2016-12-28 07:47:11 +01:00
|
|
|
%%%-------------------------------------------------------------------
|
|
|
|
%%% Created : 16 Dec 2016 by Evgeny Khramtsov <ekhramtsov@process-one.net>
|
|
|
|
%%%
|
|
|
|
%%%
|
2017-01-20 17:56:19 +01:00
|
|
|
%%% ejabberd, Copyright (C) 2002-2017 ProcessOne
|
2016-12-28 07:47:11 +01:00
|
|
|
%%%
|
|
|
|
%%% This program is free software; you can redistribute it and/or
|
|
|
|
%%% modify it under the terms of the GNU General Public License as
|
|
|
|
%%% published by the Free Software Foundation; either version 2 of the
|
|
|
|
%%% License, or (at your option) any later version.
|
|
|
|
%%%
|
|
|
|
%%% This program is distributed in the hope that it will be useful,
|
|
|
|
%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
%%% General Public License for more details.
|
|
|
|
%%%
|
|
|
|
%%% You should have received a copy of the GNU General Public License along
|
|
|
|
%%% with this program; if not, write to the Free Software Foundation, Inc.,
|
|
|
|
%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
|
|
%%%
|
|
|
|
%%%-------------------------------------------------------------------
|
|
|
|
-module(mod_s2s_dialback).
|
|
|
|
-behaviour(gen_mod).
|
|
|
|
|
|
|
|
-protocol({xep, 220, '1.1.1'}).
|
|
|
|
-protocol({xep, 185, '1.0'}).
|
|
|
|
|
|
|
|
%% gen_mod API
|
2017-02-22 17:46:47 +01:00
|
|
|
-export([start/2, stop/1, reload/3, depends/2, mod_opt_type/1]).
|
2016-12-28 07:47:11 +01:00
|
|
|
%% Hooks
|
2016-12-29 22:00:36 +01:00
|
|
|
-export([s2s_out_auth_result/2, s2s_out_downgraded/2,
|
2016-12-31 11:48:55 +01:00
|
|
|
s2s_in_packet/2, s2s_out_packet/2, s2s_in_recv/3,
|
2016-12-28 07:47:11 +01:00
|
|
|
s2s_in_features/2, s2s_out_init/2, s2s_out_closed/2]).
|
|
|
|
|
|
|
|
-include("ejabberd.hrl").
|
|
|
|
-include("xmpp.hrl").
|
|
|
|
-include("logger.hrl").
|
|
|
|
|
|
|
|
%%%===================================================================
|
|
|
|
%%% API
|
|
|
|
%%%===================================================================
|
|
|
|
start(Host, _Opts) ->
|
|
|
|
case ejabberd_s2s:tls_verify(Host) of
|
|
|
|
true ->
|
|
|
|
?ERROR_MSG("disabling ~s for host ~s because option "
|
|
|
|
"'s2s_use_starttls' is set to 'required_trusted'",
|
|
|
|
[?MODULE, Host]);
|
|
|
|
false ->
|
|
|
|
ejabberd_hooks:add(s2s_out_init, Host, ?MODULE, s2s_out_init, 50),
|
|
|
|
ejabberd_hooks:add(s2s_out_closed, Host, ?MODULE, s2s_out_closed, 50),
|
|
|
|
ejabberd_hooks:add(s2s_in_pre_auth_features, Host, ?MODULE,
|
|
|
|
s2s_in_features, 50),
|
|
|
|
ejabberd_hooks:add(s2s_in_post_auth_features, Host, ?MODULE,
|
|
|
|
s2s_in_features, 50),
|
2016-12-31 11:48:55 +01:00
|
|
|
ejabberd_hooks:add(s2s_in_handle_recv, Host, ?MODULE,
|
|
|
|
s2s_in_recv, 50),
|
2016-12-28 07:47:11 +01:00
|
|
|
ejabberd_hooks:add(s2s_in_unauthenticated_packet, Host, ?MODULE,
|
|
|
|
s2s_in_packet, 50),
|
|
|
|
ejabberd_hooks:add(s2s_in_authenticated_packet, Host, ?MODULE,
|
|
|
|
s2s_in_packet, 50),
|
|
|
|
ejabberd_hooks:add(s2s_out_packet, Host, ?MODULE,
|
|
|
|
s2s_out_packet, 50),
|
2016-12-29 22:00:36 +01:00
|
|
|
ejabberd_hooks:add(s2s_out_downgraded, Host, ?MODULE,
|
|
|
|
s2s_out_downgraded, 50),
|
2016-12-28 07:47:11 +01:00
|
|
|
ejabberd_hooks:add(s2s_out_auth_result, Host, ?MODULE,
|
|
|
|
s2s_out_auth_result, 50)
|
|
|
|
end.
|
|
|
|
|
|
|
|
stop(Host) ->
|
|
|
|
ejabberd_hooks:delete(s2s_out_init, Host, ?MODULE, s2s_out_init, 50),
|
|
|
|
ejabberd_hooks:delete(s2s_out_closed, Host, ?MODULE, s2s_out_closed, 50),
|
|
|
|
ejabberd_hooks:delete(s2s_in_pre_auth_features, Host, ?MODULE,
|
|
|
|
s2s_in_features, 50),
|
|
|
|
ejabberd_hooks:delete(s2s_in_post_auth_features, Host, ?MODULE,
|
|
|
|
s2s_in_features, 50),
|
2016-12-31 11:48:55 +01:00
|
|
|
ejabberd_hooks:delete(s2s_in_handle_recv, Host, ?MODULE,
|
|
|
|
s2s_in_recv, 50),
|
2016-12-28 07:47:11 +01:00
|
|
|
ejabberd_hooks:delete(s2s_in_unauthenticated_packet, Host, ?MODULE,
|
|
|
|
s2s_in_packet, 50),
|
|
|
|
ejabberd_hooks:delete(s2s_in_authenticated_packet, Host, ?MODULE,
|
|
|
|
s2s_in_packet, 50),
|
|
|
|
ejabberd_hooks:delete(s2s_out_packet, Host, ?MODULE,
|
|
|
|
s2s_out_packet, 50),
|
2016-12-29 22:00:36 +01:00
|
|
|
ejabberd_hooks:delete(s2s_out_downgraded, Host, ?MODULE,
|
|
|
|
s2s_out_downgraded, 50),
|
2016-12-28 07:47:11 +01:00
|
|
|
ejabberd_hooks:delete(s2s_out_auth_result, Host, ?MODULE,
|
|
|
|
s2s_out_auth_result, 50).
|
|
|
|
|
2017-02-22 17:46:47 +01:00
|
|
|
reload(Host, NewOpts, _OldOpts) ->
|
|
|
|
case ejabberd_s2s:tls_verify(Host) of
|
|
|
|
false ->
|
|
|
|
start(Host, NewOpts);
|
|
|
|
true ->
|
|
|
|
stop(Host)
|
|
|
|
end.
|
|
|
|
|
2016-12-28 07:47:11 +01:00
|
|
|
depends(_Host, _Opts) ->
|
|
|
|
[].
|
|
|
|
|
|
|
|
mod_opt_type(_) ->
|
|
|
|
[].
|
|
|
|
|
|
|
|
s2s_in_features(Acc, _) ->
|
|
|
|
[#db_feature{errors = true}|Acc].
|
|
|
|
|
|
|
|
s2s_out_init({ok, State}, Opts) ->
|
|
|
|
case proplists:get_value(db_verify, Opts) of
|
|
|
|
{StreamID, Key, Pid} ->
|
|
|
|
%% This is an outbound s2s connection created at step 1.
|
|
|
|
%% The purpose of this connection is to verify dialback key ONLY.
|
|
|
|
%% The connection is not registered in s2s table and thus is not
|
|
|
|
%% seen by anyone.
|
|
|
|
%% The connection will be closed immediately after receiving the
|
|
|
|
%% verification response (at step 3)
|
|
|
|
{ok, State#{db_verify => {StreamID, Key, Pid}}};
|
|
|
|
undefined ->
|
|
|
|
{ok, State#{db_enabled => true}}
|
|
|
|
end;
|
|
|
|
s2s_out_init(Acc, _Opts) ->
|
|
|
|
Acc.
|
|
|
|
|
|
|
|
s2s_out_closed(#{server := LServer,
|
|
|
|
remote_server := RServer,
|
2016-12-29 22:00:36 +01:00
|
|
|
db_verify := {StreamID, _Key, _Pid}} = State, Reason) ->
|
2016-12-28 07:47:11 +01:00
|
|
|
%% Outbound s2s verificating connection (created at step 1) is
|
|
|
|
%% closed suddenly without receiving the response.
|
|
|
|
%% Building a response on our own
|
|
|
|
Response = #db_verify{from = RServer, to = LServer,
|
|
|
|
id = StreamID, type = error,
|
2016-12-29 22:00:36 +01:00
|
|
|
sub_els = [mk_error(Reason)]},
|
2016-12-28 07:47:11 +01:00
|
|
|
s2s_out_packet(State, Response);
|
|
|
|
s2s_out_closed(State, _Reason) ->
|
|
|
|
State.
|
|
|
|
|
2016-12-29 22:00:36 +01:00
|
|
|
s2s_out_auth_result(#{db_verify := _} = State, _) ->
|
2016-12-28 07:47:11 +01:00
|
|
|
%% The temporary outbound s2s connect (intended for verification)
|
|
|
|
%% has passed authentication state (either successfully or not, no matter)
|
|
|
|
%% and at this point we can send verification request as described
|
|
|
|
%% in section 2.1.2, step 2
|
2016-12-29 22:00:36 +01:00
|
|
|
{stop, send_verify_request(State)};
|
2016-12-28 07:47:11 +01:00
|
|
|
s2s_out_auth_result(#{db_enabled := true,
|
2017-01-09 15:02:17 +01:00
|
|
|
sockmod := SockMod,
|
2016-12-28 07:47:11 +01:00
|
|
|
socket := Socket, ip := IP,
|
|
|
|
server := LServer,
|
2017-01-09 15:02:17 +01:00
|
|
|
remote_server := RServer} = State, {false, _}) ->
|
2016-12-28 07:47:11 +01:00
|
|
|
%% SASL authentication has failed, retrying with dialback
|
|
|
|
%% Sending dialback request, section 2.1.1, step 1
|
|
|
|
?INFO_MSG("(~s) Retrying with s2s dialback authentication: ~s -> ~s (~s)",
|
2017-01-09 15:02:17 +01:00
|
|
|
[SockMod:pp(Socket), LServer, RServer,
|
2017-04-11 12:13:58 +02:00
|
|
|
ejabberd_config:may_hide_data(misc:ip_to_list(IP))]),
|
2016-12-28 07:47:11 +01:00
|
|
|
State1 = maps:remove(stop_reason, State#{on_route => queue}),
|
2016-12-29 22:00:36 +01:00
|
|
|
{stop, send_db_request(State1)};
|
2016-12-28 07:47:11 +01:00
|
|
|
s2s_out_auth_result(State, _) ->
|
|
|
|
State.
|
|
|
|
|
2016-12-29 22:00:36 +01:00
|
|
|
s2s_out_downgraded(#{db_verify := _} = State, _) ->
|
|
|
|
%% The verifying outbound s2s connection detected non-RFC compliant
|
|
|
|
%% server, send verification request immediately without auth phase,
|
|
|
|
%% section 2.1.2, step 2
|
|
|
|
{stop, send_verify_request(State)};
|
|
|
|
s2s_out_downgraded(#{db_enabled := true,
|
2017-01-09 15:02:17 +01:00
|
|
|
sockmod := SockMod,
|
2016-12-29 22:00:36 +01:00
|
|
|
socket := Socket, ip := IP,
|
|
|
|
server := LServer,
|
|
|
|
remote_server := RServer} = State, _) ->
|
|
|
|
%% non-RFC compliant server detected, send dialback request instantly,
|
|
|
|
%% section 2.1.1, step 1
|
|
|
|
?INFO_MSG("(~s) Trying s2s dialback authentication with "
|
|
|
|
"non-RFC compliant server: ~s -> ~s (~s)",
|
2017-01-09 15:02:17 +01:00
|
|
|
[SockMod:pp(Socket), LServer, RServer,
|
2017-04-11 12:13:58 +02:00
|
|
|
ejabberd_config:may_hide_data(misc:ip_to_list(IP))]),
|
2016-12-29 22:00:36 +01:00
|
|
|
{stop, send_db_request(State)};
|
|
|
|
s2s_out_downgraded(State, _) ->
|
|
|
|
State.
|
|
|
|
|
2016-12-28 07:47:11 +01:00
|
|
|
s2s_in_packet(#{stream_id := StreamID} = State,
|
|
|
|
#db_result{from = From, to = To, key = Key, type = undefined}) ->
|
|
|
|
%% Received dialback request, section 2.2.1, step 1
|
|
|
|
try
|
|
|
|
ok = check_from_to(From, To),
|
|
|
|
%% We're creating a temporary outbound s2s connection to
|
|
|
|
%% send verification request and to receive verification response
|
|
|
|
{ok, Pid} = ejabberd_s2s_out:start(
|
|
|
|
To, From, [{db_verify, {StreamID, Key, self()}}]),
|
|
|
|
ejabberd_s2s_out:connect(Pid),
|
2017-01-23 11:51:05 +01:00
|
|
|
{stop, State}
|
2016-12-28 07:47:11 +01:00
|
|
|
catch _:{badmatch, {error, Reason}} ->
|
2017-01-23 11:51:05 +01:00
|
|
|
{stop,
|
|
|
|
send_db_result(State,
|
|
|
|
#db_verify{from = From, to = To, type = error,
|
|
|
|
sub_els = [mk_error(Reason)]})}
|
2016-12-28 07:47:11 +01:00
|
|
|
end;
|
|
|
|
s2s_in_packet(State, #db_verify{to = To, from = From, key = Key,
|
|
|
|
id = StreamID, type = undefined}) ->
|
|
|
|
%% Received verification request, section 2.2.2, step 2
|
|
|
|
Type = case make_key(To, From, StreamID) of
|
|
|
|
Key -> valid;
|
|
|
|
_ -> invalid
|
|
|
|
end,
|
|
|
|
Response = #db_verify{from = To, to = From, id = StreamID, type = Type},
|
2017-01-23 11:51:05 +01:00
|
|
|
{stop, ejabberd_s2s_in:send(State, Response)};
|
2016-12-28 07:47:11 +01:00
|
|
|
s2s_in_packet(State, Pkt) when is_record(Pkt, db_result);
|
|
|
|
is_record(Pkt, db_verify) ->
|
|
|
|
?WARNING_MSG("Got stray dialback packet:~n~s", [xmpp:pp(Pkt)]),
|
|
|
|
State;
|
|
|
|
s2s_in_packet(State, _) ->
|
|
|
|
State.
|
|
|
|
|
2016-12-31 11:48:55 +01:00
|
|
|
s2s_in_recv(State, El, {error, Why}) ->
|
|
|
|
case xmpp:get_name(El) of
|
|
|
|
Tag when Tag == <<"db:result">>;
|
|
|
|
Tag == <<"db:verify">> ->
|
|
|
|
case xmpp:get_type(El) of
|
|
|
|
T when T /= <<"valid">>,
|
|
|
|
T /= <<"invalid">>,
|
|
|
|
T /= <<"error">> ->
|
|
|
|
Err = xmpp:make_error(El, mk_error({codec_error, Why})),
|
|
|
|
{stop, ejabberd_s2s_in:send(State, Err)};
|
|
|
|
_ ->
|
|
|
|
State
|
|
|
|
end;
|
|
|
|
_ ->
|
|
|
|
State
|
|
|
|
end;
|
|
|
|
s2s_in_recv(State, _El, _Pkt) ->
|
|
|
|
State.
|
|
|
|
|
2016-12-28 07:47:11 +01:00
|
|
|
s2s_out_packet(#{server := LServer,
|
|
|
|
remote_server := RServer,
|
|
|
|
db_verify := {StreamID, _Key, Pid}} = State,
|
|
|
|
#db_verify{from = RServer, to = LServer,
|
|
|
|
id = StreamID, type = Type} = Response)
|
|
|
|
when Type /= undefined ->
|
|
|
|
%% Received verification response, section 2.1.2, step 3
|
|
|
|
%% This is a response for the request sent at step 2
|
|
|
|
ejabberd_s2s_in:update_state(
|
|
|
|
Pid, fun(S) -> send_db_result(S, Response) end),
|
|
|
|
%% At this point the connection is no longer needed and we can terminate it
|
|
|
|
ejabberd_s2s_out:stop(State);
|
|
|
|
s2s_out_packet(#{server := LServer, remote_server := RServer} = State,
|
|
|
|
#db_result{to = LServer, from = RServer,
|
|
|
|
type = Type} = Result) when Type /= undefined ->
|
|
|
|
%% Received dialback response, section 2.1.1, step 4
|
|
|
|
%% This is a response to the request sent at step 1
|
|
|
|
State1 = maps:remove(db_enabled, State),
|
|
|
|
case Type of
|
|
|
|
valid ->
|
|
|
|
State2 = ejabberd_s2s_out:handle_auth_success(<<"dialback">>, State1),
|
|
|
|
ejabberd_s2s_out:establish(State2);
|
|
|
|
_ ->
|
2017-02-28 08:13:09 +01:00
|
|
|
Reason = str:format("Peer responded with error: ~s",
|
|
|
|
[format_error(Result)]),
|
|
|
|
ejabberd_s2s_out:handle_auth_failure(
|
|
|
|
<<"dialback">>, {auth, Reason}, State1)
|
2016-12-28 07:47:11 +01:00
|
|
|
end;
|
|
|
|
s2s_out_packet(State, Pkt) when is_record(Pkt, db_result);
|
|
|
|
is_record(Pkt, db_verify) ->
|
|
|
|
?WARNING_MSG("Got stray dialback packet:~n~s", [xmpp:pp(Pkt)]),
|
|
|
|
State;
|
|
|
|
s2s_out_packet(State, _) ->
|
|
|
|
State.
|
|
|
|
|
|
|
|
%%%===================================================================
|
|
|
|
%%% Internal functions
|
|
|
|
%%%===================================================================
|
|
|
|
-spec make_key(binary(), binary(), binary()) -> binary().
|
|
|
|
make_key(From, To, StreamID) ->
|
2017-04-29 10:39:40 +02:00
|
|
|
Secret = ejabberd_config:get_option(shared_key),
|
2017-03-14 00:31:51 +01:00
|
|
|
str:to_hexlist(
|
|
|
|
crypto:hmac(sha256, str:to_hexlist(crypto:hash(sha256, Secret)),
|
2016-12-28 07:47:11 +01:00
|
|
|
[To, " ", From, " ", StreamID])).
|
|
|
|
|
2016-12-29 22:00:36 +01:00
|
|
|
-spec send_verify_request(ejabberd_s2s_out:state()) -> ejabberd_s2s_out:state().
|
|
|
|
send_verify_request(#{server := LServer,
|
|
|
|
remote_server := RServer,
|
|
|
|
db_verify := {StreamID, Key, _Pid}} = State) ->
|
|
|
|
Request = #db_verify{from = LServer, to = RServer,
|
|
|
|
key = Key, id = StreamID},
|
|
|
|
ejabberd_s2s_out:send(State, Request).
|
|
|
|
|
|
|
|
-spec send_db_request(ejabberd_s2s_out:state()) -> ejabberd_s2s_out:state().
|
|
|
|
send_db_request(#{server := LServer,
|
|
|
|
remote_server := RServer,
|
|
|
|
stream_remote_id := StreamID} = State) ->
|
|
|
|
Key = make_key(LServer, RServer, StreamID),
|
|
|
|
ejabberd_s2s_out:send(State, #db_result{from = LServer,
|
|
|
|
to = RServer,
|
|
|
|
key = Key}).
|
|
|
|
|
2016-12-28 07:47:11 +01:00
|
|
|
-spec send_db_result(ejabberd_s2s_in:state(), db_verify()) -> ejabberd_s2s_in:state().
|
|
|
|
send_db_result(State, #db_verify{from = From, to = To,
|
|
|
|
type = Type, sub_els = Els}) ->
|
|
|
|
%% Sending dialback response, section 2.2.1, step 4
|
|
|
|
%% This is a response to the request received at step 1
|
|
|
|
Response = #db_result{from = To, to = From, type = Type, sub_els = Els},
|
|
|
|
State1 = ejabberd_s2s_in:send(State, Response),
|
|
|
|
case Type of
|
|
|
|
valid ->
|
|
|
|
State2 = ejabberd_s2s_in:handle_auth_success(
|
|
|
|
From, <<"dialback">>, undefined, State1),
|
|
|
|
ejabberd_s2s_in:establish(State2);
|
|
|
|
_ ->
|
2017-02-28 08:13:09 +01:00
|
|
|
Reason = str:format("Verification failed: ~s",
|
|
|
|
[format_error(Response)]),
|
2016-12-28 07:47:11 +01:00
|
|
|
ejabberd_s2s_in:handle_auth_failure(
|
|
|
|
From, <<"dialback">>, Reason, State1)
|
|
|
|
end.
|
|
|
|
|
|
|
|
-spec check_from_to(binary(), binary()) -> ok | {error, forbidden | host_unknown}.
|
|
|
|
check_from_to(From, To) ->
|
|
|
|
case ejabberd_router:is_my_route(To) of
|
|
|
|
false -> {error, host_unknown};
|
|
|
|
true ->
|
|
|
|
LServer = ejabberd_router:host_of_route(To),
|
|
|
|
case ejabberd_s2s:allow_host(LServer, From) of
|
|
|
|
true -> ok;
|
|
|
|
false -> {error, forbidden}
|
|
|
|
end
|
|
|
|
end.
|
|
|
|
|
|
|
|
-spec mk_error(term()) -> stanza_error().
|
|
|
|
mk_error(forbidden) ->
|
|
|
|
xmpp:err_forbidden(<<"Denied by ACL">>, ?MYLANG);
|
|
|
|
mk_error(host_unknown) ->
|
|
|
|
xmpp:err_not_allowed(<<"Host unknown">>, ?MYLANG);
|
2016-12-31 11:48:55 +01:00
|
|
|
mk_error({codec_error, Why}) ->
|
|
|
|
xmpp:err_bad_request(xmpp:io_format_error(Why), ?MYLANG);
|
2016-12-29 22:00:36 +01:00
|
|
|
mk_error({_Class, _Reason} = Why) ->
|
|
|
|
Txt = xmpp_stream_out:format_error(Why),
|
|
|
|
xmpp:err_remote_server_not_found(Txt, ?MYLANG);
|
2016-12-28 07:47:11 +01:00
|
|
|
mk_error(_) ->
|
|
|
|
xmpp:err_internal_server_error().
|
|
|
|
|
|
|
|
-spec format_error(db_result()) -> binary().
|
|
|
|
format_error(#db_result{type = invalid}) ->
|
|
|
|
<<"invalid dialback key">>;
|
|
|
|
format_error(#db_result{type = error, sub_els = Els}) ->
|
|
|
|
%% TODO: improve xmpp.erl
|
|
|
|
case xmpp:get_error(#message{sub_els = Els}) of
|
2017-02-28 08:13:09 +01:00
|
|
|
#stanza_error{} = Err ->
|
|
|
|
format_stanza_error(Err);
|
2016-12-28 07:47:11 +01:00
|
|
|
undefined ->
|
|
|
|
<<"unrecognized error">>
|
|
|
|
end;
|
|
|
|
format_error(_) ->
|
|
|
|
<<"unexpected dialback result">>.
|
2017-02-28 08:13:09 +01:00
|
|
|
|
|
|
|
-spec format_stanza_error(stanza_error()) -> binary().
|
|
|
|
format_stanza_error(#stanza_error{reason = Reason, text = Txt}) ->
|
|
|
|
Slogan = case Reason of
|
|
|
|
undefined -> <<"no reason">>;
|
|
|
|
#gone{} -> <<"gone">>;
|
|
|
|
#redirect{} -> <<"redirect">>;
|
|
|
|
_ -> erlang:atom_to_binary(Reason, latin1)
|
|
|
|
end,
|
|
|
|
case Txt of
|
|
|
|
undefined -> Slogan;
|
|
|
|
#text{data = <<"">>} -> Slogan;
|
|
|
|
#text{data = Data} ->
|
|
|
|
<<Data/binary, " (", Slogan/binary, ")">>
|
|
|
|
end.
|