# HG changeset patch # User Matthew Wild # Date 1224831426 -3600 # Node ID 8310bfddaba88cf39c79a041c86b84e30faf5402 # Parent d09b8a1ab04672bc37bc11a188dd754529f5f740# Parent 6b8e2bd82ac5e9a432b0de575a50d09be2fdc4d9 Merge from waqas diff -r 6b8e2bd82ac5 -r 8310bfddaba8 core/s2smanager.lua --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/core/s2smanager.lua Fri Oct 24 07:57:06 2008 +0100 @@ -0,0 +1,178 @@ + +local hosts = hosts; +local sessions = sessions; +local socket = require "socket"; +local format = string.format; +local tostring, pairs, ipairs, getmetatable, print, newproxy, error, tonumber + = tostring, pairs, ipairs, getmetatable, print, newproxy, error, tonumber; + +local connlisteners_get = require "net.connlisteners".get; +local wraptlsclient = require "net.server".wraptlsclient; +local modulemanager = require "core.modulemanager"; + +local uuid_gen = require "util.uuid".generate; + +local logger_init = require "util.logger".init; + +local log = logger_init("s2smanager"); + +local md5_hash = require "util.hashes".md5; + +local dialback_secret = "This is very secret!!! Ha!"; + +module "s2smanager" + +function connect_host(from_host, to_host) +end + +function send_to_host(from_host, to_host, data) + if hosts[to_host] then + -- Write to connection + hosts[to_host].send(data); + log("debug", "stanza sent over s2s"); + else + log("debug", "opening a new outgoing connection for this stanza"); + local host_session = new_outgoing(from_host, to_host); + -- Store in buffer + host_session.sendq = { data }; + end +end + +function disconnect_host(host) + +end + +local open_sessions = 0; + +function new_incoming(conn) + local session = { conn = conn, priority = 0, type = "s2sin_unauthed", direction = "incoming" }; + if true then + session.trace = newproxy(true); + getmetatable(session.trace).__gc = function () open_sessions = open_sessions - 1; print("s2s session got collected, now "..open_sessions.." s2s sessions are allocated") end; + end + open_sessions = open_sessions + 1; + local w = conn.write; + session.send = function (t) w(tostring(t)); end + return session; +end + +function new_outgoing(from_host, to_host) + local host_session = { to_host = to_host, from_host = from_host, notopen = true, type = "s2sout_unauthed", direction = "outgoing" }; + hosts[to_host] = host_session; + + local cl = connlisteners_get("xmppserver"); + + local conn, handler = socket.tcp() + --FIXME: Below parameters (ports/ip) are incorrect (use SRV) + conn:connect(to_host, 5269); + conn = wraptlsclient(cl, conn, to_host, 5269, 0, 1, hosts[from_host].ssl_ctx ); + host_session.conn = conn; + + -- Register this outgoing connection so that xmppserver_listener knows about it + -- otherwise it will assume it is a new incoming connection + cl.register_outgoing(conn, host_session); + + do + local conn_name = "s2sout"..tostring(conn):match("[a-f0-9]*$"); + host_session.log = logger_init(conn_name); + end + + local w = conn.write; + host_session.send = function (t) w(tostring(t)); end + + conn.write(format([[]], from_host, to_host)); + + return host_session; +end + +function streamopened(session, attr) + session.log("debug", "s2s stream opened"); + local send = session.send; + + session.version = tonumber(attr.version) or 0; + if session.version >= 1.0 and not (attr.to and attr.from) then + print("to: "..tostring(attr.to).." from: "..tostring(attr.from)); + --error(session.to_host.." failed to specify 'to' or 'from' hostname as per RFC"); + log("warn", (session.to_host or "(unknown)").." failed to specify 'to' or 'from' hostname as per RFC"); + end + + if session.direction == "incoming" then + -- Send a reply stream header + + for k,v in pairs(attr) do print("", tostring(k), ":::", tostring(v)); end + + session.to_host = attr.to; + session.from_host = attr.from; + + session.streamid = uuid_gen(); + print(session, session.from_host, "incoming s2s stream opened"); + send(""); + send(format("", session.streamid, session.to_host)); + if session.from_host then + -- Need to perform dialback to check identity + print("to: "..tostring(attr.to).." from: "..tostring(attr.from)); + print("Need to do dialback here you know!!"); + end + elseif session.direction == "outgoing" then + -- If we are just using the connection for verifying dialback keys, we won't try and auth it + if not session.dialback_verifying then + -- generate dialback key + if not attr.id then error("stream response did not give us a streamid!!!"); end + session.streamid = attr.id; + session.dialback_key = generate_dialback(session.streamid, session.to_host, session.from_host); + session.send(format("%s", session.from_host, session.to_host, session.dialback_key)); + session.log("info", "sent dialback key on outgoing s2s stream"); + else + mark_connected(session); + end + end + --[[ + local features = {}; + modulemanager.fire_event("stream-features-s2s", session, features); + + send(""); + + for _, feature in ipairs(features) do + send(tostring(feature)); + end + + send("");]] + log("info", "s2s stream opened successfully"); + session.notopen = nil; +end + +function generate_dialback(id, to, from) + return md5_hash(id..to..from..dialback_secret); -- FIXME: See XEP-185 and XEP-220 +end + +function verify_dialback(id, to, from, key) + return key == generate_dialback(id, to, from); +end + +function make_authenticated(session) + if session.type == "s2sout_unauthed" then + session.type = "s2sout"; + elseif session.type == "s2sin_unauthed" then + session.type = "s2sin"; + else + return false; + end + session.log("info", "connection is now authenticated"); + + mark_connected(session); + + return true; +end + +function mark_connected(session) + local sendq, send = session.sendq, session.send; + if sendq then + session.log("debug", "sending queued stanzas across new connection"); + for _, data in ipairs(sendq) do + session.log("debug", "sending: %s", tostring(data)); + send(data); + end + end +end + +return _M; \ No newline at end of file diff -r 6b8e2bd82ac5 -r 8310bfddaba8 core/sessionmanager.lua --- a/core/sessionmanager.lua Fri Oct 24 01:06:54 2008 +0500 +++ b/core/sessionmanager.lua Fri Oct 24 07:57:06 2008 +0100 @@ -11,7 +11,7 @@ local modulemanager = require "core.modulemanager"; local log = require "util.logger".init("sessionmanager"); local error = error; -local uuid_generate = require "util.uuid".uuid_generate; +local uuid_generate = require "util.uuid".generate; local rm_load_roster = require "core.rostermanager".load_roster; local newproxy = newproxy; @@ -35,14 +35,15 @@ function destroy_session(session) session.log("info", "Destroying session"); - if session.username then + if session.host and session.username then if session.resource then hosts[session.host].sessions[session.username].sessions[session.resource] = nil; end - - if not next(hosts[session.host].sessions[session.username].sessions) then - log("debug", "All resources of %s are now offline", session.username); - hosts[session.host].sessions[session.username] = nil; + if hosts[session.host] and hosts[session.host].sessions[session.username] then + if not next(hosts[session.host].sessions[session.username].sessions) then + log("debug", "All resources of %s are now offline", session.username); + hosts[session.host].sessions[session.username] = nil; + end end end session.conn = nil; diff -r 6b8e2bd82ac5 -r 8310bfddaba8 core/stanza_router.lua --- a/core/stanza_router.lua Fri Oct 24 01:06:54 2008 +0500 +++ b/core/stanza_router.lua Fri Oct 24 07:57:06 2008 +0100 @@ -9,9 +9,14 @@ local st = require "util.stanza"; local send = require "core.sessionmanager".send_to_session; --- local send_s2s = require "core.s2smanager".send_to_host; +local send_s2s = require "core.s2smanager".send_to_host; local user_exists = require "core.usermanager".user_exists; +local s2s_verify_dialback = require "core.s2smanager".verify_dialback; +local s2s_make_authenticated = require "core.s2smanager".make_authenticated; +local format = string.format; +local tostring = tostring; + local jid_split = require "util.jid".split; local print = print; @@ -21,7 +26,7 @@ if stanza.name == "iq" and not(#stanza.tags == 1 and stanza.tags[1].attr.xmlns) then if stanza.attr.type == "set" or stanza.attr.type == "get" then error("Invalid IQ"); - elseif #stanza.tags > 1 or not(stanza.attr.type == "error" or stanza.attr.type == "result") then + elseif #stanza.tags > 1 and not(stanza.attr.type == "error" or stanza.attr.type == "result") then error("Invalid IQ"); end end @@ -33,17 +38,18 @@ end local to = stanza.attr.to; - stanza.attr.from = origin.full_jid; -- quick fix to prevent impersonation (FIXME this would be incorrect when the origin is not c2s) -- TODO also, stazas should be returned to their original state before the function ends + if origin.type == "c2s" then + stanza.attr.from = origin.full_jid; -- quick fix to prevent impersonation (FIXME this would be incorrect when the origin is not c2s) + end - -- TODO presence subscriptions if not to then core_handle_stanza(origin, stanza); elseif hosts[to] and hosts[to].type == "local" then core_handle_stanza(origin, stanza); elseif stanza.name == "iq" and not select(3, jid_split(to)) then core_handle_stanza(origin, stanza); - elseif origin.type == "c2s" then + elseif origin.type == "c2s" or origin.type == "s2sin" then core_route_stanza(origin, stanza); end end @@ -98,6 +104,58 @@ log("debug", "Routing stanza to local"); handle_stanza(session, stanza); end + elseif origin.type == "s2sin_unauthed" or origin.type == "s2sin" then + if stanza.attr.xmlns == "jabber:server:dialback" then + if stanza.name == "verify" then + -- We are being asked to verify the key, to ensure it was generated by us + log("debug", "verifying dialback key..."); + local attr = stanza.attr; + print(tostring(attr.to), tostring(attr.from)) + print(tostring(origin.to_host), tostring(origin.from_host)) + -- FIXME: Grr, ejabberd breaks this one too?? it is black and white in XEP-220 example 34 + --if attr.from ~= origin.to_host then error("invalid-from"); end + local type = "invalid"; + if s2s_verify_dialback(attr.id, attr.from, attr.to, stanza[1]) then + type = "valid" + end + origin.send(format("%s", attr.to, attr.from, attr.id, type, stanza[1])); + elseif stanza.name == "result" and origin.type == "s2sin_unauthed" then + -- he wants to be identified through dialback + -- We need to check the key with the Authoritative server + local attr = stanza.attr; + origin.from_host = attr.from; + origin.to_host = attr.to; + origin.dialback_key = stanza[1]; + log("debug", "asking %s if key %s belongs to them", attr.from, stanza[1]); + send_s2s(attr.to, attr.from, format("%s", attr.to, attr.from, origin.streamid, stanza[1])); + hosts[attr.from].dialback_verifying = origin; + end + end + elseif origin.type == "s2sout_unauthed" or origin.type == "s2sout" then + if stanza.attr.xmlns == "jabber:server:dialback" then + if stanza.name == "result" then + if stanza.attr.type == "valid" then + s2s_make_authenticated(origin); + else + -- FIXME + error("dialback failed!"); + end + elseif stanza.name == "verify" and origin.dialback_verifying then + local valid; + local attr = stanza.attr; + if attr.type == "valid" then + s2s_make_authenticated(origin.dialback_verifying); + valid = "valid"; + else + -- Warn the original connection that is was not verified successfully + log("warn", "dialback for "..(origin.dialback_verifying.from_host or "(unknown)").." failed"); + valid = "invalid"; + end + origin.dialback_verifying.send(format("%s", attr.from, attr.to, attr.id, valid, origin.dialback_verifying.dialback_key)); + end + end + else + log("warn", "Unhandled origin: %s", origin.type); end end @@ -202,13 +260,14 @@ end end end - else + elseif origin.type == "c2s" then -- Remote host - if host_session then - -- Send to session - else - -- Need to establish the connection - end + --stanza.attr.xmlns = "jabber:server"; + stanza.attr.xmlns = nil; + log("debug", "sending s2s stanza: %s", tostring(stanza)); + send_s2s(origin.host, host, stanza); + else + log("warn", "received stanza from unhandled connection type: %s", origin.type); end stanza.attr.to = to; -- reset end diff -r 6b8e2bd82ac5 -r 8310bfddaba8 core/xmlhandlers.lua --- a/core/xmlhandlers.lua Fri Oct 24 01:06:54 2008 +0500 +++ b/core/xmlhandlers.lua Fri Oct 24 07:57:06 2008 +0100 @@ -3,6 +3,10 @@ local st = stanza; local tostring = tostring; +local pairs = pairs; +local ipairs = ipairs; +local type = type; +local print = print; local format = string.format; local m_random = math.random; local t_insert = table.insert; @@ -11,18 +15,24 @@ local t_concatall = function (t, sep) local tt = {}; for _, s in ipairs(t) do t_insert(tt, tostring(s)); end return t_concat(tt, sep); end local sm_destroy_session = import("core.sessionmanager", "destroy_session"); +local default_log = require "util.logger".init("xmlhandlers"); + local error = error; module "xmlhandlers" +local ns_prefixes = { + ["http://www.w3.org/XML/1998/namespace"] = "xml"; + } + function init_xmlhandlers(session, streamopened) local ns_stack = { "" }; local curr_ns = ""; local curr_tag; local chardata = {}; local xml_handlers = {}; - local log = session.log; - local print = function (...) log("info", "xmlhandlers", t_concatall({...}, "\t")); end + local log = session.log or default_log; + --local print = function (...) log("info", "xmlhandlers", t_concatall({...}, "\t")); end local send = session.send; @@ -33,8 +43,27 @@ stanza:text(t_concat(chardata)); chardata = {}; end - curr_ns,name = name:match("^(.+):(%w+)$"); - if not stanza then + curr_ns,name = name:match("^(.+)|([%w%-]+)$"); + if curr_ns ~= "jabber:server" then + attr.xmlns = curr_ns; + end + + -- FIXME !!!!! + for i, k in ipairs(attr) do + if type(k) == "string" then + local ns, nm = k:match("^([^|]+)|?([^|]-)$") + if ns and nm then + ns = ns_prefixes[ns]; + if ns then + attr[ns..":"..nm] = attr[k]; + attr[i] = ns..":"..nm; + attr[k] = nil; + end + end + end + end + + if not stanza then --if we are not currently inside a stanza if session.notopen then if name == "stream" then streamopened(session, attr); @@ -45,11 +74,14 @@ if curr_ns == "jabber:client" and name ~= "iq" and name ~= "presence" and name ~= "message" then error("Client sent invalid top-level stanza"); end - attr.xmlns = curr_ns; + stanza = st.stanza(name, attr); --{ to = attr.to, type = attr.type, id = attr.id, xmlns = curr_ns }); curr_tag = stanza; - else - attr.xmlns = curr_ns; + else -- we are inside a stanza, so add a tag + attr.xmlns = nil; + if curr_ns ~= "jabber:server" and curr_ns ~= "jabber:client" then + attr.xmlns = curr_ns; + end stanza:tag(name, attr); end end @@ -59,12 +91,14 @@ end end function xml_handlers:EndElement(name) - curr_ns,name = name:match("^(.+):(%w+)$"); + curr_ns,name = name:match("^(.+)|([%w%-]+)$"); if (not stanza) or #stanza.last_add < 0 or (#stanza.last_add > 0 and name ~= stanza.last_add[#stanza.last_add].name) then if name == "stream" then log("debug", "Stream closed"); sm_destroy_session(session); return; + elseif name == "error" then + error("Stream error: "..tostring(name)..": "..tostring(stanza)); else error("XML parse error in client stream"); end diff -r 6b8e2bd82ac5 -r 8310bfddaba8 main.lua --- a/main.lua Fri Oct 24 01:06:54 2008 +0500 +++ b/main.lua Fri Oct 24 07:57:06 2008 +0100 @@ -54,5 +54,6 @@ local protected_disconnect = function (conn, err) local success, ret = pcall(disconnect, conn, err); if not success then print("ERROR on "..tostring(conn).." disconnect: "..ret); conn:close(); end end; start("xmppclient", { ssl = ssl_ctx }) +start("xmppserver", { ssl = ssl_ctx }) server.loop(); diff -r 6b8e2bd82ac5 -r 8310bfddaba8 net/connlisteners.lua --- a/net/connlisteners.lua Fri Oct 24 01:06:54 2008 +0500 +++ b/net/connlisteners.lua Fri Oct 24 07:57:06 2008 +0100 @@ -28,7 +28,6 @@ if not h then pcall(dofile, "net/"..name:gsub("[^%w%-]", "_").."_listener.lua"); h = listeners[name]; - end return h; end diff -r 6b8e2bd82ac5 -r 8310bfddaba8 net/xmppclient_listener.lua --- a/net/xmppclient_listener.lua Fri Oct 24 01:06:54 2008 +0500 +++ b/net/xmppclient_listener.lua Fri Oct 24 07:57:06 2008 +0100 @@ -22,7 +22,7 @@ local function session_reset_stream(session) -- Reset stream - local parser = lxp.new(init_xmlhandlers(session, sm_streamopened), ":"); + local parser = lxp.new(init_xmlhandlers(session, sm_streamopened), "|"); session.parser = parser; session.notopen = true; diff -r 6b8e2bd82ac5 -r 8310bfddaba8 net/xmppserver_listener.lua --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net/xmppserver_listener.lua Fri Oct 24 07:57:06 2008 +0100 @@ -0,0 +1,95 @@ + +local logger = require "logger"; +local lxp = require "lxp" +local init_xmlhandlers = require "core.xmlhandlers" +local sm_new_session = require "core.sessionmanager".new_session; +local s2s_new_incoming = require "core.s2smanager".new_incoming; +local s2s_streamopened = require "core.s2smanager".streamopened; + +local connlisteners_register = require "net.connlisteners".register; + +local t_insert = table.insert; +local t_concat = table.concat; +local t_concatall = function (t, sep) local tt = {}; for _, s in ipairs(t) do t_insert(tt, tostring(s)); end return t_concat(tt, sep); end +local m_random = math.random; +local format = string.format; +local sm_new_session, sm_destroy_session = sessionmanager.new_session, sessionmanager.destroy_session; --import("core.sessionmanager", "new_session", "destroy_session"); +local st = stanza; + +local sessions = {}; +local xmppserver = { default_port = 5269 }; + +-- These are session methods -- + +local function session_reset_stream(session) + -- Reset stream + local parser = lxp.new(init_xmlhandlers(session, s2s_streamopened), "|"); + session.parser = parser; + + session.notopen = true; + + function session.data(conn, data) + parser:parse(data); + end + return true; +end + +-- End of session methods -- + +function xmppserver.listener(conn, data) + local session = sessions[conn]; + if not session then + session = s2s_new_incoming(conn); + sessions[conn] = session; + + -- Logging functions -- + + local mainlog, log = log; + do + local conn_name = "s2sin"..tostring(conn):match("[a-f0-9]+$"); + log = logger.init(conn_name); + end + local print = function (...) log("info", t_concatall({...}, "\t")); end + session.log = log; + + print("Incoming s2s connection"); + + session.reset_stream = session_reset_stream; + + session_reset_stream(session); -- Initialise, ready for use + + -- FIXME: Below function should be session,stanza - and xmlhandlers should use :method() notation to call, + -- this will avoid the useless indirection we have atm + -- (I'm on a mission, no time to fix now) + session.stanza_dispatch = function (stanza) return core_process_stanza(session, stanza); end + + end + if data then + session.data(conn, data); + end +end + +function xmppserver.disconnect(conn) +end + +function xmppserver.register_outgoing(conn, session) + session.direction = "outgoing"; + sessions[conn] = session; + + session.reset_stream = session_reset_stream; + session_reset_stream(session); -- Initialise, ready for use + + -- FIXME: Below function should be session,stanza - and xmlhandlers should use :method() notation to call, + -- this will avoid the useless indirection we have atm + -- (I'm on a mission, no time to fix now) + session.stanza_dispatch = function (stanza) return core_process_stanza(session, stanza); end +end + +connlisteners_register("xmppserver", xmppserver); + + +-- We need to perform some initialisation when a connection is created +-- We also need to perform that same initialisation at other points (SASL, TLS, ...) + +-- ...and we need to handle data +-- ...and record all sessions associated with connections \ No newline at end of file diff -r 6b8e2bd82ac5 -r 8310bfddaba8 util/hashes.lua --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/util/hashes.lua Fri Oct 24 07:57:06 2008 +0100 @@ -0,0 +1,27 @@ + +local softreq = function (...) return select(2, pcall(require, ...)); end + +module "hashes" + +local md5 = softreq("md5"); +if md5 then + if md5.digest then + local md5_digest = md5.digest; + local sha1_digest = sha1.digest; + function _M.md5(input) + return md5_digest(input); + end + function _M.sha1(input) + return sha1_digest(input); + end + elseif md5.sumhexa then + local md5_sumhexa = md5.sumhexa; + function _M.md5(input) + return md5_sumhexa(input); + end + else + error("md5 library found, but unrecognised... no hash functions will be available", 0); + end +end + +return _M; diff -r 6b8e2bd82ac5 -r 8310bfddaba8 util/logger.lua --- a/util/logger.lua Fri Oct 24 01:06:54 2008 +0500 +++ b/util/logger.lua Fri Oct 24 07:57:06 2008 +0100 @@ -6,7 +6,7 @@ module "logger" function init(name) - name = nil; -- While this line is not commented, will automatically fill in file/line number info + --name = nil; -- While this line is not commented, will automatically fill in file/line number info return function (level, message, ...) if not name then local inf = debug.getinfo(3, 'Snl'); diff -r 6b8e2bd82ac5 -r 8310bfddaba8 util/stanza.lua --- a/util/stanza.lua Fri Oct 24 01:06:54 2008 +0500 +++ b/util/stanza.lua Fri Oct 24 07:57:06 2008 +0100 @@ -6,8 +6,14 @@ local pairs = pairs; local ipairs = ipairs; local type = type; +local next = next; +local print = print; local unpack = unpack; local s_gsub = string.gsub; + +local debug = debug; +local log = require "util.logger".init("stanza"); + module "stanza" stanza_mt = {}; @@ -91,7 +97,6 @@ if t.attr then for k, v in pairs(t.attr) do if type(k) == "string" then attr_string = attr_string .. s_format(" %s='%s'", k, tostring(v)); end end end - return s_format("<%s%s>%s", t.name, attr_string, children_text, t.name); end diff -r 6b8e2bd82ac5 -r 8310bfddaba8 util/uuid.lua --- a/util/uuid.lua Fri Oct 24 01:06:54 2008 +0500 +++ b/util/uuid.lua Fri Oct 24 07:57:06 2008 +0100 @@ -2,7 +2,7 @@ local m_random = math.random; module "uuid" -function uuid_generate() +function generate() return m_random(0, 99999999); end