7 |
7 |
8 local log = require "util.logger".init("stanzarouter") |
8 local log = require "util.logger".init("stanzarouter") |
9 |
9 |
10 local st = require "util.stanza"; |
10 local st = require "util.stanza"; |
11 local send = require "core.sessionmanager".send_to_session; |
11 local send = require "core.sessionmanager".send_to_session; |
12 -- local send_s2s = require "core.s2smanager".send_to_host; |
12 local send_s2s = require "core.s2smanager".send_to_host; |
13 local user_exists = require "core.usermanager".user_exists; |
13 local user_exists = require "core.usermanager".user_exists; |
|
14 |
|
15 local s2s_verify_dialback = require "core.s2smanager".verify_dialback; |
|
16 local s2s_make_authenticated = require "core.s2smanager".make_authenticated; |
|
17 local format = string.format; |
|
18 local tostring = tostring; |
14 |
19 |
15 local jid_split = require "util.jid".split; |
20 local jid_split = require "util.jid".split; |
16 local print = print; |
21 local print = print; |
17 |
22 |
18 function core_process_stanza(origin, stanza) |
23 function core_process_stanza(origin, stanza) |
31 and stanza.tags[1].attr.xmlns == "urn:ietf:params:xml:ns:xmpp-bind") then |
36 and stanza.tags[1].attr.xmlns == "urn:ietf:params:xml:ns:xmpp-bind") then |
32 error("Client MUST bind resource after auth"); |
37 error("Client MUST bind resource after auth"); |
33 end |
38 end |
34 |
39 |
35 local to = stanza.attr.to; |
40 local to = stanza.attr.to; |
36 stanza.attr.from = origin.full_jid; -- quick fix to prevent impersonation (FIXME this would be incorrect when the origin is not c2s) |
|
37 -- TODO also, stazas should be returned to their original state before the function ends |
41 -- TODO also, stazas should be returned to their original state before the function ends |
|
42 if origin.type == "c2s" then |
|
43 stanza.attr.from = origin.full_jid; -- quick fix to prevent impersonation (FIXME this would be incorrect when the origin is not c2s) |
|
44 end |
38 |
45 |
39 -- TODO presence subscriptions |
|
40 if not to then |
46 if not to then |
41 core_handle_stanza(origin, stanza); |
47 core_handle_stanza(origin, stanza); |
42 elseif hosts[to] and hosts[to].type == "local" then |
48 elseif hosts[to] and hosts[to].type == "local" then |
43 core_handle_stanza(origin, stanza); |
49 core_handle_stanza(origin, stanza); |
44 elseif stanza.name == "iq" and not select(3, jid_split(to)) then |
50 elseif stanza.name == "iq" and not select(3, jid_split(to)) then |
45 core_handle_stanza(origin, stanza); |
51 core_handle_stanza(origin, stanza); |
46 elseif origin.type == "c2s" then |
52 elseif origin.type == "c2s" or origin.type == "s2sin" then |
47 core_route_stanza(origin, stanza); |
53 core_route_stanza(origin, stanza); |
48 end |
54 end |
49 end |
55 end |
50 |
56 |
51 -- This function handles stanzas which are not routed any further, |
57 -- This function handles stanzas which are not routed any further, |
88 end |
94 end |
89 else |
95 else |
90 log("debug", "Routing stanza to local"); |
96 log("debug", "Routing stanza to local"); |
91 handle_stanza(session, stanza); |
97 handle_stanza(session, stanza); |
92 end |
98 end |
|
99 elseif origin.type == "s2sin_unauthed" or origin.type == "s2sin" then |
|
100 if stanza.attr.xmlns == "jabber:server:dialback" then |
|
101 if stanza.name == "verify" then |
|
102 -- We are being asked to verify the key, to ensure it was generated by us |
|
103 log("debug", "verifying dialback key..."); |
|
104 local attr = stanza.attr; |
|
105 print(tostring(attr.to), tostring(attr.from)) |
|
106 print(tostring(origin.to_host), tostring(origin.from_host)) |
|
107 -- FIXME: Grr, ejabberd breaks this one too?? it is black and white in XEP-220 example 34 |
|
108 --if attr.from ~= origin.to_host then error("invalid-from"); end |
|
109 local type = "invalid"; |
|
110 if s2s_verify_dialback(attr.id, attr.from, attr.to, stanza[1]) then |
|
111 type = "valid" |
|
112 end |
|
113 origin.send(format("<db:verify from='%s' to='%s' id='%s' type='%s'>%s</db:verify>", attr.to, attr.from, attr.id, type, stanza[1])); |
|
114 elseif stanza.name == "result" and origin.type == "s2sin_unauthed" then |
|
115 -- he wants to be identified through dialback |
|
116 -- We need to check the key with the Authoritative server |
|
117 local attr = stanza.attr; |
|
118 origin.from_host = attr.from; |
|
119 origin.to_host = attr.to; |
|
120 origin.dialback_key = stanza[1]; |
|
121 log("debug", "asking %s if key %s belongs to them", attr.from, stanza[1]); |
|
122 send_s2s(attr.to, attr.from, format("<db:verify from='%s' to='%s' id='%s'>%s</db:verify>", attr.to, attr.from, origin.streamid, stanza[1])); |
|
123 hosts[attr.from].dialback_verifying = origin; |
|
124 end |
|
125 end |
|
126 elseif origin.type == "s2sout_unauthed" or origin.type == "s2sout" then |
|
127 if stanza.attr.xmlns == "jabber:server:dialback" then |
|
128 if stanza.name == "result" then |
|
129 if stanza.attr.type == "valid" then |
|
130 s2s_make_authenticated(origin); |
|
131 else |
|
132 -- FIXME |
|
133 error("dialback failed!"); |
|
134 end |
|
135 elseif stanza.name == "verify" and origin.dialback_verifying then |
|
136 local valid; |
|
137 local attr = stanza.attr; |
|
138 if attr.type == "valid" then |
|
139 s2s_make_authenticated(origin.dialback_verifying); |
|
140 valid = "valid"; |
|
141 else |
|
142 -- Warn the original connection that is was not verified successfully |
|
143 log("warn", "dialback for "..(origin.dialback_verifying.from_host or "(unknown)").." failed"); |
|
144 valid = "invalid"; |
|
145 end |
|
146 origin.dialback_verifying.send(format("<db:result from='%s' to='%s' id='%s' type='%s'>%s</db:result>", attr.from, attr.to, attr.id, valid, origin.dialback_verifying.dialback_key)); |
|
147 end |
|
148 end |
|
149 else |
|
150 log("warn", "Unhandled origin: %s", origin.type); |
93 end |
151 end |
94 end |
152 end |
95 |
153 |
96 function is_authorized_to_see_presence(origin, username, host) |
154 function is_authorized_to_see_presence(origin, username, host) |
97 local roster = datamanager.load(username, host, "roster") or {}; |
155 local roster = datamanager.load(username, host, "roster") or {}; |
182 else |
240 else |
183 send(origin, st.error_reply(stanza, "cancel", "service-unavailable")); |
241 send(origin, st.error_reply(stanza, "cancel", "service-unavailable")); |
184 end |
242 end |
185 end |
243 end |
186 end |
244 end |
|
245 elseif origin.type == "c2s" then |
|
246 -- Remote host |
|
247 --stanza.attr.xmlns = "jabber:server"; |
|
248 stanza.attr.xmlns = nil; |
|
249 log("debug", "sending s2s stanza: %s", tostring(stanza)); |
|
250 send_s2s(origin.host, host, stanza); |
187 else |
251 else |
188 -- Remote host |
252 log("warn", "received stanza from unhandled connection type: %s", origin.type); |
189 if host_session then |
|
190 -- Send to session |
|
191 else |
|
192 -- Need to establish the connection |
|
193 end |
|
194 end |
253 end |
195 stanza.attr.to = to; -- reset |
254 stanza.attr.to = to; -- reset |
196 end |
255 end |
197 |
256 |
198 function handle_stanza_toremote(stanza) |
257 function handle_stanza_toremote(stanza) |