Mercurial > lxmppd-hg-xmllex / file comparison

comparison: plugins/mod_proxy65.lua

plugins/mod_proxy65.lua

changeset 3377
9328179c9c76
parent 3006
a3580f556c27
child 3558
f1201ff060b7
equal deleted inserted replaced
3375:29e51e1c7c3d 3377:9328179c9c76
12 12
13 if module:get_host_type() ~= "component" then 13 if module:get_host_type() ~= "component" then
14 error("proxy65 should be loaded as a component, please see http://prosody.im/doc/components", 0); 14 error("proxy65 should be loaded as a component, please see http://prosody.im/doc/components", 0);
15 end 15 end
16 16
17 local jid_split, jid_join = require "util.jid".split, require "util.jid".join; 17 local jid_split, jid_join, jid_compare = require "util.jid".split, require "util.jid".join, require "util.jid".compare;
18 local st = require "util.stanza"; 18 local st = require "util.stanza";
19 local componentmanager = require "core.componentmanager"; 19 local componentmanager = require "core.componentmanager";
20 local config_get = require "core.configmanager".get; 20 local config_get = require "core.configmanager".get;
21 local connlisteners = require "net.connlisteners"; 21 local connlisteners = require "net.connlisteners";
22 local sha1 = require "util.hashes".sha1; 22 local sha1 = require "util.hashes".sha1;
149 local function get_stream_host(origin, stanza) 149 local function get_stream_host(origin, stanza)
150 local reply = replies_cache.stream_host; 150 local reply = replies_cache.stream_host;
151 local err_reply = replies_cache.stream_host_err; 151 local err_reply = replies_cache.stream_host_err;
152 local sid = stanza.tags[1].attr.sid; 152 local sid = stanza.tags[1].attr.sid;
153 local allow = false; 153 local allow = false;
154 local jid_node, jid_host, jid_resource = jid_split(stanza.attr.from); 154 local jid = stanza.attr.from;
155
156 if stanza.attr.from == nil then
157 jid_node = origin.username;
158 jid_host = origin.host;
159 jid_resource = origin.resource;
160 end
161 155
162 if proxy_acl and #proxy_acl > 0 then 156 if proxy_acl and #proxy_acl > 0 then
163 if host ~= nil then -- at least a domain is needed. 157 for _, acl in ipairs(proxy_acl) do
164 for _, acl in ipairs(proxy_acl) do 158 if jid_compare(jid, acl) then allow = true; end
165 local acl_node, acl_host, acl_resource = jid_split(acl);
166 if ((acl_node ~= nil and acl_node == jid_node) or acl_node == nil) and
167 ((acl_host ~= nil and acl_host == jid_host) or acl_host == nil) and
168 ((acl_resource ~= nil and acl_resource == jid_resource) or acl_resource == nil) then
169 allow = true;
170 end
171 end
172 end 159 end
173 else 160 else
174 allow = true; 161 allow = true;
175 end 162 end
176 if allow == true then 163 if allow == true then
179 :query("http://jabber.org/protocol/bytestreams") 166 :query("http://jabber.org/protocol/bytestreams")
180 :tag("streamhost", {jid=host, host=proxy_address, port=proxy_port}); 167 :tag("streamhost", {jid=host, host=proxy_address, port=proxy_port});
181 replies_cache.stream_host = reply; 168 replies_cache.stream_host = reply;
182 end 169 end
183 else 170 else
184 module:log("warn", "Denying use of proxy for %s", tostring(jid_join(jid_node, jid_host, jid_resource))); 171 module:log("warn", "Denying use of proxy for %s", tostring(jid));
185 if err_reply == nil then 172 if err_reply == nil then
186 err_reply = st.iq({type="error", from=host}) 173 err_reply = st.iq({type="error", from=host})
187 :query("http://jabber.org/protocol/bytestreams") 174 :query("http://jabber.org/protocol/bytestreams")
188 :tag("error", {code='403', type='auth'}) 175 :tag("error", {code='403', type='auth'})
189 :tag("forbidden", {xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'}); 176 :tag("forbidden", {xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'});

Mercurial Repository: lxmppd-hg-xmllex

mercurial