mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-05 14:17:37 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge 0.10->trunk

Browse source
This commit is contained in:
Kim Alvefur 2017-04-20 00:41:49 +02:00
commit a7b9c6de42
5 changed files with 24 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

4
plugins/mod_bosh.lua
View file

@ -308,7 +308,7 @@ function stream_callbacks.streamopened(context, attr)
-- New session -- New session
sid = new_uuid(); sid = new_uuid();
local session = { local session = {
type = "c2s_unauthed", conn = {}, sid = sid, rid = rid, host = attr.to, type = "c2s_unauthed", conn = request.conn, sid = sid, rid = rid, host = attr.to,
bosh_version = attr.ver, bosh_wait = wait, streamid = sid, bosh_version = attr.ver, bosh_wait = wait, streamid = sid,
bosh_max_inactive = bosh_max_inactivity, bosh_max_inactive = bosh_max_inactivity,
requests = { }, send_buffer = {}, reset_stream = bosh_reset_stream, requests = { }, send_buffer = {}, reset_stream = bosh_reset_stream,
@ -384,6 +384,8 @@ function stream_callbacks.streamopened(context, attr)
return; return;
end end
session.conn = request.conn;
if session.rid then if session.rid then
local rid = tonumber(attr.rid); local rid = tonumber(attr.rid);
local diff = rid - session.rid; local diff = rid - session.rid;

23
prosodyctl
View file

@ -136,12 +136,14 @@ dependencies.log_warnings();
local switched_user, current_uid; local switched_user, current_uid;
local want_pposix_version = "0.4.0"; local want_pposix_version = "0.4.0";
local ok, pposix = pcall(require, "util.pposix"); local have_pposix, pposix = pcall(require, "util.pposix");
if ok and pposix then if have_pposix and pposix then
if pposix._VERSION ~= want_pposix_version then print(string.format("Unknown version (%s) of binary pposix module, expected %s", tostring(pposix._VERSION), want_pposix_version)); return; end if pposix._VERSION ~= want_pposix_version then print(string.format("Unknown version (%s) of binary pposix module, expected %s", tostring(pposix._VERSION), want_pposix_version)); return; end
current_uid = pposix.getuid(); current_uid = pposix.getuid();
if current_uid == 0 then local arg_root = arg[1] == "--root";
if arg_root then table.remove(arg, 1); end
if current_uid == 0 and config.get("*", "run_as_root") ~= true and not arg_root then
-- We haz root! -- We haz root!
local desired_user = config.get("*", "prosody_user") or "prosody"; local desired_user = config.get("*", "prosody_user") or "prosody";
local desired_group = config.get("*", "prosody_group") or desired_user; local desired_group = config.get("*", "prosody_group") or desired_user;
@ -695,9 +697,16 @@ local function use_existing(filename)
end end
end end
local cert_basedir = CFG_DATADIR or "./certs";
if have_pposix and pposix.getuid() == 0 then
-- FIXME should be enough to check if this directory is writable
local cert_dir = config.get("*", "certificates") or "certs";
cert_basedir = config.resolve_relative_path(config.paths.certs, cert_dir);
end
function cert_commands.config(arg) function cert_commands.config(arg)
if #arg >= 1 and arg[1] ~= "--help" then if #arg >= 1 and arg[1] ~= "--help" then
local conf_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".cnf"; local conf_filename = cert_basedir .. "/" .. arg[1] .. ".cnf";
if use_existing(conf_filename) then if use_existing(conf_filename) then
return nil, conf_filename; return nil, conf_filename;
end end
@ -758,7 +767,7 @@ end
function cert_commands.key(arg) function cert_commands.key(arg)
if #arg >= 1 and arg[1] ~= "--help" then if #arg >= 1 and arg[1] ~= "--help" then
local key_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".key"; local key_filename = cert_basedir .. "/" .. arg[1] .. ".key";
if use_existing(key_filename) then if use_existing(key_filename) then
return nil, key_filename; return nil, key_filename;
end end
@ -780,7 +789,7 @@ end
function cert_commands.request(arg) function cert_commands.request(arg)
if #arg >= 1 and arg[1] ~= "--help" then if #arg >= 1 and arg[1] ~= "--help" then
local req_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".req"; local req_filename = cert_basedir .. "/" .. arg[1] .. ".req";
if use_existing(req_filename) then if use_existing(req_filename) then
return nil, req_filename; return nil, req_filename;
end end
@ -798,7 +807,7 @@ end
function cert_commands.generate(arg) function cert_commands.generate(arg)
if #arg >= 1 and arg[1] ~= "--help" then if #arg >= 1 and arg[1] ~= "--help" then
local cert_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".crt"; local cert_filename = cert_basedir .. "/" .. arg[1] .. ".crt";
if use_existing(cert_filename) then if use_existing(cert_filename) then
return nil, cert_filename; return nil, cert_filename;
end end

4
util/datamanager.lua
View file

@ -268,8 +268,8 @@ local function list_store(username, host, datastore, data)
if callback(username, host, datastore) == false then return true; end if callback(username, host, datastore) == false then return true; end
-- save the datastore -- save the datastore
local d = {}; local d = {};
for _, item in ipairs(data) do for i, item in ipairs(data) do
d[#d+1] = "item(" .. serialize(item) .. ");\n"; d[i] = "item(" .. serialize(item) .. ");\n";
end end
local ok, msg = atomic_store(getpath(username, host, datastore, "list", true), t_concat(d)); local ok, msg = atomic_store(getpath(username, host, datastore, "list", true), t_concat(d));
if not ok then if not ok then

3
util/sasl/plain.lua
View file

@ -63,6 +63,8 @@ local function plain(self, message)
end end
end end
self.username = authentication
local correct, state = false, false; local correct, state = false, false;
if self.profile.plain then if self.profile.plain then
local correct_password; local correct_password;
@ -72,7 +74,6 @@ local function plain(self, message)
correct, state = self.profile.plain_test(self, authentication, password, self.realm); correct, state = self.profile.plain_test(self, authentication, password, self.realm);
end end
self.username = authentication
if state == false then if state == false then
return "failure", "account-disabled"; return "failure", "account-disabled";
elseif state == nil or not correct then elseif state == nil or not correct then

2
util/sasl/scram.lua
View file

@ -146,6 +146,7 @@ local function scram_gen(hash_name, H_f, HMAC_f)
log("debug", "Username violates either SASLprep or contains forbidden character sequences.") log("debug", "Username violates either SASLprep or contains forbidden character sequences.")
return "failure", "malformed-request", "Invalid username."; return "failure", "malformed-request", "Invalid username.";
end end
self.username = username;
-- retreive credentials -- retreive credentials
local stored_key, server_key, salt, iteration_count; local stored_key, server_key, salt, iteration_count;
@ -225,7 +226,6 @@ local function scram_gen(hash_name, H_f, HMAC_f)
if StoredKey == H_f(ClientKey) then if StoredKey == H_f(ClientKey) then
local server_final_message = "v="..base64.encode(ServerSignature); local server_final_message = "v="..base64.encode(ServerSignature);
self["username"] = state.username;
return "success", server_final_message; return "success", server_final_message;
else else
return "failure", "not-authorized", "The response provided by the client doesn't match the one we calculated."; return "failure", "not-authorized", "The response provided by the client doesn't match the one we calculated.";