util/xmppstream.lua

   1 -- Prosody IM
   2 -- Copyright (C) 2008-2010 Matthew Wild
   3 -- Copyright (C) 2008-2010 Waqas Hussain
   4 --
   5 -- This project is MIT/X11 licensed. Please see the
   6 -- COPYING file in the source package for more information.
   7 --
   8
   9
  10 local lxp = require "lxp";
  11 local st = require "util.stanza";
  12 local stanza_mt = st.stanza_mt;
  13
  14 local tostring = tostring;
  15 local t_insert = table.insert;
  16 local t_concat = table.concat;
  17 local t_remove = table.remove;
  18 local setmetatable = setmetatable;
  19
  20 local default_log = require "util.logger".init("xmppstream");
  21
  22 -- COMPAT: w/LuaExpat 1.1.0
  23 local lxp_supports_doctype = pcall(lxp.new, { StartDoctypeDecl = false });
  24
  25 if not lxp_supports_doctype then
  26         default_log("warn", "The version of LuaExpat on your system leaves Prosody "
  27                 .."vulnerable to denial-of-service attacks. You should upgrade to "
  28                 .."LuaExpat 1.1.1 or higher as soon as possible. See "
  29                 .."http://prosody.im/doc/depends#luaexpat for more information.");
  30 end
  31
  32 local error = error;
  33
  34 module "xmppstream"
  35
  36 local new_parser = lxp.new;
  37
  38 local ns_prefixes = {
  39         ["http://www.w3.org/XML/1998/namespace"] = "xml";
  40 };
  41
  42 local xmlns_streams = "http://etherx.jabber.org/streams";
  43
  44 local ns_separator = "\1";
  45 local ns_pattern = "^([^"..ns_separator.."]*)"..ns_separator.."?(.*)$";
  46
  47 _M.ns_separator = ns_separator;
  48 _M.ns_pattern = ns_pattern;
  49
  50 function new_sax_handlers(session, stream_callbacks)
  51         local xml_handlers = {};
  52
  53         local log = session.log or default_log;
  54
  55         local cb_streamopened = stream_callbacks.streamopened;
  56         local cb_streamclosed = stream_callbacks.streamclosed;
  57         local cb_error = stream_callbacks.error or function(session, e) error("XML stream error: "..tostring(e)); end;
  58         local cb_handlestanza = stream_callbacks.handlestanza;
  59
  60         local stream_ns = stream_callbacks.stream_ns or xmlns_streams;
  61         local stream_tag = stream_callbacks.stream_tag or "stream";
  62         if stream_ns ~= "" then
  63                 stream_tag = stream_ns..ns_separator..stream_tag;
  64         end
  65         local stream_error_tag = stream_ns..ns_separator..(stream_callbacks.error_tag or "error");
  66
  67         local stream_default_ns = stream_callbacks.default_ns;
  68
  69         local stack = {};
  70         local chardata, stanza = {};
  71         local non_streamns_depth = 0;
  72         function xml_handlers:StartElement(tagname, attr)
  73                 if stanza and #chardata > 0 then
  74                         -- We have some character data in the buffer
  75                         t_insert(stanza, t_concat(chardata));
  76                         chardata = {};
  77                 end
  78                 local curr_ns,name = tagname:match(ns_pattern);
  79                 if name == "" then
  80                         curr_ns, name = "", curr_ns;
  81                 end
  82
  83                 if curr_ns ~= stream_default_ns or non_streamns_depth > 0 then
  84                         attr.xmlns = curr_ns;
  85                         non_streamns_depth = non_streamns_depth + 1;
  86                 end
  87
  88                 -- FIXME !!!!!
  89                 for i=1,#attr do
  90                         local k = attr[i];
  91                         attr[i] = nil;
  92                         local ns, nm = k:match(ns_pattern);
  93                         if nm ~= "" then
  94                                 ns = ns_prefixes[ns];
  95                                 if ns then
  96                                         attr[ns..":"..nm] = attr[k];
  97                                         attr[k] = nil;
  98                                 end
  99                         end
 100                 end
 101
 102                 if not stanza then --if we are not currently inside a stanza
 103                         if session.notopen then
 104                                 if tagname == stream_tag then
 105                                         non_streamns_depth = 0;
 106                                         if cb_streamopened then
 107                                                 cb_streamopened(session, attr);
 108                                         end
 109                                 else
 110                                         -- Garbage before stream?
 111                                         cb_error(session, "no-stream");
 112                                 end
 113                                 return;
 114                         end
 115                         if curr_ns == "jabber:client" and name ~= "iq" and name ~= "presence" and name ~= "message" then
 116                                 cb_error(session, "invalid-top-level-element");
 117                         end
 118
 119                         stanza = setmetatable({ name = name, attr = attr, tags = {} }, stanza_mt);
 120                 else -- we are inside a stanza, so add a tag
 121                         t_insert(stack, stanza);
 122                         local oldstanza = stanza;
 123                         stanza = setmetatable({ name = name, attr = attr, tags = {} }, stanza_mt);
 124                         t_insert(oldstanza, stanza);
 125                         t_insert(oldstanza.tags, stanza);
 126                 end
 127         end
 128         function xml_handlers:CharacterData(data)
 129                 if stanza then
 130                         t_insert(chardata, data);
 131                 end
 132         end
 133         function xml_handlers:EndElement(tagname)
 134                 if non_streamns_depth > 0 then
 135                         non_streamns_depth = non_streamns_depth - 1;
 136                 end
 137                 if stanza then
 138                         if #chardata > 0 then
 139                                 -- We have some character data in the buffer
 140                                 t_insert(stanza, t_concat(chardata));
 141                                 chardata = {};
 142                         end
 143                         -- Complete stanza
 144                         if #stack == 0 then
 145                                 if tagname ~= stream_error_tag then
 146                                         cb_handlestanza(session, stanza);
 147                                 else
 148                                         cb_error(session, "stream-error", stanza);
 149                                 end
 150                                 stanza = nil;
 151                         else
 152                                 stanza = t_remove(stack);
 153                         end
 154                 else
 155                         if tagname == stream_tag then
 156                                 if cb_streamclosed then
 157                                         cb_streamclosed(session);
 158                                 end
 159                         else
 160                                 local curr_ns,name = tagname:match(ns_pattern);
 161                                 if name == "" then
 162                                         curr_ns, name = "", curr_ns;
 163                                 end
 164                                 cb_error(session, "parse-error", "unexpected-element-close", name);
 165                         end
 166                         stanza, chardata = nil, {};
 167                         stack = {};
 168                 end
 169         end
 170
 171         local function restricted_handler(parser)
 172                 cb_error(session, "parse-error", "restricted-xml", "Restricted XML, see RFC 6120 section 11.1.");
 173                 if not parser:stop() then
 174                         error("Failed to abort parsing");
 175                 end
 176         end
 177
 178         if lxp_supports_doctype then
 179                 xml_handlers.StartDoctypeDecl = restricted_handler;
 180         end
 181         xml_handlers.Comment = restricted_handler;
 182         xml_handlers.ProcessingInstruction = restricted_handler;
 183
 184         local function reset()
 185                 stanza, chardata = nil, {};
 186                 stack = {};
 187         end
 188
 189         local function set_session(stream, new_session)
 190                 session = new_session;
 191                 log = new_session.log or default_log;
 192         end
 193
 194         return xml_handlers, { reset = reset, set_session = set_session };
 195 end
 196
 197 function new(session, stream_callbacks)
 198         local handlers, meta = new_sax_handlers(session, stream_callbacks);
 199         local parser = new_parser(handlers, ns_separator);
 200         local parse = parser.parse;
 201
 202         return {
 203                 reset = function ()
 204                         parser = new_parser(handlers, ns_separator);
 205                         parse = parser.parse;
 206                         meta.reset();
 207                 end,
 208                 feed = function (self, data)
 209                         return parse(parser, data);
 210                 end,
 211                 set_session = meta.set_session;
 212         };
 213 end
 214
 215 return _M;