local adns, dns = require "net.adns", require "net.dns";
local config = require "core.configmanager";
local connect_timeout = config.get("*", "core", "s2s_timeout") or 60;
-local dns_timeout = config.get("*", "core", "dns_timeout") or 60;
+local dns_timeout = config.get("*", "core", "dns_timeout") or 15;
local max_dns_depth = config.get("*", "core", "dns_max_depth") or 3;
+dns.settimeout(dns_timeout);
+
incoming_s2s = {};
_G.prosody.incoming_s2s = incoming_s2s;
local incoming_s2s = incoming_s2s;
function attempt_connection(host_session, err)
local from_host, to_host = host_session.from_host, host_session.to_host;
- local connect_host, connect_port = idna_to_ascii(to_host), 5269;
+ local connect_host, connect_port = to_host and idna_to_ascii(to_host), 5269;
if not connect_host then
return false;
end
end, "_xmpp-server._tcp."..connect_host..".", "SRV");
- -- Set handler for DNS timeout
- add_task(dns_timeout, function ()
- if handle then
- adns.cancel(handle, true);
- end
- end);
-
return true; -- Attempt in progress
elseif host_session.srv_hosts and #host_session.srv_hosts > host_session.srv_choice then -- Not our first attempt, and we also have SRV
host_session.srv_choice = host_session.srv_choice + 1;
end
end, connect_host, "A", "IN");
- -- Set handler for DNS timeout
- add_task(dns_timeout, function ()
- if handle then
- adns.cancel(handle, true);
- end
- end);
-
return true;
end
conn = wrapclient(conn, connect_host, connect_port, cl, cl.default_mode or 1 );
host_session.conn = conn;
- -- Register this outgoing connection so that xmppserver_listener knows about it
- -- otherwise it will assume it is a new incoming connection
- cl.register_outgoing(conn, host_session);
-
local filter = initialize_filters(host_session);
local w, log = conn.write, host_session.log;
host_session.sends2s = function (t)
end
end
+ -- Register this outgoing connection so that xmppserver_listener knows about it
+ -- otherwise it will assume it is a new incoming connection
+ cl.register_outgoing(conn, host_session);
+
host_session:open_stream(from_host, to_host);
log("debug", "Connection attempt in progress...");
session.streamid = uuid_gen();
(session.log or log)("debug", "incoming s2s received <stream:stream>");
- if session.to_host and not hosts[session.to_host] then
- -- Attempting to connect to a host we don't serve
- session:close({ condition = "host-unknown"; text = "This host does not serve "..session.to_host });
- return;
+ if session.to_host then
+ if not hosts[session.to_host] then
+ -- Attempting to connect to a host we don't serve
+ session:close({
+ condition = "host-unknown";
+ text = "This host does not serve "..session.to_host
+ });
+ return;
+ elseif hosts[session.to_host].disallow_s2s then
+ -- Attempting to connect to a host that disallows s2s
+ session:close({
+ condition = "policy-violation";
+ text = "Server-to-server communication is not allowed to this host";
+ });
+ return;
+ end
end
send("<?xml version='1.0'?>");
send(stanza("stream:stream", { xmlns='jabber:server', ["xmlns:db"]='jabber:server:dialback',