local t_concat = table.concat;
-local config = require "core.configmanager";
local sha1 = require "util.hashes".sha1;
local st = require "util.stanza";
return true;
end
-module:hook("iq/bare", handle_stanza);
-module:hook("message/bare", handle_stanza);
-module:hook("presence/bare", handle_stanza);
-module:hook("iq/full", handle_stanza);
-module:hook("message/full", handle_stanza);
-module:hook("presence/full", handle_stanza);
-module:hook("iq/host", handle_stanza);
-module:hook("message/host", handle_stanza);
-module:hook("presence/host", handle_stanza);
+module:hook("iq/bare", handle_stanza, -1);
+module:hook("message/bare", handle_stanza, -1);
+module:hook("presence/bare", handle_stanza, -1);
+module:hook("iq/full", handle_stanza, -1);
+module:hook("message/full", handle_stanza, -1);
+module:hook("presence/full", handle_stanza, -1);
+module:hook("iq/host", handle_stanza, -1);
+module:hook("message/host", handle_stanza, -1);
+module:hook("presence/host", handle_stanza, -1);
--- Handle authentication attempts by components
function handle_component_auth(event)
if session.type ~= "component" then return; end
if main_session == session then return; end
- log("info", "Handling component auth");
if (not session.host) or #stanza.tags > 0 then
- (session.log or log)("warn", "Component handshake invalid");
+ (session.log or log)("warn", "Invalid component handshake for host: %s", session.host);
session:close("not-authorized");
return true;
end
- local secret = config.get(session.host, "core", "component_secret");
+ local secret = module:get_option("component_secret");
if not secret then
(session.log or log)("warn", "Component attempted to identify as %s, but component_secret is not set", session.host);
session:close("not-authorized");
local supplied_token = t_concat(stanza);
local calculated_token = sha1(session.streamid..secret, true);
if supplied_token:lower() ~= calculated_token:lower() then
- log("info", "Component for %s authentication failed", session.host);
+ log("info", "Component authentication failed for %s", session.host);
session:close{ condition = "not-authorized", text = "Given token does not match calculated token" };
return true;
end
-
- -- Authenticated now
- log("info", "Component authenticated: %s", session.host);
-
- session.component_validate_from = module:get_option_boolean("validate_from_addresses") ~= false;
-
-- If component not already created for this host, create one now
if not main_session then
send = session.send;
main_session = session;
session.on_destroy = on_destroy;
- log("info", "Component successfully registered");
- else
- log("error", "Multiple components bound to the same address, first one wins (TODO: Implement stanza distribution)");
+ session.component_validate_from = module:get_option_boolean("validate_from_addresses") ~= false;
+ log("info", "Component successfully authenticated: %s", session.host);
+ session.send(st.stanza("handshake"));
+ else -- TODO: Implement stanza distribution
+ log("error", "Multiple components bound to the same address, first one wins: %s", session.host);
session:close{ condition = "conflict", text = "Component already connected" };
- return true;
end
- -- Signal successful authentication
- session.send(st.stanza("handshake"));
return true;
end
projects / prosody.git / blobdiff