2018-05-07 18:27:18 +02:00
|
|
|
%%%-------------------------------------------------------------------
|
|
|
|
%%% Created : 7 May 2018 by Evgeny Khramtsov <ekhramtsov@process-one.net>
|
2007-12-24 12:41:41 +01:00
|
|
|
%%%
|
|
|
|
%%%
|
2020-01-28 13:34:02 +01:00
|
|
|
%%% ejabberd, Copyright (C) 2002-2020 ProcessOne
|
2007-12-24 12:41:41 +01:00
|
|
|
%%%
|
|
|
|
%%% This program is free software; you can redistribute it and/or
|
|
|
|
%%% modify it under the terms of the GNU General Public License as
|
|
|
|
%%% published by the Free Software Foundation; either version 2 of the
|
|
|
|
%%% License, or (at your option) any later version.
|
|
|
|
%%%
|
|
|
|
%%% This program is distributed in the hope that it will be useful,
|
|
|
|
%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
%%% General Public License for more details.
|
2009-01-12 15:44:42 +01:00
|
|
|
%%%
|
2014-02-22 11:27:40 +01:00
|
|
|
%%% You should have received a copy of the GNU General Public License along
|
|
|
|
%%% with this program; if not, write to the Free Software Foundation, Inc.,
|
|
|
|
%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
2007-12-24 12:41:41 +01:00
|
|
|
%%%
|
2018-05-07 18:27:18 +02:00
|
|
|
%%%-------------------------------------------------------------------
|
2004-07-30 23:09:55 +02:00
|
|
|
-module(extauth).
|
2013-03-14 10:33:02 +01:00
|
|
|
|
2018-05-07 18:27:18 +02:00
|
|
|
-ifndef(GEN_SERVER).
|
|
|
|
-define(GEN_SERVER, gen_server).
|
|
|
|
-endif.
|
|
|
|
-behaviour(?GEN_SERVER).
|
2015-06-01 14:38:27 +02:00
|
|
|
|
2018-05-07 18:27:18 +02:00
|
|
|
-define(CALL_TIMEOUT, timer:seconds(30)).
|
2004-07-30 23:09:55 +02:00
|
|
|
|
2018-05-07 18:27:18 +02:00
|
|
|
%% API
|
|
|
|
-export([start/1, stop/1, reload/1, start_link/2]).
|
|
|
|
-export([check_password/3, set_password/3, try_register/3, remove_user/2,
|
2019-07-24 09:13:51 +02:00
|
|
|
remove_user/3, user_exists/2, check_certificate/3]).
|
2018-05-07 18:27:18 +02:00
|
|
|
-export([prog_name/1, pool_name/1, worker_name/2, pool_size/1]).
|
|
|
|
-export([init/1, handle_call/3, handle_cast/2, handle_info/2,
|
|
|
|
terminate/2, code_change/3]).
|
2004-07-30 23:09:55 +02:00
|
|
|
|
2013-04-08 11:12:54 +02:00
|
|
|
-include("logger.hrl").
|
2004-07-30 23:09:55 +02:00
|
|
|
|
2018-05-07 18:27:18 +02:00
|
|
|
-record(state, {port :: port(),
|
|
|
|
prog :: string(),
|
|
|
|
start_time :: integer(),
|
|
|
|
os_pid :: integer() | undefined}).
|
2011-04-11 21:27:19 +02:00
|
|
|
|
2018-05-07 18:27:18 +02:00
|
|
|
%%%===================================================================
|
|
|
|
%%% API
|
|
|
|
%%%===================================================================
|
|
|
|
start(Host) ->
|
|
|
|
extauth_sup:start(Host).
|
2004-07-30 23:09:55 +02:00
|
|
|
|
2005-07-13 05:24:13 +02:00
|
|
|
stop(Host) ->
|
2018-05-07 18:27:18 +02:00
|
|
|
extauth_sup:stop(Host).
|
|
|
|
|
|
|
|
reload(Host) ->
|
|
|
|
extauth_sup:reload(Host).
|
2010-07-30 20:33:03 +02:00
|
|
|
|
2018-05-07 18:27:18 +02:00
|
|
|
start_link(Name, Prog) ->
|
|
|
|
?GEN_SERVER:start_link({local, Name}, ?MODULE, [Prog], []).
|
2004-07-30 23:09:55 +02:00
|
|
|
|
2005-07-13 05:24:13 +02:00
|
|
|
check_password(User, Server, Password) ->
|
2013-06-26 04:29:50 +02:00
|
|
|
call_port(Server, [<<"auth">>, User, Server, Password]).
|
2004-07-30 23:09:55 +02:00
|
|
|
|
2019-07-24 09:13:51 +02:00
|
|
|
check_certificate(User, Server, Certificate) ->
|
|
|
|
call_port(Server, [<<"certauth">>, User, Server, Certificate]).
|
|
|
|
|
2017-05-11 14:49:06 +02:00
|
|
|
user_exists(User, Server) ->
|
2013-06-26 04:29:50 +02:00
|
|
|
call_port(Server, [<<"isuser">>, User, Server]).
|
2004-07-30 23:09:55 +02:00
|
|
|
|
2005-07-13 05:24:13 +02:00
|
|
|
set_password(User, Server, Password) ->
|
2013-06-26 04:29:50 +02:00
|
|
|
call_port(Server, [<<"setpass">>, User, Server, Password]).
|
2004-07-30 23:09:55 +02:00
|
|
|
|
2010-05-10 16:42:54 +02:00
|
|
|
try_register(User, Server, Password) ->
|
2018-05-07 18:27:18 +02:00
|
|
|
call_port(Server, [<<"tryregister">>, User, Server, Password]).
|
2010-05-10 16:42:54 +02:00
|
|
|
|
|
|
|
remove_user(User, Server) ->
|
2013-06-26 04:29:50 +02:00
|
|
|
call_port(Server, [<<"removeuser">>, User, Server]).
|
2010-05-10 16:42:54 +02:00
|
|
|
|
|
|
|
remove_user(User, Server, Password) ->
|
2018-05-07 18:27:18 +02:00
|
|
|
call_port(Server, [<<"removeuser3">>, User, Server, Password]).
|
|
|
|
|
|
|
|
-spec prog_name(binary()) -> string() | undefined.
|
|
|
|
prog_name(Host) ->
|
2019-06-14 11:33:26 +02:00
|
|
|
ejabberd_option:extauth_program(Host).
|
2018-05-07 18:27:18 +02:00
|
|
|
|
|
|
|
-spec pool_name(binary()) -> atom().
|
|
|
|
pool_name(Host) ->
|
2019-06-14 11:33:26 +02:00
|
|
|
case ejabberd_option:extauth_pool_name(Host) of
|
2018-07-30 22:49:18 +02:00
|
|
|
undefined ->
|
|
|
|
list_to_atom("extauth_pool_" ++ binary_to_list(Host));
|
|
|
|
Name ->
|
|
|
|
list_to_atom("extauth_pool_" ++ binary_to_list(Name))
|
|
|
|
end.
|
2018-05-07 18:27:18 +02:00
|
|
|
|
|
|
|
-spec worker_name(atom(), integer()) -> atom().
|
|
|
|
worker_name(Pool, N) ->
|
|
|
|
list_to_atom(atom_to_list(Pool) ++ "_" ++ integer_to_list(N)).
|
|
|
|
|
|
|
|
-spec pool_size(binary()) -> pos_integer().
|
|
|
|
pool_size(Host) ->
|
2019-06-14 11:33:26 +02:00
|
|
|
case ejabberd_option:extauth_pool_size(Host) of
|
2018-05-07 18:27:18 +02:00
|
|
|
undefined ->
|
|
|
|
try erlang:system_info(logical_processors)
|
|
|
|
catch _:_ -> 1
|
|
|
|
end;
|
|
|
|
Size ->
|
|
|
|
Size
|
2004-07-30 23:09:55 +02:00
|
|
|
end.
|
|
|
|
|
2018-05-07 18:27:18 +02:00
|
|
|
%%%===================================================================
|
|
|
|
%%% gen_server callbacks
|
|
|
|
%%%===================================================================
|
|
|
|
init([Prog]) ->
|
|
|
|
process_flag(trap_exit, true),
|
|
|
|
{Port, OSPid} = start_port(Prog),
|
|
|
|
Time = curr_time(),
|
|
|
|
{ok, #state{port = Port, start_time = Time,
|
|
|
|
prog = Prog, os_pid = OSPid}}.
|
|
|
|
|
|
|
|
handle_call({cmd, Cmd, EndTime}, _From, State) ->
|
|
|
|
Timeout = EndTime - curr_time(),
|
|
|
|
if Timeout > 0 ->
|
|
|
|
Port = State#state.port,
|
|
|
|
port_command(Port, Cmd),
|
|
|
|
receive
|
|
|
|
{Port, {data, [0, N] = Data}} when N == 0; N == 1 ->
|
|
|
|
?DEBUG("Received response from external authentication "
|
|
|
|
"program: ~p", [Data]),
|
|
|
|
{reply, decode_bool(N), State};
|
|
|
|
{Port, Data} ->
|
|
|
|
?ERROR_MSG("Received unexpected response from external "
|
2019-09-23 14:17:20 +02:00
|
|
|
"authentication program '~ts': ~p "
|
2018-05-07 18:27:18 +02:00
|
|
|
"(port = ~p, pid = ~w)",
|
|
|
|
[State#state.prog, Data, Port, State#state.os_pid]),
|
|
|
|
{reply, {error, unexpected_response}, State};
|
|
|
|
{'EXIT', Port, Reason} ->
|
|
|
|
handle_info({'EXIT', Port, Reason}, State)
|
|
|
|
after Timeout ->
|
2018-06-08 08:51:26 +02:00
|
|
|
{stop, normal, State}
|
2018-05-07 18:27:18 +02:00
|
|
|
end;
|
|
|
|
true ->
|
2018-05-07 21:43:01 +02:00
|
|
|
{noreply, State}
|
2011-02-21 16:13:41 +01:00
|
|
|
end.
|
|
|
|
|
2018-05-07 18:27:18 +02:00
|
|
|
handle_cast(_Msg, State) ->
|
|
|
|
{noreply, State}.
|
|
|
|
|
|
|
|
handle_info({'EXIT', Port, _Reason}, #state{port = Port,
|
|
|
|
start_time = Time} = State) ->
|
|
|
|
case curr_time() - Time of
|
|
|
|
Diff when Diff < 1000 ->
|
2019-09-23 14:17:20 +02:00
|
|
|
?ERROR_MSG("Failed to start external authentication program '~ts'",
|
2018-05-07 18:27:18 +02:00
|
|
|
[State#state.prog]),
|
|
|
|
{stop, normal, State};
|
|
|
|
_ ->
|
2019-09-23 14:17:20 +02:00
|
|
|
?ERROR_MSG("External authentication program '~ts' has terminated "
|
2018-05-07 18:27:18 +02:00
|
|
|
"unexpectedly (pid=~w), restarting via supervisor...",
|
|
|
|
[State#state.prog, State#state.os_pid]),
|
2018-06-08 08:51:26 +02:00
|
|
|
{stop, normal, State}
|
2018-05-07 18:27:18 +02:00
|
|
|
end;
|
|
|
|
handle_info(Info, State) ->
|
|
|
|
?WARNING_MSG("Unexpected info: ~p", [Info]),
|
|
|
|
{noreply, State}.
|
|
|
|
|
|
|
|
terminate(_Reason, State) ->
|
|
|
|
catch port_close(State#state.port),
|
|
|
|
ok.
|
|
|
|
|
|
|
|
code_change(_OldVsn, State, _Extra) ->
|
|
|
|
{ok, State}.
|
|
|
|
|
|
|
|
%%%===================================================================
|
|
|
|
%%% Internal functions
|
|
|
|
%%%===================================================================
|
|
|
|
-spec curr_time() -> non_neg_integer().
|
|
|
|
curr_time() ->
|
2019-02-27 09:56:20 +01:00
|
|
|
erlang:monotonic_time(millisecond).
|
2018-05-07 18:27:18 +02:00
|
|
|
|
|
|
|
-spec start_port(string()) -> {port(), integer() | undefined}.
|
|
|
|
start_port(Path) ->
|
|
|
|
Port = open_port({spawn, Path}, [{packet, 2}]),
|
|
|
|
link(Port),
|
|
|
|
case erlang:port_info(Port, os_pid) of
|
|
|
|
{os_pid, OSPid} ->
|
|
|
|
{Port, OSPid};
|
|
|
|
undefined ->
|
|
|
|
{Port, undefined}
|
|
|
|
end.
|
2004-07-30 23:09:55 +02:00
|
|
|
|
2018-05-07 18:27:18 +02:00
|
|
|
call_port(Server, Args) ->
|
|
|
|
call_port(Server, Args, ?CALL_TIMEOUT).
|
|
|
|
|
|
|
|
call_port(Server, Args, Timeout) ->
|
2019-02-27 09:56:20 +01:00
|
|
|
StartTime = erlang:monotonic_time(millisecond),
|
2018-05-07 18:27:18 +02:00
|
|
|
Pool = pool_name(Server),
|
|
|
|
PoolSize = pool_size(Server),
|
2018-07-05 10:51:49 +02:00
|
|
|
I = p1_rand:round_robin(PoolSize),
|
2018-05-07 18:27:18 +02:00
|
|
|
Cmd = str:join(Args, <<":">>),
|
|
|
|
do_call(Cmd, I, I + PoolSize, Pool, PoolSize,
|
|
|
|
StartTime + Timeout, StartTime).
|
|
|
|
|
|
|
|
do_call(_, Max, Max, _, _, _, _) ->
|
|
|
|
{error, disconnected};
|
|
|
|
do_call(Cmd, I, Max, Pool, PoolSize, EndTime, CurrTime) ->
|
|
|
|
Timeout = EndTime - CurrTime,
|
|
|
|
if Timeout > 0 ->
|
|
|
|
Proc = worker_name(Pool, (I rem PoolSize) + 1),
|
|
|
|
try ?GEN_SERVER:call(Proc, {cmd, Cmd, EndTime}, Timeout)
|
|
|
|
catch exit:{timeout, {?GEN_SERVER, call, _}} ->
|
|
|
|
{error, timeout};
|
|
|
|
exit:{_, {?GEN_SERVER, call, _}} ->
|
|
|
|
do_call(Cmd, I+1, Max, Pool, PoolSize, EndTime, curr_time())
|
|
|
|
end;
|
|
|
|
true ->
|
|
|
|
{error, timeout}
|
|
|
|
end.
|
2015-06-01 14:38:27 +02:00
|
|
|
|
2018-05-07 18:27:18 +02:00
|
|
|
decode_bool(0) -> false;
|
|
|
|
decode_bool(1) -> true.
|