X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=plugins%2Fmod_component.lua;h=fda271ddab671ba44e5db4e715e8793ed8a6322c;hb=4801ec109cfc9486a27884940dfa6f41b397896a;hp=808735b7767ac614cf76144772b87bc697b61855;hpb=33b7725e5b8514077b50a793ea79526946fa3733;p=prosody.git diff --git a/plugins/mod_component.lua b/plugins/mod_component.lua index 808735b7..fda271dd 100644 --- a/plugins/mod_component.lua +++ b/plugins/mod_component.lua @@ -14,7 +14,6 @@ local hosts = _G.hosts; local t_concat = table.concat; -local config = require "core.configmanager"; local sha1 = require "util.hashes".sha1; local st = require "util.stanza"; @@ -44,15 +43,15 @@ local function handle_stanza(event) return true; end -module:hook("iq/bare", handle_stanza); -module:hook("message/bare", handle_stanza); -module:hook("presence/bare", handle_stanza); -module:hook("iq/full", handle_stanza); -module:hook("message/full", handle_stanza); -module:hook("presence/full", handle_stanza); -module:hook("iq/host", handle_stanza); -module:hook("message/host", handle_stanza); -module:hook("presence/host", handle_stanza); +module:hook("iq/bare", handle_stanza, -1); +module:hook("message/bare", handle_stanza, -1); +module:hook("presence/bare", handle_stanza, -1); +module:hook("iq/full", handle_stanza, -1); +module:hook("message/full", handle_stanza, -1); +module:hook("presence/full", handle_stanza, -1); +module:hook("iq/host", handle_stanza, -1); +module:hook("message/host", handle_stanza, -1); +module:hook("presence/host", handle_stanza, -1); --- Handle authentication attempts by components function handle_component_auth(event) @@ -61,14 +60,13 @@ function handle_component_auth(event) if session.type ~= "component" then return; end if main_session == session then return; end - log("info", "Handling component auth"); if (not session.host) or #stanza.tags > 0 then - (session.log or log)("warn", "Component handshake invalid"); + (session.log or log)("warn", "Invalid component handshake for host: %s", session.host); session:close("not-authorized"); return true; end - local secret = config.get(session.host, "core", "component_secret"); + local secret = module:get_option("component_secret"); if not secret then (session.log or log)("warn", "Component attempted to identify as %s, but component_secret is not set", session.host); session:close("not-authorized"); @@ -78,31 +76,24 @@ function handle_component_auth(event) local supplied_token = t_concat(stanza); local calculated_token = sha1(session.streamid..secret, true); if supplied_token:lower() ~= calculated_token:lower() then - log("info", "Component for %s authentication failed", session.host); + log("info", "Component authentication failed for %s", session.host); session:close{ condition = "not-authorized", text = "Given token does not match calculated token" }; return true; end - - -- Authenticated now - log("info", "Component authenticated: %s", session.host); - - session.component_validate_from = module:get_option_boolean("validate_from_addresses") ~= false; - -- If component not already created for this host, create one now if not main_session then send = session.send; main_session = session; session.on_destroy = on_destroy; - log("info", "Component successfully registered"); - else - log("error", "Multiple components bound to the same address, first one wins (TODO: Implement stanza distribution)"); + session.component_validate_from = module:get_option_boolean("validate_from_addresses") ~= false; + log("info", "Component successfully authenticated: %s", session.host); + session.send(st.stanza("handshake")); + else -- TODO: Implement stanza distribution + log("error", "Multiple components bound to the same address, first one wins: %s", session.host); session:close{ condition = "conflict", text = "Component already connected" }; - return true; end - -- Signal successful authentication - session.send(st.stanza("handshake")); return true; end