2 -- Copyright (C) 2008-2010 Matthew Wild
3 -- Copyright (C) 2008-2010 Waqas Hussain
5 -- This project is MIT/X11 licensed. Please see the
6 -- COPYING file in the source package for more information.
9 if module:get_host_type() ~= "component" then
10 error("Don't load mod_component manually, it should be for a component, please see http://prosody.im/doc/components", 0);
13 local hosts = _G.hosts;
15 local t_concat = table.concat;
17 local config = require "core.configmanager";
18 local cm_register_component = require "core.componentmanager".register_component;
19 local cm_deregister_component = require "core.componentmanager".deregister_component;
20 local sha1 = require "util.hashes".sha1;
21 local st = require "util.stanza";
23 local log = module._log;
25 --- Handle authentication attempts by components
26 function handle_component_auth(session, stanza)
27 log("info", "Handling component auth");
28 if (not session.host) or #stanza.tags > 0 then
29 (session.log or log)("warn", "Component handshake invalid");
30 session:close("not-authorized");
34 local secret = config.get(session.user, "core", "component_secret");
36 (session.log or log)("warn", "Component attempted to identify as %s, but component_secret is not set", session.user);
37 session:close("not-authorized");
41 local supplied_token = t_concat(stanza);
42 local calculated_token = sha1(session.streamid..secret, true);
43 if supplied_token:lower() ~= calculated_token:lower() then
44 log("info", "Component for %s authentication failed", session.host);
45 session:close{ condition = "not-authorized", text = "Given token does not match calculated token" };
51 log("info", "Component authenticated: %s", session.host);
53 session.component_validate_from = module:get_option_boolean("validate_from_addresses") ~= false;
55 -- If component not already created for this host, create one now
56 if not hosts[session.host].connected then
57 local send = session.send;
58 session.component_session = cm_register_component(session.host, function (_, data)
59 if data.attr and data.attr.xmlns == "jabber:client" then
60 data.attr.xmlns = nil;
64 hosts[session.host].connected = true;
65 log("info", "Component successfully registered");
67 log("error", "Multiple components bound to the same address, first one wins (TODO: Implement stanza distribution)");
70 -- Signal successful authentication
71 session.send(st.stanza("handshake"));
74 module:add_handler("component", "handshake", "jabber:component:accept", handle_component_auth);