.subscription == "both") then
return; -- false
end
roster[false].pending[jid] = true;
roster[false].pending[jid] = st.is_stanza(stanza) and st.preserialize(stanza) or true;
return save_roster(username, host, roster, jid);
end
function is_contact_pending_out(username, host, jid)

50
core/s2smanager.lua
View file

@ -9,10 +9,10 @@
local hosts = prosody.hosts;
local tostring, pairs, setmetatable
= tostring, pairs, setmetatable;
local pairs, setmetatable = pairs, setmetatable;
local logger_init = require "util.logger".init;
local sessionlib = require "util.session";
local log = logger_init("s2smanager");
@ -26,18 +26,29 @@ local _ENV = nil;
-- luacheck: std none
local function new_incoming(conn)
local session = { conn = conn, type = "s2sin_unauthed", direction = "incoming", hosts = {} };
session.log = logger_init("s2sin"..tostring(session):match("[a-f0-9]+$"));
incoming_s2s[session] = true;
return session;
local host_session = sessionlib.new("s2sin");
sessionlib.set_id(host_session);
sessionlib.set_logger(host_session);
sessionlib.set_conn(host_session, conn);
host_session.direction = "incoming";
host_session.incoming = true;
host_session.hosts = {};
incoming_s2s[host_session] = true;
return host_session;
end
local function new_outgoing(from_host, to_host)
local host_session = { to_host = to_host, from_host = from_host, host = from_host,
notopen = true, type = "s2sout_unauthed", direction = "outgoing" };
local host_session = sessionlib.new("s2sout");
sessionlib.set_id(host_session);
sessionlib.set_logger(host_session);
host_session.to_host = to_host;
host_session.from_host = from_host;
host_session.host = from_host;
host_session.notopen = true;
host_session.direction = "outgoing";
host_session.outgoing = true;
host_session.hosts = {};
hosts[from_host].s2sout[to_host] = host_session;
local conn_name = "s2sout"..tostring(host_session):match("[a-f0-9]*$");
host_session.log = logger_init(conn_name);
return host_session;
end
@ -50,6 +61,9 @@ local resting_session = { -- Resting, not dead
close = function (session)
session.log("debug", "Attempt to close already-closed session");
end;
reset_stream = function (session)
session.log("debug", "Attempt to reset stream of already-closed session");
end;
filter = function (type, data) return data; end; --luacheck: ignore 212/type
}; resting_session.__index = resting_session;
@ -63,23 +77,25 @@ local function retire_session(session, reason)
session.destruction_reason = reason;
function session.send(data) log("debug", "Discarding data sent to resting session: %s", tostring(data)); end
function session.data(data) log("debug", "Discarding data received from resting session: %s", tostring(data)); end
function session.send(data) log("debug", "Discarding data sent to resting session: %s", data); end
function session.data(data) log("debug", "Discarding data received from resting session: %s", data); end
session.thread = { run = function (_, data) return session.data(data) end };
session.sends2s = session.send;
return setmetatable(session, resting_session);
end
local function destroy_session(session, reason)
local function destroy_session(session, reason, bounce_reason)
if session.destroyed then return; end
(session.log or log)("debug", "Destroying "..tostring(session.direction)
.." session "..tostring(session.from_host).."->"..tostring(session.to_host)
..(reason and (": "..reason) or ""));
local log = session.log or log;
log("debug", "Destroying %s session %s->%s%s%s", session.direction, session.from_host, session.to_host, reason and ": " or "", reason or "");
if session.direction == "outgoing" then
hosts[session.from_host].s2sout[session.to_host] = nil;
session:bounce_sendq(reason);
session:bounce_sendq(bounce_reason or reason);
elseif session.direction == "incoming" then
if session.outgoing then
hosts[session.to_host].s2sout[session.from_host] = nil;
end
incoming_s2s[session] = nil;
end

38
core/sessionmanager.lua
View file

@ -21,6 +21,7 @@ local config_get = require "core.configmanager".get;
local resourceprep = require "util.encodings".stringprep.resourceprep;
local nodeprep = require "util.encodings".stringprep.nodeprep;
local generate_identifier = require "util.id".short;
local sessionlib = require "util.session";
local initialize_filters = require "util.filters".initialize;
local gettime = require "socket".gettime;
@ -29,23 +30,34 @@ local _ENV = nil;
-- luacheck: std none
local function new_session(conn)
local session = { conn = conn, type = "c2s_unauthed", conntime = gettime() };
local session = sessionlib.new("c2s");
sessionlib.set_id(session);
sessionlib.set_logger(session);
sessionlib.set_conn(session, conn);
session.conntime = gettime();
local filter = initialize_filters(session);
local w = conn.write;
function session.rawsend(t)
t = filter("bytes/out", tostring(t));
if t then
local ret, err = w(conn, t);
if not ret then
session.log("debug", "Error writing to connection: %s", err);
return false, err;
end
end
return true;
end
session.send = function (t)
session.log("debug", "Sending[%s]: %s", session.type, t.top_tag and t:top_tag() or t:match("^[^>]*>?"));
if t.name then
t = filter("stanzas/out", t);
end
if t then
t = filter("bytes/out", tostring(t));
if t then
local ret, err = w(conn, t);
if not ret then
session.log("debug", "Error writing to connection: %s", tostring(err));
return false, err;
end
end
return session.rawsend(t);
end
return true;
end
@ -73,8 +85,8 @@ local function retire_session(session)
end
end
function session.send(data) log("debug", "Discarding data sent to resting session: %s", tostring(data)); return false; end
function session.data(data) log("debug", "Discarding data received from resting session: %s", tostring(data)); end
function session.send(data) log("debug", "Discarding data sent to resting session: %s", data); return false; end
function session.data(data) log("debug", "Discarding data received from resting session: %s", data); end
session.thread = { run = function (_, data) return session.data(data) end };
return setmetatable(session, resting_session);
end
@ -117,7 +129,7 @@ local function make_authenticated(session, username)
if session.type == "c2s_unauthed" then
session.type = "c2s_unbound";
end
session.log("info", "Authenticated as %s@%s", username or "(unknown)", session.host or "(unknown)");
session.log("info", "Authenticated as %s@%s", username, session.host or "(unknown)");
return true;
end
@ -138,7 +150,7 @@ local function bind_resource(session, resource)
resource = event_payload.resource;
end
resource = resourceprep(resource);
resource = resourceprep(resource or "", true);
resource = resource ~= "" and resource or generate_identifier();
--FIXME: Randomly-generated resources must be unique per-user, and never conflict with existing

6
core/stanza_router.lua
View file

@ -111,8 +111,8 @@ function core_process_stanza(origin, stanza)
stanza.attr.from = from;
end
if (origin.type == "s2sin" or origin.type == "c2s" or origin.type == "component") and xmlns == nil then
if origin.type == "s2sin" and not origin.dummy then
if (origin.type == "s2sin" or origin.type == "s2sout" or origin.type == "c2s" or origin.type == "component") and xmlns == nil then
if (origin.type == "s2sin" or origin.type == "s2sout") and not origin.dummy then
local host_status = origin.hosts[from_host];
if not host_status or not host_status.authed then -- remote server trying to impersonate some other server?
log("warn", "Received a stanza claiming to be from %s, over a stream authed for %s!", from_host, origin.from_host);
@ -199,7 +199,7 @@ function core_route_stanza(origin, stanza)
else
local host_session = hosts[from_host];
if not host_session then
log("error", "No hosts[from_host] (please report): %s", tostring(stanza));
log("error", "No hosts[from_host] (please report): %s", stanza);
else
local xmlns = stanza.attr.xmlns;
stanza.attr.xmlns = nil;

1
core/statsmanager.lua
View file

@ -97,6 +97,7 @@ if stats then
end
timer.add_task(stats_interval, collect);
prosody.events.add_handler("server-started", function () collect() end, -1);
prosody.events.add_handler("server-stopped", function () collect() end, -1);
else
log("debug", "Statistics enabled using %s provider, collection is disabled", stats_provider_name);
end

804
doc/coding_style.md Normal file
View file

@ -0,0 +1,804 @@
# Prosody Coding Style Guide
This style guides lists the coding conventions used in the
[Prosody](https://prosody.im/) project. It is based heavily on the [style guide used by the LuaRocks project](https://github.com/luarocks/lua-style-guide).
## Indentation and formatting
* Prosody code is indented with tabs at the start of the line, a single
tab per logical indent level:
```lua
for i, pkg in ipairs(packages) do
for name, version in pairs(pkg) do
if name == searched then
print(version);
end
end
end
```
Tab width is configurable in editors, so never assume a particular width.
Specically this means you should not mix tabs and spaces, or use tabs for
alignment of items at different indentation levels.
* Use LF (Unix) line endings.
## Comments
* Comments are encouraged where necessary to explain non-obvious code.
* In general comments should be used to explain 'why', not 'how'
### Comment tags
A comment may be prefixed with one of the following tags:
* **FIXME**: Indicates a serious problem with the code that should be addressed
* **TODO**: Indicates an open task, feature request or code restructuring that
is primarily of interest to developers (otherwise it should be in the
issue tracker).
* **COMPAT**: Must be used on all code that is present only for backwards-compatibility,
and may be removed one day. For example code that is added to support old
or buggy third-party software or dependencies.
**Example:**
```lua
-- TODO: implement method
local function something()
-- FIXME: check conditions
end
```
## Variable names
* Variable names with larger scope should be more descriptive than those with
smaller scope. One-letter variable names should be avoided except for very
small scopes (less than ten lines) or for iterators.
* `i` should be used only as a counter variable in for loops (either numeric for
or `ipairs`).
* Prefer more descriptive names than `k` and `v` when iterating with `pairs`,
unless you are writing a function that operates on generic tables.
* Use `_` for ignored variables (e.g. in for loops:)
```lua
for _, item in ipairs(items) do
do_something_with_item(item);
end
```
* Generally all identifiers (variables and function names) should use `snake_case`,
i.e. lowercase words joined by `_`.
```lua
-- bad
local OBJEcttsssss = {}
local thisIsMyObject = {}
local c = function()
-- ...stuff...
end
-- good
local this_is_my_object = {};
local function do_that_thing()
-- ...stuff...
end
```
> **Rationale:** The standard library uses lowercase APIs, with `joinedlowercase`
names, but this does not scale too well for more complex APIs. `snake_case`
tends to look good enough and not too out-of-place along side the standard
APIs.
```lua
for _, name in pairs(names) do
-- ...stuff...
end
```
* Prefer using `is_` when naming boolean functions:
```lua
-- bad
local function evil(alignment)
return alignment < 100
end
-- good
local function is_evil(alignment)
return alignment < 100;
end
```
* `UPPER_CASE` is to be used sparingly, with "constants" only.
> **Rationale:** "Sparingly", since Lua does not have real constants. This
notation is most useful in libraries that bind C libraries, when bringing over
constants from C.
* Do not use uppercase names starting with `_`, they are reserved by Lua.
## Tables
* When creating a table, prefer populating its fields all at once, if possible:
```lua
local player = { name = "Jack", class = "Rogue" };
```
* Items should be separated by commas. If there are many items, put each
key/value on a separate line and use a semi-colon after each item (including
the last one):
```lua
local player = {
name = "Jack";
class = "Rogue";
}
```
> **Rationale:** This makes the structure of your tables more evident at a glance.
Trailing semi-colons make it quicker to add new fields and produces shorter diffs.
* Use plain `key` syntax whenever possible, use `["key"]` syntax when using names
that can't be represented as identifiers and avoid mixing representations in
a declaration:
```lua
local mytable = {
["1394-E"] = val1;
["UTF-8"] = val2;
["and"] = val2;
}
```
## Strings
* Use `"double quotes"` for strings; use `'single quotes'` when writing strings
that contain double quotes.
```lua
local name = "Prosody";
local sentence = 'The name of the program is "Prosody"';
```
> **Rationale:** Double quotes are used as string delimiters in a larger number of
programming languages. Single quotes are useful for avoiding escaping when
using double quotes in literals.
## Line lengths
* There are no hard or soft limits on line lengths. Line lengths are naturally
limited by using one statement per line. If that still produces lines that are
too long (e.g. an expression that produces a line over 256-characters long,
for example), this means the expression is too complex and would do better
split into subexpressions with reasonable names.
> **Rationale:** No one works on VT100 terminals anymore. If line lengths are a proxy
for code complexity, we should address code complexity instead of using line
breaks to fit mind-bending statements over multiple lines.
## Function declaration syntax
* Prefer function syntax over variable syntax. This helps differentiate between
named and anonymous functions.
```lua
-- bad
local nope = function(name, options)
-- ...stuff...
end
-- good
local function yup(name, options)
-- ...stuff...
end
```
* Perform validation early and return as early as possible.
```lua
-- bad
local function is_good_name(name, options, arg)
local is_good = #name > 3
is_good = is_good and #name < 30
-- ...stuff...
return is_good
end
-- good
local function is_good_name(name, options, args)
if #name < 3 or #name > 30 then
return false;
end
-- ...stuff...
return true;
end
```
## Function calls
* Even though Lua allows it, generally you should not omit parentheses
for functions that take a unique string literal argument.
```lua
-- bad
local data = get_data"KRP"..tostring(area_number)
-- good
local data = get_data("KRP"..tostring(area_number));
local data = get_data("KRP")..tostring(area_number);
```
> **Rationale:** It is not obvious at a glace what the precedence rules are
when omitting the parentheses in a function call. Can you quickly tell which
of the two "good" examples in equivalent to the "bad" one? (It's the second
one).
* You should not omit parenthesis for functions that take a unique table
argument on a single line. You may do so for table arguments that span several
lines.
```lua
local an_instance = a_module.new {
a_parameter = 42;
another_parameter = "yay";
}
```
> **Rationale:** The use as in `a_module.new` above occurs alone in a statement,
so there are no precedence issues.
## Table attributes
* Use dot notation when accessing known properties.
```lua
local luke = {
jedi = true;
age = 28;
}
-- bad
local is_jedi = luke["jedi"]
-- good
local is_jedi = luke.jedi;
```
* Use subscript notation `[]` when accessing properties with a variable or if using a table as a list.
```lua
local vehicles = load_vehicles_from_disk("vehicles.dat")
if vehicles["Porsche"] then
porsche_handler(vehicles["Porsche"]);
vehicles["Porsche"] = nil;
end
for name, cars in pairs(vehicles) do
regular_handler(cars);
end
```
> **Rationale:** Using dot notation makes it clearer that the given key is meant
to be used as a record/object field.
## Functions in tables
* When declaring modules and classes, declare functions external to the table definition:
```lua
local my_module = {};
function my_module.a_function(x)
-- code
end
```
* When declaring metatables, declare function internal to the table definition.
```lua
local version_mt = {
__eq = function(a, b)
-- code
end;
__lt = function(a, b)
-- code
end;
}
```
> **Rationale:** Metatables contain special behavior that affect the tables
they're assigned (and are used implicitly at the call site), so it's good to
be able to get a view of the complete behavior of the metatable at a glance.
This is not as important for objects and modules, which usually have way more
code, and which don't fit in a single screen anyway, so nesting them inside
the table does not gain much: when scrolling a longer file, it is more evident
that `check_version` is a method of `Api` if it says `function Api:check_version()`
than if it says `check_version = function()` under some indentation level.
## Variable declaration
* Always use `local` to declare variables.
```lua
-- bad
superpower = get_superpower()
-- good
local superpower = get_superpower();
```
> **Rationale:** Not doing so will result in global variables to avoid polluting
the global namespace.
## Variable scope
* Assign variables with the smallest possible scope.
```lua
-- bad
local function good()
local name = get_name()
test()
print("doing stuff..")
--...other stuff...
if name == "test" then
return false
end
return name
end
-- good
local bad = function()
test();
print("doing stuff..");
--...other stuff...
local name = get_name();
if name == "test" then
return false;
end
return name;
end
```
> **Rationale:** Lua has proper lexical scoping. Declaring the function later means that its
scope is smaller, so this makes it easier to check for the effects of a variable.
## Conditional expressions
* False and nil are falsy in conditional expressions. Use shortcuts when you
can, unless you need to know the difference between false and nil.
```lua
-- bad
if name ~= nil then
-- ...stuff...
end
-- good
if name then
-- ...stuff...
end
```
* Avoid designing APIs which depend on the difference between `nil` and `false`.
* Use the `and`/`or` idiom for the pseudo-ternary operator when it results in
more straightforward code. When nesting expressions, use parentheses to make it
easier to scan visually:
```lua
local function default_name(name)
-- return the default "Waldo" if name is nil
return name or "Waldo";
end
local function brew_coffee(machine)
return (machine and machine.is_loaded) and "coffee brewing" or "fill your water";
end
```
Note that the `x and y or z` as a substitute for `x ? y : z` does not work if
`y` may be `nil` or `false` so avoid it altogether for returning booleans or
values which may be nil.
## Blocks
* Use single-line blocks only for `then return`, `then break` and `function return` (a.k.a "lambda") constructs:
```lua
-- good
if test then break end
-- good
if not ok then return nil, "this failed for this reason: " .. reason end
-- good
use_callback(x, function(k) return k.last end);
-- good
if test then
return false
end
-- bad
if test < 1 and do_complicated_function(test) == false or seven == 8 and nine == 10 then do_other_complicated_function() end
-- good
if test < 1 and do_complicated_function(test) == false or seven == 8 and nine == 10 then
do_other_complicated_function();
return false;
end
```
* Separate statements onto multiple lines. Use semicolons as statement terminators.
```lua
-- bad
local whatever = "sure"
a = 1 b = 2
-- good
local whatever = "sure";
a = 1;
b = 2;
```
## Spacing
* Use a space after `--`.
```lua
--bad
-- good
```
* Always put a space after commas and between operators and assignment signs:
```lua
-- bad
local x = y*9
local numbers={1,2,3}
numbers={1 , 2 , 3}
numbers={1 ,2 ,3}
local strings = { "hello"
, "Lua"
, "world"
}
dog.set( "attr",{
age="1 year",
breed="Bernese Mountain Dog"
})
-- good
local x = y * 9;
local numbers = {1, 2, 3};
local strings = {
"hello";
"Lua";
"world";
}
dog.set("attr", {
age = "1 year";
breed = "Bernese Mountain Dog";
});
```
* Indent tables and functions according to the start of the line, not the construct:
```lua
-- bad
local my_table = {
"hello",
"world",
}
using_a_callback(x, function(...)
print("hello")
end)
-- good
local my_table = {
"hello";
"world";
}
using_a_callback(x, function(...)
print("hello");
end)
```
> **Rationale:** This keep indentation levels aligned at predictable places. You don't
need to realign the entire block if something in the first line changes (such as
replacing `x` with `xy` in the `using_a_callback` example above).
* The concatenation operator gets a pass for avoiding spaces:
```lua
-- okay
local message = "Hello, "..user.."! This is your day # "..day.." in our platform!";
```
> **Rationale:** Being at the baseline, the dots already provide some visual spacing.
* No spaces after the name of a function in a declaration or in its arguments:
```lua
-- bad
local function hello ( name, language )
-- code
end
-- good
local function hello(name, language)
-- code
end
```
* Add blank lines between functions:
```lua
-- bad
local function foo()
-- code
end
local function bar()
-- code
end
-- good
local function foo()
-- code
end
local function bar()
-- code
end
```
* Avoid aligning variable declarations:
```lua
-- bad
local a = 1
local long_identifier = 2
-- good
local a = 1;
local long_identifier = 2;
```
> **Rationale:** This produces extra diffs which add noise to `git blame`.
* Alignment is occasionally useful when logical correspondence is to be highlighted:
```lua
-- okay
sys_command(form, UI_FORM_UPDATE_NODE, "a", FORM_NODE_HIDDEN, false);
sys_command(form, UI_FORM_UPDATE_NODE, "sample", FORM_NODE_VISIBLE, false);
```
## Typing
* In non-performance critical code, it can be useful to add type-checking assertions
for function arguments:
```lua
function manif.load_manifest(repo_url, lua_version)
assert(type(repo_url) == "string");
assert(type(lua_version) == "string" or not lua_version);
-- ...
end
```
* Use the standard functions for type conversion, avoid relying on coercion:
```lua
-- bad
local total_score = review_score .. ""
-- good
local total_score = tostring(review_score);
```
## Errors
* Functions that can fail for reasons that are expected (e.g. I/O) should
return `nil` and a (string) error message on error, possibly followed by other
return values such as an error code.
* On errors such as API misuse, an error should be thrown, either with `error()`
or `assert()`.
## Modules
Follow [these guidelines](http://hisham.hm/2014/01/02/how-to-write-lua-modules-in-a-post-module-world/) for writing modules. In short:
* Always require a module into a local variable named after the last component of the module’s full name.
```lua
local bar = require("foo.bar"); -- requiring the module
bar.say("hello"); -- using the module
```
* Don’t rename modules arbitrarily:
```lua
-- bad
local skt = require("socket")
```
> **Rationale:** Code is much harder to read if we have to keep going back to the top
to check how you chose to call a module.
* Start a module by declaring its table using the same all-lowercase local
name that will be used to require it. You may use an LDoc comment to identify
the whole module path.
```lua
--- @module foo.bar
local bar = {};
```
* Try to use names that won't clash with your local variables. For instance, don't
name your module something like “size”.
* Use `local function` to declare _local_ functions only: that is, functions
that won’t be accessible from outside the module.
That is, `local function helper_foo()` means that `helper_foo` is really local.
* Public functions are declared in the module table, with dot syntax:
```lua
function bar.say(greeting)
print(greeting);
end
```
> **Rationale:** Visibility rules are made explicit through syntax.
* Do not set any globals in your module and always return a table in the end.
* If you would like your module to be used as a function, you may set the
`__call` metamethod on the module table instead.
> **Rationale:** Modules should return tables in order to be amenable to have their
contents inspected via the Lua interactive interpreter or other tools.
* Requiring a module should cause no side-effect other than loading other
modules and returning the module table.
* A module should not have state. If a module needs configuration, turn
it into a factory. For example, do not make something like this:
```lua
-- bad
local mp = require "MessagePack"
mp.set_integer("unsigned")
```
and do something like this instead:
```lua
-- good
local messagepack = require("messagepack");
local mpack = messagepack.new({integer = "unsigned"});
```
* The invocation of require may omit parentheses around the module name:
```lua
local bla = require "bla";
```
## Metatables, classes and objects
If creating a new type of object that has a metatable and methods, the
metatable and methods table should be separate, and the metatable name
should end with `_mt`.
```lua
local mytype_methods = {};
local mytype_mt = { __index = mytype_methods };
function mytype_methods:add_new_thing(thing)
end
local function new()
return setmetatable({}, mytype_mt);
end
return { new = new };
```
* Use the method notation when invoking methods:
```
-- bad
my_object.my_method(my_object)
-- good
my_object:my_method();
```
> **Rationale:** This makes it explicit that the intent is to use the function as a method.
* Do not rely on the `__gc` metamethod to release resources other than memory.
If your object manage resources such as files, add a `close` method to their
APIs and do not auto-close via `__gc`. Auto-closing via `__gc` would entice
users of your module to not close resources as soon as possible. (Note that
the standard `io` library does not follow this recommendation, and users often
forget that not closing files immediately can lead to "too many open files"
errors when the program runs for a while.)
> **Rationale:** The garbage collector performs automatic *memory* management,
dealing with memory only. There is no guarantees as to when the garbage
collector will be invoked, and memory pressure does not correlate to pressure
on other resources.
## File structure
* Lua files should be named in all lowercase.
* Tests should be in a top-level `spec` directory. Prosody uses
[Busted](http://olivinelabs.com/busted/) for testing.
## Static checking
All code should pass [luacheck](https://github.com/mpeterv/luacheck) using
the `.luacheckrc` provided in the Prosody repository, and using miminal
inline exceptions.
* luacheck warnings of class 211, 212, 213 (unused variable, argument or loop
variable) may be ignored, if the unused variable was added explicitly: for
example, sometimes it is useful, for code understandability, to spell out what
the keys and values in a table are, even if you're only using one of them.
Another example is a function that needs to follow a given signature for API
reasons (e.g. a callback that follows a given format) but doesn't use some of
its arguments; it's better to spell out in the argument what the API the
function implements is, instead of adding `_` variables.
```
local foo, bar = some_function(); --luacheck: ignore 212/foo
print(bar);
```
* luacheck warning 542 (empty if branch) can also be ignored, when a sequence
of `if`/`elseif`/`else` blocks implements a "switch/case"-style list of cases,
and one of the cases is meant to mean "pass". For example:
```lua
if warning >= 600 and warning <= 699 then
print("no whitespace warnings");
elseif warning == 542 then --luacheck: ignore 542
-- pass
else
print("got a warning: "..warning);
end
```
> **Rationale:** This avoids writing negated conditions in the final fallback
case, and it's easy to add another case to the construct without having to
edit the fallback.

33
doc/coding_style.txt
View file

@ -1,33 +0,0 @@
This file describes some coding styles to try and adhere to when contributing to this project.
Please try to follow, and feel free to fix code you see not following this standard.
== Indentation ==
1 tab indentation for all blocks
== Spacing ==
No space between function names and parenthesis and parenthesis and parameters:
function foo(bar, baz)
Single space between braces and key/value pairs in table constructors:
{ foo = "bar", bar = "foo" }
== Local variable naming ==
In this project there are many places where use of globals is restricted, and locals used for faster access.
Local versions of standard functions should follow the below form:
math.random -> m_random
string.char -> s_char
== Miscellaneous ==
Single-statement blocks may be written on one line when short
if foo then bar(); end
'do' and 'then' keywords should be placed at the end of the line, and never on a line by themself.

531
doc/doap.xml Normal file
View file

@ -0,0 +1,531 @@
<?xml version="1.0" encoding="UTF-8"?>
<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:xmpp="https://linkmauve.fr/ns/xmpp-doap#" xml:lang="en">
<Project xmlns="http://usefulinc.com/ns/doap#">
<name>Prosody IM</name>
<shortdesc>Lightweight XMPP server</shortdesc>
<description>Prosody is a server for Jabber/XMPP written in Lua. It aims to be easy to use and light on resources. For developers, it aims to give a flexible system on which to rapidly develop added functionality or rapidly prototype new protocols.</description>
<created>2008-08-22</created>
<category rdf:resource="https://linkmauve.fr/ns/xmpp-doap#category-xmpp"/>
<category rdf:resource="https://linkmauve.fr/ns/xmpp-doap#category-jabber"/>
<category rdf:resource="https://linkmauve.fr/ns/xmpp-doap#category-server"/>
<homepage rdf:resource="https://prosody.im/"/>
<download-page rdf:resource="https://prosody.im/download/"/>
<license rdf:resource="https://hg.prosody.im/trunk/file/tip/COPYING"/>
<bug-database rdf:resource="https://issues.prosody.im/"/>
<support-forum rdf:resource="xmpp:prosody@conference.prosody.im?join"/>
<repository>
<HgRepository>
<location rdf:resource="https://hg.prosody.im/trunk/"/>
<browse rdf:location="https://hg.prosody.im/trunk/"/>
</HgRepository>
</repository>
<programming-langauge>Lua</programming-langauge>
<programming-langauge>C</programming-langauge>
<os>Linux</os>
<os>macOS</os>
<os>FreeBSD</os>
<os>OpenBSD</os>
<os>NetBSD</os>
<maintainer>
<foaf:Person>
<foaf:name>Matthew Wild</foaf:name>
<foaf:nick>MattJ</foaf:nick>
<foaf:homepage>https://matthewwild.co.uk/</foaf:homepage>
</foaf:Person>
</maintainer>
<maintainer>
<foaf:Person>
<foaf:name>Waqas Hussain</foaf:name>
<foaf:nick>waqas</foaf:nick>
</foaf:Person>
</maintainer>
<maintainer>
<foaf:Person>
<foaf:name>Kim Alvefur</foaf:name>
<foaf:nick>Zash</foaf:nick>
<foaf:homepage>https://www.zash.se/</foaf:homepage>
</foaf:Person>
</maintainer>
<implements rdf:resource="https://www.rfc-editor.org/info/rfc5802"/>
<implements rdf:resource="https://www.rfc-editor.org/info/rfc6120"/>
<implements rdf:resource="https://www.rfc-editor.org/info/rfc6121"/>
<implements rdf:resource="https://www.rfc-editor.org/info/rfc6122"/>
<implements rdf:resource="https://www.rfc-editor.org/info/rfc6455"/>
<implements rdf:resource="https://www.rfc-editor.org/info/rfc7395"/>
<!-- Added in hg:0bbbc9042361 released in 0.6.0 -->
<implements rdf:resource="https://datatracker.ietf.org/doc/draft-cridland-xmpp-session/"/>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0004.html"/>
<xmpp:version>2.9</xmpp:version>
<xmpp:status>complete</xmpp:status>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0009.html"/>
<xmpp:since>0.4</xmpp:since>
<xmpp:until>0.7</xmpp:until>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0012.html"/>
<xmpp:version>2.0</xmpp:version>
<xmpp:since>0.1</xmpp:since>
<xmpp:note>mod_lastactivity and mod_uptime</xmpp:note>
<xmpp:status>complete</xmpp:status>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0016.html"/>
<xmpp:since>0.7</xmpp:since>
<xmpp:until>0.10</xmpp:until>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0030.html"/>
<xmpp:since>0.10</xmpp:since>
<xmpp:status>complete</xmpp:status>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0045.html"/>
<xmpp:version>1.32.0</xmpp:version>
<xmpp:since>0.3</xmpp:since>
<xmpp:status>partial</xmpp:status>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0049.html"/>
<xmpp:version>1.2</xmpp:version>
<xmpp:since>0.1</xmpp:since>
<xmpp:status>complete</xmpp:status>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0050.html"/>
<xmpp:since>0.8</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0054.html"/>
<xmpp:since>0.1</xmpp:since>
<xmpp:status>complete</xmpp:status>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0060.html"/>
<xmpp:version>1.15.8</xmpp:version>
<xmpp:since>0.9</xmpp:since>
<xmpp:status>partial</xmpp:status>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0065.html"/>
<xmpp:version>1.8.1</xmpp:version>
<xmpp:since>0.7</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0068.html"/>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0077.html"/>
<xmpp:since>0.1</xmpp:since>
<xmpp:version>2.4</xmpp:version>
<xmpp:status>complete</xmpp:status>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0078.html"/>
<xmpp:version>2.5</xmpp:version>
<xmpp:since>0.1</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0080.html"/>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0082.html"/>
<xmpp:version>1.1</xmpp:version>
<xmpp:since>0.1</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0084.html"/>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0090.html"/>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0091.html"/>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0092.html"/>
<xmpp:version>1.1</xmpp:version>
<xmpp:since>0.1</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0106.html"/>
<xmpp:since>0.9</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0107.html"/>
<xmpp:note>via XEP-0163</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0108.html"/>
<xmpp:note>via XEP-0163</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0114.html"/>
<xmpp:version>1.6</xmpp:version>
<xmpp:since>0.4</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0115.html"/>
<xmpp:since>0.8</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0118.html"/>
<xmpp:note>via XEP-0163</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0122.html"/>
<xmpp:version>1.0.2</xmpp:version>
<xmpp:since>0.11</xmpp:since>
<xmpp:status>partial</xmpp:status>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0124.html"/>
<xmpp:since>0.2</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0126.html"/>
<xmpp:until>0.10</xmpp:until>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0128.html"/>
<xmpp:since>0.9</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0133.html"/>
<xmpp:since>0.7</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0138.html"/>
<xmpp:version>2.0</xmpp:version>
<xmpp:since>0.6</xmpp:since>
<xmpp:until>0.10</xmpp:until>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0153.html"/>
<xmpp:version>1.1</xmpp:version>
<xmpp:since>0.11</xmpp:since>
<xmpp:note>via XEP-0398</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0157.html"/>
<xmpp:version>1.0.1</xmpp:version>
<xmpp:since>0.10</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0160.html"/>
<xmpp:version>1.0.1</xmpp:version>
<xmpp:since>0.1</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0163.html"/>
<xmpp:version>1.2.1</xmpp:version>
<xmpp:since>0.5</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0170.html"/>
<xmpp:version>1.0</xmpp:version>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0172.html"/>
<xmpp:note>via XEP-0163</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0175.html"/>
<xmpp:version>1.2</xmpp:version>
<xmpp:since>0.4</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0178.html"/>
<xmpp:version>1.1</xmpp:version>
<xmpp:since>0.9</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0182.html"/>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0185.html"/>
<xmpp:version>1.0</xmpp:version>
<xmpp:status>complete</xmpp:status>
<xmpp:since>0.9.10</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0189.html"/>
<xmpp:note>via XEP-0163</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0191.html"/>
<xmpp:version>1.3</xmpp:version>
<xmpp:status>complete</xmpp:status>
<xmpp:since>0.10</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0194.html"/>
<xmpp:note>via XEP-0163</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0195.html"/>
<xmpp:note>via XEP-0163</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0196.html"/>
<xmpp:note>via XEP-0163</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0197.html"/>
<xmpp:note>via XEP-0163</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0199.html"/>
<xmpp:version>2.0.1</xmpp:version>
<xmpp:since>0.1</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0202.html"/>
<xmpp:version>2.0</xmpp:version>
<xmpp:since>0.1</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0203.html"/>
<xmpp:version>2.0</xmpp:version>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0206.html"/>
<xmpp:version>1.2</xmpp:version>
<xmpp:since>0.2</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0212.html"/>
<xmpp:note>required level</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0220.html"/>
<xmpp:since>0.1</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0227.html"/>
<xmpp:since>0.7</xmpp:since>
<xmpp:note>Used in migrator tools</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0237.html"/>
<xmpp:since>0.4</xmpp:since>
<xmpp:note>implied by rfc6121</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0280.html"/>
<xmpp:version>0.12.1</xmpp:version>
<xmpp:status>complete</xmpp:status>
<xmpp:since>0.10</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0286.html"/>
<xmpp:since>0.11</xmpp:since>
<xmpp:note>mod_csi_simple</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0288.html"/>
<xmpp:version>1.0.1</xmpp:version>
<xmpp:status>complete</xmpp:status>
<xmpp:since>0.12</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0292.html"/>
<xmpp:version>0.10</xmpp:version>
<xmpp:status>complete</xmpp:status>
<xmpp:since>0.11</xmpp:since>
<xmpp:note>mod_vcard4, mod_vcard_legacy</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0302.html"/>
<xmpp:note>Core Server</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0313.html"/>
<xmpp:version>0.6.3</xmpp:version>
<xmpp:since>0.10</xmpp:since>
<xmpp:note>mod_mam, mod_muc_mam</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0318.html"/>
<xmpp:version>0.2</xmpp:version>
<xmpp:since>0.9</xmpp:since>
<xmpp:note>refers to inclusion of delay stamp in presence</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0352.html"/>
<xmpp:version>0.3.0</xmpp:version>
<xmpp:since>0.11</xmpp:since>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0368.html"/>
<xmpp:version>1.1.0</xmpp:version>
<xmpp:status>partial</xmpp:status>
<xmpp:since>0.2</xmpp:since>
<xmpp:note>legacy_ssl_ports</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0380.html"/>
<xmpp:version>0.3.0</xmpp:version>
<xmpp:since>0.11</xmpp:since>
<xmpp:note>Used in context of XEP-0352</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0384.html"/>
<xmpp:note>via XEP-0163, XEP-0222</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0398.html"/>
<xmpp:version>0.2.1</xmpp:version>
<xmpp:since>0.11</xmpp:since>
<xmpp:status>complete</xmpp:status>
<xmpp:note>mod_vcard_legacy</xmpp:note>
</xmpp:SupportedXep>
</implements>
<implements>
<xmpp:SupportedXep>
<xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0410.html"/>
<xmpp:version>1.0.1</xmpp:version>
<xmpp:since>0.11</xmpp:since>
<xmpp:status>complete</xmpp:status>
<xmpp:note>Server Optimization</xmpp:note>
</xmpp:SupportedXep>
</implements>
</Project>
</rdf:RDF>

21
doc/net.server.lua
View file

@ -160,6 +160,26 @@ Returns:
local function addserver(address, port, listeners, pattern, sslctx)
end
--[[ Binds and listens on the given address and port
Mostly the same as addserver but with all optional arguments in a table
Arguments:
- address: address to bind to, may be "*" to bind all addresses. will be resolved if it is a string.
- port: port to bind (as number)
- listeners: a table of listeners
- config: table of extra settings
- read_size: the amount of bytes to read or a read pattern
- tls_ctx: is a valid luasec constructor
- tls_direct: boolean true for direct TLS, false (or nil) for starttls
Returns:
- handle
- nil, "an error message": on failure (e.g. out of file descriptors)
]]
local function listen(address, port, listeners, config)
end
--[[ Wraps a lua-socket socket client socket in a handle.
The socket must be already connected to the remote end.
If `sslctx` is given, a SSL session will be negotiated before listeners are called.
@ -255,4 +275,5 @@ return {
closeall = closeall;
hook_signal = hook_signal;
watchfd = watchfd;
listen = listen;
}

3
doc/storage.tld
View file

@ -47,6 +47,9 @@ interface archive_store
-- Array of dates which do have messages (Optional?)
dates : ( self, string? ) -> ({ string }) | (nil, string)
-- Map of counts per "with" field
summary : ( self, string?, archive_query? ) -> ( { string : integer } ) | (nil, string)
end
-- This represents moduleapi

10
makefile
View file

@ -19,6 +19,9 @@ INSTALL_EXEC=$(INSTALL) -m755
MKDIR=install -d
MKDIR_PRIVATE=$(MKDIR) -m750
LUACHECK=luacheck
BUSTED=busted
.PHONY: all test clean install
all: prosody.install prosodyctl.install prosody.cfg.lua.install prosody.version
@ -68,8 +71,13 @@ clean:
rm -f prosody.version
$(MAKE) clean -C util-src
lint:
$(LUACHECK) -q $$(HGPLAIN= hg files -I '**.lua') prosody prosodyctl
@echo $$(sed -n '/^\tlocal exclude_files/,/^}/p;' .luacheckrc | sed '1d;$d' | wc -l) files ignored
shellcheck configure
test:
busted --lua=$(RUNWITH)
$(BUSTED) --lua=$(RUNWITH)
prosody.install: prosody

26
net/adns.lua
View file

@ -11,10 +11,10 @@ local new_resolver = require "net.dns".resolver;
local log = require "util.logger".init("adns");
local coroutine, tostring, pcall = coroutine, tostring, pcall;
local coroutine, pcall = coroutine, pcall;
local setmetatable = setmetatable;
local function dummy_send(sock, data, i, j) return (j-i)+1; end
local function dummy_send(sock, data, i, j) return (j-i)+1; end -- luacheck: ignore 212
local _ENV = nil;
-- luacheck: std none
@ -29,8 +29,7 @@ local function new_async_socket(sock, resolver)
local peername = "<unknown>";
local listener = {};
local handler = {};
local err;
function listener.onincoming(conn, data)
function listener.onincoming(conn, data) -- luacheck: ignore 212/conn
if data then
resolver:feed(handler, data);
end
@ -46,9 +45,12 @@ local function new_async_socket(sock, resolver)
resolver:servfail(conn); -- Let the magic commence
end
end
handler, err = server.wrapclient(sock, "dns", 53, listener);
if not handler then
return nil, err;
do
local err;
handler, err = server.wrapclient(sock, "dns", 53, listener);
if not handler then
return nil, err;
end
end
handler.settimeout = function () end
@ -71,11 +73,11 @@ function async_resolver_methods:lookup(handler, qname, qtype, qclass)
handler(peek);
return;
end
log("debug", "Records for %s not in cache, sending query (%s)...", qname, tostring(coroutine.running()));
log("debug", "Records for %s not in cache, sending query (%s)...", qname, coroutine.running());
local ok, err = resolver:query(qname, qtype, qclass);
if ok then
coroutine.yield(setmetatable({ resolver, qclass or "IN", qtype or "A", qname, coroutine.running()}, query_mt)); -- Wait for reply
log("debug", "Reply for %s (%s)", qname, tostring(coroutine.running()));
log("debug", "Reply for %s (%s)", qname, coroutine.running());
end
if ok then
ok, err = pcall(handler, resolver:peek(qname, qtype, qclass));
@ -84,13 +86,13 @@ function async_resolver_methods:lookup(handler, qname, qtype, qclass)
ok, err = pcall(handler, nil, err);
end
if not ok then
log("error", "Error in DNS response handler: %s", tostring(err));
log("error", "Error in DNS response handler: %s", err);
end
end)(resolver:peek(qname, qtype, qclass));
end
function query_methods:cancel(call_handler, reason)
log("warn", "Cancelling DNS lookup for %s", tostring(self[4]));
function query_methods:cancel(call_handler, reason) -- luacheck: ignore 212/reason
log("warn", "Cancelling DNS lookup for %s", self[4]);
self[1].cancel(self[2], self[3], self[4], self[5], call_handler);
end

2
net/connect.lua
View file

@ -38,7 +38,7 @@ local function attempt_connection(p)
p:log("debug", "Next target to try is %s:%d", ip, port);
local conn, err = server.addclient(ip, port, pending_connection_listeners, p.options.pattern or "*a", p.options.sslctx, conn_type, extra);
if not conn then
log("debug", "Connection attempt failed immediately: %s", tostring(err));
log("debug", "Connection attempt failed immediately: %s", err);
p.last_error = err or "unknown reason";
return attempt_connection(p);
end

18
net/connlisteners.lua
View file

@ -1,18 +0,0 @@
-- COMPAT w/pre-0.9
local log = require "util.logger".init("net.connlisteners");
local traceback = debug.traceback;
local _ENV = nil;
-- luacheck: std none
local function fail()
log("error", "Attempt to use legacy connlisteners API. For more info see https://prosody.im/doc/developers/network");
log("error", "Legacy connlisteners API usage, %s", traceback("", 2));
end
return {
register = fail;
get = fail;
start = fail;
-- epic fail
};

6
net/http.lua
View file

@ -40,7 +40,7 @@ local listener = { default_port = 80, default_mode = "*a" };
local function handleerr(err) log("error", "Traceback[http]: %s", traceback(tostring(err), 2)); return err; end
local function log_if_failed(req, ret, ...)
if not ret then
log("error", "Request '%s': error in callback: %s", req.id, tostring((...)));
log("error", "Request '%s': error in callback: %s", req.id, (...));
if not req.suppress_errors then
error(...);
end
@ -150,7 +150,7 @@ function listener.onincoming(conn, data)
local request = requests[conn];
if not request then
log("warn", "Received response from connection %s with no request attached!", tostring(conn));
log("warn", "Received response from connection %s with no request attached!", conn);
return;
end
@ -260,7 +260,7 @@ local function request(self, u, ex, callback)
sslctx = ex and ex.sslctx or self.options and self.options.sslctx;
end
local http_service = basic_resolver.new(host, port_number);
local http_service = basic_resolver.new(host, port_number, "tcp", { servername = req.host });
connect(http_service, listener, { sslctx = sslctx }, req);
self.events.fire_event("request", { http = self, request = req, url = u });

2
net/http/codes.lua
View file

@ -82,5 +82,5 @@ local response_codes = {
-- [512-599] = "Unassigned";
};
for k,v in pairs(response_codes) do response_codes[k] = k.." "..v; end
for k,v in pairs(response_codes) do response_codes[k] = ("%03d %s"):format(k, v); end
return setmetatable(response_codes, { __index = function(_, k) return k.." Unassigned"; end })

149
net/http/files.lua Normal file
View file

@ -0,0 +1,149 @@
-- Prosody IM
-- Copyright (C) 2008-2010 Matthew Wild
-- Copyright (C) 2008-2010 Waqas Hussain
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--
local server = require"net.http.server";
local lfs = require "lfs";
local new_cache = require "util.cache".new;
local log = require "util.logger".init("net.http.files");
local os_date = os.date;
local open = io.open;
local stat = lfs.attributes;
local build_path = require"socket.url".build_path;
local path_sep = package.config:sub(1,1);
local forbidden_chars_pattern = "[/%z]";
if package.config:sub(1,1) == "\\" then
forbidden_chars_pattern = "[/%z\001-\031\127\"*:<>?|]"
end
local urldecode = require "util.http".urldecode;
local function sanitize_path(path) --> util.paths or util.http?
if not path then return end
local out = {};
local c = 0;
for component in path:gmatch("([^/]+)") do
component = urldecode(component);
if component:find(forbidden_chars_pattern) then
return nil;
elseif component == ".." then
if c <= 0 then
return nil;
end
out[c] = nil;
c = c - 1;
elseif component ~= "." then
c = c + 1;
out[c] = component;
end
end
if path:sub(-1,-1) == "/" then
out[c+1] = "";
end
return "/"..table.concat(out, "/");
end
local function serve(opts)
if type(opts) ~= "table" then -- assume path string
opts = { path = opts };
end
local mime_map = opts.mime_map or { html = "text/html" };
local cache = new_cache(opts.cache_size or 256);
local cache_max_file_size = tonumber(opts.cache_max_file_size) or 1024
-- luacheck: ignore 431
local base_path = opts.path;
local dir_indices = opts.index_files or { "index.html", "index.htm" };
local directory_index = opts.directory_index;
local function serve_file(event, path)
local request, response = event.request, event.response;
local sanitized_path = sanitize_path(path);
if path and not sanitized_path then
return 400;
end
path = sanitized_path;
local orig_path = sanitize_path(request.path);
local full_path = base_path .. (path or ""):gsub("/", path_sep);
local attr = stat(full_path:match("^.*[^\\/]")); -- Strip trailing path separator because Windows
if not attr then
return 404;
end
local request_headers, response_headers = request.headers, response.headers;
local last_modified = os_date('!%a, %d %b %Y %H:%M:%S GMT', attr.modification);
response_headers.last_modified = last_modified;
local etag = ('"%02x-%x-%x-%x"'):format(attr.dev or 0, attr.ino or 0, attr.size or 0, attr.modification or 0);
response_headers.etag = etag;
local if_none_match = request_headers.if_none_match
local if_modified_since = request_headers.if_modified_since;
if etag == if_none_match
or (not if_none_match and last_modified == if_modified_since) then
return 304;
end
local data = cache:get(orig_path);
if data and data.etag == etag then
response_headers.content_type = data.content_type;
data = data.data;
cache:set(orig_path, data);
elseif attr.mode == "directory" and path then
if full_path:sub(-1) ~= "/" then
local dir_path = { is_absolute = true, is_directory = true };
for dir in orig_path:gmatch("[^/]+") do dir_path[#dir_path+1]=dir; end
response_headers.location = build_path(dir_path);
return 301;
end
for i=1,#dir_indices do
if stat(full_path..dir_indices[i], "mode") == "file" then
return serve_file(event, path..dir_indices[i]);
end
end
if directory_index then
data = server._events.fire_event("directory-index", { path = request.path, full_path = full_path });
end
if not data then
return 403;
end
cache:set(orig_path, { data = data, content_type = mime_map.html; etag = etag; });
response_headers.content_type = mime_map.html;
else
local f, err = open(full_path, "rb");
if not f then
log("debug", "Could not open %s. Error was %s", full_path, err);
return 403;
end
local ext = full_path:match("%.([^./]+)$");
local content_type = ext and mime_map[ext];
response_headers.content_type = content_type;
if attr.size > cache_max_file_size then
response_headers.content_length = ("%d"):format(attr.size);
log("debug", "%d > cache_max_file_size", attr.size);
return response:send_file(f);
else
data = f:read("*a");
f:close();
end
cache:set(orig_path, { data = data; content_type = content_type; etag = etag });
end
return response:send(data);
end
return serve_file;
end
return {
serve = serve;
}

103
net/http/server.lua
View file

@ -13,6 +13,8 @@ local traceback = debug.traceback;
local tostring = tostring;
local cache = require "util.cache";
local codes = require "net.http.codes";
local promise = require "util.promise";
local errors = require "util.error";
local blocksize = 2^16;
local _M = {};
@ -170,6 +172,47 @@ local headerfix = setmetatable({}, {
end
});
local function handle_result(request, response, result)
if result == nil then
result = 404;
end
if result == true then
return;
end
local body;
local result_type = type(result);
if result_type == "number" then
response.status_code = result;
if result >= 400 then
body = events.fire_event("http-error", { request = request, response = response, code = result });
end
elseif result_type == "string" then
body = result;
elseif errors.is_err(result) then
body = events.fire_event("http-error", { request = request, response = response, code = result.code, error = result });
elseif promise.is_promise(result) then
result:next(function (ret)
handle_result(request, response, ret);
end, function (err)
handle_result(request, response, err or 500);
end);
return true;
elseif result_type == "table" then
for k, v in pairs(result) do
if k ~= "headers" then
response[k] = v;
else
for header_name, header_value in pairs(v) do
response.headers[header_name] = header_value;
end
end
end
end
return response:send(body);
end
function _M.hijack_response(response, listener) -- luacheck: ignore
error("TODO");
end
@ -194,8 +237,11 @@ function handle_request(conn, request, finish_cb)
response_conn_header = httpversion == "1.1" and "close" or nil
end
local is_head_request = request.method == "HEAD";
local response = {
request = request;
is_head_request = is_head_request;
status_code = 200;
headers = { date = date_header, connection = response_conn_header };
persistent = persistent;
@ -226,6 +272,11 @@ function handle_request(conn, request, finish_cb)
local payload = { request = request, response = response };
log("debug", "Firing event: %s", global_event);
local result = events.fire_event(global_event, payload);
if result == nil and is_head_request then
local global_head_event = "GET "..request.path:match("[^?]*");
log("debug", "Firing event: %s", global_head_event);
result = events.fire_event(global_head_event, payload);
end
if result == nil then
if not hosts[host] then
if hosts[default_host] then
@ -246,40 +297,17 @@ function handle_request(conn, request, finish_cb)
local host_event = request.method.." "..host..request.path:match("[^?]*");
log("debug", "Firing event: %s", host_event);
result = events.fire_event(host_event, payload);
end
if result ~= nil then
if result ~= true then
local body;
local result_type = type(result);
if result_type == "number" then
response.status_code = result;
if result >= 400 then
payload.code = result;
body = events.fire_event("http-error", payload);
end
elseif result_type == "string" then
body = result;
elseif result_type == "table" then
for k, v in pairs(result) do
if k ~= "headers" then
response[k] = v;
else
for header_name, header_value in pairs(v) do
response.headers[header_name] = header_value;
end
end
end
end
response:send(body);
if result == nil and is_head_request then
local host_head_event = "GET "..host..request.path:match("[^?]*");
log("debug", "Firing event: %s", host_head_event);
result = events.fire_event(host_head_event, payload);
end
return;
end
-- if handler not called, return 404
response.status_code = 404;
payload.code = 404;
response:send(events.fire_event("http-error", payload));
return handle_result(request, response, result);
end
local function prepare_header(response)
local status_line = "HTTP/"..response.request.httpversion.." "..(response.status or codes[response.status_code]);
local headers = response.headers;
@ -291,16 +319,29 @@ local function prepare_header(response)
return output;
end
_M.prepare_header = prepare_header;
function _M.send_head_response(response)
if response.finished then return; end
local output = prepare_header(response);
response.conn:write(t_concat(output));
response:done();
end
function _M.send_response(response, body)
if response.finished then return; end
body = body or response.body or "";
response.headers.content_length = #body;
response.headers.content_length = ("%d"):format(#body);
if response.is_head_request then
return _M.send_head_response(response)
end
local output = prepare_header(response);
t_insert(output, body);
response.conn:write(t_concat(output));
response:done();
end
function _M.send_file(response, f)
if response.is_head_request then
if f.close then f:close(); end
return _M.send_head_response(response);
end
if response.finished then return; end
local chunked = not response.headers.content_length;
if chunked then response.headers.transfer_encoding = "chunked"; end

1
net/resolvers/basic.lua
View file

@ -1,6 +1,7 @@
local adns = require "net.adns";
local inet_pton = require "util.net".pton;
local idna_to_ascii = require "util.encodings".idna.to_ascii;
local unpack = table.unpack or unpack; -- luacheck: ignore 113
local methods = {};
local resolver_mt = { __index = methods };

1
net/resolvers/manual.lua
View file

@ -1,5 +1,6 @@
local methods = {};
local resolver_mt = { __index = methods };
local unpack = table.unpack or unpack; -- luacheck: ignore 113
-- Find the next target to connect to, and
-- pass it to cb()

7
net/resolvers/service.lua
View file

@ -1,6 +1,7 @@
local adns = require "net.adns";
local basic = require "net.resolvers.basic";
local idna_to_ascii = require "util.encodings".idna.to_ascii;
local unpack = table.unpack or unpack; -- luacheck: ignore 113
local methods = {};
local resolver_mt = { __index = methods };
@ -39,7 +40,11 @@ function methods:next(cb)
-- Resolve DNS to target list
local dns_resolver = adns.resolver();
dns_resolver:lookup(function (answer)
dns_resolver:lookup(function (answer, err)
if not answer and not err then
-- net.adns returns nil if there are zero records or nxdomain
answer = {};
end
if answer then
if #answer == 0 then
if self.extra and self.extra.default_port then

245
net/server_epoll.lua
View file

@ -9,12 +9,12 @@
local t_insert = table.insert;
local t_concat = table.concat;
local setmetatable = setmetatable;
local tostring = tostring;
local pcall = pcall;
local type = type;
local next = next;
local pairs = pairs;
local log = require "util.logger".init("server_epoll");
local logger = require "util.logger";
local log = logger.init("server_epoll");
local socket = require "socket";
local luasec = require "ssl";
local gettime = require "util.time".now;
@ -23,6 +23,7 @@ local createtable = require "util.table".create;
local inet = require "util.net";
local inet_pton = inet.pton;
local _SOCKETINVALID = socket._SOCKETINVALID or -1;
local new_id = require "util.id".medium;
local poller = require "util.poll"
local EEXIST = poller.EEXIST;
@ -38,7 +39,10 @@ local default_config = { __index = {
read_timeout = 14 * 60;
-- How long to wait for a socket to become writable after queuing data to send
send_timeout = 60;
send_timeout = 180;
-- How long to wait for a socket to become writable after creation
connect_timeout = 20;
-- Some number possibly influencing how many pending connections can be accepted
tcp_backlog = 128;
@ -58,6 +62,13 @@ local default_config = { __index = {
-- Maximum and minimum amount of time to sleep waiting for events (adjusted for pending timers)
max_wait = 86400;
min_wait = 1e-06;
-- EXPERIMENTAL
-- Whether to kill connections in case of callback errors.
fatal_errors = false;
-- Attempt writes instantly
opportunistic_writes = false;
}};
local cfg = default_config.__index;
@ -102,7 +113,7 @@ local function runtimers(next_delay, min_wait)
if peek > now then
next_delay = peek - now;
break;
end
end
local _, timer, id = timers:pop();
local ok, ret = pcall(timer[2], now);
@ -110,10 +121,10 @@ local function runtimers(next_delay, min_wait)
local next_time = now+ret;
timer[1] = next_time;
timers:insert(timer, next_time);
end
end
peek = timers:peek();
end
end
if peek == nil then
return next_delay;
end
@ -138,6 +149,15 @@ function interface_mt:__tostring()
return ("FD %d"):format(self:getfd());
end
interface.log = log;
function interface:debug(msg, ...) --luacheck: ignore 212/self
self.log("debug", msg, ...);
end
function interface:error(msg, ...) --luacheck: ignore 212/self
self.log("error", msg, ...);
end
-- Replace the listener and tell the old one
function interface:setlistener(listeners, data)
self:on("detach");
@ -148,21 +168,32 @@ end
-- Call a listener callback
function interface:on(what, ...)
if not self.listeners then
log("error", "%s has no listeners", self);
self:debug("Interface is missing listener callbacks");
return;
end
local listener = self.listeners["on"..what];
if not listener then
-- log("debug", "Missing listener 'on%s'", what); -- uncomment for development and debugging
-- self:debug("Missing listener 'on%s'", what); -- uncomment for development and debugging
return;
end
local ok, err = pcall(listener, self, ...);
if not ok then
log("error", "Error calling on%s: %s", what, err);
if cfg.fatal_errors then
self:debug("Closing due to error calling on%s: %s", what, err);
self:destroy();
else
self:debug("Error calling on%s: %s", what, err);
end
return nil, err;
end
return err;
end
-- Allow this one to be overridden
function interface:onincoming(...)
return self:on("incoming", ...);
end
-- Return the file descriptor number
function interface:getfd()
if self.conn then
@ -230,8 +261,10 @@ function interface:setreadtimeout(t)
else
self._readtimeout = addtimer(t, function ()
if self:on("readtimeout") then
self:debug("Read timeout handled");
return cfg.read_timeout;
else
self:debug("Read timeout not handled, disconnecting");
self:on("disconnect", "read timeout");
self:destroy();
end
@ -253,6 +286,7 @@ function interface:setwritetimeout(t)
self._writetimeout:reschedule(gettime() + t);
else
self._writetimeout = addtimer(t, function ()
self:debug("Write timeout");
self:on("disconnect", "write timeout");
self:destroy();
end);
@ -269,15 +303,15 @@ function interface:add(r, w)
local ok, err, errno = poll:add(fd, r, w);
if not ok then
if errno == EEXIST then
log("debug", "%s already registered!", self);
self:debug("FD already registered in poller! (EEXIST)");
return self:set(r, w); -- So try to change its flags
end
log("error", "Could not register %s: %s(%d)", self, err, errno);
self:debug("Could not register in poller: %s(%d)", err, errno);
return ok, err;
end
self._wantread, self._wantwrite = r, w;
fds[fd] = self;
log("debug", "Watching %s", self);
self:debug("Registered in poller");
return true;
end
@ -290,7 +324,7 @@ function interface:set(r, w)
if w == nil then w = self._wantwrite; end
local ok, err, errno = poll:set(fd, r, w);
if not ok then
log("error", "Could not update poller state %s: %s(%d)", self, err, errno);
self:debug("Could not update poller state: %s(%d)", err, errno);
return ok, err;
end
self._wantread, self._wantwrite = r, w;
@ -307,12 +341,12 @@ function interface:del()
end
local ok, err, errno = poll:del(fd);
if not ok and errno ~= ENOENT then
log("error", "Could not unregister %s: %s(%d)", self, err, errno);
self:debug("Could not unregister: %s(%d)", err, errno);
return ok, err;
end
self._wantread, self._wantwrite = nil, nil;
fds[fd] = nil;
log("debug", "Unwatched %s", self);
self:debug("Unregistered from poller");
return true;
end
@ -334,7 +368,7 @@ function interface:onreadable()
local data, err, partial = self.conn:receive(self.read_size or cfg.read_size);
if data then
self:onconnect();
self:on("incoming", data);
self:onincoming(data);
else
if err == "wantread" then
self:set(true, nil);
@ -345,7 +379,7 @@ function interface:onreadable()
end
if partial and partial ~= "" then
self:onconnect();
self:on("incoming", partial, err);
self:onincoming(partial, err);
end
if err ~= "timeout" then
self:on("disconnect", err);
@ -354,6 +388,14 @@ function interface:onreadable()
end
end
if not self.conn then return; end
if self._limit and (data or partial) then
local cost = self._limit * #(data or partial);
if cost > cfg.min_wait then
self:setreadtimeout(false);
self:pausefor(cost);
return;
end
end
if self._wantread and self.conn:dirty() then
self:setreadtimeout(false);
self:pausefor(cfg.read_retry_delay);
@ -378,10 +420,12 @@ function interface:onwritable()
self:ondrain(); -- Be aware of writes in ondrain
return;
elseif partial then
self:debug("Sent %d out of %d buffered bytes", partial, #data);
buffer[1] = data:sub(partial+1);
for i = #buffer, 2, -1 do
buffer[i] = nil;
end
self:set(nil, true);
self:setwritetimeout();
end
if err == "wantwrite" or err == "timeout" then
@ -407,8 +451,14 @@ function interface:write(data)
else
self.writebuffer = { data };
end
self:setwritetimeout();
self:set(nil, true);
if not self._write_lock then
if cfg.opportunistic_writes then
self:onwritable();
return #data;
end
self:setwritetimeout();
self:set(nil, true);
end
return #data;
end
interface.send = interface.write;
@ -418,10 +468,10 @@ function interface:close()
if self.writebuffer and self.writebuffer[1] then
self:set(false, true); -- Flush final buffer contents
self.write, self.send = noop, noop; -- No more writing
log("debug", "Close %s after writing", self);
self:debug("Close after writing remaining buffered data");
self.ondrain = interface.close;
else
log("debug", "Close %s now", self);
self:debug("Closing now");
self.write, self.send = noop, noop;
self.close = noop;
self:on("disconnect");
@ -450,7 +500,7 @@ function interface:starttls(tls_ctx)
if tls_ctx then self.tls_ctx = tls_ctx; end
self.starttls = false;
if self.writebuffer and self.writebuffer[1] then
log("debug", "Start TLS on %s after write", self);
self:debug("Start TLS after write");
self.ondrain = interface.starttls;
self:set(nil, true); -- make sure wantwrite is set
else
@ -460,7 +510,7 @@ function interface:starttls(tls_ctx)
self.onwritable = interface.tlshandskake;
self.onreadable = interface.tlshandskake;
self:set(true, true);
log("debug", "Prepare to start TLS on %s", self);
self:debug("Prepared to start TLS");
end
end
@ -469,12 +519,13 @@ function interface:tlshandskake()
self:setreadtimeout(false);
if not self._tls then
self._tls = true;
log("debug", "Start TLS on %s now", self);
self:debug("Starting TLS now");
self:del();
self:updatenames(); -- Can't getpeer/sockname after wrap()
local ok, conn, err = pcall(luasec.wrap, self.conn, self.tls_ctx);
if not ok then
conn, err = ok, conn;
log("error", "Failed to initialize TLS: %s", err);
self:debug("Failed to initialize TLS: %s", err);
end
if not conn then
self:on("disconnect", err);
@ -483,6 +534,13 @@ function interface:tlshandskake()
end
conn:settimeout(0);
self.conn = conn;
if conn.sni then
if self.servername then
conn:sni(self.servername);
elseif self._server and type(self._server.hosts) == "table" and next(self._server.hosts) ~= nil then
conn:sni(self._server.hosts, true);
end
end
self:on("starttls");
self.ondrain = nil;
self.onwritable = interface.tlshandskake;
@ -491,29 +549,35 @@ function interface:tlshandskake()
end
local ok, err = self.conn:dohandshake();
if ok then
log("debug", "TLS handshake on %s complete", self);
local info = self.conn.info and self.conn:info();
if type(info) == "table" then
self:debug("TLS handshake complete (%s with %s)", info.protocol, info.cipher);
else
self:debug("TLS handshake complete");
end
self.onwritable = nil;
self.onreadable = nil;
self:on("status", "ssl-handshake-complete");
self:setwritetimeout();
self:set(true, true);
elseif err == "wantread" then
log("debug", "TLS handshake on %s to wait until readable", self);
self:debug("TLS handshake to wait until readable");
self:set(true, false);
self:setreadtimeout(cfg.ssl_handshake_timeout);
elseif err == "wantwrite" then
log("debug", "TLS handshake on %s to wait until writable", self);
self:debug("TLS handshake to wait until writable");
self:set(false, true);
self:setwritetimeout(cfg.ssl_handshake_timeout);
else
log("debug", "TLS handshake error on %s: %s", self, err);
self:debug("TLS handshake error: %s", err);
self:on("disconnect", err);
self:destroy();
end
end
local function wrapsocket(client, server, read_size, listeners, tls_ctx) -- luasocket object -> interface object
local function wrapsocket(client, server, read_size, listeners, tls_ctx, extra) -- luasocket object -> interface object
client:settimeout(0);
local conn_id = ("conn%s"):format(new_id());
local conn = setmetatable({
conn = client;
_server = server;
@ -523,8 +587,17 @@ local function wrapsocket(client, server, read_size, listeners, tls_ctx) -- luas
writebuffer = {};
tls_ctx = tls_ctx or (server and server.tls_ctx);
tls_direct = server and server.tls_direct;
id = conn_id;
log = logger.init(conn_id);
extra = extra;
}, interface_mt);
if extra then
if extra.servername then
conn.servername = extra.servername;
end
end
conn:updatenames();
return conn;
end
@ -532,11 +605,11 @@ end
function interface:updatenames()
local conn = self.conn;
local ok, peername, peerport = pcall(conn.getpeername, conn);
if ok then
if ok and peername then
self.peername, self.peerport = peername, peerport;
end
local ok, sockname, sockport = pcall(conn.getsockname, conn);
if ok then
if ok and sockname then
self.sockname, self.sockport = sockname, sockport;
end
end
@ -546,34 +619,39 @@ end
function interface:onacceptable()
local conn, err = self.conn:accept();
if not conn then
log("debug", "Error accepting new client: %s, server will be paused for %ds", err, cfg.accept_retry_interval);
self:debug("Error accepting new client: %s, server will be paused for %ds", err, cfg.accept_retry_interval);
self:pausefor(cfg.accept_retry_interval);
return;
end
local client = wrapsocket(conn, self, nil, self.listeners);
log("debug", "New connection %s", tostring(client));
client:debug("New connection %s on server %s", client, self);
client:init();
if self.tls_direct then
client:starttls(self.tls_ctx);
else
client:onconnect();
end
end
-- Initialization
function interface:init()
self:setwritetimeout();
self:setwritetimeout(cfg.connect_timeout);
return self:add(true, true);
end
function interface:pause()
self:debug("Pause reading");
return self:set(false);
end
function interface:resume()
self:debug("Resume reading");
return self:set(true);
end
-- Pause connection for some time
function interface:pausefor(t)
self:debug("Pause for %fs", t);
if self._pausefor then
self._pausefor:close();
end
@ -588,16 +666,45 @@ function interface:pausefor(t)
end);
end
function interface:setlimit(Bps)
if Bps > 0 then
self._limit = 1/Bps;
else
self._limit = nil;
end
end
function interface:pause_writes()
if self._write_lock then
return
end
self:debug("Pause writes");
self._write_lock = true;
self:setwritetimeout(false);
self:set(nil, false);
end
function interface:resume_writes()
if not self._write_lock then
return
end
self:debug("Resume writes");
self._write_lock = nil;
if self.writebuffer[1] then
self:setwritetimeout();
self:set(nil, true);
end
end
-- Connected!
function interface:onconnect()
if self.conn and not self.peername and self.conn.getpeername then
self.peername, self.peerport = self.conn:getpeername();
end
self:updatenames();
self:debug("Connected (%s)", self);
self.onconnect = noop;
self:on("connect");
end
local function addserver(addr, port, listeners, read_size, tls_ctx)
local function listen(addr, port, listeners, config)
local conn, err = socket.bind(addr, port, cfg.tcp_backlog);
if not conn then return conn, err; end
conn:settimeout(0);
@ -605,20 +712,32 @@ local function addserver(addr, port, listeners, read_size, tls_ctx)
conn = conn;
created = gettime();
listeners = listeners;
read_size = read_size;
read_size = config and config.read_size;
onreadable = interface.onacceptable;
tls_ctx = tls_ctx;
tls_direct = tls_ctx and true or false;
tls_ctx = config and config.tls_ctx;
tls_direct = config and config.tls_direct;
hosts = config and config.sni_hosts;
sockname = addr;
sockport = port;
log = logger.init(("serv%s"):format(new_id()));
}, interface_mt);
server:debug("Server %s created", server);
server:add(true, false);
return server;
end
-- COMPAT
local function wrapclient(conn, addr, port, listeners, read_size, tls_ctx)
local client = wrapsocket(conn, nil, read_size, listeners, tls_ctx);
local function addserver(addr, port, listeners, read_size, tls_ctx)
return listen(addr, port, listeners, {
read_size = read_size;
tls_ctx = tls_ctx;
tls_direct = tls_ctx and true or false;
});
end
-- COMPAT
local function wrapclient(conn, addr, port, listeners, read_size, tls_ctx, extra)
local client = wrapsocket(conn, nil, read_size, listeners, tls_ctx, extra);
if not client.peername then
client.peername, client.peerport = addr, port;
end
@ -631,7 +750,7 @@ local function wrapclient(conn, addr, port, listeners, read_size, tls_ctx)
end
-- New outgoing TCP connection
local function addclient(addr, port, listeners, read_size, tls_ctx, typ)
local function addclient(addr, port, listeners, read_size, tls_ctx, typ, extra)
local create;
if not typ then
local n = inet_pton(addr);
@ -649,13 +768,19 @@ local function addclient(addr, port, listeners, read_size, tls_ctx, typ)
return nil, "invalid socket type";
end
local conn, err = create();
if not conn then return conn, err; end
local ok, err = conn:settimeout(0);
if not ok then return ok, err; end
local ok, err = conn:setpeername(addr, port);
if not ok and err ~= "timeout" then return ok, err; end
local client = wrapsocket(conn, nil, read_size, listeners, tls_ctx)
local client = wrapsocket(conn, nil, read_size, listeners, tls_ctx, extra)
local ok, err = client:init();
if not client.peername then
-- otherwise not set until connected
client.peername, client.peerport = addr, port;
end
if not ok then return ok, err; end
client:debug("Client %s created", client);
if tls_ctx then
client:starttls(tls_ctx);
end
@ -677,23 +802,23 @@ local function watchfd(fd, onreadable, onwritable)
end;
-- Otherwise it'll need to be something LuaSocket-compatible
end
conn.id = new_id();
conn.log = logger.init(("fdwatch%s"):format(conn.id));
conn:add(onreadable, onwritable);
return conn;
end;
-- Dump all data from one connection into another
local function link(from, to)
from.listeners = setmetatable({
onincoming = function (_, data)
from:pause();
to:write(data);
end,
}, {__index=from.listeners});
to.listeners = setmetatable({
ondrain = function ()
from:resume();
end,
}, {__index=to.listeners});
local function link(from, to, read_size)
from:debug("Linking to %s", to.id);
function from:onincoming(data)
self:pause();
to:write(data);
end
function to:ondrain() -- luacheck: ignore 212/self
from:resume();
end
from:set_mode(read_size);
from:set(true, nil);
to:set(nil, true);
end
@ -752,6 +877,7 @@ return {
addserver = addserver;
addclient = addclient;
add_task = addtimer;
listen = listen;
at = at;
loop = loop;
closeall = closeall;
@ -766,6 +892,7 @@ return {
-- libevent emulation
event = { EV_READ = "r", EV_WRITE = "w", EV_READWRITE = "rw", EV_LEAVE = -1 };
addevent = function (fd, mode, callback)
log("warn", "Using deprecated libevent emulation, please update code to use watchfd API instead");
local function onevent(self)
local ret = self:callback();
if ret == -1 then
@ -785,6 +912,8 @@ return {
fds[fd] = nil;
end;
}, interface_mt);
conn.id = conn:getfd();
conn.log = logger.init(("fdwatch%d"):format(conn.id));
local ok, err = conn:add(mode == "r" or mode == "rw", mode == "w" or mode == "rw");
if not ok then return ok, err; end
return conn;

66
net/server_event.lua
View file

@ -164,6 +164,15 @@ function interface_mt:_start_ssl(call_onconnect) -- old socket will be destroyed
debug( "fatal error while ssl wrapping:", err )
return false
end
if self.conn.sni then
if self.servername then
self.conn:sni(self.servername);
elseif self._server and type(self._server.hosts) == "table" and next(self._server.hosts) ~= nil then
self.conn:sni(self._server.hosts, true);
end
end
self.conn:settimeout( 0 ) -- set non blocking
local handshakecallback = coroutine_wrap(function( event )
local _, err
@ -253,6 +262,7 @@ end
--TODO: Deprecate
function interface_mt:lock_read(switch)
log("warn", ":lock_read is deprecated, use :pasue() and :resume()");
if switch then
return self:pause();
else
@ -272,6 +282,19 @@ function interface_mt:resume()
end
end
function interface_mt:pause_writes()
return self:_lock(self.nointerface, self.noreading, true);
end
function interface_mt:resume_writes()
self:_lock(self.nointerface, self.noreading, false);
if self.writecallback and not self.eventwrite then
self.eventwrite = addevent( base, self.conn, EV_WRITE, self.writecallback, cfg.WRITE_TIMEOUT ); -- register callback
return true;
end
end
function interface_mt:counter(c)
if c then
self._connections = self._connections + c
@ -281,7 +304,7 @@ end
-- Public methods
function interface_mt:write(data)
if self.nowriting then return nil, "locked" end
if self.nointerface then return nil, "locked"; end
--vdebug( "try to send data to client, id/data:", self.id, data )
data = tostring( data )
local len = #data
@ -293,7 +316,7 @@ function interface_mt:write(data)
end
t_insert(self.writebuffer, data) -- new buffer
self.writebufferlen = total
if not self.eventwrite then -- register new write event
if not self.eventwrite and not self.nowriting then -- register new write event
--vdebug( "register new write event" )
self.eventwrite = addevent( base, self.conn, EV_WRITE, self.writecallback, cfg.WRITE_TIMEOUT )
end
@ -440,10 +463,6 @@ end
function interface_mt:ontimeout()
end
function interface_mt:onreadtimeout()
self.fatalerror = "timeout during receiving"
debug( "connection failed:", self.fatalerror )
self:_close()
self.eventread = nil
end
function interface_mt:ondrain()
end
@ -456,7 +475,7 @@ end
-- End of client interface methods
local function handleclient( client, ip, port, server, pattern, listener, sslctx ) -- creates an client interface
local function handleclient( client, ip, port, server, pattern, listener, sslctx, extra ) -- creates an client interface
--vdebug("creating client interfacce...")
local interface = {
type = "client";
@ -492,6 +511,8 @@ local function handleclient( client, ip, port, server, pattern, listener, sslctx
_serverport = (server and server:port() or nil),
_sslctx = sslctx; -- parameters
_usingssl = false; -- client is using ssl;
extra = extra;
servername = extra and extra.servername;
}
if not has_luasec then interface.starttls = false; end
interface.id = tostring(interface):match("%x+$");
@ -635,7 +656,7 @@ local function handleclient( client, ip, port, server, pattern, listener, sslctx
return interface
end
local function handleserver( server, addr, port, pattern, listener, sslctx ) -- creates an server interface
local function handleserver( server, addr, port, pattern, listener, sslctx, startssl ) -- creates a server interface
debug "creating server interface..."
local interface = {
_connections = 0;
@ -651,6 +672,7 @@ local function handleserver( server, addr, port, pattern, listener, sslctx ) --
_ip = addr, _port = port, _pattern = pattern,
_sslctx = sslctx;
hosts = {};
}
interface.id = tostring(interface):match("%x+$");
interface.readcallback = function( event ) -- server handler, called on incoming connections
@ -681,7 +703,7 @@ local function handleserver( server, addr, port, pattern, listener, sslctx ) --
interface._connections = interface._connections + 1 -- increase connection count
local clientinterface = handleclient( client, client_ip, client_port, interface, pattern, listener, sslctx )
--vdebug( "client id:", clientinterface, "startssl:", startssl )
if has_luasec and sslctx then
if has_luasec and startssl then
clientinterface:starttls(sslctx, true)
else
clientinterface:_start_session( true )
@ -700,9 +722,9 @@ local function handleserver( server, addr, port, pattern, listener, sslctx ) --
return interface
end
local function addserver( addr, port, listener, pattern, sslctx, startssl ) -- TODO: check arguments
--vdebug( "creating new tcp server with following parameters:", addr or "nil", port or "nil", sslctx or "nil", startssl or "nil")
if sslctx and not has_luasec then
local function listen(addr, port, listener, config)
config = config or {}
if config.sslctx and not has_luasec then
debug "fatal error: luasec not found"
return nil, "luasec not found"
end
@ -711,19 +733,28 @@ local function addserver( addr, port, listener, pattern, sslctx, startssl ) --
debug( "creating server socket on "..addr.." port "..port.." failed:", err )
return nil, err
end
local interface = handleserver( server, addr, port, pattern, listener, sslctx, startssl ) -- new server handler
local interface = handleserver( server, addr, port, config.read_size, listener, config.tls_ctx, config.tls_direct) -- new server handler
debug( "new server created with id:", tostring(interface))
return interface
end
local function wrapclient( client, ip, port, listeners, pattern, sslctx )
local interface = handleclient( client, ip, port, nil, pattern, listeners, sslctx )
local function addserver( addr, port, listener, pattern, sslctx ) -- TODO: check arguments
--vdebug( "creating new tcp server with following parameters:", addr or "nil", port or "nil", sslctx or "nil", startssl or "nil")
return listen( addr, port, listener, {
read_size = pattern,
tls_ctx = sslctx,
tls_direct = not not sslctx,
});
end
local function wrapclient( client, ip, port, listeners, pattern, sslctx, extra )
local interface = handleclient( client, ip, port, nil, pattern, listeners, sslctx, extra )
interface:_start_connection(sslctx)
return interface, client
--function handleclient( client, ip, port, server, pattern, listener, _, sslctx ) -- creates an client interface
end
local function addclient( addr, serverport, listener, pattern, sslctx, typ )
local function addclient( addr, serverport, listener, pattern, sslctx, typ, extra )
if sslctx and not has_luasec then
debug "need luasec, but not available"
return nil, "luasec not found"
@ -750,7 +781,7 @@ local function addclient( addr, serverport, listener, pattern, sslctx, typ )
local res, err = client:setpeername( addr, serverport ) -- connect
if res or ( err == "timeout" ) then
local ip, port = client:getsockname( )
local interface = wrapclient( client, ip, serverport, listener, pattern, sslctx )
local interface = wrapclient( client, ip, serverport, listener, pattern, sslctx, extra )
debug( "new connection id:", interface.id )
return interface, err
else
@ -876,6 +907,7 @@ return {
event_base = base,
addevent = newevent,
addserver = addserver,
listen = listen,
addclient = addclient,
wrapclient = wrapclient,
setquitting = setquitting,

118
net/server_select.lua
View file

@ -68,6 +68,7 @@ local idfalse
local closeall
local addsocket
local addserver
local listen
local addtimer
local getserver
local wrapserver
@ -123,7 +124,7 @@ local _maxsslhandshake
_server = { } -- key = port, value = table; list of listening servers
_readlist = { } -- array with sockets to read from
_sendlist = { } -- arrary with sockets to write to
_sendlist = { } -- array with sockets to write to
_timerlist = { } -- array of timer functions
_socketlist = { } -- key = socket, value = wrapped socket (handlers)
_readtimes = { } -- key = handler, value = timestamp of last data reading
@ -149,7 +150,7 @@ _checkinterval = 30 -- interval in secs to check idle clients
_sendtimeout = 60000 -- allowed send idle time in secs
_readtimeout = 14 * 60 -- allowed read idle time in secs
local is_windows = package.config:sub(1,1) == "\\" -- check the directory separator, to detemine whether this is Windows
local is_windows = package.config:sub(1,1) == "\\" -- check the directory separator, to determine whether this is Windows
_maxfd = (is_windows and math.huge) or luasocket._SETSIZE or 1024 -- max fd number, limit to 1024 by default to prevent glibc buffer overflow, but not on Windows
_maxselectlen = luasocket._SETSIZE or 1024 -- But this still applies on Windows
@ -157,7 +158,7 @@ _maxsslhandshake = 30 -- max handshake round-trips
----------------------------------// PRIVATE //--
wrapserver = function( listeners, socket, ip, serverport, pattern, sslctx ) -- this function wraps a server -- FIXME Make sure FD < _maxfd
wrapserver = function( listeners, socket, ip, serverport, pattern, sslctx, ssldirect ) -- this function wraps a server -- FIXME Make sure FD < _maxfd
if socket:getfd() >= _maxfd then
out_error("server.lua: Disallowed FD number: "..socket:getfd())
@ -183,6 +184,7 @@ wrapserver = function( listeners, socket, ip, serverport, pattern, sslctx ) -- t
handler.sslctx = function( )
return sslctx
end
handler.hosts = {} -- sni
handler.remove = function( )
connections = connections - 1
if handler then
@ -244,13 +246,13 @@ wrapserver = function( listeners, socket, ip, serverport, pattern, sslctx ) -- t
local client, err = accept( socket ) -- try to accept
if client then
local ip, clientport = client:getpeername( )
local handler, client, err = wrapconnection( handler, listeners, client, ip, serverport, clientport, pattern, sslctx ) -- wrap new client socket
local handler, client, err = wrapconnection( handler, listeners, client, ip, serverport, clientport, pattern, sslctx, ssldirect ) -- wrap new client socket
if err then -- error while wrapping ssl socket
return false
end
connections = connections + 1
out_put( "server.lua: accepted new client connection from ", tostring(ip), ":", tostring(clientport), " to ", tostring(serverport))
if dispatch and not sslctx then -- SSL connections will notify onconnect when handshake completes
if dispatch and not ssldirect then -- SSL connections will notify onconnect when handshake completes
return dispatch( handler );
end
return;
@ -264,7 +266,7 @@ wrapserver = function( listeners, socket, ip, serverport, pattern, sslctx ) -- t
return handler
end
wrapconnection = function( server, listeners, socket, ip, serverport, clientport, pattern, sslctx ) -- this function wraps a client to a handler object
wrapconnection = function( server, listeners, socket, ip, serverport, clientport, pattern, sslctx, ssldirect, extra ) -- this function wraps a client to a handler object
if socket:getfd() >= _maxfd then
out_error("server.lua: Disallowed FD number: "..socket:getfd()) -- PROTIP: Switch to libevent
@ -314,6 +316,11 @@ wrapconnection = function( server, listeners, socket, ip, serverport, clientport
local handler = bufferqueue -- saves a table ^_^
handler.extra = extra
if extra then
handler.servername = extra.servername
end
handler.dispatch = function( )
return dispatch
end
@ -424,9 +431,8 @@ wrapconnection = function( server, listeners, socket, ip, serverport, clientport
bufferlen = bufferlen + #data
if bufferlen > maxsendlen then
_closelist[ handler ] = "send buffer exceeded" -- cannot close the client at the moment, have to wait to the end of the cycle
handler.write = idfalse -- don't write anymore
return false
elseif socket and not _sendlist[ socket ] then
elseif not nosend and socket and not _sendlist[ socket ] then
_sendlistlen = addsocket(_sendlist, socket, _sendlistlen)
end
bufferqueuelen = bufferqueuelen + 1
@ -456,49 +462,55 @@ wrapconnection = function( server, listeners, socket, ip, serverport, clientport
maxreadlen = readlen or maxreadlen
return bufferlen, maxreadlen, maxsendlen
end
--TODO: Deprecate
handler.lock_read = function (self, switch)
out_error( "server.lua, lock_read() is deprecated, use pause() and resume()" )
if switch == true then
local tmp = _readlistlen
_readlistlen = removesocket( _readlist, socket, _readlistlen )
_readtimes[ handler ] = nil
if _readlistlen ~= tmp then
noread = true
end
return self:pause()
elseif switch == false then
if noread then
noread = false
_readlistlen = addsocket(_readlist, socket, _readlistlen)
_readtimes[ handler ] = _currenttime
end
return self:resume()
end
return noread
end
handler.pause = function (self)
return self:lock_read(true);
local tmp = _readlistlen
_readlistlen = removesocket( _readlist, socket, _readlistlen )
_readtimes[ handler ] = nil
if _readlistlen ~= tmp then
noread = true
end
return noread;
end
handler.resume = function (self)
return self:lock_read(false);
if noread then
noread = false
_readlistlen = addsocket(_readlist, socket, _readlistlen)
_readtimes[ handler ] = _currenttime
end
return noread;
end
handler.lock = function( self, switch )
handler.lock_read (switch)
out_error( "server.lua, lock() is deprecated" )
handler.lock_read (self, switch)
if switch == true then
handler.write = idfalse
local tmp = _sendlistlen
_sendlistlen = removesocket( _sendlist, socket, _sendlistlen )
_writetimes[ handler ] = nil
if _sendlistlen ~= tmp then
nosend = true
end
handler.pause_writes (self)
elseif switch == false then
handler.write = write
if nosend then
nosend = false
write( "" )
end
handler.resume_writes (self)
end
return noread, nosend
end
handler.pause_writes = function (self)
local tmp = _sendlistlen
_sendlistlen = removesocket( _sendlist, socket, _sendlistlen )
_writetimes[ handler ] = nil
nosend = true
end
handler.resume_writes = function (self)
nosend = false
if bufferlen > 0 then
_sendlistlen = addsocket(_sendlist, socket, _sendlistlen)
end
end
local _readbuffer = function( ) -- this function reads data
local buffer, err, part = receive( socket, pattern ) -- receive buffer with "pattern"
if not err or (err == "wantread" or err == "timeout") then -- received something
@ -619,11 +631,20 @@ wrapconnection = function( server, listeners, socket, ip, serverport, clientport
out_put( "server.lua: attempting to start tls on " .. tostring( socket ) )
local oldsocket, err = socket
socket, err = ssl_wrap( socket, sslctx ) -- wrap socket
if not socket then
out_put( "server.lua: error while starting tls on client: ", tostring(err or "unknown error") )
return nil, err -- fatal error
end
if socket.sni then
if self.servername then
socket:sni(self.servername);
elseif self._server and type(self._server.hosts) == "table" and next(self._server.hosts) ~= nil then
socket:sni(self.server().hosts, true);
end
end
socket:settimeout( 0 )
-- add the new socket to our system
@ -659,7 +680,7 @@ wrapconnection = function( server, listeners, socket, ip, serverport, clientport
_socketlist[ socket ] = handler
_readlistlen = addsocket(_readlist, socket, _readlistlen)
if sslctx and has_luasec then
if sslctx and ssldirect and has_luasec then
out_put "server.lua: auto-starting ssl negotiation..."
handler.autostart_ssl = true;
local ok, err = handler:starttls(sslctx);
@ -734,9 +755,13 @@ end
----------------------------------// PUBLIC //--
addserver = function( addr, port, listeners, pattern, sslctx ) -- this function provides a way for other scripts to reg a server
listen = function ( addr, port, listeners, config )
addr = addr or "*"
config = config or {}
local err
local sslctx = config.tls_ctx;
local ssldirect = config.tls_direct;
local pattern = config.read_size;
if type( listeners ) ~= "table" then
err = "invalid listener table"
elseif type ( addr ) ~= "string" then
@ -757,7 +782,7 @@ addserver = function( addr, port, listeners, pattern, sslctx ) -- this function
out_error( "server.lua, [", addr, "]:", port, ": ", err )
return nil, err
end
local handler, err = wrapserver( listeners, server, addr, port, pattern, sslctx ) -- wrap new server socket
local handler, err = wrapserver( listeners, server, addr, port, pattern, sslctx, ssldirect ) -- wrap new server socket
if not handler then
server:close( )
return nil, err
@ -770,6 +795,14 @@ addserver = function( addr, port, listeners, pattern, sslctx ) -- this function
return handler
end
addserver = function( addr, port, listeners, pattern, sslctx ) -- this function provides a way for other scripts to reg a server
return listen(addr, port, listeners, {
read_size = pattern;
tls_ctx = sslctx;
tls_direct = sslctx and true or false;
});
end
getserver = function ( addr, port )
return _server[ addr..":"..port ];
end
@ -977,8 +1010,8 @@ end
--// EXPERIMENTAL //--
local wrapclient = function( socket, ip, serverport, listeners, pattern, sslctx )
local handler, socket, err = wrapconnection( nil, listeners, socket, ip, serverport, "clientport", pattern, sslctx )
local wrapclient = function( socket, ip, serverport, listeners, pattern, sslctx, extra )
local handler, socket, err = wrapconnection( nil, listeners, socket, ip, serverport, "clientport", pattern, sslctx, sslctx, extra)
if not handler then return nil, err end
_socketlist[ socket ] = handler
if not sslctx then
@ -997,7 +1030,7 @@ local wrapclient = function( socket, ip, serverport, listeners, pattern, sslctx
return handler, socket
end
local addclient = function( address, port, listeners, pattern, sslctx, typ )
local addclient = function( address, port, listeners, pattern, sslctx, typ, extra )
local err
if type( listeners ) ~= "table" then
err = "invalid listener table"
@ -1034,7 +1067,7 @@ local addclient = function( address, port, listeners, pattern, sslctx, typ )
client:settimeout( 0 )
local ok, err = client:setpeername( address, port )
if ok or err == "timeout" or err == "Operation already in progress" then
return wrapclient( client, address, port, listeners, pattern, sslctx )
return wrapclient( client, address, port, listeners, pattern, sslctx, extra )
else
return nil, err
end
@ -1114,6 +1147,7 @@ return {
stats = stats,
closeall = closeall,
addserver = addserver,
listen = listen,
getserver = getserver,
setlogger = setlogger,
getsettings = getsettings,

6
net/websocket.lua
View file

@ -113,7 +113,7 @@ function websocket_listeners.onincoming(conn, buffer, err) -- luacheck: ignore 2
frame.MASK = true; -- RFC 6455 6.1.5: If the data is being sent by the client, the frame(s) MUST be masked
conn:write(frames.build(frame));
elseif frame.opcode == 0xA then -- Pong frame
log("debug", "Received unexpected pong frame: " .. tostring(frame.data));
log("debug", "Received unexpected pong frame: %s", frame.data);
else
return fail(s, 1002, "Reserved opcode");
end
@ -131,7 +131,7 @@ end
function websocket_methods:close(code, reason)
if self.readyState < 2 then
code = code or 1000;
log("debug", "closing WebSocket with code %i: %s" , code , tostring(reason));
log("debug", "closing WebSocket with code %i: %s" , code , reason);
self.readyState = 2;
local conn = self.conn;
conn:write(frames.build_close(code, reason, true));
@ -245,7 +245,7 @@ local function connect(url, ex, listeners)
or (protocol and not protocol[r.headers["sec-websocket-protocol"]])
then
s.readyState = 3;
log("warn", "WebSocket connection to %s failed: %s", url, tostring(b));
log("warn", "WebSocket connection to %s failed: %s", url, b);
if s.onerror then s:onerror("connecting-failed"); end
return;
end

8
net/websocket/frames.lua
View file

@ -9,20 +9,20 @@
local softreq = require "util.dependencies".softreq;
local random_bytes = require "util.random".bytes;
local bit = assert(softreq"bit" or softreq"bit32",
"No bit module found. See https://prosody.im/doc/depends#bitop");
local bit = require "util.bitcompat";
local band = bit.band;
local bor = bit.bor;
local bxor = bit.bxor;
local lshift = bit.lshift;
local rshift = bit.rshift;
local unpack = table.unpack or unpack; -- luacheck: ignore 113
local t_concat = table.concat;
local s_byte = string.byte;
local s_char= string.char;
local s_sub = string.sub;
local s_pack = string.pack; -- luacheck: ignore 143
local s_unpack = string.unpack; -- luacheck: ignore 143
local s_pack = string.pack;
local s_unpack = string.unpack;
if not s_pack and softreq"struct" then
s_pack = softreq"struct".pack;

12
plugins/mod_admin_adhoc.lua
View file

@ -392,6 +392,12 @@ local function session_flags(session, line)
if session.cert_identity_status == "valid" then
flags[#flags+1] = "authenticated";
end
if session.dialback_key then
flags[#flags+1] = "dialback";
end
if session.external_auth then
flags[#flags+1] = "SASL";
end
if session.secure then
flags[#flags+1] = "encrypted";
end
@ -404,6 +410,12 @@ local function session_flags(session, line)
if session.ip and session.ip:match(":") then
flags[#flags+1] = "IPv6";
end
if session.incoming and session.outgoing then
flags[#flags+1] = "bidi";
elseif session.is_bidi or session.bidi_session then
flags[#flags+1] = "bidi";
end
line[#line+1] = "("..t_concat(flags, ", ")..")";
return t_concat(line, " ");

168
plugins/mod_admin_telnet.lua
View file

@ -22,6 +22,7 @@ local prosody = _G.prosody;
local console_listener = { default_port = 5582; default_mode = "*a"; interface = "127.0.0.1" };
local unpack = table.unpack or unpack; -- luacheck: ignore 113
local iterators = require "util.iterators";
local keys, values = iterators.keys, iterators.values;
local jid_bare, jid_split, jid_join = import("util.jid", "bare", "prepped_split", "join");
@ -30,6 +31,9 @@ local cert_verify_identity = require "util.x509".verify_identity;
local envload = require "util.envload".envload;
local envloadfile = require "util.envload".envloadfile;
local has_pposix, pposix = pcall(require, "util.pposix");
local async = require "util.async";
local serialize = require "util.serialization".new({ fatal = false, unquoted = true});
local time = require "util.time";
local commands = module:shared("commands")
local def_env = module:shared("env");
@ -47,6 +51,24 @@ end
console = {};
local runner_callbacks = {};
function runner_callbacks:ready()
self.data.conn:resume();
end
function runner_callbacks:waiting()
self.data.conn:pause();
end
function runner_callbacks:error(err)
module:log("error", "Traceback[telnet]: %s", err);
self.data.print("Fatal error while running command, it did not complete");
self.data.print("Error: "..tostring(err));
end
function console:new_session(conn)
local w = function(s) conn:write(s:gsub("\n", "\r\n")); end;
local session = { conn = conn;
@ -62,6 +84,11 @@ function console:new_session(conn)
};
session.env = setmetatable({}, default_env_mt);
session.thread = async.runner(function (line)
console:process_line(session, line);
session.send(string.char(0));
end, runner_callbacks, session);
-- Load up environment with helper objects
for name, t in pairs(def_env) do
if type(t) == "table" then
@ -91,6 +118,11 @@ function console:process_line(session, line)
session.env._ = line;
if not useglobalenv and commands[line:lower()] then
commands[line:lower()](session, line);
return;
end
local chunkname = "=console";
local env = (useglobalenv and redirect_output(_G, session)) or session.env or nil
local chunk, err = envload("return "..line, chunkname, env);
@ -105,18 +137,7 @@ function console:process_line(session, line)
end
end
local ranok, taskok, message = pcall(chunk);
if not (ranok or message or useglobalenv) and commands[line:lower()] then
commands[line:lower()](session, line);
return;
end
if not ranok then
session.print("Fatal error while running command, it did not complete");
session.print("Error: "..taskok);
return;
end
local taskok, message = chunk();
if not message then
session.print("Result: "..tostring(taskok));
@ -150,8 +171,7 @@ function console_listener.onincoming(conn, data)
for line in data:gmatch("[^\n]*[\n\004]") do
if session.closed then return end
console:process_line(session, line);
session.send(string.char(0));
session.thread:run(line);
end
session.partial_data = data:match("[^\n]+$");
end
@ -220,6 +240,7 @@ function commands.help(session, data)
print [[server - Uptime, version, shutting down, etc.]]
print [[port - Commands to manage ports the server is listening on]]
print [[dns - Commands to manage and inspect the internal DNS resolver]]
print [[xmpp - Commands for sending XMPP stanzas]]
print [[config - Reloading the configuration, etc.]]
print [[console - Help regarding the console itself]]
elseif section == "c2s" then
@ -227,7 +248,9 @@ function commands.help(session, data)
print [[c2s:show_insecure() - Show all unencrypted client connections]]
print [[c2s:show_secure() - Show all encrypted client connections]]
print [[c2s:show_tls() - Show TLS cipher info for encrypted sessions]]
print [[c2s:count() - Count sessions without listing them]]
print [[c2s:close(jid) - Close all sessions for the specified JID]]
print [[c2s:closeall() - Close all active c2s connections ]]
elseif section == "s2s" then
print [[s2s:show(domain) - Show all s2s connections for the given domain (or all if no domain given)]]
print [[s2s:show_tls(domain) - Show TLS cipher info for encrypted sessions]]
@ -261,6 +284,8 @@ function commands.help(session, data)
print [[dns:setnameserver(nameserver) - Replace the list of name servers with the supplied one]]
print [[dns:purge() - Clear the DNS cache]]
print [[dns:cache() - Show cached records]]
elseif section == "xmpp" then
print [[xmpp:ping(localhost, remotehost) -- Sends a ping to a remote XMPP server and reports the response]]
elseif section == "config" then
print [[config:reload() - Reload the server configuration. Modules may need to be reloaded for changes to take effect.]]
elseif section == "console" then
@ -458,7 +483,12 @@ function def_env.module:list(hosts)
end
else
for _, name in ipairs(modules) do
print(" "..name);
local status, status_text = modulemanager.get_module(host, name).module:get_status();
local status_summary = "";
if status == "warn" or status == "error" then
status_summary = (" (%s: %s)"):format(status, status_text);
end
print((" %s%s"):format(name, status_summary));
end
end
end
@ -474,9 +504,12 @@ function def_env.config:load(filename, format)
return true, "Config loaded";
end
function def_env.config:get(host, section, key)
function def_env.config:get(host, key)
if key == nil then
host, key = "*", host;
end
local config_get = require "core.configmanager".get
return true, tostring(config_get(host, section, key));
return true, serialize(config_get(host, key));
end
function def_env.config:reload()
@ -505,6 +538,12 @@ local function session_flags(session, line)
if session.cert_identity_status == "valid" then
line[#line+1] = "(authenticated)";
end
if session.dialback_key then
line[#line+1] = "(dialback)";
end
if session.external_auth then
line[#line+1] = "(SASL)";
end
if session.secure then
line[#line+1] = "(encrypted)";
end
@ -520,6 +559,17 @@ local function session_flags(session, line)
if session.remote then
line[#line+1] = "(remote)";
end
if session.incoming and session.outgoing then
line[#line+1] = "(bidi)";
elseif session.is_bidi or session.bidi_session then
line[#line+1] = "(bidi)";
end
if session.bosh_version then
line[#line+1] = "(bosh)";
end
if session.websocket_request then
line[#line+1] = "(websocket)";
end
return table.concat(line, " ");
end
@ -534,6 +584,12 @@ local function tls_info(session, line)
else
line[#line+1] = "(cipher info unavailable)";
end
if sock.getsniname then
local name = sock:getsniname();
if name then
line[#line+1] = ("(SNI:%q)"):format(name);
end
end
else
line[#line+1] = "(insecure)";
end
@ -555,9 +611,16 @@ local function get_jid(session)
return jid_join("["..ip.."]:"..clientport, session.host or "["..serverip.."]:"..serverport);
end
local function get_c2s()
local c2s = array.collect(values(prosody.full_sessions));
c2s:append(array.collect(values(module:shared"/*/c2s/sessions")));
c2s:append(array.collect(values(module:shared"/*/bosh/sessions")));
c2s:unique();
return c2s;
end
local function show_c2s(callback)
local c2s = array.collect(values(module:shared"/*/c2s/sessions"));
c2s:sort(function(a, b)
get_c2s():sort(function(a, b)
if a.host == b.host then
if a.username == b.username then
return (a.resource or "") > (b.resource or "");
@ -571,7 +634,8 @@ local function show_c2s(callback)
end
function def_env.c2s:count()
return true, "Total: ".. iterators.count(values(module:shared"/*/c2s/sessions")) .." clients";
local c2s = get_c2s();
return true, "Total: ".. #c2s .." clients";
end
function def_env.c2s:show(match_jid, annotate)
@ -617,17 +681,36 @@ function def_env.c2s:show_tls(match_jid)
return self:show(match_jid, tls_info);
end
function def_env.c2s:close(match_jid)
local function build_reason(text, condition)
if text or condition then
return {
text = text,
condition = condition or "undefined-condition",
};
end
end
function def_env.c2s:close(match_jid, text, condition)
local count = 0;
show_c2s(function (jid, session)
if jid == match_jid or jid_bare(jid) == match_jid then
count = count + 1;
session:close();
session:close(build_reason(text, condition));
end
end);
return true, "Total: "..count.." sessions closed";
end
function def_env.c2s:closeall(text, condition)
local count = 0;
--luacheck: ignore 212/jid
show_c2s(function (jid, session)
count = count + 1;
session:close(build_reason(text, condition));
end);
return true, "Total: "..count.." sessions closed";
end
def_env.s2s = {};
function def_env.s2s:show(match_jid, annotate)
@ -828,7 +911,7 @@ function def_env.s2s:showcert(domain)
.." presented by "..domain..".");
end
function def_env.s2s:close(from, to)
function def_env.s2s:close(from, to, text, condition)
local print, count = self.session.print, 0;
local s2s_sessions = module:shared"/*/s2s/sessions";
@ -842,23 +925,23 @@ function def_env.s2s:close(from, to)
end
for _, session in pairs(s2s_sessions) do
local id = session.type..tostring(session):match("[a-f0-9]+$");
local id = session.id or (session.type..tostring(session):match("[a-f0-9]+$"));
if (match_id and match_id == id)
or (session.from_host == from and session.to_host == to) then
print(("Closing connection from %s to %s [%s]"):format(session.from_host, session.to_host, id));
(session.close or s2smanager.destroy_session)(session);
(session.close or s2smanager.destroy_session)(session, build_reason(text, condition));
count = count + 1 ;
end
end
return true, "Closed "..count.." s2s session"..((count == 1 and "") or "s");
end
function def_env.s2s:closeall(host)
function def_env.s2s:closeall(host, text, condition)
local count = 0;
local s2s_sessions = module:shared"/*/s2s/sessions";
for _,session in pairs(s2s_sessions) do
if not host or session.from_host == host or session.to_host == host then
session:close();
session:close(build_reason(text, condition));
count = count + 1;
end
end
@ -1062,13 +1145,28 @@ end
def_env.xmpp = {};
local st = require "util.stanza";
function def_env.xmpp:ping(localhost, remotehost)
if prosody.hosts[localhost] then
module:send(st.iq{ from=localhost, to=remotehost, type="get", id="ping" }
:tag("ping", {xmlns="urn:xmpp:ping"}), prosody.hosts[localhost]);
return true, "Sent ping";
local new_id = require "util.id".medium;
function def_env.xmpp:ping(localhost, remotehost, timeout)
localhost = select(2, jid_split(localhost));
remotehost = select(2, jid_split(remotehost));
if not localhost then
return nil, "Invalid sender hostname";
elseif not prosody.hosts[localhost] then
return nil, "No such local host";
end
if not remotehost then
return nil, "Invalid destination hostname";
elseif prosody.hosts[remotehost] then
return nil, "Both hosts are local";
end
local iq = st.iq{ from=localhost, to=remotehost, type="get", id=new_id()}
:tag("ping", {xmlns="urn:xmpp:ping"});
local time_start = time.now();
local ret, err = async.wait(module:context(localhost):send_iq(iq, nil, timeout));
if ret then
return true, ("pong from %s in %gs"):format(ret.stanza.attr.from, time.now() - time_start);
else
return nil, "No such host";
return false, tostring(err);
end
end
@ -1207,7 +1305,7 @@ local function format_stat(type, value, ref_value)
--do return tostring(value) end
if type == "duration" then
if ref_value < 0.001 then
return ("%d µs"):format(value*1000000);
return ("%g µs"):format(value*1000000);
elseif ref_value < 0.9 then
return ("%0.2f ms"):format(value*1000);
end
@ -1495,7 +1593,7 @@ function def_env.stats:show(filter)
local stats, changed, extra = require "core.statsmanager".get_stats();
local available, displayed = 0, 0;
local displayed_stats = new_stats_context(self);
for name, value in pairs(stats) do
for name, value in iterators.sorted_pairs(stats) do
available = available + 1;
if not filter or name:match(filter) then
displayed = displayed + 1;

14
plugins/mod_auth_internal_hashed.lua
View file

@ -9,7 +9,7 @@
local max = math.max;
local getAuthenticationDatabaseSHA1 = require "util.sasl.scram".getAuthenticationDatabaseSHA1;
local scram_hashers = require "util.sasl.scram".hashers;
local usermanager = require "core.usermanager";
local generate_uuid = require "util.uuid".generate;
local new_sasl = require "util.sasl".new;
@ -21,7 +21,9 @@ local host = module.host;
local accounts = module:open_store("accounts");
local hash_name = module:get_option_string("password_hash", "SHA-1");
local get_auth_db = assert(scram_hashers[hash_name], "SCRAM-"..hash_name.." not supported by SASL library");
local scram_name = "scram_"..hash_name:gsub("%-","_"):lower();
-- Default; can be set per-user
local default_iteration_count = 4096;
@ -49,7 +51,7 @@ function provider.test_password(username, password)
return nil, "Auth failed. Stored salt and iteration count information is not complete.";
end
local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, credentials.salt, credentials.iteration_count);
local valid, stored_key, server_key = get_auth_db(password, credentials.salt, credentials.iteration_count);
local stored_key_hex = to_hex(stored_key);
local server_key_hex = to_hex(server_key);
@ -67,7 +69,7 @@ function provider.set_password(username, password)
if account then
account.salt = generate_uuid();
account.iteration_count = max(account.iteration_count or 0, default_iteration_count);
local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, account.salt, account.iteration_count);
local valid, stored_key, server_key = get_auth_db(password, account.salt, account.iteration_count);
local stored_key_hex = to_hex(stored_key);
local server_key_hex = to_hex(server_key);
@ -98,7 +100,7 @@ function provider.create_user(username, password)
return accounts:set(username, {});
end
local salt = generate_uuid();
local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, salt, default_iteration_count);
local valid, stored_key, server_key = get_auth_db(password, salt, default_iteration_count);
local stored_key_hex = to_hex(stored_key);
local server_key_hex = to_hex(server_key);
return accounts:set(username, {
@ -116,7 +118,7 @@ function provider.get_sasl_handler()
plain_test = function(_, username, password, realm)
return usermanager.test_password(username, realm, password), true;
end,
scram_sha_1 = function(_, username)
[scram_name] = function(_, username)
local credentials = accounts:get(username);
if not credentials then return; end
if credentials.password then

5
plugins/mod_blocklist.lua
View file

@ -67,7 +67,7 @@ local function migrate_privacy_list(username)
if item.type == "jid" and item.action == "deny" then
local jid = jid_prep(item.value);
if not jid then
module:log("warn", "Invalid JID in privacy store for user '%s' not migrated: %s", username, tostring(item.value));
module:log("warn", "Invalid JID in privacy store for user '%s' not migrated: %s", username, item.value);
else
migrated_data[jid] = true;
end
@ -162,7 +162,7 @@ local function edit_blocklist(event)
local blocklist = cache[username] or get_blocklist(username);
local new_blocklist = {
-- We set the [false] key to someting as a signal not to migrate privacy lists
-- We set the [false] key to something as a signal not to migrate privacy lists
[false] = blocklist[false] or { created = now; };
};
if type(blocklist[false]) == "table" then
@ -189,6 +189,7 @@ local function edit_blocklist(event)
if is_blocking then
for jid in pairs(send_unavailable) do
-- Check that this JID isn't already blocked, i.e. this is not a change
if not blocklist[jid] then
for _, session in pairs(sessions[username].sessions) do
if session.presence then

84
plugins/mod_bosh.lua
View file

@ -44,19 +44,41 @@ local bosh_max_polling = module:get_option_number("bosh_max_polling", 5);
local bosh_max_wait = module:get_option_number("bosh_max_wait", 120);
local consider_bosh_secure = module:get_option_boolean("consider_bosh_secure");
local cross_domain = module:get_option("cross_domain_bosh", false);
local cross_domain = module:get_option("cross_domain_bosh");
if cross_domain == true then cross_domain = "*"; end
if type(cross_domain) == "table" then cross_domain = table.concat(cross_domain, ", "); end
if cross_domain ~= nil then
module:log("info", "The 'cross_domain_bosh' option has been deprecated");
end
local t_insert, t_remove, t_concat = table.insert, table.remove, table.concat;
-- All sessions, and sessions that have no requests open
local sessions = module:shared("sessions");
local measure_active = module:measure("active_sessions", "amount");
local measure_inactive = module:measure("inactive_sessions", "amount");
local report_bad_host = module:measure("bad_host", "rate");
local report_bad_sid = module:measure("bad_sid", "rate");
local report_new_sid = module:measure("new_sid", "rate");
local report_timeout = module:measure("timeout", "rate");
module:hook("stats-update", function ()
local active = 0;
local inactive = 0;
for _, session in pairs(sessions) do
if #session.requests > 0 then
active = active + 1;
else
inactive = inactive + 1;
end
end
measure_active(active);
measure_inactive(inactive);
end);
-- Used to respond to idle sessions (those with waiting requests)
function on_destroy_request(request)
log("debug", "Request destroyed: %s", tostring(request));
log("debug", "Request destroyed: %s", request);
local session = sessions[request.context.sid];
if session then
local requests = session.requests;
@ -73,7 +95,7 @@ function on_destroy_request(request)
if session.inactive_timer then
session.inactive_timer:stop();
end
session.inactive_timer = module:add_timer(max_inactive, check_inactive, session, request.context,
session.inactive_timer = module:add_timer(max_inactive, session_timeout, session, request.context,
"BOSH client silent for over "..max_inactive.." seconds");
(session.log or log)("debug", "BOSH session marked as inactive (for %ds)", max_inactive);
end
@ -84,31 +106,16 @@ function on_destroy_request(request)
end
end
function check_inactive(now, session, context, reason) -- luacheck: ignore 212/now
function session_timeout(now, session, context, reason) -- luacheck: ignore 212/now
if not session.destroyed then
report_timeout();
sessions[context.sid] = nil;
sm_destroy_session(session, reason);
end
end
local function set_cross_domain_headers(response)
local headers = response.headers;
headers.access_control_allow_methods = "GET, POST, OPTIONS";
headers.access_control_allow_headers = "Content-Type";
headers.access_control_max_age = "7200";
headers.access_control_allow_origin = cross_domain;
return response;
end
function handle_OPTIONS(event)
if cross_domain and event.request.headers.origin then
set_cross_domain_headers(event.response);
end
return "";
end
function handle_POST(event)
log("debug", "Handling new request %s: %s\n----------", tostring(event.request), tostring(event.request.body));
log("debug", "Handling new request %s: %s\n----------", event.request, event.request.body);
local request, response = event.request, event.response;
response.on_destroy = on_destroy_request;
@ -121,10 +128,6 @@ function handle_POST(event)
local headers = response.headers;
headers.content_type = "text/xml; charset=utf-8";
if cross_domain and request.headers.origin then
set_cross_domain_headers(response);
end
-- stream:feed() calls the stream_callbacks, so all stanzas in
-- the body are processed in this next line before it returns.
-- In particular, the streamopened() stream callback is where
@ -205,6 +208,7 @@ function handle_POST(event)
return;
end
module:log("warn", "Unable to associate request with a session (incomplete request?)");
report_bad_sid();
local close_reply = st.stanza("body", { xmlns = xmlns_bosh, type = "terminate",
["xmlns:stream"] = xmlns_streams, condition = "item-not-found" });
return tostring(close_reply) .. "\n";
@ -220,7 +224,7 @@ local function bosh_reset_stream(session) session.notopen = true; end
local stream_xmlns_attr = { xmlns = "urn:ietf:params:xml:ns:xmpp-streams" };
local function bosh_close_stream(session, reason)
(session.log or log)("info", "BOSH client disconnected: %s", tostring((reason and reason.condition or reason) or "session close"));
(session.log or log)("info", "BOSH client disconnected: %s", (reason and reason.condition or reason) or "session close");
local close_reply = st.stanza("body", { xmlns = xmlns_bosh, type = "terminate",
["xmlns:stream"] = xmlns_streams });
@ -245,7 +249,7 @@ local function bosh_close_stream(session, reason)
close_reply = reason;
end
end
log("info", "Disconnecting client, <stream:error> is: %s", tostring(close_reply));
log("info", "Disconnecting client, <stream:error> is: %s", close_reply);
end
local response_body = tostring(close_reply);
@ -268,17 +272,27 @@ function stream_callbacks.streamopened(context, attr)
-- New session request
context.notopen = nil; -- Signals that we accept this opening tag
if not attr.to then
log("debug", "BOSH client tried to connect without specifying a host");
report_bad_host();
local close_reply = st.stanza("body", { xmlns = xmlns_bosh, type = "terminate",
["xmlns:stream"] = xmlns_streams, condition = "improper-addressing" });
response:send(tostring(close_reply));
return;
end
local to_host = nameprep(attr.to);
local wait = tonumber(attr.wait);
if not to_host then
log("debug", "BOSH client tried to connect to invalid host: %s", tostring(attr.to));
log("debug", "BOSH client tried to connect to invalid host: %s", attr.to);
report_bad_host();
local close_reply = st.stanza("body", { xmlns = xmlns_bosh, type = "terminate",
["xmlns:stream"] = xmlns_streams, condition = "improper-addressing" });
response:send(tostring(close_reply));
return;
end
if not rid or (not attr.wait or not wait or wait < 0 or wait % 1 ~= 0) then
log("debug", "BOSH client sent invalid rid or wait attributes: rid=%s, wait=%s", tostring(attr.rid), tostring(attr.wait));
log("debug", "BOSH client sent invalid rid or wait attributes: rid=%s, wait=%s", attr.rid, attr.wait);
local close_reply = st.stanza("body", { xmlns = xmlns_bosh, type = "terminate",
["xmlns:stream"] = xmlns_streams, condition = "bad-request" });
response:send(tostring(close_reply));
@ -309,6 +323,7 @@ function stream_callbacks.streamopened(context, attr)
session.log("debug", "BOSH session created for request from %s", session.ip);
log("info", "New BOSH session, assigned it sid '%s'", sid);
report_new_sid();
module:fire_event("bosh-session", { session = session, request = request });
@ -323,7 +338,7 @@ function stream_callbacks.streamopened(context, attr)
s.attr.xmlns = "jabber:client";
end
s = filter("stanzas/out", s);
--log("debug", "Sending BOSH data: %s", tostring(s));
--log("debug", "Sending BOSH data: %s", s);
if not s then return true end
t_insert(session.send_buffer, tostring(s));
@ -363,6 +378,7 @@ function stream_callbacks.streamopened(context, attr)
if not session then
-- Unknown sid
log("info", "Client tried to use sid '%s' which we don't know about", sid);
report_bad_sid();
response:send(tostring(st.stanza("body", { xmlns = xmlns_bosh, type = "terminate", condition = "item-not-found" })));
context.notopen = nil;
return;
@ -425,7 +441,7 @@ function stream_callbacks.streamopened(context, attr)
end
end
local function handleerr(err) log("error", "Traceback[bosh]: %s", traceback(tostring(err), 2)); end
local function handleerr(err) log("error", "Traceback[bosh]: %s", traceback(err, 2)); end
function runner_callbacks:error(err) -- luacheck: ignore 212/self
return handleerr(err);
@ -511,8 +527,6 @@ module:provides("http", {
route = {
["GET"] = GET_response;
["GET /"] = GET_response;
["OPTIONS"] = handle_OPTIONS;
["OPTIONS /"] = handle_OPTIONS;
["POST"] = handle_POST;
["POST /"] = handle_POST;
};

27
plugins/mod_c2s.lua
View file

@ -56,6 +56,11 @@ local stream_xmlns_attr = {xmlns='urn:ietf:params:xml:ns:xmpp-streams'};
function stream_callbacks.streamopened(session, attr)
local send = session.send;
if not attr.to then
session:close{ condition = "improper-addressing",
text = "A 'to' attribute is required on stream headers" };
return;
end
local host = nameprep(attr.to);
if not host then
session:close{ condition = "improper-addressing",
@ -97,7 +102,6 @@ function stream_callbacks.streamopened(session, attr)
session.compressed = info.compression;
else
(session.log or log)("info", "Stream encrypted");
session.compressed = sock.compression and sock:compression(); --COMPAT mw/luasec-hg
end
end
@ -106,7 +110,13 @@ function stream_callbacks.streamopened(session, attr)
if features.tags[1] or session.full_jid then
send(features);
else
(session.log or log)("warn", "No stream features to offer");
if session.secure then
-- Normally STARTTLS would be offered
(session.log or log)("warn", "No stream features to offer on secure session. Check authentication settings.");
else
-- Here SASL should be offered
(session.log or log)("warn", "No stream features to offer on insecure session. Check encryption and security settings.");
end
session:close{ condition = "undefined-condition", text = "No stream features to proceed with" };
end
end
@ -121,7 +131,7 @@ function stream_callbacks.error(session, error, data)
session.log("debug", "Invalid opening stream header (%s)", (data:gsub("^([^\1]+)\1", "{%1}")));
session:close("invalid-namespace");
elseif error == "parse-error" then
(session.log or log)("debug", "Client XML parse error: %s", tostring(data));
(session.log or log)("debug", "Client XML parse error: %s", data);
session:close("not-well-formed");
elseif error == "stream-error" then
local condition, text = "undefined-condition";
@ -251,8 +261,6 @@ function listener.onconnect(conn)
local sock = conn:socket();
if sock.info then
session.compressed = sock:info"compression";
elseif sock.compression then
session.compressed = sock:compression(); --COMPAT mw/luasec-hg
end
end
@ -283,7 +291,7 @@ function listener.onconnect(conn)
if data then
local ok, err = stream:feed(data);
if not ok then
log("debug", "Received invalid XML (%s) %d bytes: %s", tostring(err), #data, data:sub(1, 300):gsub("[\r\n]+", " "):gsub("[%z\1-\31]", "_"));
log("debug", "Received invalid XML (%s) %d bytes: %q", err, #data, data:sub(1, 300));
session:close("not-well-formed");
end
end
@ -327,6 +335,13 @@ function listener.onreadtimeout(conn)
end
end
function listener.ondrain(conn)
local session = sessions[conn];
if session then
return (hosts[session.host] or prosody).events.fire_event("c2s-ondrain", { session = session });
end
end
local function keepalive(event)
local session = event.session;
if not session.notopen then

16
plugins/mod_component.lua
View file

@ -49,6 +49,7 @@ function module.add_host(module)
local send;
local function on_destroy(session, err) --luacheck: ignore 212/err
module:set_status("warn", err and ("Disconnected: "..err) or "Disconnected");
env.connected = false;
env.session = false;
send = nil;
@ -102,6 +103,7 @@ function module.add_host(module)
module:log("info", "External component successfully authenticated");
session.send(st.stanza("handshake"));
module:fire_event("component-authenticated", { session = session });
module:set_status("info", "Connected");
return true;
end
@ -165,11 +167,11 @@ local xmlns_xmpp_streams = "urn:ietf:params:xml:ns:xmpp-streams";
function stream_callbacks.error(session, error, data)
if session.destroyed then return; end
module:log("warn", "Error processing component stream: %s", tostring(error));
module:log("warn", "Error processing component stream: %s", error);
if error == "no-stream" then
session:close("invalid-namespace");
elseif error == "parse-error" then
session.log("warn", "External component %s XML parse error: %s", tostring(session.host), tostring(data));
session.log("warn", "External component %s XML parse error: %s", session.host, data);
session:close("not-well-formed");
elseif error == "stream-error" then
local condition, text = "undefined-condition";
@ -206,7 +208,7 @@ function stream_callbacks.streamclosed(session)
session:close();
end
local function handleerr(err) log("error", "Traceback[component]: %s", traceback(tostring(err), 2)); end
local function handleerr(err) log("error", "Traceback[component]: %s", traceback(err, 2)); end
function stream_callbacks.handlestanza(session, stanza)
-- Namespaces are icky.
if not stanza.attr.xmlns and stanza.name == "handshake" then
@ -266,10 +268,10 @@ local function session_close(session, reason)
if reason.extra then
stanza:add_child(reason.extra);
end
module:log("info", "Disconnecting component, <stream:error> is: %s", tostring(stanza));
module:log("info", "Disconnecting component, <stream:error> is: %s", stanza);
session.send(stanza);
elseif reason.name then -- a stanza
module:log("info", "Disconnecting component, <stream:error> is: %s", tostring(reason));
module:log("info", "Disconnecting component, <stream:error> is: %s", reason);
session.send(reason);
end
end
@ -310,7 +312,7 @@ function listener.onconnect(conn)
function session.data(_, data)
local ok, err = stream:feed(data);
if ok then return; end
module:log("debug", "Received invalid XML (%s) %d bytes: %s", tostring(err), #data, data:sub(1, 300):gsub("[\r\n]+", " "):gsub("[%z\1-\31]", "_"));
log("debug", "Received invalid XML (%s) %d bytes: %q", err, #data, data:sub(1, 300));
session:close("not-well-formed");
end
@ -325,7 +327,7 @@ end
function listener.ondisconnect(conn, err)
local session = sessions[conn];
if session then
(session.log or log)("info", "component disconnected: %s (%s)", tostring(session.host), tostring(err));
(session.log or log)("info", "component disconnected: %s (%s)", session.host, err);
if session.host then
module:context(session.host):fire_event("component-disconnected", { session = session, reason = err });
end

14
plugins/mod_csi.lua
View file

@ -2,8 +2,9 @@ local st = require "util.stanza";
local xmlns_csi = "urn:xmpp:csi:0";
local csi_feature = st.stanza("csi", { xmlns = xmlns_csi });
local csi_handler_available = nil;
module:hook("stream-features", function (event)
if event.origin.username then
if event.origin.username and csi_handler_available then
event.features:add_child(csi_feature);
end
end);
@ -21,3 +22,14 @@ end
module:hook("stanza/"..xmlns_csi..":active", refire_event("csi-client-active"));
module:hook("stanza/"..xmlns_csi..":inactive", refire_event("csi-client-inactive"));
function module.load()
if prosody.hosts[module.host].events._handlers["csi-client-active"] then
csi_handler_available = true;
module:set_status("core", "CSI handler module loaded");
else
csi_handler_available = false;
module:set_status("warn", "No CSI handler module loaded");
end
end
module:hook("module-loaded", module.load);
module:hook("module-unloaded", module.load);

146
plugins/mod_csi_simple.lua
View file

@ -9,40 +9,7 @@ module:depends"csi"
local jid = require "util.jid";
local st = require "util.stanza";
local dt = require "util.datetime";
local new_queue = require "util.queue".new;
local function new_pump(output, ...)
-- luacheck: ignore 212/self
local q = new_queue(...);
local flush = true;
function q:pause()
flush = false;
end
function q:resume()
flush = true;
return q:flush();
end
local push = q.push;
function q:push(item)
local ok = push(self, item);
if not ok then
q:flush();
output(item, self);
elseif flush then
return q:flush();
end
return true;
end
function q:flush()
local item = self:pop();
while item do
output(item, self);
item = self:pop();
end
return true;
end
return q;
end
local filters = require "util.filters";
local queue_size = module:get_option_number("csi_queue_size", 256);
@ -84,37 +51,98 @@ module:hook("csi-is-stanza-important", function (event)
return true;
end, -1);
local function with_timestamp(stanza, from)
if st.is_stanza(stanza) and stanza.attr.xmlns == nil and stanza.name ~= "iq" then
stanza = st.clone(stanza);
stanza:add_direct_child(st.stanza("delay", {xmlns = "urn:xmpp:delay", from = from, stamp = dt.datetime()}));
end
return stanza;
end
local function manage_buffer(stanza, session)
local ctr = session.csi_counter or 0;
if ctr >= queue_size then
session.log("debug", "Queue size limit hit, flushing buffer (queue size is %d)", session.csi_counter);
session.conn:resume_writes();
elseif module:fire_event("csi-is-stanza-important", { stanza = stanza, session = session }) then
session.log("debug", "Important stanza, flushing buffer (queue size is %d)", session.csi_counter);
session.conn:resume_writes();
else
stanza = with_timestamp(stanza, jid.join(session.username, session.host))
end
session.csi_counter = ctr + 1;
return stanza;
end
local function flush_buffer(data, session)
if session.csi_flushing then
return data;
end
session.csi_flushing = true;
session.log("debug", "Client sent something, flushing buffer once (queue size is %d)", session.csi_counter);
session.conn:resume_writes();
return data;
end
function enable_optimizations(session)
if session.conn and session.conn.pause_writes then
session.conn:pause_writes();
filters.add_filter(session, "stanzas/out", manage_buffer);
filters.add_filter(session, "bytes/in", flush_buffer);
else
session.log("warn", "Session connection does not support write pausing");
end
end
function disable_optimizations(session)
session.csi_flushing = nil;
filters.remove_filter(session, "stanzas/out", manage_buffer);
filters.remove_filter(session, "bytes/in", flush_buffer);
if session.conn and session.conn.resume_writes then
session.conn:resume_writes();
end
end
module:hook("csi-client-inactive", function (event)
local session = event.origin;
if session.pump then
session.pump:pause();
else
local bare_jid = jid.join(session.username, session.host);
local send = session.send;
session._orig_send = send;
local pump = new_pump(session.send, queue_size);
pump:pause();
session.pump = pump;
function session.send(stanza)
if session.state == "active" or module:fire_event("csi-is-stanza-important", { stanza = stanza, session = session }) then
pump:flush();
send(stanza);
else
if st.is_stanza(stanza) and stanza.attr.xmlns == nil and stanza.name ~= "iq" then
stanza = st.clone(stanza);
stanza:add_direct_child(st.stanza("delay", {xmlns = "urn:xmpp:delay", from = bare_jid, stamp = dt.datetime()}));
end
pump:push(stanza);
end
return true;
end
end
enable_optimizations(session);
end);
module:hook("csi-client-active", function (event)
local session = event.origin;
if session.pump then
session.pump:resume();
disable_optimizations(session);
end);
module:hook("pre-resource-unbind", function (event)
local session = event.session;
disable_optimizations(session);
end, 1);
module:hook("c2s-ondrain", function (event)
local session = event.session;
if session.state == "inactive" and session.conn and session.conn.pause_writes then
session.conn:pause_writes();
session.log("debug", "Buffer flushed, resuming inactive mode (queue size was %d)", session.csi_counter);
session.csi_counter = 0;
end
end);
function module.load()
for _, user_session in pairs(prosody.hosts[module.host].sessions) do
for _, session in pairs(user_session.sessions) do
if session.state == "inactive" then
enable_optimizations(session);
end
end
end
end
function module.unload()
for _, user_session in pairs(prosody.hosts[module.host].sessions) do
for _, session in pairs(user_session.sessions) do
if session.state == "inactive" then
disable_optimizations(session);
end
end
end
end

6
plugins/mod_dialback.lua
View file

@ -93,6 +93,11 @@ module:hook("stanza/jabber:server:dialback:result", function(event)
-- he wants to be identified through dialback
-- We need to check the key with the Authoritative server
local attr = stanza.attr;
if not attr.to or not attr.from then
origin.log("debug", "Missing Dialback addressing (from=%q, to=%q)", attr.from, attr.to);
origin:close("improper-addressing");
return true;
end
local to, from = nameprep(attr.to), nameprep(attr.from);
if not hosts[to] then
@ -102,6 +107,7 @@ module:hook("stanza/jabber:server:dialback:result", function(event)
return true;
elseif not from then
origin:close("improper-addressing");
return true;
end
if dwd and origin.secure then

6
plugins/mod_groups.lua
View file

@ -25,7 +25,7 @@ function inject_roster_contacts(event)
local function import_jids_to_roster(group_name)
for jid in pairs(groups[group_name]) do
-- Add them to roster
--module:log("debug", "processing jid %s in group %s", tostring(jid), tostring(group_name));
--module:log("debug", "processing jid %s in group %s", jid, group_name);
if jid ~= bare_jid then
if not roster[jid] then roster[jid] = {}; end
roster[jid].subscription = "both";
@ -99,7 +99,7 @@ function module.load()
end
members[false][#members[false]+1] = curr_group; -- Is a public group
end
module:log("debug", "New group: %s", tostring(curr_group));
module:log("debug", "New group: %s", curr_group);
groups[curr_group] = groups[curr_group] or {};
else
-- Add JID
@ -108,7 +108,7 @@ function module.load()
local jid;
jid = jid_prep(entryjid:match("%S+"));
if jid then
module:log("debug", "New member of %s: %s", tostring(curr_group), tostring(jid));
module:log("debug", "New member of %s: %s", curr_group, jid);
groups[curr_group][jid] = name or false;
members[jid] = members[jid] or {};
members[jid][#members[jid]+1] = curr_group;

57
plugins/mod_http.lua
View file

@ -7,13 +7,16 @@
--
module:set_global();
module:depends("http_errors");
pcall(function ()
module:depends("http_errors");
end);
local portmanager = require "core.portmanager";
local moduleapi = require "core.moduleapi";
local url_parse = require "socket.url".parse;
local url_build = require "socket.url".build;
local normalize_path = require "util.http".normalize_path;
local set = require "util.set";
local server = require "net.http.server";
@ -22,6 +25,12 @@ server.set_default_host(module:get_option_string("http_default_host"));
server.set_option("body_size_limit", module:get_option_number("http_max_content_size"));
server.set_option("buffer_size_limit", module:get_option_number("http_max_buffer_size"));
-- CORS settigs
local opt_methods = module:get_option_set("access_control_allow_methods", { "GET", "OPTIONS" });
local opt_headers = module:get_option_set("access_control_allow_headers", { "Content-Type" });
local opt_credentials = module:get_option_boolean("access_control_allow_credentials", false);
local opt_max_age = module:get_option_number("access_control_max_age", 2 * 60 * 60);
local function get_http_event(host, app_path, key)
local method, path = key:match("^(%S+)%s+(.+)$");
if not method then -- No path specified, default to "" (base path)
@ -83,6 +92,16 @@ function moduleapi.http_url(module, app_name, default_path)
return "http://disabled.invalid/";
end
local function apply_cors_headers(response, methods, headers, max_age, allow_credentials, origin)
response.headers.access_control_allow_methods = tostring(methods);
response.headers.access_control_allow_headers = tostring(headers);
response.headers.access_control_max_age = tostring(max_age)
response.headers.access_control_allow_origin = origin or "*";
if allow_credentials then
response.headers.access_control_allow_credentials = "true";
end
end
function module.add_host(module)
local host = module.host;
if host ~= "*" then
@ -101,9 +120,27 @@ function module.add_host(module)
end
apps[app_name] = apps[app_name] or {};
local app_handlers = apps[app_name];
local app_methods = opt_methods;
local function cors_handler(event_data)
local request, response = event_data.request, event_data.response;
apply_cors_headers(response, app_methods, opt_headers, opt_max_age, opt_credentials, request.headers.origin);
end
local function options_handler(event_data)
cors_handler(event_data);
return "";
end
for key, handler in pairs(event.item.route or {}) do
local event_name = get_http_event(host, app_path, key);
if event_name then
local method = event_name:match("^%S+");
if not app_methods:contains(method) then
app_methods = app_methods + set.new{ method };
end
local options_event_name = event_name:gsub("^%S+", "OPTIONS");
if type(handler) ~= "function" then
local data = handler;
handler = function () return data; end
@ -119,8 +156,14 @@ function module.add_host(module)
module:hook_object_event(server, event_name:sub(1, -2), redir_handler, -1);
end
if not app_handlers[event_name] then
app_handlers[event_name] = handler;
app_handlers[event_name] = {
main = handler;
cors = cors_handler;
options = options_handler;
};
module:hook_object_event(server, event_name, handler);
module:hook_object_event(server, event_name, cors_handler, 1);
module:hook_object_event(server, options_event_name, options_handler, -1);
else
module:log("warn", "App %s added handler twice for '%s', ignoring", app_name, event_name);
end
@ -139,8 +182,11 @@ function module.add_host(module)
local function http_app_removed(event)
local app_handlers = apps[event.item.name];
apps[event.item.name] = nil;
for event_name, handler in pairs(app_handlers) do
module:unhook_object_event(server, event_name, handler);
for event_name, handlers in pairs(app_handlers) do
module:unhook_object_event(server, event_name, handlers.main);
module:unhook_object_event(server, event_name, handlers.cors);
local options_event_name = event_name:gsub("^%S+", "OPTIONS");
module:unhook_object_event(server, options_event_name, handlers.options);
end
end
@ -195,9 +241,6 @@ module:provides("net", {
listener = server.listener;
default_port = 5281;
encryption = "ssl";
ssl_config = {
verify = "none";
};
multiplex = {
pattern = "^[A-Z]";
};

37
plugins/mod_http_errors.lua
View file

@ -26,21 +26,24 @@ local html = [[
<meta charset="utf-8">
<title>{title}</title>
<style>
body{
margin-top:14%;
text-align:center;
background-color:#F8F8F8;
font-family:sans-serif;
body {
margin-top : 14%;
text-align : center;
background-color : #F8F8F8;
font-family : sans-serif
}
h1{
font-size:xx-large;
h1 {
font-size : xx-large
}
p{
font-size:x-large;
p {
font-size : x-large
}
p+p {
font-size:large;
font-family:courier;
font-size : large;
font-family : courier
}
</style>
</head>
@ -72,3 +75,15 @@ module:hook_object_event(server, "http-error", function (event)
end
return get_page(event.code, (show_private and event.private_message) or event.message);
end);
module:hook_object_event(server, "http-error", function (event)
local request, response = event.request, event.response;
if request and response and request.path == "/" and response.status_code == 404 then
response.headers.content_type = "text/html; charset=utf-8";
return render(html, {
title = "Prosody is running!";
message = "Welcome to the XMPP world!";
});
end
end, 1);

171
plugins/mod_http_files.lua
View file

@ -7,14 +7,9 @@
--
module:depends("http");
local server = require"net.http.server";
local lfs = require "lfs";
local os_date = os.date;
local open = io.open;
local stat = lfs.attributes;
local build_path = require"socket.url".build_path;
local path_sep = package.config:sub(1,1);
local fileserver = require"net.http.files";
local base_path = module:get_option_path("http_files_dir", module:get_option_path("http_path"));
local cache_size = module:get_option_number("http_files_cache_size", 128);
@ -51,148 +46,56 @@ if not mime_map then
end
end
local forbidden_chars_pattern = "[/%z]";
if prosody.platform == "windows" then
forbidden_chars_pattern = "[/%z\001-\031\127\"*:<>?|]"
local function get_calling_module()
local info = debug.getinfo(3, "S");
if not info then return "An unknown module"; end
return info.source:match"mod_[^/\\.]+" or info.short_src;
end
local urldecode = require "util.http".urldecode;
function sanitize_path(path)
if not path then return end
local out = {};
local c = 0;
for component in path:gmatch("([^/]+)") do
component = urldecode(component);
if component:find(forbidden_chars_pattern) then
return nil;
elseif component == ".." then
if c <= 0 then
return nil;
end
out[c] = nil;
c = c - 1;
elseif component ~= "." then
c = c + 1;
out[c] = component;
end
end
if path:sub(-1,-1) == "/" then
out[c+1] = "";
end
return "/"..table.concat(out, "/");
end
local cache = require "util.cache".new(cache_size);
-- COMPAT -- TODO deprecate
function serve(opts)
if type(opts) ~= "table" then -- assume path string
opts = { path = opts };
end
-- luacheck: ignore 431
local base_path = opts.path;
local dir_indices = opts.index_files or dir_indices;
local directory_index = opts.directory_index;
local function serve_file(event, path)
local request, response = event.request, event.response;
local sanitized_path = sanitize_path(path);
if path and not sanitized_path then
return 400;
end
path = sanitized_path;
local orig_path = sanitize_path(request.path);
local full_path = base_path .. (path or ""):gsub("/", path_sep);
local attr = stat(full_path:match("^.*[^\\/]")); -- Strip trailing path separator because Windows
if not attr then
return 404;
end
local request_headers, response_headers = request.headers, response.headers;
local last_modified = os_date('!%a, %d %b %Y %H:%M:%S GMT', attr.modification);
response_headers.last_modified = last_modified;
local etag = ('"%02x-%x-%x-%x"'):format(attr.dev or 0, attr.ino or 0, attr.size or 0, attr.modification or 0);
response_headers.etag = etag;
local if_none_match = request_headers.if_none_match
local if_modified_since = request_headers.if_modified_since;
if etag == if_none_match
or (not if_none_match and last_modified == if_modified_since) then
return 304;
end
local data = cache:get(orig_path);
if data and data.etag == etag then
response_headers.content_type = data.content_type;
data = data.data;
elseif attr.mode == "directory" and path then
if full_path:sub(-1) ~= "/" then
local dir_path = { is_absolute = true, is_directory = true };
for dir in orig_path:gmatch("[^/]+") do dir_path[#dir_path+1]=dir; end
response_headers.location = build_path(dir_path);
return 301;
end
for i=1,#dir_indices do
if stat(full_path..dir_indices[i], "mode") == "file" then
return serve_file(event, path..dir_indices[i]);
end
end
if directory_index then
data = server._events.fire_event("directory-index", { path = request.path, full_path = full_path });
end
if not data then
return 403;
end
cache:set(orig_path, { data = data, content_type = mime_map.html; etag = etag; });
response_headers.content_type = mime_map.html;
else
local f, err = open(full_path, "rb");
if not f then
module:log("debug", "Could not open %s. Error was %s", full_path, err);
return 403;
end
local ext = full_path:match("%.([^./]+)$");
local content_type = ext and mime_map[ext];
response_headers.content_type = content_type;
if attr.size > cache_max_file_size then
response_headers.content_length = attr.size;
module:log("debug", "%d > cache_max_file_size", attr.size);
return response:send_file(f);
else
data = f:read("*a");
f:close();
end
cache:set(orig_path, { data = data; content_type = content_type; etag = etag });
end
return response:send(data);
if opts.directory_index == nil then
opts.directory_index = directory_index;
end
return serve_file;
if opts.mime_map == nil then
opts.mime_map = mime_map;
end
if opts.cache_size == nil then
opts.cache_size = cache_size;
end
if opts.cache_max_file_size == nil then
opts.cache_max_file_size = cache_max_file_size;
end
if opts.index_files == nil then
opts.index_files = dir_indices;
end
-- TODO Crank up to warning
module:log("debug", "%s should be updated to use 'net.http.files' insead of mod_http_files", get_calling_module());
return fileserver.serve(opts);
end
function wrap_route(routes)
module:log("debug", "%s should be updated to use 'net.http.files' insead of mod_http_files", get_calling_module());
for route,handler in pairs(routes) do
if type(handler) ~= "function" then
routes[route] = serve(handler);
routes[route] = fileserver.serve(handler);
end
end
return routes;
end
if base_path then
module:provides("http", {
route = {
["GET /*"] = serve {
path = base_path;
directory_index = directory_index;
}
};
});
else
module:log("debug", "http_files_dir not set, assuming use by some other module");
end
module:provides("http", {
route = {
["GET /*"] = fileserver.serve({
path = base_path;
directory_index = directory_index;
mime_map = mime_map;
cache_size = cache_size;
cache_max_file_size = cache_max_file_size;
index_files = dir_indices;
});
};
});

43
plugins/mod_limits.lua
View file

@ -32,7 +32,7 @@ local function parse_burst(burst, sess_type)
end
local n_burst = tonumber(burst);
if not n_burst then
module:log("error", "Unable to parse burst for %s: %q, using default burst interval (%ds)", sess_type, tostring(burst), default_burst);
module:log("error", "Unable to parse burst for %s: %q, using default burst interval (%ds)", sess_type, burst, default_burst);
end
return n_burst or default_burst;
end
@ -51,18 +51,18 @@ end
local default_filter_set = {};
function default_filter_set.bytes_in(bytes, session)
local sess_throttle = session.throttle;
if sess_throttle then
local ok, balance, outstanding = sess_throttle:poll(#bytes, true);
local sess_throttle = session.throttle;
if sess_throttle then
local ok, balance, outstanding = sess_throttle:poll(#bytes, true);
if not ok then
session.log("debug", "Session over rate limit (%d) with %d (by %d), pausing", sess_throttle.max, #bytes, outstanding);
session.log("debug", "Session over rate limit (%d) with %d (by %d), pausing", sess_throttle.max, #bytes, outstanding);
outstanding = ceil(outstanding);
session.conn:pause(); -- Read no more data from the connection until there is no outstanding data
local outstanding_data = bytes:sub(-outstanding);
bytes = bytes:sub(1, #bytes-outstanding);
timer.add_task(limits_resolution, function ()
if not session.conn then return; end
if sess_throttle:peek(#outstanding_data) then
if sess_throttle:peek(#outstanding_data) then
session.log("debug", "Resuming paused session");
session.conn:resume();
end
@ -84,8 +84,13 @@ local function filter_hook(session)
local session_type = session.type:match("^[^_]+");
local filter_set, opts = type_filters[session_type], limits[session_type];
if opts then
session.throttle = throttle.create(opts.bytes_per_second * opts.burst_seconds, opts.burst_seconds);
filters.add_filter(session, "bytes/in", filter_set.bytes_in, 1000);
if session.conn and session.conn.setlimit then
session.conn:setlimit(opts.bytes_per_second);
-- Currently no burst support
else
session.throttle = throttle.create(opts.bytes_per_second * opts.burst_seconds, opts.burst_seconds);
filters.add_filter(session, "bytes/in", filter_set.bytes_in, 1000);
end
end
end
@ -96,3 +101,25 @@ end
function module.unload()
filters.remove_filter_hook(filter_hook);
end
function module.add_host(module)
local unlimited_jids = module:get_option_inherited_set("unlimited_jids", {});
if not unlimited_jids:empty() then
module:hook("authentication-success", function (event)
local session = event.session;
local session_type = session.type:match("^[^_]+");
local jid = session.username .. "@" .. session.host;
if unlimited_jids:contains(jid) then
if session.conn and session.conn.setlimit then
session.conn:setlimit(0);
-- Currently no burst support
else
local filter_set = type_filters[session_type];
filters.remove_filter(session, "bytes/in", filter_set.bytes_in);
session.throttle = nil;
end
end
end);
end
end

61
plugins/mod_mam/mod_mam.lua
View file

@ -40,6 +40,9 @@ local strip_tags = module:get_option_set("dont_archive_namespaces", { "http://ja
local archive_store = module:get_option_string("archive_store", "archive");
local archive = module:open_store(archive_store, "archive");
local cleanup_after = module:get_option_string("archive_expires_after", "1w");
local cleanup_interval = module:get_option_number("archive_cleanup_interval", 4 * 60 * 60);
local archive_item_limit = module:get_option_number("storage_archive_item_limit", archive.caps and archive.caps.quota or 1000);
if not archive.find then
error("mod_"..(archive._provided_by or archive.name and "storage_"..archive.name).." does not support archiving\n"
.."See https://prosody.im/doc/storage and https://prosody.im/doc/archiving for more information");
@ -117,10 +120,12 @@ module:hook("iq-set/self/"..xmlns_mam..":query", function(event)
qstart, qend = vstart, vend;
end
module:log("debug", "Archive query, id %s with %s from %s until %s",
tostring(qid), qwith or "anyone",
qstart and timestamp(qstart) or "the dawn of time",
qend and timestamp(qend) or "now");
module:log("debug", "Archive query by %s id=%s with=%s when=%s...%s",
origin.username,
qid or stanza.attr.id,
qwith or "*",
qstart and timestamp(qstart) or "",
qend and timestamp(qend) or "");
-- RSM stuff
local qset = rsm.get(query);
@ -128,6 +133,9 @@ module:hook("iq-set/self/"..xmlns_mam..":query", function(event)
local reverse = qset and qset.before or false;
local before, after = qset and qset.before, qset and qset.after;
if type(before) ~= "string" then before = nil; end
if qset then
module:log("debug", "Archive query id=%s rsm=%q", qid or stanza.attr.id, qset);
end
-- Load all the data!
local data, err = archive:find(origin.username, {
@ -140,7 +148,12 @@ module:hook("iq-set/self/"..xmlns_mam..":query", function(event)
});
if not data then
origin.send(st.error_reply(stanza, "cancel", "internal-server-error", err));
module:log("debug", "Archive query id=%s failed: %s", qid or stanza.attr.id, err);
if err == "item-not-found" then
origin.send(st.error_reply(stanza, "modify", "item-not-found"));
else
origin.send(st.error_reply(stanza, "cancel", "internal-server-error"));
end
return true;
end
local total = tonumber(err);
@ -189,13 +202,13 @@ module:hook("iq-set/self/"..xmlns_mam..":query", function(event)
first, last = last, first;
end
-- That's all folks!
module:log("debug", "Archive query %s completed", tostring(qid));
origin.send(st.reply(stanza)
:tag("fin", { xmlns = xmlns_mam, queryid = qid, complete = complete })
:add_child(rsm.generate {
first = first, last = last, count = total }));
-- That's all folks!
module:log("debug", "Archive query id=%s completed, %d items returned", qid or stanza.attr.id, complete and count or count - 1);
return true;
end);
@ -213,13 +226,13 @@ local function shall_store(user, who)
end
local prefs = get_prefs(user);
local rule = prefs[who];
module:log("debug", "%s's rule for %s is %s", user, who, tostring(rule));
module:log("debug", "%s's rule for %s is %s", user, who, rule);
if rule ~= nil then
return rule;
end
-- Below could be done by a metatable
local default = prefs[false];
module:log("debug", "%s's default rule is %s", user, tostring(default));
module:log("debug", "%s's default rule is %s", user, default);
if default == "roster" then
return has_in_roster(user, who);
end
@ -297,7 +310,28 @@ local function message_handler(event, c2s)
log("debug", "Archiving stanza: %s", stanza:top_tag());
-- And stash it
local ok = archive:append(store_user, nil, clone_for_storage, time_now(), with);
local time = time_now();
local ok, err = archive:append(store_user, nil, clone_for_storage, time, with);
if not ok and err == "quota-limit" then
if type(cleanup_after) == "number" then
module:log("debug", "User '%s' over quota, cleaning archive", store_user);
local cleaned = archive:delete(store_user, {
["end"] = (os.time() - cleanup_after);
});
if cleaned then
ok, err = archive:append(store_user, nil, clone_for_storage, time, with);
end
end
if not ok and (archive.caps and archive.caps.truncate) then
module:log("debug", "User '%s' over quota, truncating archive", store_user);
local truncated = archive:delete(store_user, {
truncate = archive_item_limit - 1;
});
if truncated then
ok, err = archive:append(store_user, nil, clone_for_storage, time, with);
end
end
end
if ok then
local clone_for_other_handlers = st.clone(stanza);
local id = ok;
@ -323,8 +357,6 @@ end
module:hook("pre-message/bare", strip_stanza_id_after_other_events, -1);
module:hook("pre-message/full", strip_stanza_id_after_other_events, -1);
local cleanup_after = module:get_option_string("archive_expires_after", "1w");
local cleanup_interval = module:get_option_number("archive_cleanup_interval", 4 * 60 * 60);
if cleanup_after ~= "never" then
local cleanup_storage = module:open_store("archive_cleanup");
local cleanup_map = module:open_store("archive_cleanup", "map");
@ -359,8 +391,10 @@ if cleanup_after ~= "never" then
last_date:set(username, date);
end
end
local cleanup_time = module:measure("cleanup", "times");
cleanup_runner = require "util.async".runner(function ()
local cleanup_done = cleanup_time();
local users = {};
local cut_off = datestamp(os.time() - cleanup_after);
for date in cleanup_storage:users() do
@ -388,6 +422,7 @@ if cleanup_after ~= "never" then
end
end
module:log("info", "Deleted %d expired messages for %d users", sum, num_users);
cleanup_done();
end);
cleanup_task = module:add_timer(1, function ()

85
plugins/mod_mimicking.lua Normal file
View file

@ -0,0 +1,85 @@
-- Prosody IM
-- Copyright (C) 2012 Florian Zeitz
-- Copyright (C) 2019 Kim Alvefur
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--
local encodings = require "util.encodings";
assert(encodings.confusable, "This module requires that Prosody be built with ICU");
local skeleton = encodings.confusable.skeleton;
local usage = require "util.prosodyctl".show_usage;
local usermanager = require "core.usermanager";
local storagemanager = require "core.storagemanager";
local skeletons
function module.load()
if module.host ~= "*" then
skeletons = module:open_store("skeletons");
end
end
module:hook("user-registered", function(user)
local skel = skeleton(user.username);
local ok, err = skeletons:set(skel, { username = user.username });
if not ok then
module:log("error", "Unable to store mimicry data (%q => %q): %s", user.username, skel, err);
end
end);
module:hook("user-deleted", function(user)
local skel = skeleton(user.username);
local ok, err = skeletons:set(skel, nil);
if not ok and err then
module:log("error", "Unable to clear mimicry data (%q): %s", skel, err);
end
end);
module:hook("user-registering", function(user)
local existing, err = skeletons:get(skeleton(user.username));
if existing then
module:log("debug", "Attempt to register username '%s' which could be confused with '%s'", user.username, existing.username);
user.allowed = false;
elseif err then
module:log("error", "Unable to check if new username '%s' can be confused with any existing user: %s", err);
end
end);
function module.command(arg)
if (arg[1] ~= "bootstrap" or not arg[2]) then
usage("mod_mimicking bootstrap <host>", "Initialize username mimicry database");
return;
end
local host = arg[2];
local host_session = prosody.hosts[host];
if not host_session then
return "No such host";
end
storagemanager.initialize_host(host);
usermanager.initialize_host(host);
skeletons = storagemanager.open(host, "skeletons");
local count = 0;
for user in usermanager.users(host) do
local skel = skeleton(user);
local existing, err = skeletons:get(skel);
if existing and existing.username ~= user then
module:log("warn", "Existing usernames '%s' and '%s' are confusable", existing.username, user);
elseif err then
module:log("error", "Error checking for existing mimicry data (%q = %q): %s", user, skel, err);
end
local ok, err = skeletons:set(skel, { username = user });
if ok then
count = count + 1;
elseif err then
module:log("error", "Unable to store mimicry data (%q => %q): %s", user, skel, err);
end
end
module:log("info", "%d usernames indexed", count);
end

76
plugins/mod_muc_mam.lua
View file

@ -4,7 +4,7 @@
-- This file is MIT/X11 licensed.
if module:get_host_type() ~= "component" then
module:log("error", "mod_%s should be loaded only on a MUC component, not normal hosts", module.name);
module:log_status("error", "mod_%s should be loaded only on a MUC component, not normal hosts", module.name);
return;
end
@ -21,6 +21,7 @@ local jid_bare = require "util.jid".bare;
local jid_split = require "util.jid".split;
local jid_prep = require "util.jid".prep;
local dataform = require "util.dataforms".new;
local get_form_type = require "util.dataforms".get_type;
local mod_muc = module:depends"muc";
local get_room_from_jid = mod_muc.get_room_from_jid;
@ -32,6 +33,9 @@ local m_min = math.min;
local timestamp, timestamp_parse, datestamp = import( "util.datetime", "datetime", "parse", "date");
local default_max_items, max_max_items = 20, module:get_option_number("max_archive_query_results", 50);
local cleanup_after = module:get_option_string("muc_log_expires_after", "1w");
local cleanup_interval = module:get_option_number("muc_log_cleanup_interval", 4 * 60 * 60);
local default_history_length = 20;
local max_history_length = module:get_option_number("max_history_messages", math.huge);
@ -49,6 +53,8 @@ local log_by_default = module:get_option_boolean("muc_log_by_default", true);
local archive_store = "muc_log";
local archive = module:open_store(archive_store, "archive");
local archive_item_limit = module:get_option_number("storage_archive_item_limit", archive.caps and archive.caps.quota or 1000);
if archive.name == "null" or not archive.find then
if not archive.find then
module:log("error", "Attempt to open archive storage returned a driver without archive API support");
@ -63,12 +69,15 @@ end
local function archiving_enabled(room)
if log_all_rooms then
module:log("debug", "Archiving all rooms");
return true;
end
local enabled = room._data.archiving;
if enabled == nil then
module:log("debug", "Default is %s (for %s)", log_by_default, room.jid);
return log_by_default;
end
module:log("debug", "Logging in room %s is %s", room.jid, enabled);
return enabled;
end
@ -135,7 +144,11 @@ module:hook("iq-set/bare/"..xmlns_mam..":query", function(event)
local qstart, qend;
local form = query:get_child("x", "jabber:x:data");
if form then
local err;
local form_type, err = get_form_type(form);
if form_type ~= xmlns_mam then
origin.send(st.error_reply(stanza, "modify", "bad-request", "Unexpected FORM_TYPE, expected '"..xmlns_mam.."'"));
return true;
end
form, err = query_form:data(form);
if err then
origin.send(st.error_reply(stanza, "modify", "bad-request", select(2, next(err))));
@ -153,10 +166,11 @@ module:hook("iq-set/bare/"..xmlns_mam..":query", function(event)
qstart, qend = vstart, vend;
end
module:log("debug", "Archive query id %s from %s until %s)",
tostring(qid),
qstart and timestamp(qstart) or "the dawn of time",
qend and timestamp(qend) or "now");
module:log("debug", "Archive query by %s id=%s when=%s...%s",
origin.username,
qid or stanza.attr.id,
qstart and timestamp(qstart) or "",
qend and timestamp(qend) or "");
-- RSM stuff
local qset = rsm.get(query);
@ -165,6 +179,9 @@ module:hook("iq-set/bare/"..xmlns_mam..":query", function(event)
local before, after = qset and qset.before, qset and qset.after;
if type(before) ~= "string" then before = nil; end
if qset then
module:log("debug", "Archive query id=%s rsm=%q", qid or stanza.attr.id, qset);
end
-- Load all the data!
local data, err = archive:find(room_node, {
@ -176,7 +193,12 @@ module:hook("iq-set/bare/"..xmlns_mam..":query", function(event)
});
if not data then
origin.send(st.error_reply(stanza, "cancel", "internal-server-error"));
module:log("debug", "Archive query id=%s failed: %s", qid or stanza.attr.id, err);
if err == "item-not-found" then
origin.send(st.error_reply(stanza, "modify", "item-not-found"));
else
origin.send(st.error_reply(stanza, "cancel", "internal-server-error"));
end
return true;
end
local total = tonumber(err);
@ -233,13 +255,14 @@ module:hook("iq-set/bare/"..xmlns_mam..":query", function(event)
first, last = last, first;
end
-- That's all folks!
module:log("debug", "Archive query %s completed", tostring(qid));
origin.send(st.reply(stanza)
:tag("fin", { xmlns = xmlns_mam, queryid = qid, complete = complete })
:add_child(rsm.generate {
first = first, last = last, count = total }));
-- That's all folks!
module:log("debug", "Archive query id=%s completed, %d items returned", qid or stanza.attr.id, complete and count or count - 1);
return true;
end);
@ -274,7 +297,7 @@ module:hook("muc-get-history", function (event)
local data, err = archive:find(jid_split(room_jid), query);
if not data then
module:log("error", "Could not fetch history: %s", tostring(err));
module:log("error", "Could not fetch history: %s", err);
return
end
@ -300,7 +323,7 @@ module:hook("muc-get-history", function (event)
maxchars = maxchars - chars;
end
history[i], i = item, i+1;
-- module:log("debug", tostring(item));
-- module:log("debug", item);
end
function event.next_stanza()
i = i - 1;
@ -352,7 +375,29 @@ local function save_to_history(self, stanza)
end
-- And stash it
local id = archive:append(room_node, nil, stored_stanza, time_now(), with);
local time = time_now();
local id, err = archive:append(room_node, nil, stored_stanza, time, with);
if not id and err == "quota-limit" then
if type(cleanup_after) == "number" then
module:log("debug", "Room '%s' over quota, cleaning archive", room_node);
local cleaned = archive:delete(room_node, {
["end"] = (os.time() - cleanup_after);
});
if cleaned then
id, err = archive:append(room_node, nil, stored_stanza, time, with);
end
end
if not id and (archive.caps and archive.caps.truncate) then
module:log("debug", "User '%s' over quota, truncating archive", room_node);
local truncated = archive:delete(room_node, {
truncate = archive_item_limit - 1;
});
if truncated then
id, err = archive:append(room_node, nil, stored_stanza, time, with);
end
end
end
if id then
schedule_cleanup(room_node);
@ -389,14 +434,13 @@ end
module:add_feature(xmlns_mam);
module:hook("muc-disco#info", function(event)
event.reply:tag("feature", {var=xmlns_mam}):up();
if archiving_enabled(event.room) then
event.reply:tag("feature", {var=xmlns_mam}):up();
end
end);
-- Cleanup
local cleanup_after = module:get_option_string("muc_log_expires_after", "1w");
local cleanup_interval = module:get_option_number("muc_log_cleanup_interval", 4 * 60 * 60);
if cleanup_after ~= "never" then
local cleanup_storage = module:open_store("muc_log_cleanup");
local cleanup_map = module:open_store("muc_log_cleanup", "map");

12
plugins/mod_offline.lua
View file

@ -24,11 +24,16 @@ module:hook("message/offline/handle", function(event)
node = origin.username;
end
return offline_messages:append(node, nil, stanza, os.time(), "");
local ok = offline_messages:append(node, nil, stanza, os.time(), "");
if ok then
module:log("debug", "Saved to offline storage: %s", stanza:top_tag());
end
return ok;
end, -1);
module:hook("message/offline/broadcast", function(event)
local origin = event.origin;
origin.log("debug", "Broadcasting offline messages");
local node, host = origin.username, origin.host;
@ -38,6 +43,9 @@ module:hook("message/offline/broadcast", function(event)
stanza:tag("delay", {xmlns = "urn:xmpp:delay", from = host, stamp = datetime.datetime(when)}):up(); -- XEP-0203
origin.send(stanza);
end
offline_messages:delete(node);
local ok = offline_messages:delete(node);
if type(ok) == "number" and ok > 0 then
origin.log("debug", "%d offline messages consumed");
end
return true;
end, -1);

19
plugins/mod_pep.lua
View file

@ -8,6 +8,7 @@ local calculate_hash = require "util.caps".calculate_hash;
local is_contact_subscribed = require "core.rostermanager".is_contact_subscribed;
local cache = require "util.cache";
local set = require "util.set";
local new_id = require "util.id".medium;
local storagemanager = require "core.storagemanager";
local xmlns_pubsub = "http://jabber.org/protocol/pubsub";
@ -138,9 +139,6 @@ local function get_broadcaster(username)
if kind == "retract" then
kind = "items"; -- XEP-0060 signals retraction in an <items> container
end
local message = st.message({ from = user_bare, type = "headline" })
:tag("event", { xmlns = xmlns_pubsub_event })
:tag(kind, { node = node });
if item then
item = st.clone(item);
item.attr.xmlns = nil; -- Clear the pubsub namespace
@ -149,10 +147,19 @@ local function get_broadcaster(username)
item:maptags(function () return nil; end);
end
end
end
local id = new_id();
local message = st.message({ from = user_bare, type = "headline", id = id })
:tag("event", { xmlns = xmlns_pubsub_event })
:tag(kind, { node = node });
if item then
message:add_child(item);
end
for jid in pairs(jids) do
module:log("debug", "Sending notification to %s from %s: %s", jid, user_bare, tostring(item));
module:log("debug", "Sending notification to %s from %s for node %s", jid, user_bare, node);
message.attr.to = jid;
module:send(message);
end
@ -176,12 +183,12 @@ local function on_node_creation(event)
end
function get_pep_service(username)
module:log("debug", "get_pep_service(%q)", username);
local user_bare = jid_join(username, host);
local service = services[username];
if service then
return service;
end
module:log("debug", "Creating pubsub service for user %q", username);
service = pubsub.new({
pep_username = username;
node_defaults = {
@ -252,8 +259,6 @@ end
module:hook("iq/bare/"..xmlns_pubsub..":pubsub", handle_pubsub_iq);
module:hook("iq/bare/"..xmlns_pubsub_owner..":pubsub", handle_pubsub_iq);
module:add_identity("pubsub", "pep", module:get_option_string("name", "Prosody"));
module:add_feature("http://jabber.org/protocol/pubsub#publish");
local function get_caps_hash_from_presence(stanza, current)
local t = stanza.attr.type;

5
plugins/mod_pep_simple.lua
View file

@ -14,6 +14,7 @@ local is_contact_subscribed = require "core.rostermanager".is_contact_subscribed
local pairs = pairs;
local next = next;
local type = type;
local unpack = table.unpack or unpack; -- luacheck: ignore 113
local calculate_hash = require "util.caps".calculate_hash;
local core_post_stanza = prosody.core_post_stanza;
local bare_sessions = prosody.bare_sessions;
@ -229,13 +230,13 @@ module:hook("iq/bare/http://jabber.org/protocol/pubsub:pubsub", function(event)
return true;
else --invalid request
session.send(st.error_reply(stanza, 'modify', 'bad-request'));
module:log("debug", "Invalid request: %s", tostring(payload));
module:log("debug", "Invalid request: %s", payload);
return true;
end
else --no presence subscription
session.send(st.error_reply(stanza, 'auth', 'not-authorized')
:tag('presence-subscription-required', {xmlns='http://jabber.org/protocol/pubsub#errors'}));
module:log("debug", "Unauthorized request: %s", tostring(payload));
module:log("debug", "Unauthorized request: %s", payload);
return true;
end
end

15
plugins/mod_ping.lua
View file

@ -16,18 +16,3 @@ end
module:hook("iq-get/bare/urn:xmpp:ping:ping", ping_handler);
module:hook("iq-get/host/urn:xmpp:ping:ping", ping_handler);
-- Ad-hoc command
local datetime = require "util.datetime".datetime;
function ping_command_handler (self, data, state) -- luacheck: ignore 212
local now = datetime();
return { info = "Pong\n"..now, status = "completed" };
end
module:depends "adhoc";
local adhoc_new = module:require "adhoc".new;
local descriptor = adhoc_new("Ping", "ping", ping_command_handler);
module:provides("adhoc", descriptor);

14
plugins/mod_posix.lua
View file

@ -20,7 +20,6 @@ if not have_signal then
module:log("warn", "Couldn't load signal library, won't respond to SIGTERM");
end
local format = require "util.format".format;
local lfs = require "lfs";
local stat = lfs.attributes;
@ -113,19 +112,6 @@ local function write_pidfile()
end
end
local syslog_opened;
function syslog_sink_maker(config) -- luacheck: ignore 212/config
if not syslog_opened then
pposix.syslog_open("prosody", module:get_option_string("syslog_facility"));
syslog_opened = true;
end
local syslog = pposix.syslog_log;
return function (name, level, message, ...)
syslog(level, name, format(message, ...));
end;
end
require "core.loggingmanager".register_sink_type("syslog", syslog_sink_maker);
local daemonize = module:get_option("daemonize", prosody.installed);
local function remove_log_sinks()

12
plugins/mod_presence.lua
View file

@ -81,8 +81,14 @@ function handle_normal_presence(origin, stanza)
res.presence.attr.to = nil;
end
end
for jid in pairs(roster[false].pending) do -- resend incoming subscription requests
origin.send(st.presence({type="subscribe", from=jid})); -- TODO add to attribute? Use original?
for jid, pending_request in pairs(roster[false].pending) do -- resend incoming subscription requests
if type(pending_request) == "table" then
local subscribe = st.deserialize(pending_request);
subscribe.attr.type, subscribe.attr.from = "subscribe", jid;
origin.send(subscribe);
else
origin.send(st.presence({type="subscribe", from=jid}));
end
end
local request = st.presence({type="subscribe", from=origin.username.."@"..origin.host});
for jid, item in pairs(roster) do -- resend outgoing subscription requests
@ -226,7 +232,7 @@ function handle_inbound_presence_subscriptions_and_probes(origin, stanza, from_b
else
core_post_stanza(hosts[host], st.presence({from=to_bare, to=from_bare, type="unavailable"}), true); -- acknowledging receipt
if not rostermanager.is_contact_pending_in(node, host, from_bare) then
if rostermanager.set_contact_pending_in(node, host, from_bare) then
if rostermanager.set_contact_pending_in(node, host, from_bare, stanza) then
sessionmanager.send_to_available_resources(node, host, stanza);
end -- TODO else return error, unable to save
end

2
plugins/mod_proxy65.lua
View file

@ -117,7 +117,7 @@ function module.add_host(module)
if jid_compare(jid, acl) then allow = true; break; end
end
if allow then break; end
module:log("warn", "Denying use of proxy for %s", tostring(stanza.attr.from));
module:log("warn", "Denying use of proxy for %s", stanza.attr.from);
origin.send(st.error_reply(stanza, "auth", "forbidden"));
return true;
end

9
plugins/mod_pubsub/mod_pubsub.lua
View file

@ -75,14 +75,13 @@ function simple_broadcast(kind, node, jids, item, actor, node_obj)
local msg_type = node_obj and node_obj.config.message_type or "headline";
local message = st.message({ from = module.host, type = msg_type, id = id })
:tag("event", { xmlns = xmlns_pubsub_event })
:tag(kind, { node = node })
:tag(kind, { node = node });
if item then
message:add_child(item);
end
local summary;
-- Compose a sensible textual representation of at least Atom payloads
if item and item.tags[1] then
local payload = item.tags[1];
summary = module:fire_event("pubsub-summary/"..payload.attr.xmlns, {
@ -101,11 +100,12 @@ function simple_broadcast(kind, node, jids, item, actor, node_obj)
end
local max_max_items = module:get_option_number("pubsub_max_items", 256);
function check_node_config(node, actor, new_config) -- luacheck: ignore 212/actor 212/node
function check_node_config(node, actor, new_config) -- luacheck: ignore 212/node 212/actor
if (new_config["max_items"] or 1) > max_max_items then
return false;
end
if new_config["access_model"] ~= "whitelist" and new_config["access_model"] ~= "open" then
if new_config["access_model"] ~= "whitelist"
and new_config["access_model"] ~= "open" then
return false;
end
return true;
@ -115,6 +115,7 @@ function is_item_stanza(item)
return st.is_stanza(item) and item.attr.xmlns == xmlns_pubsub and item.name == "item";
end
-- Compose a textual representation of Atom payloads
module:hook("pubsub-summary/http://www.w3.org/2005/Atom", function (event)
local payload = event.payload;
local title = payload:get_child_text("title");

30
plugins/mod_pubsub/pubsub.lib.lua
View file

@ -7,6 +7,7 @@ local st = require "util.stanza";
local it = require "util.iterators";
local uuid_generate = require "util.uuid".generate;
local dataform = require"util.dataforms".new;
local errors = require "util.error";
local xmlns_pubsub = "http://jabber.org/protocol/pubsub";
local xmlns_pubsub_errors = "http://jabber.org/protocol/pubsub#errors";
@ -34,6 +35,9 @@ local pubsub_errors = {
};
local function pubsub_error_reply(stanza, error)
local e = pubsub_errors[error];
if not e and errors.is_err(error) then
e = { error.type, error.condition, error.text, error.pubsub_condition };
end
local reply = st.error_reply(stanza, t_unpack(e, 1, 3));
if e[4] then
reply:tag(e[4], { xmlns = xmlns_pubsub_errors }):up();
@ -185,6 +189,14 @@ local node_metadata_form = dataform {
type = "text-single";
name = "pubsub#type";
};
{
type = "text-single";
name = "pubsub#access_model";
};
{
type = "text-single";
name = "pubsub#publish_model";
};
};
local service_method_feature_map = {
@ -258,6 +270,8 @@ function _M.handle_disco_info_node(event, service)
["pubsub#title"] = node_obj.config.title;
["pubsub#description"] = node_obj.config.description;
["pubsub#type"] = node_obj.config.payload_type;
["pubsub#access_model"] = node_obj.config.access_model;
["pubsub#publish_model"] = node_obj.config.publish_model;
}, "result"));
end
end
@ -318,14 +332,9 @@ function handlers.get_items(origin, stanza, items, service)
for _, id in ipairs(results) do
data:add_child(results[id]);
end
local reply;
if data then
reply = st.reply(stanza)
:tag("pubsub", { xmlns = xmlns_pubsub })
:add_child(data);
else
reply = pubsub_error_reply(stanza, "item-not-found");
end
local reply = st.reply(stanza)
:tag("pubsub", { xmlns = xmlns_pubsub })
:add_child(data);
origin.send(reply);
return true;
end
@ -633,14 +642,13 @@ function handlers.set_retract(origin, stanza, retract, service)
end
function handlers.owner_set_purge(origin, stanza, purge, service)
local node, notify = purge.attr.node, purge.attr.notify;
notify = (notify == "1") or (notify == "true");
local node = purge.attr.node;
local reply;
if not node then
origin.send(pubsub_error_reply(stanza, "nodeid-required"));
return true;
end
local ok, ret = service:purge(node, stanza.attr.from, notify);
local ok, ret = service:purge(node, stanza.attr.from, true);
if ok then
reply = st.reply(stanza);
else

25
plugins/mod_register_ibr.lua
View file

@ -25,6 +25,7 @@ end);
local account_details = module:open_store("account_details");
local field_map = {
FORM_TYPE = { name = "FORM_TYPE", type = "hidden", value = "jabber:iq:register" };
username = { name = "username", type = "text-single", label = "Username", required = true };
password = { name = "password", type = "text-private", label = "Password", required = true };
nick = { name = "nick", type = "text-single", label = "Nickname" };
@ -50,6 +51,7 @@ local registration_form = dataform_new{
title = title;
instructions = instructions;
field_map.FORM_TYPE;
field_map.username;
field_map.password;
};
@ -153,7 +155,7 @@ module:hook("stanza/iq/jabber:iq:register:query", function(event)
return true;
end
local username, password = nodeprep(data.username), data.password;
local username, password = nodeprep(data.username, true), data.password;
data.username, data.password = nil, nil;
local host = module.host;
if not username or username == "" then
@ -166,7 +168,15 @@ module:hook("stanza/iq/jabber:iq:register:query", function(event)
module:fire_event("user-registering", user);
if not user.allowed then
log("debug", "Registration disallowed by module: %s", user.reason or "no reason given");
session.send(st.error_reply(stanza, "modify", "not-acceptable", user.reason));
local error_type, error_condition, reason;
local err = user.error;
if err then
error_type, error_condition, reason = err.type, err.condition, err.text;
else
-- COMPAT pre-util.error
error_type, error_condition, reason = user.error_type, user.error_condition, user.reason;
end
session.send(st.error_reply(stanza, error_type or "modify", error_condition or "not-acceptable", reason));
return true;
end
@ -176,14 +186,13 @@ module:hook("stanza/iq/jabber:iq:register:query", function(event)
return true;
end
-- TODO unable to write file, file may be locked, etc, what's the correct error?
local error_reply = st.error_reply(stanza, "wait", "internal-server-error", "Failed to write data to disk.");
if usermanager_create_user(username, password, host) then
local created, err = usermanager_create_user(username, password, host);
if created then
data.registered = os.time();
if not account_details:set(username, data) then
log("debug", "Could not store extra details");
usermanager_delete_user(username, host);
session.send(error_reply);
session.send(st.error_reply(stanza, "wait", "internal-server-error", "Failed to write data to disk."));
return true;
end
session.send(st.reply(stanza)); -- user created!
@ -192,8 +201,8 @@ module:hook("stanza/iq/jabber:iq:register:query", function(event)
username = username, host = host, source = "mod_register",
session = session });
else
log("debug", "Could not create user");
session.send(error_reply);
log("debug", "Could not create user", err);
session.send(st.error_reply(stanza, "cancel", "feature-not-implemented", err));
end
return true;
end);

31
plugins/mod_register_limits.lua
View file

@ -13,6 +13,7 @@ local ip_util = require "util.ip";
local new_ip = ip_util.new_ip;
local match_ip = ip_util.match;
local parse_cidr = ip_util.parse_cidr;
local errors = require "util.error";
local min_seconds_between_registrations = module:get_option_number("min_seconds_between_registrations");
local whitelist_only = module:get_option_boolean("whitelist_registration_only");
@ -54,6 +55,24 @@ local function ip_in_set(set, ip)
return false;
end
local err_registry = {
blacklisted = {
text = "Your IP address is blacklisted";
type = "auth";
condition = "forbidden";
};
not_whitelisted = {
text = "Your IP address is not whitelisted";
type = "auth";
condition = "forbidden";
};
throttled = {
reason = "Too many registrations from this IP address recently";
type = "wait";
condition = "policy-violation";
};
}
module:hook("user-registering", function (event)
local session = event.session;
local ip = event.ip or session and session.ip;
@ -63,16 +82,22 @@ module:hook("user-registering", function (event)
elseif ip_in_set(blacklisted_ips, ip) then
log("debug", "Registration disallowed by blacklist");
event.allowed = false;
event.reason = "Your IP address is blacklisted";
event.error = errors.new("blacklisted", err_registry, event);
elseif (whitelist_only and not ip_in_set(whitelisted_ips, ip)) then
log("debug", "Registration disallowed by whitelist");
event.allowed = false;
event.reason = "Your IP address is not whitelisted";
event.error = errors.new("not_whitelisted", err_registry, event);
elseif throttle_max and not ip_in_set(whitelisted_ips, ip) then
if not check_throttle(ip) then
log("debug", "Registrations over limit for ip %s", ip or "?");
event.allowed = false;
event.reason = "Too many registrations from this IP address recently";
event.error = errors.new("throttle", err_registry, event);
end
end
if event.error then
-- COMPAT pre-util.error
event.reason = event.error.text;
event.error_type = event.error.type;
event.error_condition = event.error.condition;
end
end);

133
plugins/mod_s2s/mod_s2s.lua
View file

@ -27,8 +27,9 @@ local s2s_destroy_session = require "core.s2smanager".destroy_session;
local uuid_gen = require "util.uuid".generate;
local fire_global_event = prosody.events.fire_event;
local runner = require "util.async".runner;
local s2sout = module:require("s2sout");
local connect = require "net.connect".connect;
local service = require "net.resolvers.service";
local errors = require "util.error";
local connect_timeout = module:get_option_number("s2s_timeout", 90);
local stream_close_timeout = module:get_option_number("s2s_close_timeout", 5);
@ -45,6 +46,8 @@ local sessions = module:shared("sessions");
local runner_callbacks = {};
local listener = {};
local log = module._log;
module:hook("stats-update", function ()
@ -77,15 +80,28 @@ local function bounce_sendq(session, reason)
(session.log or log)("error", "Attempting to close the dummy origin of s2s error replies, please report this! Traceback: %s", traceback());
end;
};
-- FIXME Allow for more specific error conditions
-- TODO use util.error ?
local error_type = "cancel";
local condition = "remote-server-not-found";
local reason_text;
if session.had_stream then -- set when a stream is opened by the remote
error_type, condition = "wait", "remote-server-timeout";
end
if errors.is_err(reason) then
error_type, condition, reason_text = reason.type, reason.condition, reason.text;
elseif type(reason) == "string" then
reason_text = reason;
end
for i, data in ipairs(sendq) do
local reply = data[2];
if reply and not(reply.attr.xmlns) and bouncy_stanzas[reply.name] then
reply.attr.type = "error";
reply:tag("error", {type = "cancel", by = session.from_host})
:tag("remote-server-not-found", {xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas"}):up();
if reason then
reply:tag("error", {type = error_type, by = session.from_host})
:tag(condition, {xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas"}):up();
if reason_text then
reply:tag("text", {xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas"})
:text("Server-to-server connection failed: "..reason):up();
:text("Server-to-server connection failed: "..reason_text):up();
end
core_process_stanza(dummy, reply);
end
@ -127,14 +143,9 @@ function route_to_existing_session(event)
elseif host.type == "local" or host.type == "component" then
log("error", "Trying to send a stanza to ourselves??")
log("error", "Traceback: %s", traceback());
log("error", "Stanza: %s", tostring(stanza));
log("error", "Stanza: %s", stanza);
return false;
else
-- FIXME
if host.from_host ~= from_host then
log("error", "WARNING! This might, possibly, be a bug, but it might not...");
log("error", "We are going to send from %s instead of %s", host.from_host, from_host);
end
if host.sends2s(stanza) then
return true;
end
@ -147,17 +158,13 @@ function route_to_new_session(event)
local from_host, to_host, stanza = event.from_host, event.to_host, event.stanza;
log("debug", "opening a new outgoing connection for this stanza");
local host_session = s2s_new_outgoing(from_host, to_host);
host_session.version = 1;
-- Store in buffer
host_session.bounce_sendq = bounce_sendq;
host_session.sendq = { {tostring(stanza), stanza.attr.type ~= "error" and stanza.attr.type ~= "result" and st.reply(stanza)} };
log("debug", "stanza [%s] queued until connection complete", tostring(stanza.name));
s2sout.initiate_connection(host_session);
if (not host_session.connecting) and (not host_session.conn) then
log("warn", "Connection to %s failed already, destroying session...", to_host);
s2s_destroy_session(host_session, "Connection failed");
return false;
end
log("debug", "stanza [%s] queued until connection complete", stanza.name);
connect(service.new(to_host, "xmpp-server", "tcp", { default_port = 5269 }), listener, nil, { session = host_session });
return true;
end
@ -184,7 +191,10 @@ function module.add_host(module)
return true;
elseif not session.dialback_verifying then
session.log("warn", "No SASL EXTERNAL offer and Dialback doesn't seem to be enabled, giving up");
session:close();
session:close({
condition = "unsupported-feature",
text = "No viable authentication method offered",
}, nil, "No viable authentication method offered by remote server");
return false;
end
end, -1);
@ -203,7 +213,18 @@ function mark_connected(session)
if session.type == "s2sout" then
fire_global_event("s2sout-established", event_data);
hosts[from].events.fire_event("s2sout-established", event_data);
if session.incoming then
session.send = function(stanza)
return hosts[from].events.fire_event("route/remote", { from_host = from, to_host = to, stanza = stanza });
end;
end
else
if session.outgoing and not hosts[to].s2sout[from] then
session.log("debug", "Setting up to handle route from %s to %s", to, from);
hosts[to].s2sout[from] = session; -- luacheck: ignore 122
end
local host_session = hosts[to];
session.send = function(stanza)
return host_session.events.fire_event("route/remote", { from_host = to, to_host = from, stanza = stanza });
@ -223,13 +244,6 @@ function mark_connected(session)
end
session.sendq = nil;
end
if session.resolver then
session.resolver._resolver:closeall()
end
session.resolver = nil;
session.ip_hosts = nil;
session.srv_hosts = nil;
end
end
@ -241,7 +255,7 @@ function make_authenticated(event)
condition = "policy-violation",
text = "Encrypted server-to-server communication is required but was not "
..((session.direction == "outgoing" and "offered") or "used")
});
}, nil, "Could not establish encrypted connection to remote server");
end
end
if hosts[host] then
@ -251,15 +265,13 @@ function make_authenticated(event)
session.type = "s2sout";
elseif session.type == "s2sin_unauthed" then
session.type = "s2sin";
if host then
if not session.hosts[host] then session.hosts[host] = {}; end
session.hosts[host].authed = true;
end
elseif session.type == "s2sin" and host then
elseif session.type ~= "s2sin" and session.type ~= "s2sout" then
return false;
end
if session.incoming and host then
if not session.hosts[host] then session.hosts[host] = {}; end
session.hosts[host].authed = true;
else
return false;
end
session.log("debug", "connection %s->%s is now authenticated for %s", session.from_host, session.to_host, host);
@ -301,6 +313,7 @@ end
function stream_callbacks._streamopened(session, attr)
session.version = tonumber(attr.version) or 0;
session.had_stream = true; -- Had a stream opened at least once
-- TODO: Rename session.secure to session.encrypted
if session.secure == false then
@ -314,7 +327,6 @@ function stream_callbacks._streamopened(session, attr)
session.compressed = info.compression;
else
(session.log or log)("info", "Stream encrypted");
session.compressed = sock.compression and sock:compression(); --COMPAT mw/luasec-hg
end
end
@ -322,7 +334,9 @@ function stream_callbacks._streamopened(session, attr)
-- Send a reply stream header
-- Validate to/from
local to, from = nameprep(attr.to), nameprep(attr.from);
local to, from = attr.to, attr.from;
if to then to = nameprep(attr.to); end
if from then from = nameprep(attr.from); end
if not to and attr.to then -- COMPAT: Some servers do not reliably set 'to' (especially on stream restarts)
session:close({ condition = "improper-addressing", text = "Invalid 'to' address" });
return;
@ -471,11 +485,9 @@ function stream_callbacks.error(session, error, data)
end
end
local listener = {};
--- Session methods
local stream_xmlns_attr = {xmlns='urn:ietf:params:xml:ns:xmpp-streams'};
local function session_close(session, reason, remote_reason)
local function session_close(session, reason, remote_reason, bounce_reason)
local log = session.log or log;
if session.conn then
if session.notopen then
@ -521,16 +533,16 @@ local function session_close(session, reason, remote_reason)
-- Authenticated incoming stream may still be sending us stanzas, so wait for </stream:stream> from remote
local conn = session.conn;
if reason == nil and not session.notopen and session.type == "s2sin" then
if reason == nil and not session.notopen and session.incoming then
add_task(stream_close_timeout, function ()
if not session.destroyed then
session.log("warn", "Failed to receive a stream close response, closing connection anyway...");
s2s_destroy_session(session, reason);
s2s_destroy_session(session, reason, bounce_reason);
conn:close();
end
end);
else
s2s_destroy_session(session, reason);
s2s_destroy_session(session, reason, bounce_reason);
conn:close(); -- Close immediately, as this is an outgoing connection or is not authed
end
end
@ -595,9 +607,8 @@ local function initialize_session(session)
if data then
local ok, err = stream:feed(data);
if ok then return; end
log("warn", "Received invalid XML: %s", data);
log("warn", "Problem was: %s", err);
session:close("not-well-formed");
log("debug", "Received invalid XML (%s) %d bytes: %q", err, #data, data:sub(1, 300));
session:close("not-well-formed", nil, "Received invalid XML from remote server");
end
end
@ -672,11 +683,16 @@ function listener.ondisconnect(conn, err)
local session = sessions[conn];
if session then
sessions[conn] = nil;
(session.log or log)("debug", "s2s disconnected: %s->%s (%s)", session.from_host, session.to_host, err or "connection closed");
s2s_destroy_session(session, err);
end
end
function listener.onfail(data, err)
local session = data and data.session;
if session then
if err and session.direction == "outgoing" and session.notopen then
(session.log or log)("debug", "s2s connection attempt failed: %s", err);
if s2sout.attempt_connection(session, err) then
return; -- Session lives for now
end
end
(session.log or log)("debug", "s2s disconnected: %s->%s (%s)", session.from_host, session.to_host, err or "connection closed");
s2s_destroy_session(session, err);
@ -700,6 +716,15 @@ function listener.ondetach(conn)
sessions[conn] = nil;
end
function listener.onattach(conn, data)
local session = data and data.session;
if session then
session.conn = conn;
sessions[conn] = session;
initialize_session(session);
end
end
function check_auth_policy(event)
local host, session = event.host, event.session;
local must_secure = secure_auth;
@ -713,9 +738,10 @@ function check_auth_policy(event)
if must_secure and (session.cert_chain_status ~= "valid" or session.cert_identity_status ~= "valid") then
module:log("warn", "Forbidding insecure connection to/from %s", host or session.ip or "(unknown host)");
if session.direction == "incoming" then
session:close({ condition = "not-authorized", text = "Your server's certificate is invalid, expired, or not trusted by "..session.to_host });
session:close({ condition = "not-authorized", text = "Your server's certificate is invalid, expired, or not trusted by "..session.to_host },
nil, "Remote server's certificate is invalid, expired, or not trusted");
else -- Close outgoing connections without warning
session:close(false);
session:close(false, nil, "Remote server's certificate is invalid, expired, or not trusted");
end
return false;
end
@ -723,8 +749,6 @@ end
module:hook("s2s-check-certificate", check_auth_policy, -1);
s2sout.set_listener(listener);
module:hook("server-stopping", function(event)
local reason = event.reason;
for _, session in pairs(sessions) do
@ -739,6 +763,9 @@ module:provides("net", {
listener = listener;
default_port = 5269;
encryption = "starttls";
ssl_config = { -- FIXME This is not used atm, see mod_tls
verify = { "peer", "client_once", };
};
multiplex = {
pattern = "^<.*:stream.*%sxmlns%s*=%s*(['\"])jabber:server%1.*>";
};

349
plugins/mod_s2s/s2sout.lib.lua
View file

@ -1,349 +0,0 @@
-- Prosody IM
-- Copyright (C) 2008-2010 Matthew Wild
-- Copyright (C) 2008-2010 Waqas Hussain
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--
--- Module containing all the logic for connecting to a remote server
-- luacheck: ignore 432/err
local portmanager = require "core.portmanager";
local wrapclient = require "net.server".wrapclient;
local initialize_filters = require "util.filters".initialize;
local idna_to_ascii = require "util.encodings".idna.to_ascii;
local new_ip = require "util.ip".new_ip;
local rfc6724_dest = require "util.rfc6724".destination;
local socket = require "socket";
local adns = require "net.adns";
local t_insert, t_sort, ipairs = table.insert, table.sort, ipairs;
local local_addresses = require "util.net".local_addresses;
local s2s_destroy_session = require "core.s2smanager".destroy_session;
local default_mode = module:get_option("network_default_read_size", 4096);
local log = module._log;
local sources = {};
local has_ipv4, has_ipv6;
local dns_timeout = module:get_option_number("dns_timeout", 15);
local resolvers = module:get_option_set("s2s_dns_resolvers")
local s2sout = {};
local s2s_listener;
function s2sout.set_listener(listener)
s2s_listener = listener;
end
local function compare_srv_priorities(a,b)
return a.priority < b.priority or (a.priority == b.priority and a.weight > b.weight);
end
function s2sout.initiate_connection(host_session)
local log = host_session.log or log;
initialize_filters(host_session);
host_session.version = 1;
host_session.resolver = adns.resolver();
host_session.resolver._resolver:settimeout(dns_timeout);
if resolvers then
for resolver in resolvers do
host_session.resolver._resolver:addnameserver(resolver);
end
end
-- Kick the connection attempting machine into life
if not s2sout.attempt_connection(host_session) then
-- Intentionally not returning here, the
-- session is needed, connected or not
s2s_destroy_session(host_session);
end
if not host_session.sends2s then
-- A sends2s which buffers data (until the stream is opened)
-- note that data in this buffer will be sent before the stream is authed
-- and will not be ack'd in any way, successful or otherwise
local buffer;
function host_session.sends2s(data)
if not buffer then
buffer = {};
host_session.send_buffer = buffer;
end
log("debug", "Buffering data on unconnected s2sout to %s", host_session.to_host);
buffer[#buffer+1] = data;
log("debug", "Buffered item %d: %s", #buffer, data);
end
end
end
function s2sout.attempt_connection(host_session, err)
local to_host = host_session.to_host;
local connect_host, connect_port = to_host and idna_to_ascii(to_host), 5269;
local log = host_session.log or log;
if not connect_host then
return false;
end
if not err then -- This is our first attempt
log("debug", "First attempt to connect to %s, starting with SRV lookup...", to_host);
host_session.connecting = true;
host_session.resolver:lookup(function (answer)
local srv_hosts = { answer = answer };
host_session.srv_hosts = srv_hosts;
host_session.srv_choice = 0;
host_session.connecting = nil;
if answer and #answer > 0 then
log("debug", "%s has SRV records, handling...", to_host);
for _, record in ipairs(answer) do
t_insert(srv_hosts, record.srv);
end
if #srv_hosts == 1 and srv_hosts[1].target == "." then
log("debug", "%s does not provide a XMPP service", to_host);
s2s_destroy_session(host_session, err); -- Nothing to see here
return;
end
t_sort(srv_hosts, compare_srv_priorities);
local srv_choice = srv_hosts[1];
host_session.srv_choice = 1;
if srv_choice then
connect_host, connect_port = srv_choice.target or to_host, srv_choice.port or connect_port;
log("debug", "Best record found, will connect to %s:%d", connect_host, connect_port);
end
else
log("debug", "%s has no SRV records, falling back to A/AAAA", to_host);
end
-- Try with SRV, or just the plain hostname if no SRV
local ok, err = s2sout.try_connect(host_session, connect_host, connect_port);
if not ok then
if not s2sout.attempt_connection(host_session, err) then
-- No more attempts will be made
s2s_destroy_session(host_session, err);
end
end
end, "_xmpp-server._tcp."..connect_host..".", "SRV");
return true; -- Attempt in progress
elseif host_session.ip_hosts then
return s2sout.try_connect(host_session, connect_host, connect_port, err);
elseif host_session.srv_hosts and #host_session.srv_hosts > host_session.srv_choice then -- Not our first attempt, and we also have SRV
host_session.srv_choice = host_session.srv_choice + 1;
local srv_choice = host_session.srv_hosts[host_session.srv_choice];
connect_host, connect_port = srv_choice.target or to_host, srv_choice.port or connect_port;
host_session.log("info", "Connection failed (%s). Attempt #%d: This time to %s:%d", err, host_session.srv_choice, connect_host, connect_port);
else
host_session.log("info", "Failed in all attempts to connect to %s", host_session.to_host);
-- We're out of options
return false;
end
if not (connect_host and connect_port) then
-- Likely we couldn't resolve DNS
log("warn", "Hmm, we're without a host (%s) and port (%s) to connect to for %s, giving up :(", connect_host, connect_port, to_host);
return false;
end
return s2sout.try_connect(host_session, connect_host, connect_port);
end
function s2sout.try_next_ip(host_session)
host_session.connecting = nil;
host_session.ip_choice = host_session.ip_choice + 1;
local ip = host_session.ip_hosts[host_session.ip_choice];
local ok, err= s2sout.make_connect(host_session, ip.ip, ip.port);
if not ok then
if not s2sout.attempt_connection(host_session, err or "closed") then
err = err and (": "..err) or "";
s2s_destroy_session(host_session, "Connection failed"..err);
end
end
end
function s2sout.try_connect(host_session, connect_host, connect_port, err)
host_session.connecting = true;
local log = host_session.log or log;
if not err then
local IPs = {};
host_session.ip_hosts = IPs;
-- luacheck: ignore 231/handle4 231/handle6
local handle4, handle6;
local have_other_result = not(has_ipv4) or not(has_ipv6) or false;
if has_ipv4 then
handle4 = host_session.resolver:lookup(function (reply, err)
handle4 = nil;
if reply and reply[#reply] and reply[#reply].a then
for _, ip in ipairs(reply) do
log("debug", "DNS reply for %s gives us %s", connect_host, ip.a);
IPs[#IPs+1] = new_ip(ip.a, "IPv4");
end
elseif err then
log("debug", "Error in DNS lookup: %s", err);
end
if have_other_result then
if #IPs > 0 then
rfc6724_dest(host_session.ip_hosts, sources);
for i = 1, #IPs do
IPs[i] = {ip = IPs[i], port = connect_port};
end
host_session.ip_choice = 0;
s2sout.try_next_ip(host_session);
else
log("debug", "DNS lookup failed to get a response for %s", connect_host);
host_session.ip_hosts = nil;
if not s2sout.attempt_connection(host_session, "name resolution failed") then -- Retry if we can
log("debug", "No other records to try for %s - destroying", host_session.to_host);
err = err and (": "..err) or "";
s2s_destroy_session(host_session, "DNS resolution failed"..err); -- End of the line, we can't
end
end
else
have_other_result = true;
end
end, connect_host, "A", "IN");
else
have_other_result = true;
end
if has_ipv6 then
handle6 = host_session.resolver:lookup(function (reply, err)
handle6 = nil;
if reply and reply[#reply] and reply[#reply].aaaa then
for _, ip in ipairs(reply) do
log("debug", "DNS reply for %s gives us %s", connect_host, ip.aaaa);
IPs[#IPs+1] = new_ip(ip.aaaa, "IPv6");
end
elseif err then
log("debug", "Error in DNS lookup: %s", err);
end
if have_other_result then
if #IPs > 0 then
rfc6724_dest(host_session.ip_hosts, sources);
for i = 1, #IPs do
IPs[i] = {ip = IPs[i], port = connect_port};
end
host_session.ip_choice = 0;
s2sout.try_next_ip(host_session);
else
log("debug", "DNS lookup failed to get a response for %s", connect_host);
host_session.ip_hosts = nil;
if not s2sout.attempt_connection(host_session, "name resolution failed") then -- Retry if we can
log("debug", "No other records to try for %s - destroying", host_session.to_host);
err = err and (": "..err) or "";
s2s_destroy_session(host_session, "DNS resolution failed"..err); -- End of the line, we can't
end
end
else
have_other_result = true;
end
end, connect_host, "AAAA", "IN");
else
have_other_result = true;
end
return true;
elseif host_session.ip_hosts and #host_session.ip_hosts > host_session.ip_choice then -- Not our first attempt, and we also have IPs left to try
s2sout.try_next_ip(host_session);
else
log("debug", "Out of IP addresses, trying next SRV record (if any)");
host_session.ip_hosts = nil;
if not s2sout.attempt_connection(host_session, "out of IP addresses") then -- Retry if we can
log("debug", "No other records to try for %s - destroying", host_session.to_host);
err = err and (": "..err) or "";
s2s_destroy_session(host_session, "Connecting failed"..err); -- End of the line, we can't
return false;
end
end
return true;
end
function s2sout.make_connect(host_session, connect_host, connect_port)
local log = host_session.log or log;
log("debug", "Beginning new connection attempt to %s ([%s]:%d)", host_session.to_host, connect_host.addr, connect_port);
-- Reset secure flag in case this is another
-- connection attempt after a failed STARTTLS
host_session.secure = nil;
host_session.encrypted = nil;
local conn, handler;
local proto = connect_host.proto;
if proto == "IPv4" then
conn, handler = socket.tcp();
elseif proto == "IPv6" and socket.tcp6 then
conn, handler = socket.tcp6();
else
handler = "Unsupported protocol: "..tostring(proto);
end
if not conn then
log("warn", "Failed to create outgoing connection, system error: %s", handler);
return false, handler;
end
conn:settimeout(0);
local success, err = conn:connect(connect_host.addr, connect_port);
if not success and err ~= "timeout" then
log("warn", "s2s connect() to %s (%s:%d) failed: %s", host_session.to_host, connect_host.addr, connect_port, err);
return false, err;
end
conn = wrapclient(conn, connect_host.addr, connect_port, s2s_listener, default_mode);
host_session.conn = conn;
-- Register this outgoing connection so that xmppserver_listener knows about it
-- otherwise it will assume it is a new incoming connection
s2s_listener.register_outgoing(conn, host_session);
log("debug", "Connection attempt in progress...");
return true;
end
module:hook_global("service-added", function (event)
if event.name ~= "s2s" then return end
local s2s_sources = portmanager.get_active_services():get("s2s");
if not s2s_sources then
module:log("warn", "s2s not listening on any ports, outgoing connections may fail");
return;
end
for source, _ in pairs(s2s_sources) do
if source == "*" or source == "0.0.0.0" then
for _, addr in ipairs(local_addresses("ipv4", true)) do
sources[#sources + 1] = new_ip(addr, "IPv4");
end
elseif source == "::" then
for _, addr in ipairs(local_addresses("ipv6", true)) do
sources[#sources + 1] = new_ip(addr, "IPv6");
end
else
sources[#sources + 1] = new_ip(source, (source:find(":") and "IPv6") or "IPv4");
end
end
for i = 1,#sources do
if sources[i].proto == "IPv6" then
has_ipv6 = true;
elseif sources[i].proto == "IPv4" then
has_ipv4 = true;
end
end
if not (has_ipv4 or has_ipv6) then
module:log("warn", "No local IPv4 or IPv6 addresses detected, outgoing connections may fail");
end
end);
return s2sout;

3
plugins/mod_s2s_auth_certs.lua
View file

@ -17,9 +17,6 @@ module:hook("s2s-check-certificate", function(event)
local chain_valid, errors;
if conn.getpeerverification then
chain_valid, errors = conn:getpeerverification();
elseif conn.getpeerchainvalid then -- COMPAT mw/luasec-hg
chain_valid, errors = conn:getpeerchainvalid();
errors = (not chain_valid) and { { errors } } or nil;
else
chain_valid, errors = false, { { "Chain verification not supported by this version of LuaSec" } };
end

38
plugins/mod_s2s_bidi.lua Normal file
View file

@ -0,0 +1,38 @@
-- Prosody IM
-- Copyright (C) 2019 Kim Alvefur
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--
local st = require "util.stanza";
local xmlns_bidi_feature = "urn:xmpp:features:bidi"
local xmlns_bidi = "urn:xmpp:bidi";
module:hook("s2s-stream-features", function(event)
local origin, features = event.origin, event.features;
if origin.type == "s2sin_unauthed" then
features:tag("bidi", { xmlns = xmlns_bidi_feature }):up();
end
end);
module:hook_tag("http://etherx.jabber.org/streams", "features", function (session, stanza)
if session.type == "s2sout_unauthed" then
local bidi = stanza:get_child("bidi", xmlns_bidi_feature);
if bidi then
session.incoming = true;
session.log("debug", "Requesting bidirectional stream");
session.sends2s(st.stanza("bidi", { xmlns = xmlns_bidi }));
end
end
end, 200);
module:hook_tag("urn:xmpp:bidi", "bidi", function(session)
if session.type == "s2sin_unauthed" then
session.log("debug", "Requested bidirectional stream");
session.outgoing = true;
return true;
end
end);

65
plugins/mod_saslauth.lua
View file

@ -12,9 +12,9 @@ local st = require "util.stanza";
local sm_bind_resource = require "core.sessionmanager".bind_resource;
local sm_make_authenticated = require "core.sessionmanager".make_authenticated;
local base64 = require "util.encodings".base64;
local set = require "util.set";
local usermanager_get_sasl_handler = require "core.usermanager".get_sasl_handler;
local tostring = tostring;
local secure_auth_only = module:get_option_boolean("c2s_require_encryption", module:get_option_boolean("require_encryption", false));
local allow_unencrypted_plain_auth = module:get_option_boolean("allow_unencrypted_plain_auth", false)
@ -67,7 +67,6 @@ local function sasl_process_cdata(session, stanza)
local text = stanza[1];
if text then
text = base64.decode(text);
--log("debug", "AUTH: %s", text:gsub("[%z\001-\008\011\012\014-\031]", " "));
if not text then
session.sasl_handler = nil;
session.send(build_reply("failure", "incorrect-encoding"));
@ -77,7 +76,6 @@ local function sasl_process_cdata(session, stanza)
local status, ret, err_msg = session.sasl_handler:process(text);
status, ret, err_msg = handle_status(session, status, ret, err_msg);
local s = build_reply(status, ret, err_msg);
log("debug", "sasl reply: %s", tostring(s));
session.send(s);
return true;
end
@ -248,37 +246,72 @@ module:hook("stream-features", function(event)
local sasl_handler = usermanager_get_sasl_handler(module.host, origin)
origin.sasl_handler = sasl_handler;
if origin.encrypted then
-- check wether LuaSec has the nifty binding to the function needed for tls-unique
-- check whether LuaSec has the nifty binding to the function needed for tls-unique
-- FIXME: would be nice to have this check only once and not for every socket
if sasl_handler.add_cb_handler then
local socket = origin.conn:socket();
if socket.getpeerfinished then
log("debug", "Channel binding 'tls-unique' supported");
sasl_handler:add_cb_handler("tls-unique", tls_unique);
else
log("debug", "Channel binding 'tls-unique' not supported (by LuaSec?)");
end
sasl_handler["userdata"] = {
["tls-unique"] = socket;
};
else
log("debug", "Channel binding not supported by SASL handler");
end
end
local mechanisms = st.stanza("mechanisms", mechanisms_attr);
local sasl_mechanisms = sasl_handler:mechanisms()
local available_mechanisms = set.new();
for mechanism in pairs(sasl_mechanisms) do
if disabled_mechanisms:contains(mechanism) then
log("debug", "Not offering disabled mechanism %s", mechanism);
elseif not origin.secure and insecure_mechanisms:contains(mechanism) then
log("debug", "Not offering mechanism %s on insecure connection", mechanism);
else
log("debug", "Offering mechanism %s", mechanism);
available_mechanisms:add(mechanism);
end
log("debug", "SASL mechanisms supported by handler: %s", available_mechanisms);
local usable_mechanisms = available_mechanisms - disabled_mechanisms;
local available_disabled = set.intersection(available_mechanisms, disabled_mechanisms);
if not available_disabled:empty() then
log("debug", "Not offering disabled mechanisms: %s", available_disabled);
end
local available_insecure = set.intersection(available_mechanisms, insecure_mechanisms);
if not origin.secure and not available_insecure:empty() then
log("debug", "Session is not secure, not offering insecure mechanisms: %s", available_insecure);
usable_mechanisms = usable_mechanisms - insecure_mechanisms;
end
if not usable_mechanisms:empty() then
log("debug", "Offering usable mechanisms: %s", usable_mechanisms);
for mechanism in available_mechanisms do
mechanisms:tag("mechanism"):text(mechanism):up();
end
end
if mechanisms[1] then
features:add_child(mechanisms);
elseif not next(sasl_mechanisms) then
log("warn", "No available SASL mechanisms, verify that the configured authentication module is working");
else
log("warn", "All available authentication mechanisms are either disabled or not suitable for an insecure connection");
return;
end
local authmod = module:get_option_string("authentication", "internal_plain");
if available_mechanisms:empty() then
log("warn", "No available SASL mechanisms, verify that the configured authentication module '%s' is loaded and configured correctly", authmod);
return;
end
if not origin.secure and not available_insecure:empty() then
if not available_disabled:empty() then
log("warn", "All SASL mechanisms provided by authentication module '%s' are forbidden on insecure connections (%s) or disabled (%s)",
authmod, available_insecure, available_disabled);
else
log("warn", "All SASL mechanisms provided by authentication module '%s' are forbidden on insecure connections (%s)",
authmod, available_insecure);
end
elseif not available_disabled:empty() then
log("warn", "All SASL mechanisms provided by authentication module '%s' are disabled (%s)",
authmod, available_disabled);
end
else
features:tag("bind", bind_attr):tag("required"):up():up();
features:tag("session", xmpp_session_attr):tag("optional"):up():up();

5
plugins/mod_stanza_debug.lua
View file

@ -1,18 +1,17 @@
module:set_global();
local tostring = tostring;
local filters = require "util.filters";
local function log_send(t, session)
if t and t ~= "" and t ~= " " then
session.log("debug", "SEND: %s", tostring(t));
session.log("debug", "SEND: %s", t);
end
return t;
end
local function log_recv(t, session)
if t and t ~= "" and t ~= " " then
session.log("debug", "RECV: %s", tostring(t));
session.log("debug", "RECV: %s", t);
end
return t;
end

101
plugins/mod_storage_internal.lua
View file

@ -1,12 +1,17 @@
local cache = require "util.cache";
local datamanager = require "core.storagemanager".olddm;
local array = require "util.array";
local datetime = require "util.datetime";
local st = require "util.stanza";
local now = require "util.time".now;
local id = require "util.id".medium;
local jid_join = require "util.jid".join;
local host = module.host;
local archive_item_limit = module:get_option_number("storage_archive_item_limit", 10000);
local archive_item_count_cache = cache.new(module:get_option("storage_archive_item_limit_cache_size", 1000));
local driver = {};
function driver:open(store, typ)
@ -43,6 +48,12 @@ end
local archive = {};
driver.archive = { __index = archive };
archive.caps = {
total = true;
quota = archive_item_limit;
truncate = true;
};
function archive:append(username, key, value, when, with)
when = when or now();
if not st.is_stanza(value) then
@ -54,28 +65,57 @@ function archive:append(username, key, value, when, with)
value.attr.stamp = datetime.datetime(when);
value.attr.stamp_legacy = datetime.legacy(when);
local cache_key = jid_join(username, host, self.store);
local item_count = archive_item_count_cache:get(cache_key);
if key then
local items, err = datamanager.list_load(username, host, self.store);
if not items and err then return items, err; end
-- Check the quota
item_count = items and #items or 0;
archive_item_count_cache:set(cache_key, item_count);
if item_count >= archive_item_limit then
module:log("debug", "%s reached or over quota, not adding to store", username);
return nil, "quota-limit";
end
if items then
-- Filter out any item with the same key as the one being added
items = array(items);
items:filter(function (item)
return item.key ~= key;
end);
value.key = key;
items:push(value);
local ok, err = datamanager.list_store(username, host, self.store, items);
if not ok then return ok, err; end
archive_item_count_cache:set(cache_key, #items);
return key;
end
else
if not item_count then -- Item count not cached?
-- We need to load the list to get the number of items currently stored
local items, err = datamanager.list_load(username, host, self.store);
if not items and err then return items, err; end
item_count = items and #items or 0;
archive_item_count_cache:set(cache_key, item_count);
end
if item_count >= archive_item_limit then
module:log("debug", "%s reached or over quota, not adding to store", username);
return nil, "quota-limit";
end
key = id();
end
module:log("debug", "%s has %d items out of %d limit in store %s", username, item_count, archive_item_limit, self.store);
value.key = key;
local ok, err = datamanager.list_append(username, host, self.store, value);
if not ok then return ok, err; end
archive_item_count_cache:set(cache_key, item_count+1);
return key;
end
@ -84,11 +124,17 @@ function archive:find(username, query)
if not items then
if err then
return items, err;
else
return function () end, 0;
elseif query then
if query.before or query.after then
return nil, "item-not-found";
end
if query.total then
return function () end, 0;
end
end
return function () end;
end
local count = #items;
local count = nil;
local i = 0;
if query then
items = array(items);
@ -112,24 +158,36 @@ function archive:find(username, query)
return item.when <= query["end"];
end);
end
count = #items;
if query.total then
count = #items;
end
if query.reverse then
items:reverse();
if query.before then
for j = 1, count do
local found = false;
for j = 1, #items do
if (items[j].key or tostring(j)) == query.before then
found = true;
i = j;
break;
end
end
if not found then
return nil, "item-not-found";
end
end
elseif query.after then
for j = 1, count do
local found = false;
for j = 1, #items do
if (items[j].key or tostring(j)) == query.after then
found = true;
i = j;
break;
end
end
if not found then
return nil, "item-not-found";
end
end
if query.limit and #items - i > query.limit then
items[i+query.limit+1] = nil;
@ -156,8 +214,37 @@ function archive:dates(username)
return array(items):pluck("when"):map(datetime.date):unique();
end
function archive:summary(username, query)
local iter, err = self:find(username, query)
if not iter then return iter, err; end
local counts = {};
local earliest = {};
local latest = {};
local body = {};
for _, stanza, when, with in iter do
counts[with] = (counts[with] or 0) + 1;
if earliest[with] == nil then
earliest[with] = when;
end
latest[with] = when;
body[with] = stanza:get_child_text("body") or body[with];
end
return {
counts = counts;
earliest = earliest;
latest = latest;
body = body;
};
end
function archive:users()
return datamanager.users(host, self.store, "list");
end
function archive:delete(username, query)
local cache_key = jid_join(username, host, self.store);
if not query or next(query) == nil then
archive_item_count_cache:set(cache_key, nil);
return datamanager.list_store(username, host, self.store, nil);
end
local items, err = datamanager.list_load(username, host, self.store);
@ -165,6 +252,7 @@ function archive:delete(username, query)
if err then
return items, err;
end
archive_item_count_cache:set(cache_key, 0);
-- Store is empty
return 0;
end
@ -214,6 +302,7 @@ function archive:delete(username, query)
end
local ok, err = datamanager.list_store(username, host, self.store, items);
if not ok then return ok, err; end
archive_item_count_cache:set(cache_key, #items);
return count;
end

60
plugins/mod_storage_memory.lua
View file

@ -8,6 +8,8 @@ local new_id = require "util.id".medium;
local auto_purge_enabled = module:get_option_boolean("storage_memory_temporary", false);
local auto_purge_stores = module:get_option_set("storage_memory_temporary_stores", {});
local archive_item_limit = module:get_option_number("storage_archive_item_limit", 1000);
local memory = setmetatable({}, {
__index = function(t, k)
local store = module:shared(k)
@ -51,6 +53,12 @@ archive_store.__index = archive_store;
archive_store.users = _users;
archive_store.caps = {
total = true;
quota = archive_item_limit;
truncate = true;
};
function archive_store:append(username, key, value, when, with)
if is_stanza(value) then
value = st.preserialize(value);
@ -70,6 +78,8 @@ function archive_store:append(username, key, value, when, with)
end
if a[key] then
table.remove(a, a[key]);
elseif #a >= archive_item_limit then
return nil, "quota-limit";
end
local i = #a+1;
a[i] = v;
@ -80,9 +90,17 @@ end
function archive_store:find(username, query)
local items = self.store[username or NULL];
if not items then
return function () end, 0;
if query then
if query.before or query.after then
return nil, "item-not-found";
end
if query.total then
return function () end, 0;
end
end
return function () end;
end
local count = #items;
local count = nil;
local i = 0;
if query then
items = array():append(items);
@ -106,24 +124,36 @@ function archive_store:find(username, query)
return item.when <= query["end"];
end);
end
count = #items;
if query.total then
count = #items;
end
if query.reverse then
items:reverse();
if query.before then
for j = 1, count do
local found = false;
for j = 1, #items do
if (items[j].key or tostring(j)) == query.before then
found = true;
i = j;
break;
end
end
if not found then
return nil, "item-not-found";
end
end
elseif query.after then
for j = 1, count do
local found = false;
for j = 1, #items do
if (items[j].key or tostring(j)) == query.after then
found = true;
i = j;
break;
end
end
if not found then
return nil, "item-not-found";
end
end
if query.limit and #items - i > query.limit then
items[i+query.limit+1] = nil;
@ -137,6 +167,26 @@ function archive_store:find(username, query)
end, count;
end
function archive_store:summary(username, query)
local iter, err = self:find(username, query)
if not iter then return iter, err; end
local counts = {};
local earliest = {};
local latest = {};
for _, _, when, with in iter do
counts[with] = (counts[with] or 0) + 1;
if earliest[with] == nil then
earliest[with] = when;
end
latest[with] = when;
end
return {
counts = counts;
earliest = earliest;
latest = latest;
};
end
function archive_store:delete(username, query)
if not query or next(query) == nil then

187
plugins/mod_storage_sql.lua
View file

@ -1,17 +1,19 @@
-- luacheck: ignore 212/self
local cache = require "util.cache";
local json = require "util.json";
local sql = require "util.sql";
local xml_parse = require "util.xml".parse;
local uuid = require "util.uuid";
local resolve_relative_path = require "util.paths".resolve_relative_path;
local jid_join = require "util.jid".join;
local is_stanza = require"util.stanza".is_stanza;
local t_concat = table.concat;
local noop = function() end
local unpack = table.unpack or unpack;
local unpack = table.unpack or unpack; -- luacheck: ignore 113
local function iterator(result)
return function(result_)
local row = result_();
@ -148,7 +150,10 @@ end
--- Archive store API
-- luacheck: ignore 512 431/user 431/store
local archive_item_limit = module:get_option_number("storage_archive_item_limit");
local archive_item_count_cache = cache.new(module:get_option("storage_archive_item_limit_cache_size", 1000));
-- luacheck: ignore 512 431/user 431/store 431/err
local map_store = {};
map_store.__index = map_store;
map_store.remove = {};
@ -228,10 +233,41 @@ end
local archive_store = {}
archive_store.caps = {
total = true;
quota = archive_item_limit;
truncate = true;
};
archive_store.__index = archive_store
function archive_store:append(username, key, value, when, with)
local user,store = username,self.store;
local cache_key = jid_join(username, host, store);
local item_count = archive_item_count_cache:get(cache_key);
if not item_count then
local ok, ret = engine:transaction(function()
local count_sql = [[
SELECT COUNT(*) FROM "prosodyarchive"
WHERE "host"=? AND "user"=? AND "store"=?;
]];
local result = engine:select(count_sql, host, user, store);
if result then
for row in result do
item_count = row[1];
end
end
end);
if not ok or not item_count then
module:log("error", "Failed while checking quota for %s: %s", username, ret);
return nil, "Failure while checking quota";
end
archive_item_count_cache:set(cache_key, item_count);
end
if archive_item_limit then
module:log("debug", "%s has %d items out of %d limit", username, item_count, archive_item_limit);
if item_count >= archive_item_limit then
return nil, "quota-limit";
end
end
when = when or os.time();
with = with or "";
local ok, ret = engine:transaction(function()
@ -245,12 +281,16 @@ function archive_store:append(username, key, value, when, with)
VALUES (?,?,?,?,?,?,?,?);
]];
if key then
engine:delete(delete_sql, host, user or "", store, key);
local result, err = engine:delete(delete_sql, host, user or "", store, key);
if result then
item_count = item_count - result:affected();
end
else
key = uuid.generate();
end
local t, encoded_value = assert(serialize(value));
engine:insert(insert_sql, host, user or "", store, when, with, key, t, encoded_value);
archive_item_count_cache:set(cache_key, item_count+1);
return key;
end);
if not ok then return ok, ret; end
@ -287,45 +327,47 @@ local function archive_where(query, args, where)
end
end
local function archive_where_id_range(query, args, where)
local args_len = #args
-- Before or after specific item, exclusive
local id_lookup_sql = [[
SELECT "sort_id"
FROM "prosodyarchive"
WHERE "key" = ? AND "host" = ? AND "user" = ? AND "store" = ?
LIMIT 1;
]];
if query.after then -- keys better be unique!
where[#where+1] = [[
"sort_id" > COALESCE(
(
SELECT "sort_id"
FROM "prosodyarchive"
WHERE "key" = ? AND "host" = ? AND "user" = ? AND "store" = ?
LIMIT 1
), 0)
]];
args[args_len+1], args[args_len+2], args[args_len+3], args[args_len+4] = query.after, args[1], args[2], args[3];
args_len = args_len + 4
local after_id = nil;
for row in engine:select(id_lookup_sql, query.after, args[1], args[2], args[3]) do
after_id = row[1];
end
if not after_id then
return nil, "item-not-found";
end
where[#where+1] = '"sort_id" > ?';
args[#args+1] = after_id;
end
if query.before then
where[#where+1] = [[
"sort_id" < COALESCE(
(
SELECT "sort_id"
FROM "prosodyarchive"
WHERE "key" = ? AND "host" = ? AND "user" = ? AND "store" = ?
LIMIT 1
),
(
SELECT MAX("sort_id")+1
FROM "prosodyarchive"
)
)
]]
args[args_len+1], args[args_len+2], args[args_len+3], args[args_len+4] = query.before, args[1], args[2], args[3];
local before_id = nil;
for row in engine:select(id_lookup_sql, query.after, args[1], args[2], args[3]) do
before_id = row[1];
end
if not before_id then
return nil, "item-not-found";
end
where[#where+1] = '"sort_id" < ?';
args[#args+1] = before_id;
end
return true;
end
function archive_store:find(username, query)
query = query or {};
local user,store = username,self.store;
local total;
local ok, result = engine:transaction(function()
local cache_key = jid_join(username, host, self.store);
local total = archive_item_count_cache:get(cache_key);
if total ~= nil and query.limit == 0 and query.start == nil and query.with == nil and query["end"] == nil and query.key == nil then
return noop, total;
end
local ok, result, err = engine:transaction(function()
local sql_query = [[
SELECT "key", "type", "value", "when", "with"
FROM "prosodyarchive"
@ -346,11 +388,53 @@ function archive_store:find(username, query)
total = row[1];
end
end
if query.start == nil and query.with == nil and query["end"] == nil and query.key == nil then
archive_item_count_cache:set(cache_key, total);
end
if query.limit == 0 then -- Skip the real query
return noop, total;
end
end
local ok, err = archive_where_id_range(query, args, where);
if not ok then return ok, err; end
if query.limit then
args[#args+1] = query.limit;
end
sql_query = sql_query:format(t_concat(where, " AND "), query.reverse
and "DESC" or "ASC", query.limit and " LIMIT ?" or "");
return engine:select(sql_query, unpack(args));
end);
if not ok then return ok, result; end
if not result then return nil, err; end
return function()
local row = result();
if row ~= nil then
local value, err = deserialize(row[2], row[3]);
assert(value ~= nil, err);
return row[1], value, row[4], row[5];
end
end, total;
end
function archive_store:summary(username, query)
query = query or {};
local user,store = username,self.store;
local ok, result = engine:transaction(function()
local sql_query = [[
SELECT DISTINCT "with", COUNT(*), MIN("when"), MAX("when")
FROM "prosodyarchive"
WHERE %s
GROUP BY "with"
ORDER BY "sort_id" %s%s;
]];
local args = { host, user or "", store, };
local where = { "\"host\" = ?", "\"user\" = ?", "\"store\" = ?", };
archive_where(query, args, where);
archive_where_id_range(query, args, where);
if query.limit then
@ -362,14 +446,19 @@ function archive_store:find(username, query)
return engine:select(sql_query, unpack(args));
end);
if not ok then return ok, result end
return function()
local row = result();
if row ~= nil then
local value, err = deserialize(row[2], row[3]);
assert(value ~= nil, err);
return row[1], value, row[4], row[5];
end
end, total;
local counts = {};
local earliest, latest = {}, {};
for row in result do
local with, count = row[1], row[2];
counts[with] = count;
earliest[with] = row[3];
latest[with] = row[4];
end
return {
counts = counts;
earliest = earliest;
latest = latest;
};
end
function archive_store:delete(username, query)
@ -384,7 +473,8 @@ function archive_store:delete(username, query)
table.remove(where, 2);
end
archive_where(query, args, where);
archive_where_id_range(query, args, where);
local ok, err = archive_where_id_range(query, args, where);
if not ok then return ok, err; end
if query.truncate == nil then
sql_query = sql_query:format(t_concat(where, " AND "));
else
@ -423,9 +513,24 @@ function archive_store:delete(username, query)
end
return engine:delete(sql_query, unpack(args));
end);
local cache_key = jid_join(username, host, self.store);
archive_item_count_cache:set(cache_key, nil);
return ok and stmt:affected(), stmt;
end
function archive_store:users()
local ok, result = engine:transaction(function()
local select_sql = [[
SELECT DISTINCT "user"
FROM "prosodyarchive"
WHERE "host"=? AND "store"=?;
]];
return engine:select(select_sql, host, self.store);
end);
if not ok then error(result); end
return iterator(result);
end
local stores = {
keyval = keyval_store;
map = map_store;

28
plugins/mod_tls.lua
View file

@ -35,9 +35,10 @@ local host = hosts[module.host];
local ssl_ctx_c2s, ssl_ctx_s2sout, ssl_ctx_s2sin;
local ssl_cfg_c2s, ssl_cfg_s2sout, ssl_cfg_s2sin;
local err_c2s, err_s2sin, err_s2sout;
function module.load()
local NULL, err = {};
local NULL = {};
local modhost = module.host;
local parent = modhost:match("%.(.*)$");
@ -53,16 +54,20 @@ function module.load()
local host_s2s = rawgetopt(modhost, "s2s_ssl") or parent_s2s;
module:log("debug", "Creating context for c2s");
ssl_ctx_c2s, err, ssl_cfg_c2s = create_context(host.host, "server", host_c2s, host_ssl, global_c2s); -- for incoming client connections
if not ssl_ctx_c2s then module:log("error", "Error creating context for c2s: %s", err); end
local request_client_certs = { verify = { "peer", "client_once", }; };
module:log("debug", "Creating context for s2sout");
ssl_ctx_s2sout, err, ssl_cfg_s2sout = create_context(host.host, "client", host_s2s, host_ssl, global_s2s); -- for outgoing server connections
if not ssl_ctx_s2sout then module:log("error", "Error creating contexts for s2sout: %s", err); end
ssl_ctx_c2s, err_c2s, ssl_cfg_c2s = create_context(host.host, "server", host_c2s, host_ssl, global_c2s); -- for incoming client connections
if not ssl_ctx_c2s then module:log("error", "Error creating context for c2s: %s", err_c2s); end
module:log("debug", "Creating context for s2sin");
ssl_ctx_s2sin, err, ssl_cfg_s2sin = create_context(host.host, "server", host_s2s, host_ssl, global_s2s); -- for incoming server connections
if not ssl_ctx_s2sin then module:log("error", "Error creating contexts for s2sin: %s", err); end
-- for outgoing server connections
ssl_ctx_s2sout, err_s2sout, ssl_cfg_s2sout = create_context(host.host, "client", host_s2s, host_ssl, global_s2s, request_client_certs);
if not ssl_ctx_s2sout then module:log("error", "Error creating contexts for s2sout: %s", err_s2sout); end
-- for incoming server connections
ssl_ctx_s2sin, err_s2sin, ssl_cfg_s2sin = create_context(host.host, "server", host_s2s, host_ssl, global_s2s, request_client_certs);
if not ssl_ctx_s2sin then module:log("error", "Error creating contexts for s2sin: %s", err_s2sin); end
end
module:hook_global("config-reloaded", module.load);
@ -77,12 +82,21 @@ local function can_do_tls(session)
return session.ssl_ctx;
end
if session.type == "c2s_unauthed" then
if not ssl_ctx_c2s and c2s_require_encryption then
session.log("error", "No TLS context available for c2s. Earlier error was: %s", err_c2s);
end
session.ssl_ctx = ssl_ctx_c2s;
session.ssl_cfg = ssl_cfg_c2s;
elseif session.type == "s2sin_unauthed" and allow_s2s_tls then
if not ssl_ctx_s2sin and s2s_require_encryption then
session.log("error", "No TLS context available for s2sin. Earlier error was: %s", err_s2sin);
end
session.ssl_ctx = ssl_ctx_s2sin;
session.ssl_cfg = ssl_cfg_s2sin;
elseif session.direction == "outgoing" and allow_s2s_tls then
if not ssl_ctx_s2sout and s2s_require_encryption then
session.log("error", "No TLS context available for s2sout. Earlier error was: %s", err_s2sout);
end
session.ssl_ctx = ssl_ctx_s2sout;
session.ssl_cfg = ssl_cfg_s2sout;
else

3
plugins/mod_user_account_management.lua
View file

@ -53,9 +53,10 @@ local function handle_registration_stanza(event)
log("info", "User removed their account: %s@%s", username, host);
module:fire_event("user-deregistered", { username = username, host = host, source = "mod_register", session = session });
else
local username = nodeprep(query:get_child_text("username"));
local username = query:get_child_text("username");
local password = query:get_child_text("password");
if username and password then
username = nodeprep(username);
if username == session.username then
if usermanager_set_password(username, password, session.host, session.resource) then
session.send(st.reply(stanza));

21
plugins/mod_vcard_legacy.lua
View file

@ -105,6 +105,23 @@ module:hook("iq-get/bare/vcard-temp:vCard", function (event)
vcard_temp:tag("WORK"):up();
end
vcard_temp:up();
elseif tag.name == "impp" then
local uri = tag:get_child_text("uri");
if uri and uri:sub(1, 5) == "xmpp:" then
vcard_temp:text_tag("JABBERID", uri:sub(6))
end
elseif tag.name == "org" then
vcard_temp:tag("ORG")
:text_tag("ORGNAME", tag:get_child_text("text"))
:up();
end
end
else
local ok, _, nick_item = pep_service:get_last_item("http://jabber.org/protocol/nick", stanza.attr.from);
if ok and nick_item then
local nickname = nick_item:get_child_text("nick", "http://jabber.org/protocol/nick");
if nickname then
vcard_temp:text_tag("NICKNAME", nickname);
end
end
end
@ -216,6 +233,10 @@ function vcard_to_pep(vcard_temp)
vcard4:text_tag("text", "work");
end
vcard4:up():up():up();
elseif tag.name == "JABBERID" then
vcard4:tag("impp")
:text_tag("uri", "xmpp:" .. tag:get_text())
:up();
elseif tag.name == "PHOTO" then
local avatar_type = tag:get_child_text("TYPE");
local avatar_payload = tag:get_child_text("BINVAL");

46
plugins/mod_websocket.lua
View file

@ -29,18 +29,10 @@ local t_concat = table.concat;
local stream_close_timeout = module:get_option_number("c2s_close_timeout", 5);
local consider_websocket_secure = module:get_option_boolean("consider_websocket_secure");
local cross_domain = module:get_option_set("cross_domain_websocket", {});
if cross_domain:contains("*") or cross_domain:contains(true) then
cross_domain = true;
local cross_domain = module:get_option("cross_domain_websocket");
if cross_domain ~= nil then
module:log("info", "The 'cross_domain_websocket' option has been deprecated");
end
local function check_origin(origin)
if cross_domain == true then
return true;
end
return cross_domain:contains(origin);
end
local xmlns_framing = "urn:ietf:params:xml:ns:xmpp-framing";
local xmlns_streams = "http://etherx.jabber.org/streams";
local xmlns_client = "jabber:client";
@ -88,7 +80,7 @@ local function session_close(session, reason)
stream_error = reason;
end
end
log("debug", "Disconnecting client, <stream:error> is: %s", tostring(stream_error));
log("debug", "Disconnecting client, <stream:error> is: %s", stream_error);
session.send(stream_error);
end
@ -144,7 +136,7 @@ function handle_request(event)
conn.starttls = false; -- Prevent mod_tls from believing starttls can be done
if not request.headers.sec_websocket_key then
if not request.headers.sec_websocket_key or request.method ~= "GET" then
response.headers.content_type = "text/html";
return [[<!DOCTYPE html><html><head><title>Websocket</title></head><body>
<p>It works! Now point your WebSocket client to this URL to connect to Prosody.</p>
@ -158,11 +150,6 @@ function handle_request(event)
return 501;
end
if not check_origin(request.headers.origin or "") then
module:log("debug", "Origin %s is not allowed by 'cross_domain_websocket' [ %s ]", request.headers.origin or "(missing header)", cross_domain);
return 403;
end
local function websocket_close(code, message)
conn:write(build_close(code, message));
conn:close();
@ -330,27 +317,4 @@ module:provides("http", {
function module.add_host(module)
module:hook("c2s-read-timeout", keepalive, -0.9);
if cross_domain ~= true then
local url = require "socket.url";
local ws_url = module:http_url("websocket", "xmpp-websocket");
local url_components = url.parse(ws_url);
-- The 'Origin' consists of the base URL without path
url_components.path = nil;
local this_origin = url.build(url_components);
local local_cross_domain = module:get_option_set("cross_domain_websocket", { this_origin });
if local_cross_domain:contains(true) then
module:log("error", "cross_domain_websocket = true only works in the global section");
return;
end
-- Don't add / remove something added by another host
-- This might be weird with random load order
local_cross_domain:exclude(cross_domain);
cross_domain:include(local_cross_domain);
module:log("debug", "cross_domain = %s", tostring(cross_domain));
function module.unload()
cross_domain:exclude(local_cross_domain);
end
end
end

6
plugins/muc/history.lib.lua
View file

@ -48,16 +48,18 @@ module:hook("muc-config-form", function(event)
table.insert(event.form, {
name = "muc#roomconfig_historylength";
type = "text-single";
datatype = "xs:integer";
label = "Maximum number of history messages returned by room";
desc = "Specify the maximum number of previous messages that should be sent to users when they join the room";
value = tostring(get_historylength(event.room));
value = get_historylength(event.room);
});
table.insert(event.form, {
name = 'muc#roomconfig_defaulthistorymessages',
type = 'text-single',
datatype = "xs:integer";
label = 'Default number of history messages returned by room',
desc = "Specify the number of previous messages sent to new users when they join the room";
value = tostring(get_defaulthistorymessages(event.room))
value = get_defaulthistorymessages(event.room);
});
end, 70-5);

1
plugins/muc/language.lib.lua
View file

@ -32,6 +32,7 @@ local function add_form_option(event)
label = "Language tag for room (e.g. 'en', 'de', 'fr' etc.)";
type = "text-single";
desc = "Indicate the primary language spoken in this room";
datatype = "xs:language";
value = get_language(event.room) or "";
});
end

17
plugins/muc/mod_muc.lua
View file

@ -86,7 +86,14 @@ room_mt.get_registered_nick = register.get_registered_nick;
room_mt.get_registered_jid = register.get_registered_jid;
room_mt.handle_register_iq = register.handle_register_iq;
local presence_broadcast = module:require "muc/presence_broadcast";
room_mt.get_presence_broadcast = presence_broadcast.get;
room_mt.set_presence_broadcast = presence_broadcast.set;
room_mt.get_valid_broadcast_roles = presence_broadcast.get_valid_broadcast_roles;
local jid_split = require "util.jid".split;
local jid_prep = require "util.jid".prep;
local jid_bare = require "util.jid".bare;
local st = require "util.stanza";
local cache = require "util.cache";
@ -263,9 +270,13 @@ local function set_room_defaults(room, lang)
room:set_changesubject(module:get_option_boolean("muc_room_default_change_subject", room:get_changesubject()));
room:set_historylength(module:get_option_number("muc_room_default_history_length", room:get_historylength()));
room:set_language(lang or module:get_option_string("muc_room_default_language"));
room:set_presence_broadcast(module:get_option("muc_room_default_presence_broadcast", room:get_presence_broadcast()));
end
function create_room(room_jid, config)
if jid_bare(room_jid) ~= room_jid or not jid_prep(room_jid, true) then
return nil, "invalid-jid";
end
local exists = get_room_from_jid(room_jid);
if exists then
return nil, "room-exists";
@ -453,7 +464,11 @@ for event_name, method in pairs {
if room == nil then
-- Watch presence to create rooms
if stanza.attr.type == nil and stanza.name == "presence" then
if not jid_prep(room_jid, true) then
origin.send(st.error_reply(stanza, "modify", "jid-malformed"));
return true;
end
if stanza.attr.type == nil and stanza.name == "presence" and stanza:get_child("x", "http://jabber.org/protocol/muc") then
room = muclib.new_room(room_jid);
return room:handle_first_presence(origin, stanza);
elseif stanza.attr.type ~= "error" then

139
plugins/muc/muc.lib.lua
View file

@ -23,6 +23,7 @@ local resourceprep = require "util.encodings".stringprep.resourceprep;
local st = require "util.stanza";
local base64 = require "util.encodings".base64;
local md5 = require "util.hashes".md5;
local new_id = require "util.id".medium;
local log = module._log;
@ -39,7 +40,7 @@ function room_mt:__tostring()
end
function room_mt.save()
-- overriden by mod_muc.lua
-- overridden by mod_muc.lua
end
function room_mt:get_occupant_jid(real_jid)
@ -217,13 +218,13 @@ end
-- Broadcasts an occupant's presence to the whole room
-- Takes the x element that goes into the stanzas
function room_mt:publicise_occupant_status(occupant, x, nick, actor, reason)
function room_mt:publicise_occupant_status(occupant, x, nick, actor, reason, prev_role, force_unavailable)
local base_x = x.base or x;
-- Build real jid and (optionally) occupant jid template presences
local base_presence do
-- Try to use main jid's presence
local pr = occupant:get_presence();
if pr and (occupant.role ~= nil or pr.attr.type == "unavailable") then
if pr and (occupant.role ~= nil or pr.attr.type == "unavailable") and not force_unavailable then
base_presence = st.clone(pr);
else -- user is leaving but didn't send a leave presence. make one for them
base_presence = st.presence {from = occupant.nick; type = "unavailable";};
@ -279,7 +280,9 @@ function room_mt:publicise_occupant_status(occupant, x, nick, actor, reason)
self_p = st.clone(base_presence):add_child(self_x);
end
-- General populance
local broadcast_roles = self:get_presence_broadcast();
-- General populace
for occupant_nick, n_occupant in self:each_occupant() do
if occupant_nick ~= occupant.nick then
local pr;
@ -290,7 +293,13 @@ function room_mt:publicise_occupant_status(occupant, x, nick, actor, reason)
else
pr = get_anon_p();
end
self:route_to_occupant(n_occupant, pr);
if broadcast_roles[occupant.role or "none"] or force_unavailable then
self:route_to_occupant(n_occupant, pr);
elseif prev_role and broadcast_roles[prev_role] then
pr.attr.type = 'unavailable';
self:route_to_occupant(n_occupant, pr);
end
end
end
@ -314,6 +323,7 @@ function room_mt:send_occupant_list(to, filter)
local to_bare = jid_bare(to);
local is_anonymous = false;
local whois = self:get_whois();
local broadcast_roles = self:get_presence_broadcast();
if whois ~= "anyone" then
local affiliation = self:get_affiliation(to);
if affiliation ~= "admin" and affiliation ~= "owner" then
@ -330,7 +340,9 @@ function room_mt:send_occupant_list(to, filter)
local pres = st.clone(occupant:get_presence());
pres.attr.to = to;
pres:add_child(x);
self:route_stanza(pres);
if to_bare == occupant.bare_jid or broadcast_roles[occupant.role or "none"] then
self:route_stanza(pres);
end
end
end
end
@ -391,7 +403,11 @@ function room_mt:handle_kickable(origin, stanza) -- luacheck: ignore 212
end
self:publicise_occupant_status(new_occupant or occupant, x);
if is_last_session then
module:fire_event("muc-occupant-left", {room = self; nick = occupant.nick; occupant = occupant;});
module:fire_event("muc-occupant-left", {
room = self;
nick = occupant.nick;
occupant = occupant;
});
end
return true;
end
@ -428,14 +444,23 @@ module:hook("muc-occupant-pre-change", function(event)
end
end, 1);
function room_mt:handle_first_presence(origin, stanza)
if not stanza:get_child("x", "http://jabber.org/protocol/muc") then
module:log("debug", "Room creation without <x>, possibly desynced");
origin.send(st.error_reply(stanza, "cancel", "item-not-found"));
module:hook("muc-occupant-pre-join", function(event)
local nick = jid_resource(event.occupant.nick);
if not resourceprep(nick, true) then -- strict
event.origin.send(st.error_reply(event.stanza, "modify", "jid-malformed", "Nickname must pass strict validation"));
return true;
end
end, 2);
module:hook("muc-occupant-pre-change", function(event)
local nick = jid_resource(event.dest_occupant.nick);
if not resourceprep(nick, true) then -- strict
event.origin.send(st.error_reply(event.stanza, "modify", "jid-malformed", "Nickname must pass strict validation"));
return true;
end
end, 2);
function room_mt:handle_first_presence(origin, stanza)
local real_jid = stanza.attr.from;
local dest_jid = stanza.attr.to;
local bare_jid = jid_bare(real_jid);
@ -505,7 +530,7 @@ function room_mt:handle_normal_presence(origin, stanza)
if orig_occupant == nil and not muc_x and stanza.attr.type == nil then
module:log("debug", "Attempted join without <x>, possibly desynced");
origin.send(st.error_reply(stanza, "cancel", "item-not-found",
"You must join the room before sending presence updates"));
"You are not currently connected to this chat"));
return true;
end
@ -613,7 +638,7 @@ function room_mt:handle_normal_presence(origin, stanza)
x:tag("status", {code = "303";}):up();
x:tag("status", {code = "110";}):up();
self:route_stanza(generated_unavail:add_child(x));
dest_nick = nil; -- set dest_nick to nil; so general populance doesn't see it for whole orig_occupant
dest_nick = nil; -- set dest_nick to nil; so general populace doesn't see it for whole orig_occupant
end
end
@ -879,7 +904,11 @@ function room_mt:clear(x)
end
for occupant in pairs(occupants_updated) do
self:publicise_occupant_status(occupant, x);
module:fire_event("muc-occupant-left", { room = self; nick = occupant.nick; occupant = occupant;});
module:fire_event("muc-occupant-left", {
room = self;
nick = occupant.nick;
occupant = occupant;
});
end
end
@ -972,7 +1001,7 @@ function room_mt:handle_admin_query_get_command(origin, stanza)
local _aff_rank = valid_affiliations[_aff or "none"];
local _rol = item.attr.role;
if _aff and _aff_rank and not _rol then
-- You need to be at least an admin, and be requesting info about your affifiliation or lower
-- You need to be at least an admin, and be requesting info about your affiliation or lower
-- e.g. an admin can't ask for a list of owners
local affiliation_rank = valid_affiliations[affiliation or "none"];
if (affiliation_rank >= valid_affiliations.admin and affiliation_rank >= _aff_rank)
@ -1049,6 +1078,9 @@ end
function room_mt:handle_groupchat_to_room(origin, stanza)
local from = stanza.attr.from;
local occupant = self:get_occupant_by_real_jid(from);
if not stanza.attr.id then
stanza.attr.id = new_id()
end
if module:fire_event("muc-occupant-groupchat", {
room = self; origin = origin; stanza = stanza; from = from; occupant = occupant;
}) then return true; end
@ -1297,7 +1329,7 @@ function room_mt:set_affiliation(actor, jid, affiliation, reason, data)
-- Outcast can be by host.
is_host_only and affiliation == "outcast" and select(2, jid_split(occupant.bare_jid)) == host
) then
-- need to publcize in all cases; as affiliation in <item/> has changed.
-- need to publicize in all cases; as affiliation in <item/> has changed.
occupants_updated[occupant] = occupant.role;
if occupant.role ~= role and (
is_downgrade or
@ -1324,7 +1356,11 @@ function room_mt:set_affiliation(actor, jid, affiliation, reason, data)
for occupant, old_role in pairs(occupants_updated) do
self:publicise_occupant_status(occupant, x, nil, actor, reason);
if occupant.role == nil then
module:fire_event("muc-occupant-left", {room = self; nick = occupant.nick; occupant = occupant;});
module:fire_event("muc-occupant-left", {
room = self;
nick = occupant.nick;
occupant = occupant;
});
elseif is_semi_anonymous and
(old_role == "moderator" and occupant.role ~= "moderator") or
(old_role ~= "moderator" and occupant.role == "moderator") then -- Has gained or lost moderator status
@ -1376,6 +1412,42 @@ function room_mt:get_role(nick)
return occupant and occupant.role or nil;
end
function room_mt:may_set_role(actor, occupant, role)
local event = {
room = self,
actor = actor,
occupant = occupant,
role = role,
};
module:fire_event("muc-pre-set-role", event);
if event.allowed ~= nil then
return event.allowed, event.error, event.condition;
end
-- Can't do anything to other owners or admins
local occupant_affiliation = self:get_affiliation(occupant.bare_jid);
if occupant_affiliation == "owner" or occupant_affiliation == "admin" then
return nil, "cancel", "not-allowed";
end
-- If you are trying to give or take moderator role you need to be an owner or admin
if occupant.role == "moderator" or role == "moderator" then
local actor_affiliation = self:get_affiliation(actor);
if actor_affiliation ~= "owner" and actor_affiliation ~= "admin" then
return nil, "cancel", "not-allowed";
end
end
-- Need to be in the room and a moderator
local actor_occupant = self:get_occupant_by_real_jid(actor);
if not actor_occupant or actor_occupant.role ~= "moderator" then
return nil, "cancel", "not-allowed";
end
return true;
end
function room_mt:set_role(actor, occupant_jid, role, reason)
if not actor then return nil, "modify", "not-acceptable"; end
@ -1390,24 +1462,9 @@ function room_mt:set_role(actor, occupant_jid, role, reason)
if actor == true then
actor = nil -- So we can pass it safely to 'publicise_occupant_status' below
else
-- Can't do anything to other owners or admins
local occupant_affiliation = self:get_affiliation(occupant.bare_jid);
if occupant_affiliation == "owner" or occupant_affiliation == "admin" then
return nil, "cancel", "not-allowed";
end
-- If you are trying to give or take moderator role you need to be an owner or admin
if occupant.role == "moderator" or role == "moderator" then
local actor_affiliation = self:get_affiliation(actor);
if actor_affiliation ~= "owner" and actor_affiliation ~= "admin" then
return nil, "cancel", "not-allowed";
end
end
-- Need to be in the room and a moderator
local actor_occupant = self:get_occupant_by_real_jid(actor);
if not actor_occupant or actor_occupant.role ~= "moderator" then
return nil, "cancel", "not-allowed";
local allowed, err, condition = self:may_set_role(actor, occupant, role)
if not allowed then
return allowed, err, condition;
end
end
@ -1415,11 +1472,17 @@ function room_mt:set_role(actor, occupant_jid, role, reason)
if not role then
x:tag("status", {code = "307"}):up();
end
local prev_role = occupant.role;
occupant.role = role;
self:save_occupant(occupant);
self:publicise_occupant_status(occupant, x, nil, actor, reason);
self:publicise_occupant_status(occupant, x, nil, actor, reason, prev_role);
if role == nil then
module:fire_event("muc-occupant-left", {room = self; nick = occupant.nick; occupant = occupant;});
module:fire_event("muc-occupant-left", {
room = self;
nick = occupant.nick;
occupant = occupant;
});
end
return true;
end

87
plugins/muc/presence_broadcast.lib.lua Normal file
View file

@ -0,0 +1,87 @@
-- Prosody IM
-- Copyright (C) 2008-2010 Matthew Wild
-- Copyright (C) 2008-2010 Waqas Hussain
-- Copyright (C) 2014 Daurnimator
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--
local st = require "util.stanza";
local valid_roles = { "visitor", "participant", "moderator" };
local default_broadcast = {
none = true;
visitor = true;
participant = true;
moderator = true;
};
local function get_presence_broadcast(room)
return room._data.presence_broadcast or default_broadcast;
end
local function set_presence_broadcast(room, broadcast_roles)
broadcast_roles = broadcast_roles or default_broadcast;
-- Ensure that unavailable presence is always sent when role changes to none
broadcast_roles.none = true;
local changed = false;
local old_broadcast_roles = get_presence_broadcast(room);
for _, role in ipairs(valid_roles) do
if old_broadcast_roles[role] ~= broadcast_roles[role] then
changed = true;
end
end
if not changed then return false; end
room._data.presence_broadcast = broadcast_roles;
for _, occupant in room:each_occupant() do
local x = st.stanza("x", {xmlns = "http://jabber.org/protocol/muc#user";});
local role = occupant.role or "none";
if broadcast_roles[role] and not old_broadcast_roles[role] then
-- Presence broadcast is now enabled, so announce existing user
room:publicise_occupant_status(occupant, x);
elseif old_broadcast_roles[role] and not broadcast_roles[role] then
-- Presence broadcast is now disabled, so mark existing user as unavailable
room:publicise_occupant_status(occupant, x, nil, nil, nil, nil, true);
end
end
return true;
end
module:hook("muc-config-form", function(event)
local values = {};
for role, value in pairs(get_presence_broadcast(event.room)) do
if value then
values[#values + 1] = role;
end
end
table.insert(event.form, {
name = "muc#roomconfig_presencebroadcast";
type = "list-multi";
label = "Roles for which Presence is Broadcasted";
value = values;
options = valid_roles;
});
end, 70-7);
module:hook("muc-config-submitted/muc#roomconfig_presencebroadcast", function(event)
local broadcast_roles = {};
for _, role in ipairs(event.value) do
broadcast_roles[role] = true;
end
if set_presence_broadcast(event.room, broadcast_roles) then
event.status_codes["104"] = true;
end
end);
return {
get = get_presence_broadcast;
set = set_presence_broadcast;
};

19
plugins/muc/register.lib.lua
View file

@ -15,8 +15,7 @@ local function get_reserved_nicks(room)
end
module:log("debug", "Refreshing reserved nicks...");
local reserved_nicks = {};
for jid in room:each_affiliation() do
local data = room._affiliation_data[jid];
for jid, _, data in room:each_affiliation() do
local nick = data and data.reserved_nickname;
module:log("debug", "Refreshed for %s: %s", jid, nick);
if nick then
@ -54,7 +53,7 @@ end);
local registration_form = dataforms.new {
{ name = "FORM_TYPE", type = "hidden", value = "http://jabber.org/protocol/muc#register" },
{ name = "muc#register_roomnick", type = "text-single", label = "Nickname"},
{ name = "muc#register_roomnick", type = "text-single", required = true, label = "Nickname"},
};
local function enforce_nick_policy(event)
@ -135,7 +134,19 @@ local function handle_register_iq(room, origin, stanza)
return true;
end
local form_tag = query:get_child("x", "jabber:x:data");
local reg_data = form_tag and registration_form:data(form_tag);
if not form_tag then
origin.send(st.error_reply(stanza, "modify", "bad-request", "Missing dataform"));
return true;
end
local form_type, err = dataforms.get_type(form_tag);
if not form_type then
origin.send(st.error_reply(stanza, "modify", "bad-request", "Error with form: "..err));
return true;
elseif form_type ~= "http://jabber.org/protocol/muc#register" then
origin.send(st.error_reply(stanza, "modify", "bad-request", "Error in form"));
return true;
end
local reg_data = registration_form:data(form_tag);
if not reg_data then
origin.send(st.error_reply(stanza, "modify", "bad-request", "Error in form"));
return true;

6
plugins/muc/subject.lib.lua
View file

@ -94,6 +94,12 @@ module:hook("muc-occupant-groupchat", function(event)
local stanza = event.stanza;
local subject = stanza:get_child("subject");
if subject then
if stanza:get_child("body") or stanza:get_child("thread") then
-- Note: A message with a <subject/> and a <body/> or a <subject/> and
-- a <thread/> is a legitimate message, but it SHALL NOT be interpreted
-- as a subject change.
return;
end
local room = event.room;
local occupant = event.occupant;
-- Role check for subject changes

2
prosody
View file

@ -94,4 +94,6 @@ cleanup();
prosody.events.fire_event("server-stopped");
prosody.log("info", "Shutdown complete");
prosody.log("debug", "Shutdown reason was: %s", prosody.shutdown_reason or "not specified");
prosody.log("debug", "Exiting with status code: %d", prosody.shutdown_code or 0);
os.exit(prosody.shutdown_code);

6
prosody.cfg.lua.dist
View file

@ -32,6 +32,10 @@ admins = { }
-- will look for modules first. For community modules, see https://modules.prosody.im/
--plugin_paths = {}
-- Single directory for custom prosody plugins and/or Lua libraries installation
-- This path takes priority over plugin_paths, when prosody is searching for modules
--installer_plugin_path = ""
-- This is the list of modules Prosody will load on startup.
-- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too.
-- Documentation for bundled modules can be found at: https://prosody.im/doc/modules
@ -88,7 +92,7 @@ modules_disabled = {
-- "offline"; -- Store offline messages
-- "c2s"; -- Handle client connections
-- "s2s"; -- Handle server-to-server connections
-- "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
-- "posix"; -- POSIX functionality, sends server to background, etc.
}
-- Disable account creation by default, for security

56
prosodyctl
View file

@ -10,7 +10,6 @@
-- prosodyctl - command-line controller for Prosody XMPP server
-- Will be modified by configure script if run --
CFG_SOURCEDIR=CFG_SOURCEDIR or os.getenv("PROSODY_SRCDIR");
CFG_CONFIGDIR=CFG_CONFIGDIR or os.getenv("PROSODY_CFGDIR");
CFG_PLUGINDIR=CFG_PLUGINDIR or os.getenv("PROSODY_PLUGINDIR");
@ -77,13 +76,38 @@ local show_usage = prosodyctl.show_usage;
local show_yesno = prosodyctl.show_yesno;
local show_prompt = prosodyctl.show_prompt;
local read_password = prosodyctl.read_password;
local call_luarocks = prosodyctl.call_luarocks;
local jid_split = require "util.jid".prepped_split;
local prosodyctl_timeout = (configmanager.get("*", "prosodyctl_timeout") or 5) * 2;
-----------------------
local commands = {};
local command = arg[1];
local command = table.remove(arg, 1);
function commands.install(arg)
if arg[1] == "--help" then
show_usage([[install]], [[Installs a prosody/luarocks plugin]]);
return 1;
end
call_luarocks(arg[1], "install")
end
function commands.remove(arg)
if arg[1] == "--help" then
show_usage([[remove]], [[Removes a module installed in the working directory's plugins folder]]);
return 1;
end
call_luarocks(arg[1], "remove")
end
function commands.list(arg)
if arg[1] == "--help" then
show_usage([[list]], [[Shows installed rocks]]);
return 1;
end
call_luarocks(arg[1], "list")
end
function commands.adduser(arg)
if not arg[1] or arg[1] == "--help" then
@ -120,7 +144,7 @@ function commands.adduser(arg)
if ok then return 0; end
show_message(msg)
show_message(error_messages[msg])
return 1;
end
@ -222,7 +246,15 @@ function commands.start(arg)
end
--luacheck: ignore 411/ret
local ok, ret = prosodyctl.start(prosody.paths.source);
local lua;
do
local i = 0;
repeat
i = i - 1;
until arg[i-1] == nil
lua = arg[i];
end
local ok, ret = prosodyctl.start(prosody.paths.source, lua);
if ok then
local daemonize = configmanager.get("*", "daemonize");
if daemonize == nil then
@ -363,6 +395,13 @@ function commands.about(arg)
.."\n ";
end)));
print("");
local have_pposix, pposix = pcall(require, "util.pposix");
if have_pposix and pposix.uname then
print("# Operating system");
local uname, err = pposix.uname();
print(uname and uname.sysname .. " " .. uname.release or "Unknown POSIX", err or "");
print("");
end
print("# Lua environment");
print("Lua version: ", _G._VERSION);
print("");
@ -811,7 +850,7 @@ function commands.check(arg)
print("Checking config...");
local deprecated = set.new({
"bosh_ports", "disallow_s2s", "no_daemonize", "anonymous_login", "require_encryption",
"vcard_compatibility",
"vcard_compatibility", "cross_domain_bosh", "cross_domain_websocket"
});
local known_global_options = set.new({
"pidfile", "log", "plugin_paths", "prosody_user", "prosody_group", "daemonize",
@ -1313,8 +1352,6 @@ local command_runner = async.runner(function ()
end
end
table.remove(arg, 1);
local module = modulemanager.get_module("*", module_name);
if not module then
show_message("Failed to load module '"..module_name.."': Unknown error");
@ -1353,7 +1390,8 @@ local command_runner = async.runner(function ()
print("Where COMMAND may be one of:\n");
local hidden_commands = require "util.set".new{ "register", "unregister", "addplugin" };
local commands_order = { "adduser", "passwd", "deluser", "start", "stop", "restart", "reload", "about" };
local commands_order = { "install", "remove", "list", "adduser", "passwd", "deluser", "start", "stop", "restart", "reload",
"about" };
local done = {};
@ -1378,7 +1416,7 @@ local command_runner = async.runner(function ()
os.exit(0);
end
os.exit(commands[command]({ select(2, unpack(arg)) }));
os.exit(commands[command](arg));
end, watchers);
command_runner:run(true);

2
spec/core_storagemanager_spec.lua
View file

@ -1,4 +1,4 @@
local unpack = table.unpack or unpack;
local unpack = table.unpack or unpack; -- luacheck: ignore 113
local server = require "net.server_select";
package.loaded["net.server"] = server;

58
spec/scansion/keep_full_sub_req.scs Normal file
View file

@ -0,0 +1,58 @@
# server MUST keep a record of the complete presence stanza comprising the subscription request (#689)
[Client] Alice
jid: pars-a@localhost
password: password
[Client] Bob
jid: pars-b@localhost
password: password
[Client] Bob's phone
jid: pars-b@localhost/phone
password: password
---------
Alice connects
Alice sends:
<presence to="${Bob's JID}" type="subscribe">
<preauth xmlns="urn:xmpp:pars:0" token="1tMFqYDdKhfe2pwp" />
</presence>
Alice disconnects
Bob connects
Bob sends:
<presence/>
Bob receives:
<presence from="${Bob's full JID}"/>
Bob receives:
<presence from="${Alice's JID}" type="subscribe">
<preauth xmlns="urn:xmpp:pars:0" token="1tMFqYDdKhfe2pwp" />
</presence>
Bob disconnects
# Works if they reconnect too
Bob's phone connects
Bob's phone sends:
<presence/>
Bob's phone receives:
<presence from="${Bob's phone's full JID}"/>
Bob's phone receives:
<presence from="${Alice's JID}" type="subscribe">
<preauth xmlns="urn:xmpp:pars:0" token="1tMFqYDdKhfe2pwp" />
</presence>
Bob's phone disconnects

250
spec/scansion/muc_create_destroy.scs Normal file
View file

@ -0,0 +1,250 @@
# MUC creation, basic messages and destruction
[Client] Romeo
jid: romeo@localhost/mK0dD6Ha
password: password
[Client] Juliet
jid: juliet@localhost/lVwkim_k
password: password
-----
Romeo connects
Romeo sends:
<presence to="garden@conference.localhost/romeo">
<x xmlns="http://jabber.org/protocol/muc"/>
</presence>
Romeo receives:
<presence from="garden@conference.localhost/romeo">
<x xmlns="vcard-temp:x:update">
<photo/>
</x>
<x xmlns="http://jabber.org/protocol/muc#user">
<status code="201"/>
<item affiliation="owner" jid="${Romeo's full JID}" role="moderator"/>
<status code="110"/>
</x>
</presence>
Romeo receives:
<message from="garden@conference.localhost" type="groupchat">
<subject/>
</message>
Romeo sends:
<iq to="garden@conference.localhost" id="lx3" type="set">
<query xmlns="http://jabber.org/protocol/muc#owner">
<x type="submit" xmlns="jabber:x:data"/>
</query>
</iq>
Romeo receives:
<iq id="lx3" type="result" from="garden@conference.localhost"/>
Juliet connects
Romeo sends:
<message to="garden@conference.localhost" type="groupchat" id="rm1">
<body>Where are thou my Juliet?</body>
</message>
Romeo receives:
<message type="groupchat" from="garden@conference.localhost/romeo" id="rm1">
<body>Where are thou my Juliet?</body>
</message>
Juliet sends:
<presence to="garden@conference.localhost/juliet">
<x xmlns="http://jabber.org/protocol/muc"/>
</presence>
Juliet receives:
<presence from="garden@conference.localhost/romeo">
<x xmlns="vcard-temp:x:update">
<photo/>
</x>
<x xmlns="http://jabber.org/protocol/muc#user">
<item affiliation="owner" role="moderator"/>
</x>
</presence>
Juliet receives:
<presence from="garden@conference.localhost/juliet">
<x xmlns="vcard-temp:x:update">
<photo/>
</x>
<x xmlns="http://jabber.org/protocol/muc#user">
<item affiliation="none" jid="${Juliet's full JID}" role="participant"/>
<status code="110"/>
</x>
</presence>
Juliet receives:
<message from="garden@conference.localhost/romeo" id="rm1" type="groupchat">
<body>Where are thou my Juliet?</body>
<delay stamp="{scansion:any}" xmlns="urn:xmpp:delay" from="garden@conference.localhost"/>
<x stamp="{scansion:any}" xmlns="jabber:x:delay" from="garden@conference.localhost"/>
</message>
Juliet receives:
<message from="garden@conference.localhost" type="groupchat">
<subject/>
</message>
Romeo receives:
<presence from="garden@conference.localhost/juliet">
<x xmlns="vcard-temp:x:update">
<photo/>
</x>
<x xmlns="http://jabber.org/protocol/muc#user">
<item affiliation="none" jid="${Juliet's full JID}" role="participant"/>
</x>
</presence>
Juliet sends:
<message to="garden@conference.localhost" type="groupchat" id="jm1">
<body>/me jumps out from behind a tree</body>
</message>
Romeo receives:
<message type="groupchat" id="jm1" from="garden@conference.localhost/juliet">
<body>/me jumps out from behind a tree</body>
</message>
Juliet receives:
<message type="groupchat" id="jm1" from="garden@conference.localhost/juliet">
<body>/me jumps out from behind a tree</body>
</message>
Juliet sends:
<message to="garden@conference.localhost" type="groupchat" id="jm2">
<body>Here I am!</body>
</message>
Romeo receives:
<message type="groupchat" id="jm2" from="garden@conference.localhost/juliet">
<body>Here I am!</body>
</message>
Juliet receives:
<message type="groupchat" id="jm2" from="garden@conference.localhost/juliet">
<body>Here I am!</body>
</message>
Romeo sends:
<message to="garden@conference.localhost" type="groupchat" id="rm2">
<body>What is this place?</body>
</message>
Romeo receives:
<message type="groupchat" id="rm2" from="garden@conference.localhost/romeo">
<body>What is this place?</body>
</message>
Juliet receives:
<message type="groupchat" id="rm2" from="garden@conference.localhost/romeo">
<body>What is this place?</body>
</message>
Juliet sends:
<message to="garden@conference.localhost" type="groupchat" id="jm3">
<body>I think we&apos;re in a script!</body>
</message>
Romeo receives:
<message type="groupchat" id="jm3" from="garden@conference.localhost/juliet">
<body>I think we&apos;re in a script!</body>
</message>
Juliet receives:
<message type="groupchat" id="jm3" from="garden@conference.localhost/juliet">
<body>I think we&apos;re in a script!</body>
</message>
Romeo sends:
<message to="garden@conference.localhost" type="groupchat" id="rm3">
<body>Oh no! Does that mean our love is not real?!</body>
</message>
Romeo receives:
<message type="groupchat" id="rm3" from="garden@conference.localhost/romeo">
<body>Oh no! Does that mean our love is not real?!</body>
</message>
Juliet receives:
<message type="groupchat" id="rm3" from="garden@conference.localhost/romeo">
<body>Oh no! Does that mean our love is not real?!</body>
</message>
Juliet sends:
<message to="garden@conference.localhost" type="groupchat" id="jm4">
<body>I refuse to accept this! Let&apos;s burn this place to the ground!</body>
</message>
Romeo receives:
<message type="groupchat" id="jm4" from="garden@conference.localhost/juliet">
<body>I refuse to accept this! Let&apos;s burn this place to the ground!</body>
</message>
Juliet receives:
<message type="groupchat" id="jm4" from="garden@conference.localhost/juliet">
<body>I refuse to accept this! Let&apos;s burn this place to the ground!</body>
</message>
Romeo sends:
<message to="garden@conference.localhost" type="groupchat" id="rm4">
<body>Yes!</body>
</message>
Romeo receives:
<message type="groupchat" id="rm4" from="garden@conference.localhost/romeo">
<body>Yes!</body>
</message>
Juliet receives:
<message type="groupchat" id="rm4" from="garden@conference.localhost/romeo">
<body>Yes!</body>
</message>
Romeo sends:
<iq to="garden@conference.localhost" id="lx4" type="set">
<query xmlns="http://jabber.org/protocol/muc#owner">
<destroy>
<reason>We refuse to live in this fantasy!</reason>
</destroy>
</query>
</iq>
Juliet receives:
<presence from="garden@conference.localhost/juliet" type="unavailable">
<x xmlns="http://jabber.org/protocol/muc#user">
<destroy>
<reason>We refuse to live in this fantasy!</reason>
</destroy>
<item affiliation="none" jid="${Juliet's full JID}" role="none"/>
<status code="110"/>
</x>
</presence>
Romeo receives:
<presence from="garden@conference.localhost/romeo" type="unavailable">
<x xmlns="http://jabber.org/protocol/muc#user">
<destroy>
<reason>We refuse to live in this fantasy!</reason>
</destroy>
<item affiliation="owner" jid="${Romeo's full JID}" role="none"/>
<status code="110"/>
</x>
</presence>
Romeo receives:
<iq id="lx4" type="result" from="garden@conference.localhost"/>
Juliet disconnects
Romeo disconnects
# recording ended on 2019-08-31T13:45:32Z

8
spec/scansion/muc_register.scs
View file

@ -100,7 +100,9 @@ Juliet receives:
<field type='hidden' var='FORM_TYPE'>
<value>http://jabber.org/protocol/muc#register</value>
</field>
<field type='text-single' label='Nickname' var='muc#register_roomnick'/>
<field type='text-single' label='Nickname' var='muc#register_roomnick'>
<required/>
</field>
</x>
</query>
</iq>
@ -339,7 +341,9 @@ Romeo receives:
<field type='hidden' var='FORM_TYPE'>
<value>http://jabber.org/protocol/muc#register</value>
</field>
<field type='text-single' label='Nickname' var='muc#register_roomnick'/>
<field type='text-single' label='Nickname' var='muc#register_roomnick'>
<required/>
</field>
</x>
</query>
</iq>

129
spec/scansion/muc_subject_issue_667.scs Normal file
View file

@ -0,0 +1,129 @@
# #667 MUC message with subject and body SHALL NOT be interpreted as a subject change
[Client] Romeo
password: password
jid: romeo@localhost
-----
Romeo connects
# and creates a room
Romeo sends:
<presence to="issue667@conference.localhost/Romeo">
<x xmlns="http://jabber.org/protocol/muc"/>
</presence>
Romeo receives:
<presence from="issue667@conference.localhost/Romeo">
<x xmlns="http://jabber.org/protocol/muc#user">
<status code="201"/>
<item affiliation="owner" role="moderator" jid="${Romeo's full JID}"/>
<status code="110"/>
</x>
</presence>
# the default (empty) subject
Romeo receives:
<message type="groupchat" from="issue667@conference.localhost">
<subject/>
</message>
# this should be treated as a normal message
Romeo sends:
<message to="issue667@conference.localhost" type="groupchat">
<subject>Greetings</subject>
<body>Hello everyone</body>
</message>
Romeo receives:
<message type="groupchat" from="issue667@conference.localhost/Romeo">
<subject>Greetings</subject>
<body>Hello everyone</body>
</message>
# Resync
Romeo sends:
<presence to="issue667@conference.localhost/Romeo">
<x xmlns="http://jabber.org/protocol/muc"/>
</presence>
# Presences
Romeo receives:
<presence from="issue667@conference.localhost/Romeo">
<x xmlns="http://jabber.org/protocol/muc#user">
<item affiliation="owner" role="moderator" jid="${Romeo's full JID}"/>
<status code="110"/>
</x>
</presence>
Romeo receives:
<message type="groupchat" from="issue667@conference.localhost/Romeo">
<subject>Greetings</subject>
<body>Hello everyone</body>
</message>
# the still empty subject
Romeo receives:
<message type="groupchat" from="issue667@conference.localhost">
<subject/>
</message>
# this is a subject change
Romeo sends:
<message to="issue667@conference.localhost" type="groupchat">
<subject>Something to talk about</subject>
</message>
Romeo receives:
<message type="groupchat" from="issue667@conference.localhost/Romeo">
<subject>Something to talk about</subject>
</message>
# a message without <subject>
Romeo sends:
<message to="issue667@conference.localhost" type="groupchat">
<body>Lorem ipsum dolor sit amet</body>
</message>
Romeo receives:
<message type="groupchat" from="issue667@conference.localhost/Romeo">
<body>Lorem ipsum dolor sit amet</body>
</message>
# Resync
Romeo sends:
<presence to="issue667@conference.localhost/Romeo">
<x xmlns="http://jabber.org/protocol/muc"/>
</presence>
# Presences
Romeo receives:
<presence from="issue667@conference.localhost/Romeo">
<x xmlns="http://jabber.org/protocol/muc#user">
<item affiliation="owner" role="moderator" jid="${Romeo's full JID}"/>
<status code="110"/>
</x>
</presence>
# History
# These have delay tags but we ignore those for now
Romeo receives:
<message type="groupchat" from="issue667@conference.localhost/Romeo">
<subject>Greetings</subject>
<body>Hello everyone</body>
</message>
Romeo receives:
<message type="groupchat" from="issue667@conference.localhost/Romeo">
<body>Lorem ipsum dolor sit amet</body>
</message>
# Finally, the topic
Romeo receives:
<message type="groupchat" from="issue667@conference.localhost/Romeo">
<subject>Something to talk about</subject>
</message>
Romeo disconnects

12
spec/scansion/prosody.cfg.lua
View file

@ -8,16 +8,17 @@ modules_enabled = {
-- Generally required
"roster"; -- Allow users to have a roster. Recommended ;)
"saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
"tls"; -- Add support for secure TLS on c2s/s2s connections
--"tls"; -- Add support for secure TLS on c2s/s2s connections
"dialback"; -- s2s dialback support
"disco"; -- Service discovery
-- Not essential, but recommended
"carbons"; -- Keep multiple clients in sync
"pep"; -- Enables users to publish their mood, activity, playing music and more
"pep"; -- Enables users to publish their avatar, mood, activity, playing music and more
"private"; -- Private XML storage (for room bookmarks, etc.)
"blocklist"; -- Allow users to block communications with other users
"vcard"; -- Allow users to set vCards
"vcard4"; -- User profiles (stored in PEP)
"vcard_legacy"; -- Conversion between legacy vCard and PEP Avatar, vcard
-- Nice to have
"version"; -- Replies to server version requests
@ -26,6 +27,11 @@ modules_enabled = {
"ping"; -- Replies to XMPP pings with pongs
"register"; -- Allow users to register on this server using a client and change passwords
"mam"; -- Store messages in an archive and allow users to access it
--"csi_simple"; -- Simple Mobile optimizations
-- Admin interfaces
--"admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
--"admin_telnet"; -- Opens telnet console interface on localhost port 5582
-- HTTP modules
--"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"

234
spec/scansion/pubsub_preconditions.scs Normal file
View file

@ -0,0 +1,234 @@
# Pubsub preconditions are enforced
[Client] Romeo
password: password
jid: jqpcrbq2@localhost
-----
Romeo connects
Romeo sends:
<iq id="67eb1f47-1e69-4cb3-91e2-4d5943e72d4c" type="set">
<pubsub xmlns="http://jabber.org/protocol/pubsub">
<publish node="http://jabber.org/protocol/tune">
<item id="current">
<tune xmlns="http://jabber.org/protocol/tune"/>
</item>
</publish>
</pubsub>
</iq>
Romeo receives:
<iq id="67eb1f47-1e69-4cb3-91e2-4d5943e72d4c" type="result">
<pubsub xmlns="http://jabber.org/protocol/pubsub">
<publish node="http://jabber.org/protocol/tune">
<item id="current"/>
</publish>
</pubsub>
</iq>
Romeo sends:
<iq id="52d74a36-afb0-4028-87ed-b25b988b049e" type="get">
<pubsub xmlns="http://jabber.org/protocol/pubsub#owner">
<configure node="http://jabber.org/protocol/tune"/>
</pubsub>
</iq>
Romeo receives:
<iq id="52d74a36-afb0-4028-87ed-b25b988b049e" type="result">
<pubsub xmlns="http://jabber.org/protocol/pubsub#owner">
<configure node="http://jabber.org/protocol/tune">
<x xmlns="jabber:x:data" type="form">
<field var="FORM_TYPE" type="hidden">
<value>http://jabber.org/protocol/pubsub#node_config</value>
</field>
<field var="pubsub#title" label="Title" type="text-single"/>
<field var="pubsub#description" label="Description" type="text-single"/>
<field var="pubsub#type" label="The type of node data, usually specified by the namespace of the payload (if any)" type="text-single"/>
<field var="pubsub#max_items" label="Max # of items to persist" type="text-single">
<validate xmlns="http://jabber.org/protocol/xdata-validate" datatype="xs:integer"/>
<value>1</value>
</field>
<field var="pubsub#persist_items" label="Persist items to storage" type="boolean">
<value>1</value>
</field>
<field var="pubsub#access_model" label="Specify the subscriber model" type="list-single">
<option label="authorize">
<value>authorize</value>
</option>
<option label="open">
<value>open</value>
</option>
<option label="presence">
<value>presence</value>
</option>
<option label="roster">
<value>roster</value>
</option>
<option label="whitelist">
<value>whitelist</value>
</option>
<value>presence</value>
</field>
<field var="pubsub#publish_model" label="Specify the publisher model" type="list-single">
<option label="publishers">
<value>publishers</value>
</option>
<option label="subscribers">
<value>subscribers</value>
</option>
<option label="open">
<value>open</value>
</option>
<value>publishers</value>
</field>
<field var="pubsub#deliver_notifications" label="Whether to deliver event notifications" type="boolean">
<value>1</value>
</field>
<field var="pubsub#deliver_payloads" label="Whether to deliver payloads with event notifications" type="boolean">
<value>1</value>
</field>
<field var="pubsub#notification_type" label="Specify the delivery style for notifications" type="list-single">
<option label="Messages of type normal">
<value>normal</value>
</option>
<option label="Messages of type headline">
<value>headline</value>
</option>
<value>headline</value>
</field>
<field var="pubsub#notify_delete" label="Whether to notify subscribers when the node is deleted" type="boolean">
<value>1</value>
</field>
<field var="pubsub#notify_retract" label="Whether to notify subscribers when items are removed from the node" type="boolean">
<value>1</value>
</field>
</x>
</configure>
</pubsub>
</iq>
Romeo sends:
<iq id="a73aac09-74be-4ee2-97e5-571bbdbcd956" type="set">
<pubsub xmlns="http://jabber.org/protocol/pubsub#owner">
<configure node="http://jabber.org/protocol/tune">
<x xmlns="jabber:x:data" type="submit">
<field var="FORM_TYPE" type="hidden">
<value>http://jabber.org/protocol/pubsub#node_config</value>
</field>
<field var="pubsub#title" type="text-single" label="Title">
<value>Nice tunes</value>
</field>
<field var="pubsub#description" type="text-single" label="Description"/>
<field var="pubsub#type" type="text-single" label="The type of node data, usually specified by the namespace of the payload (if any)"/>
<field var="pubsub#max_items" type="text-single" label="Max # of items to persist">
<validate xmlns="http://jabber.org/protocol/xdata-validate" datatype="xs:integer"/>
<value>1</value>
</field>
<field var="pubsub#persist_items" type="boolean" label="Persist items to storage">
<value>1</value>
</field>
<field var="pubsub#access_model" type="list-single" label="Specify the subscriber model">
<option label="authorize">
<value>authorize</value>
</option>
<option label="open">
<value>open</value>
</option>
<option label="presence">
<value>presence</value>
</option>
<option label="roster">
<value>roster</value>
</option>
<option label="whitelist">
<value>whitelist</value>
</option>
<value>presence</value>
</field>
<field var="pubsub#publish_model" type="list-single" label="Specify the publisher model">
<option label="publishers">
<value>publishers</value>
</option>
<option label="subscribers">
<value>subscribers</value>
</option>
<option label="open">
<value>open</value>
</option>
<value>publishers</value>
</field>
<field var="pubsub#deliver_notifications" type="boolean" label="Whether to deliver event notifications">
<value>1</value>
</field>
<field var="pubsub#deliver_payloads" type="boolean" label="Whether to deliver payloads with event notifications">
<value>1</value>
</field>
<field var="pubsub#notification_type" type="list-single" label="Specify the delivery style for notifications">
<option label="Messages of type normal">
<value>normal</value>
</option>
<option label="Messages of type headline">
<value>headline</value>
</option>
<value>headline</value>
</field>
<field var="pubsub#notify_delete" type="boolean" label="Whether to notify subscribers when the node is deleted">
<value>1</value>
</field>
<field var="pubsub#notify_retract" type="boolean" label="Whether to notify subscribers when items are removed from the node">
<value>1</value>
</field>
</x>
</configure>
</pubsub>
</iq>
Romeo receives:
<iq id="a73aac09-74be-4ee2-97e5-571bbdbcd956" type="result"/>
Romeo sends:
<iq id="ab0e92d2-c06b-4987-9d45-f9f9e7721709" type="get">
<query xmlns="http://jabber.org/protocol/disco#items"/>
</iq>
Romeo receives:
<iq id="ab0e92d2-c06b-4987-9d45-f9f9e7721709" type="result">
<query xmlns="http://jabber.org/protocol/disco#items">
<item name="Nice tunes" node="http://jabber.org/protocol/tune" jid="${Romeo's JID}"/>
</query>
</iq>
Romeo sends:
<iq id="67eb1f47-1e69-4cb3-91e2-4d5943e72d4c" type="set">
<pubsub xmlns="http://jabber.org/protocol/pubsub">
<publish node="http://jabber.org/protocol/tune">
<item id="current">
<tune xmlns="http://jabber.org/protocol/tune"/>
</item>
</publish>
<publish-options>
<x xmlns="jabber:x:data">
<field var="FORM_TYPE" type="hidden">
<value>http://jabber.org/protocol/pubsub#publish-options</value>
</field>
<field var="pubsub#access_model">
<value>whitelist</value>
</field>
</x>
</publish-options>
</pubsub>
</iq>
Romeo receives:
<iq type='error' id='67eb1f47-1e69-4cb3-91e2-4d5943e72d4c'>
<error type='cancel'>
<conflict xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
<text xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'>Field does not match: access_model</text>
<precondition-not-met xmlns='http://jabber.org/protocol/pubsub#errors'/>
</error>
</iq>
Romeo disconnects

Some files were not shown because too many files have changed in this diff Show more