25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-30 16:36:29 +01:00

* src/cyrsasl.erl: Updated SASL authentification

* src/ejabberd_c2s.erl: Likewise

* src/ejabberd_sm.erl: Better resource handling

* src/jlib.hrl: Added NS_BIND macros

SVN Revision: 170
This commit is contained in:
Alexey Shchepin 2003-11-07 20:51:23 +00:00
parent 1d9340619f
commit e7183996ed
5 changed files with 101 additions and 30 deletions

View File

@ -1,3 +1,12 @@
2003-11-07 Alexey Shchepin <alexey@sevcom.net>
* src/cyrsasl.erl: Updated SASL authentification
* src/ejabberd_c2s.erl: Likewise
* src/ejabberd_sm.erl: Better resource handling
* src/jlib.hrl: Added NS_BIND macros
2003-11-06 Alexey Shchepin <alexey@sevcom.net> 2003-11-06 Alexey Shchepin <alexey@sevcom.net>
* src/mod_configure2.erl: Added reporting of outgoing S2S * src/mod_configure2.erl: Added reporting of outgoing S2S

View File

@ -64,6 +64,17 @@ check_authzid(State, Props) ->
end end
end. end.
check_credentials(State, Props) ->
User = xml:get_attr_s(username, Props),
case jlib:nodeprep(User) of
error ->
{error, "not-authorized"};
"" ->
{error, "not-authorized"};
LUser ->
ok
end.
listmech() -> listmech() ->
ets:select(sasl_mechanism, ets:select(sasl_mechanism,
[{#sasl_mechanism{mechanism = '$1', _ = '_'}, [], ['$1']}]). [{#sasl_mechanism{mechanism = '$1', _ = '_'}, [], ['$1']}]).
@ -90,7 +101,7 @@ server_step(State, ClientIn) ->
MechState = State#sasl_state.mech_state, MechState = State#sasl_state.mech_state,
case Module:mech_step(MechState, ClientIn) of case Module:mech_step(MechState, ClientIn) of
{ok, Props} -> {ok, Props} ->
case check_authzid(State, Props) of case check_credentials(State, Props) of
ok -> ok ->
{ok, Props}; {ok, Props};
{error, Error} -> {error, Error} ->

View File

@ -24,6 +24,7 @@
wait_for_stream/2, wait_for_stream/2,
wait_for_auth/2, wait_for_auth/2,
wait_for_sasl_auth/2, wait_for_sasl_auth/2,
wait_for_bind/2,
wait_for_session/2, wait_for_session/2,
wait_for_sasl_response/2, wait_for_sasl_response/2,
session_established/2, session_established/2,
@ -152,10 +153,20 @@ wait_for_stream({xmlstreamstart, Name, Attrs}, StateData) ->
{next_state, wait_for_sasl_auth, {next_state, wait_for_sasl_auth,
StateData#state{sasl_state = SASLState}}; StateData#state{sasl_state = SASLState}};
_ -> _ ->
send_element( case StateData#state.resource of
StateData, "" ->
{xmlelement, "stream:features", [], []}), send_element(
{next_state, wait_for_session, StateData} StateData,
{xmlelement, "stream:features", [],
[{xmlelement, "bind",
[{"xmlns", ?NS_SASL}], []}]}),
{next_state, wait_for_bind, StateData};
_ ->
send_element(
StateData,
{xmlelement, "stream:features", [], []}),
{next_state, wait_for_session, StateData}
end
end; end;
_ -> _ ->
Header = io_lib:format( Header = io_lib:format(
@ -296,17 +307,12 @@ wait_for_sasl_auth({xmlstreamelement, El}, StateData) ->
send_element(StateData, send_element(StateData,
{xmlelement, "success", {xmlelement, "success",
[{"xmlns", ?NS_SASL}], []}), [{"xmlns", ?NS_SASL}], []}),
JID = #jid{user = U, resource = R} = U = xml:get_attr_s(username, Props),
jlib:string_to_jid(
xml:get_attr_s(authzid, Props)),
?INFO_MSG("(~w) Accepted authentification for ~s", ?INFO_MSG("(~w) Accepted authentification for ~s",
[StateData#state.socket, [StateData#state.socket, U]),
jlib:jid_to_string(JID)]),
{next_state, wait_for_stream, {next_state, wait_for_stream,
StateData#state{authentificated = true, StateData#state{authentificated = true,
user = U, user = U
resource = R,
jid = JID
}}; }};
{continue, ServerOut, NewSASLState} -> {continue, ServerOut, NewSASLState} ->
send_element(StateData, send_element(StateData,
@ -364,16 +370,12 @@ wait_for_sasl_response({xmlstreamelement, El}, StateData) ->
send_element(StateData, send_element(StateData,
{xmlelement, "success", {xmlelement, "success",
[{"xmlns", ?NS_SASL}], []}), [{"xmlns", ?NS_SASL}], []}),
JID = #jid{user = U, resource = R} = U = xml:get_attr_s(username, Props),
jlib:string_to_jid(xml:get_attr_s(authzid, Props)),
?INFO_MSG("(~w) Accepted authentification for ~s", ?INFO_MSG("(~w) Accepted authentification for ~s",
[StateData#state.socket, [StateData#state.socket, U]),
jlib:jid_to_string(JID)]),
{next_state, wait_for_stream, {next_state, wait_for_stream,
StateData#state{authentificated = true, StateData#state{authentificated = true,
user = U, user = U
resource = R,
jid = JID
}}; }};
{continue, ServerOut, NewSASLState} -> {continue, ServerOut, NewSASLState} ->
send_element(StateData, send_element(StateData,
@ -420,6 +422,51 @@ wait_for_sasl_response(closed, StateData) ->
wait_for_bind({xmlstreamelement, El}, StateData) ->
case jlib:iq_query_info(El) of
{iq, ID, set, ?NS_BIND, SubEl} ->
U = StateData#state.user,
R1 = xml:get_path_s(SubEl, [{elem, "resource"}, cdata]),
R = case jlib:resourceprep(R1) of
error -> error;
"" ->
lists:concat(
[randoms:get_string() | tuple_to_list(now())]);
Resource -> Resource
end,
case R of
error ->
Err = jlib:make_error_reply(El, ?ERR_BAD_REQUEST),
send_element(StateData, Err),
{next_state, wait_for_bind, StateData};
_ ->
JID = jlib:make_jid(U, StateData#state.server, R),
Res = {iq, ID, result, ?NS_BIND,
[{xmlelement, "bind",
[{"xmlns", ?NS_BIND}],
[{xmlelement, "jid", [],
[{xmlcdata, jlib:jid_to_string(JID)}]}]}]},
send_element(StateData, jlib:iq_to_xml(Res)),
{next_state, wait_for_session,
StateData#state{resource = R, jid = JID}}
end;
_ ->
{next_state, wait_for_bind, StateData}
end;
wait_for_bind({xmlstreamend, Name}, StateData) ->
send_text(StateData, ?STREAM_TRAILER),
{stop, normal, StateData};
wait_for_bind({xmlstreamerror, _}, StateData) ->
send_text(StateData, ?INVALID_XML_ERR ++ ?STREAM_TRAILER),
{stop, normal, StateData};
wait_for_bind(closed, StateData) ->
{stop, normal, StateData}.
wait_for_session({xmlstreamelement, El}, StateData) -> wait_for_session({xmlstreamelement, El}, StateData) ->
case jlib:iq_query_info(El) of case jlib:iq_query_info(El) of
{iq, ID, set, ?NS_SESSION, SubEl} -> {iq, ID, set, ?NS_SESSION, SubEl} ->
@ -742,10 +789,8 @@ handle_info({route, From, To, Packet}, StateName, StateData) ->
%% Returns: any %% Returns: any
%%---------------------------------------------------------------------- %%----------------------------------------------------------------------
terminate(Reason, StateName, StateData) -> terminate(Reason, StateName, StateData) ->
case StateData#state.user of case StateName of
"" -> session_established ->
ok;
_ ->
?INFO_MSG("(~w) Close session for ~s", ?INFO_MSG("(~w) Close session for ~s",
[StateData#state.socket, [StateData#state.socket,
jlib:jid_to_string(StateData#state.jid)]), jlib:jid_to_string(StateData#state.jid)]),
@ -756,7 +801,9 @@ terminate(Reason, StateName, StateData) ->
ejabberd_sm:unset_presence(StateData#state.user, ejabberd_sm:unset_presence(StateData#state.user,
StateData#state.resource), StateData#state.resource),
presence_broadcast(StateData, From, StateData#state.pres_a, Packet), presence_broadcast(StateData, From, StateData#state.pres_a, Packet),
presence_broadcast(StateData, From, StateData#state.pres_i, Packet) presence_broadcast(StateData, From, StateData#state.pres_i, Packet);
_ ->
ok
end, end,
(StateData#state.sockmod):close(StateData#state.socket), (StateData#state.sockmod):close(StateData#state.socket),
ok. ok.

View File

@ -104,7 +104,8 @@ close_session(User, Resource) ->
register_connection(User, Resource, Pid) -> register_connection(User, Resource, Pid) ->
LUser = jlib:nodeprep(User), LUser = jlib:nodeprep(User),
UR = {LUser, Resource}, LResource = jlib:nodeprep(Resource),
UR = {LUser, LResource},
F = fun() -> F = fun() ->
Ss = mnesia:wread({session, UR}), Ss = mnesia:wread({session, UR}),
Ls = mnesia:wread({local_session, UR}), Ls = mnesia:wread({local_session, UR}),
@ -134,8 +135,9 @@ register_connection(User, Resource, Pid) ->
replace_my_connection(User, Resource) -> replace_my_connection(User, Resource) ->
LUser = jlib:nodeprep(User), LUser = jlib:nodeprep(User),
LResource = jlib:nodeprep(Resource),
UR = {LUser, LResource},
F = fun() -> F = fun() ->
UR = {LUser, Resource},
Es = mnesia:read({local_session, UR}), Es = mnesia:read({local_session, UR}),
mnesia:delete({local_session, UR}), mnesia:delete({local_session, UR}),
Es Es
@ -153,8 +155,9 @@ replace_my_connection(User, Resource) ->
remove_connection(User, Resource) -> remove_connection(User, Resource) ->
LUser = jlib:nodeprep(User), LUser = jlib:nodeprep(User),
LResource = jlib:nodeprep(Resource),
F = fun() -> F = fun() ->
UR = {LUser, Resource}, UR = {LUser, LResource},
mnesia:delete({local_session, UR}), mnesia:delete({local_session, UR}),
mnesia:delete({session, UR}) mnesia:delete({session, UR})
end, end,
@ -178,10 +181,10 @@ clean_table_from_bad_node(Node) ->
do_route(From, To, Packet) -> do_route(From, To, Packet) ->
?DEBUG("session manager~n\tfrom ~p~n\tto ~p~n\tpacket ~P~n", ?DEBUG("session manager~n\tfrom ~p~n\tto ~p~n\tpacket ~P~n",
[From, To, Packet, 8]), [From, To, Packet, 8]),
#jid{user = User, resource = Resource, #jid{user = User,
luser = LUser, lserver = LServer, lresource = LResource} = To, luser = LUser, lserver = LServer, lresource = LResource} = To,
{xmlelement, Name, Attrs, _Els} = Packet, {xmlelement, Name, Attrs, _Els} = Packet,
case Resource of case LResource of
"" -> "" ->
case Name of case Name of
"presence" -> "presence" ->

View File

@ -40,6 +40,7 @@
-define(NS_SASL, "urn:ietf:params:xml:ns:xmpp-sasl"). -define(NS_SASL, "urn:ietf:params:xml:ns:xmpp-sasl").
-define(NS_SESSION, "urn:ietf:params:xml:ns:xmpp-session"). -define(NS_SESSION, "urn:ietf:params:xml:ns:xmpp-session").
-define(NS_BIND, "urn:ietf:params:xml:ns:xmpp-bind").
% TODO: remove "code" attribute (currently it used for backward-compatibility) % TODO: remove "code" attribute (currently it used for backward-compatibility)
-define(STANZA_ERROR(Code, Type, Condition), -define(STANZA_ERROR(Code, Type, Condition),