2 -- Copyright (C) 2008-2010 Matthew Wild
3 -- Copyright (C) 2008-2010 Waqas Hussain
5 -- This project is MIT/X11 licensed. Please see the
6 -- COPYING file in the source package for more information.
11 local tonumber, tostring, setmetatable = tonumber, tostring, setmetatable;
12 local ipairs, pairs, print, next= ipairs, pairs, print, next;
13 local format = import("string", "format");
16 local full_sessions = full_sessions;
17 local bare_sessions = bare_sessions;
19 local modulemanager = require "core.modulemanager";
20 local logger = require "util.logger";
21 local log = logger.init("sessionmanager");
23 local uuid_generate = require "util.uuid".generate;
24 local rm_load_roster = require "core.rostermanager".load_roster;
25 local config_get = require "core.configmanager".get;
26 local nameprep = require "util.encodings".stringprep.nameprep;
27 local resourceprep = require "util.encodings".stringprep.resourceprep;
28 local nodeprep = require "util.encodings".stringprep.nodeprep;
30 local initialize_filters = require "util.filters".initialize;
31 local fire_event = prosody.events.fire_event;
32 local add_task = require "util.timer".add_task;
33 local gettime = require "socket".gettime;
35 local st = require "util.stanza";
37 local c2s_timeout = config_get("*", "core", "c2s_timeout");
39 local newproxy = newproxy;
40 local getmetatable = getmetatable;
42 module "sessionmanager"
44 local open_sessions = 0;
46 function new_session(conn)
47 local session = { conn = conn, type = "c2s_unauthed", conntime = gettime() };
49 session.trace = newproxy(true);
50 getmetatable(session.trace).__gc = function () open_sessions = open_sessions - 1; end;
52 open_sessions = open_sessions + 1;
53 log("debug", "open sessions now: ".. open_sessions);
55 local filter = initialize_filters(session);
57 session.send = function (t)
59 t = filter("stanzas/out", t);
62 t = filter("bytes/out", tostring(t));
68 session.ip = conn:ip();
69 local conn_name = "c2s"..tostring(conn):match("[a-f0-9]+$");
70 session.log = logger.init(conn_name);
73 add_task(c2s_timeout, function ()
74 if session.type == "c2s_unauthed" then
75 session:close("connection-timeout");
83 local resting_session = { -- Resting, not dead
85 type = "c2s_destroyed";
86 close = function (session)
87 session.log("debug", "Attempt to close already-closed session");
89 filter = function (type, data) return data; end;
90 }; resting_session.__index = resting_session;
92 function retire_session(session)
93 local log = session.log or log;
94 for k in pairs(session) do
95 if k ~= "trace" and k ~= "log" and k ~= "id" then
100 function session.send(data) log("debug", "Discarding data sent to resting session: %s", tostring(data)); end
101 function session.data(data) log("debug", "Discarding data received from resting session: %s", tostring(data)); end
102 return setmetatable(session, resting_session);
105 function destroy_session(session, err)
106 (session.log or log)("info", "Destroying session for %s (%s@%s)", session.full_jid or "(unknown)", session.username or "(unknown)", session.host or "(unknown)");
107 if session.destroyed then return; end
109 -- Remove session/resource from user's session list
110 if session.full_jid then
111 local host_session = hosts[session.host];
113 -- Allow plugins to prevent session destruction
114 if host_session.events.fire_event("pre-resource-unbind", {session=session, error=err}) then
118 host_session.sessions[session.username].sessions[session.resource] = nil;
119 full_sessions[session.full_jid] = nil;
121 if not next(host_session.sessions[session.username].sessions) then
122 log("debug", "All resources of %s are now offline", session.username);
123 host_session.sessions[session.username] = nil;
124 bare_sessions[session.username..'@'..session.host] = nil;
127 host_session.events.fire_event("resource-unbind", {session=session, error=err});
130 retire_session(session);
133 function make_authenticated(session, username)
134 username = nodeprep(username);
135 if not username or #username == 0 then return nil, "Invalid username"; end
136 session.username = username;
137 if session.type == "c2s_unauthed" then
138 session.type = "c2s";
140 session.log("info", "Authenticated as %s@%s", username or "(unknown)", session.host or "(unknown)");
144 -- returns true, nil on success
145 -- returns nil, err_type, err, err_message on failure
146 function bind_resource(session, resource)
147 if not session.username then return nil, "auth", "not-authorized", "Cannot bind resource before authentication"; end
148 if session.resource then return nil, "cancel", "already-bound", "Cannot bind multiple resources on a single connection"; end
149 -- We don't support binding multiple resources
151 resource = resourceprep(resource);
152 resource = resource ~= "" and resource or uuid_generate();
153 --FIXME: Randomly-generated resources must be unique per-user, and never conflict with existing
155 if not hosts[session.host].sessions[session.username] then
156 local sessions = { sessions = {} };
157 hosts[session.host].sessions[session.username] = sessions;
158 bare_sessions[session.username..'@'..session.host] = sessions;
160 local sessions = hosts[session.host].sessions[session.username].sessions;
161 local limit = config_get(session.host, "core", "max_resources") or 10;
162 if #sessions >= limit then
163 return nil, "cancel", "resource-constraint", "Resource limit reached; only "..limit.." resources allowed";
165 if sessions[resource] then
167 local policy = config_get(session.host, "core", "conflict_resolve");
169 if policy == "random" then
170 resource = uuid_generate();
172 elseif policy == "increment" then
173 increment = true; -- TODO ping old resource
174 elseif policy == "kick_new" then
175 return nil, "cancel", "conflict", "Resource already exists";
176 else -- if policy == "kick_old" then
177 sessions[resource]:close {
178 condition = "conflict";
179 text = "Replaced by new connection";
181 if not next(sessions) then
182 hosts[session.host].sessions[session.username] = { sessions = sessions };
183 bare_sessions[session.username.."@"..session.host] = hosts[session.host].sessions[session.username];
186 if increment and sessions[resource] then
188 while sessions[resource.."#"..count] do
191 resource = resource.."#"..count;
196 session.resource = resource;
197 session.full_jid = session.username .. '@' .. session.host .. '/' .. resource;
198 hosts[session.host].sessions[session.username].sessions[resource] = session;
199 full_sessions[session.full_jid] = session;
202 session.roster, err = rm_load_roster(session.username, session.host);
204 full_sessions[session.full_jid] = nil;
205 hosts[session.host].sessions[session.username].sessions[resource] = nil;
206 session.full_jid = nil;
207 session.resource = nil;
208 if next(bare_sessions[session.username..'@'..session.host].sessions) == nil then
209 bare_sessions[session.username..'@'..session.host] = nil;
210 hosts[session.host].sessions[session.username] = nil;
212 return nil, "cancel", "internal-server-error", "Error loading roster";
215 hosts[session.host].events.fire_event("resource-bind", {session=session});
220 function streamopened(session, attr)
221 local send = session.send;
222 session.host = attr.to;
223 if not session.host then
224 session:close{ condition = "improper-addressing",
225 text = "A 'to' attribute is required on stream headers" };
228 session.host = nameprep(session.host);
229 session.version = tonumber(attr.version) or 0;
230 session.streamid = uuid_generate();
231 (session.log or session)("debug", "Client sent opening <stream:stream> to %s", session.host);
233 if not hosts[session.host] then
234 -- We don't serve this host...
235 session:close{ condition = "host-unknown", text = "This server does not serve "..tostring(session.host)};
239 send("<?xml version='1.0'?>");
240 send(format("<stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' id='%s' from='%s' version='1.0' xml:lang='en'>", session.streamid, session.host));
242 (session.log or log)("debug", "Sent reply <stream:stream> to client");
243 session.notopen = nil;
245 -- If session.secure is *false* (not nil) then it means we /were/ encrypting
246 -- since we now have a new stream header, session is secured
247 if session.secure == false then
248 session.secure = true;
251 local features = st.stanza("stream:features");
252 hosts[session.host].events.fire_event("stream-features", { origin = session, features = features });
253 fire_event("stream-features", session, features);
259 function streamclosed(session)
260 session.log("debug", "Received </stream:stream>");
264 function send_to_available_resources(user, host, stanza)
265 local jid = user.."@"..host;
267 local user = bare_sessions[jid];
269 for k, session in pairs(user.sessions) do
270 if session.presence then
271 session.send(stanza);
279 function send_to_interested_resources(user, host, stanza)
280 local jid = user.."@"..host;
282 local user = bare_sessions[jid];
284 for k, session in pairs(user.sessions) do
285 if session.interested then
286 session.send(stanza);