mirror of
https://github.com/processone/ejabberd.git
synced 2024-11-30 16:36:29 +01:00
* src/cyrsasl.erl: Updated SASL authentification
* src/ejabberd_c2s.erl: Likewise * src/ejabberd_sm.erl: Better resource handling * src/jlib.hrl: Added NS_BIND macros SVN Revision: 170
This commit is contained in:
parent
1d9340619f
commit
e7183996ed
@ -1,3 +1,12 @@
|
|||||||
|
2003-11-07 Alexey Shchepin <alexey@sevcom.net>
|
||||||
|
|
||||||
|
* src/cyrsasl.erl: Updated SASL authentification
|
||||||
|
* src/ejabberd_c2s.erl: Likewise
|
||||||
|
|
||||||
|
* src/ejabberd_sm.erl: Better resource handling
|
||||||
|
|
||||||
|
* src/jlib.hrl: Added NS_BIND macros
|
||||||
|
|
||||||
2003-11-06 Alexey Shchepin <alexey@sevcom.net>
|
2003-11-06 Alexey Shchepin <alexey@sevcom.net>
|
||||||
|
|
||||||
* src/mod_configure2.erl: Added reporting of outgoing S2S
|
* src/mod_configure2.erl: Added reporting of outgoing S2S
|
||||||
|
@ -64,6 +64,17 @@ check_authzid(State, Props) ->
|
|||||||
end
|
end
|
||||||
end.
|
end.
|
||||||
|
|
||||||
|
check_credentials(State, Props) ->
|
||||||
|
User = xml:get_attr_s(username, Props),
|
||||||
|
case jlib:nodeprep(User) of
|
||||||
|
error ->
|
||||||
|
{error, "not-authorized"};
|
||||||
|
"" ->
|
||||||
|
{error, "not-authorized"};
|
||||||
|
LUser ->
|
||||||
|
ok
|
||||||
|
end.
|
||||||
|
|
||||||
listmech() ->
|
listmech() ->
|
||||||
ets:select(sasl_mechanism,
|
ets:select(sasl_mechanism,
|
||||||
[{#sasl_mechanism{mechanism = '$1', _ = '_'}, [], ['$1']}]).
|
[{#sasl_mechanism{mechanism = '$1', _ = '_'}, [], ['$1']}]).
|
||||||
@ -90,7 +101,7 @@ server_step(State, ClientIn) ->
|
|||||||
MechState = State#sasl_state.mech_state,
|
MechState = State#sasl_state.mech_state,
|
||||||
case Module:mech_step(MechState, ClientIn) of
|
case Module:mech_step(MechState, ClientIn) of
|
||||||
{ok, Props} ->
|
{ok, Props} ->
|
||||||
case check_authzid(State, Props) of
|
case check_credentials(State, Props) of
|
||||||
ok ->
|
ok ->
|
||||||
{ok, Props};
|
{ok, Props};
|
||||||
{error, Error} ->
|
{error, Error} ->
|
||||||
|
@ -24,6 +24,7 @@
|
|||||||
wait_for_stream/2,
|
wait_for_stream/2,
|
||||||
wait_for_auth/2,
|
wait_for_auth/2,
|
||||||
wait_for_sasl_auth/2,
|
wait_for_sasl_auth/2,
|
||||||
|
wait_for_bind/2,
|
||||||
wait_for_session/2,
|
wait_for_session/2,
|
||||||
wait_for_sasl_response/2,
|
wait_for_sasl_response/2,
|
||||||
session_established/2,
|
session_established/2,
|
||||||
@ -152,10 +153,20 @@ wait_for_stream({xmlstreamstart, Name, Attrs}, StateData) ->
|
|||||||
{next_state, wait_for_sasl_auth,
|
{next_state, wait_for_sasl_auth,
|
||||||
StateData#state{sasl_state = SASLState}};
|
StateData#state{sasl_state = SASLState}};
|
||||||
_ ->
|
_ ->
|
||||||
send_element(
|
case StateData#state.resource of
|
||||||
StateData,
|
"" ->
|
||||||
{xmlelement, "stream:features", [], []}),
|
send_element(
|
||||||
{next_state, wait_for_session, StateData}
|
StateData,
|
||||||
|
{xmlelement, "stream:features", [],
|
||||||
|
[{xmlelement, "bind",
|
||||||
|
[{"xmlns", ?NS_SASL}], []}]}),
|
||||||
|
{next_state, wait_for_bind, StateData};
|
||||||
|
_ ->
|
||||||
|
send_element(
|
||||||
|
StateData,
|
||||||
|
{xmlelement, "stream:features", [], []}),
|
||||||
|
{next_state, wait_for_session, StateData}
|
||||||
|
end
|
||||||
end;
|
end;
|
||||||
_ ->
|
_ ->
|
||||||
Header = io_lib:format(
|
Header = io_lib:format(
|
||||||
@ -296,17 +307,12 @@ wait_for_sasl_auth({xmlstreamelement, El}, StateData) ->
|
|||||||
send_element(StateData,
|
send_element(StateData,
|
||||||
{xmlelement, "success",
|
{xmlelement, "success",
|
||||||
[{"xmlns", ?NS_SASL}], []}),
|
[{"xmlns", ?NS_SASL}], []}),
|
||||||
JID = #jid{user = U, resource = R} =
|
U = xml:get_attr_s(username, Props),
|
||||||
jlib:string_to_jid(
|
|
||||||
xml:get_attr_s(authzid, Props)),
|
|
||||||
?INFO_MSG("(~w) Accepted authentification for ~s",
|
?INFO_MSG("(~w) Accepted authentification for ~s",
|
||||||
[StateData#state.socket,
|
[StateData#state.socket, U]),
|
||||||
jlib:jid_to_string(JID)]),
|
|
||||||
{next_state, wait_for_stream,
|
{next_state, wait_for_stream,
|
||||||
StateData#state{authentificated = true,
|
StateData#state{authentificated = true,
|
||||||
user = U,
|
user = U
|
||||||
resource = R,
|
|
||||||
jid = JID
|
|
||||||
}};
|
}};
|
||||||
{continue, ServerOut, NewSASLState} ->
|
{continue, ServerOut, NewSASLState} ->
|
||||||
send_element(StateData,
|
send_element(StateData,
|
||||||
@ -364,16 +370,12 @@ wait_for_sasl_response({xmlstreamelement, El}, StateData) ->
|
|||||||
send_element(StateData,
|
send_element(StateData,
|
||||||
{xmlelement, "success",
|
{xmlelement, "success",
|
||||||
[{"xmlns", ?NS_SASL}], []}),
|
[{"xmlns", ?NS_SASL}], []}),
|
||||||
JID = #jid{user = U, resource = R} =
|
U = xml:get_attr_s(username, Props),
|
||||||
jlib:string_to_jid(xml:get_attr_s(authzid, Props)),
|
|
||||||
?INFO_MSG("(~w) Accepted authentification for ~s",
|
?INFO_MSG("(~w) Accepted authentification for ~s",
|
||||||
[StateData#state.socket,
|
[StateData#state.socket, U]),
|
||||||
jlib:jid_to_string(JID)]),
|
|
||||||
{next_state, wait_for_stream,
|
{next_state, wait_for_stream,
|
||||||
StateData#state{authentificated = true,
|
StateData#state{authentificated = true,
|
||||||
user = U,
|
user = U
|
||||||
resource = R,
|
|
||||||
jid = JID
|
|
||||||
}};
|
}};
|
||||||
{continue, ServerOut, NewSASLState} ->
|
{continue, ServerOut, NewSASLState} ->
|
||||||
send_element(StateData,
|
send_element(StateData,
|
||||||
@ -420,6 +422,51 @@ wait_for_sasl_response(closed, StateData) ->
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
wait_for_bind({xmlstreamelement, El}, StateData) ->
|
||||||
|
case jlib:iq_query_info(El) of
|
||||||
|
{iq, ID, set, ?NS_BIND, SubEl} ->
|
||||||
|
U = StateData#state.user,
|
||||||
|
R1 = xml:get_path_s(SubEl, [{elem, "resource"}, cdata]),
|
||||||
|
R = case jlib:resourceprep(R1) of
|
||||||
|
error -> error;
|
||||||
|
"" ->
|
||||||
|
lists:concat(
|
||||||
|
[randoms:get_string() | tuple_to_list(now())]);
|
||||||
|
Resource -> Resource
|
||||||
|
end,
|
||||||
|
case R of
|
||||||
|
error ->
|
||||||
|
Err = jlib:make_error_reply(El, ?ERR_BAD_REQUEST),
|
||||||
|
send_element(StateData, Err),
|
||||||
|
{next_state, wait_for_bind, StateData};
|
||||||
|
_ ->
|
||||||
|
JID = jlib:make_jid(U, StateData#state.server, R),
|
||||||
|
Res = {iq, ID, result, ?NS_BIND,
|
||||||
|
[{xmlelement, "bind",
|
||||||
|
[{"xmlns", ?NS_BIND}],
|
||||||
|
[{xmlelement, "jid", [],
|
||||||
|
[{xmlcdata, jlib:jid_to_string(JID)}]}]}]},
|
||||||
|
send_element(StateData, jlib:iq_to_xml(Res)),
|
||||||
|
{next_state, wait_for_session,
|
||||||
|
StateData#state{resource = R, jid = JID}}
|
||||||
|
end;
|
||||||
|
_ ->
|
||||||
|
{next_state, wait_for_bind, StateData}
|
||||||
|
end;
|
||||||
|
|
||||||
|
wait_for_bind({xmlstreamend, Name}, StateData) ->
|
||||||
|
send_text(StateData, ?STREAM_TRAILER),
|
||||||
|
{stop, normal, StateData};
|
||||||
|
|
||||||
|
wait_for_bind({xmlstreamerror, _}, StateData) ->
|
||||||
|
send_text(StateData, ?INVALID_XML_ERR ++ ?STREAM_TRAILER),
|
||||||
|
{stop, normal, StateData};
|
||||||
|
|
||||||
|
wait_for_bind(closed, StateData) ->
|
||||||
|
{stop, normal, StateData}.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
wait_for_session({xmlstreamelement, El}, StateData) ->
|
wait_for_session({xmlstreamelement, El}, StateData) ->
|
||||||
case jlib:iq_query_info(El) of
|
case jlib:iq_query_info(El) of
|
||||||
{iq, ID, set, ?NS_SESSION, SubEl} ->
|
{iq, ID, set, ?NS_SESSION, SubEl} ->
|
||||||
@ -742,10 +789,8 @@ handle_info({route, From, To, Packet}, StateName, StateData) ->
|
|||||||
%% Returns: any
|
%% Returns: any
|
||||||
%%----------------------------------------------------------------------
|
%%----------------------------------------------------------------------
|
||||||
terminate(Reason, StateName, StateData) ->
|
terminate(Reason, StateName, StateData) ->
|
||||||
case StateData#state.user of
|
case StateName of
|
||||||
"" ->
|
session_established ->
|
||||||
ok;
|
|
||||||
_ ->
|
|
||||||
?INFO_MSG("(~w) Close session for ~s",
|
?INFO_MSG("(~w) Close session for ~s",
|
||||||
[StateData#state.socket,
|
[StateData#state.socket,
|
||||||
jlib:jid_to_string(StateData#state.jid)]),
|
jlib:jid_to_string(StateData#state.jid)]),
|
||||||
@ -756,7 +801,9 @@ terminate(Reason, StateName, StateData) ->
|
|||||||
ejabberd_sm:unset_presence(StateData#state.user,
|
ejabberd_sm:unset_presence(StateData#state.user,
|
||||||
StateData#state.resource),
|
StateData#state.resource),
|
||||||
presence_broadcast(StateData, From, StateData#state.pres_a, Packet),
|
presence_broadcast(StateData, From, StateData#state.pres_a, Packet),
|
||||||
presence_broadcast(StateData, From, StateData#state.pres_i, Packet)
|
presence_broadcast(StateData, From, StateData#state.pres_i, Packet);
|
||||||
|
_ ->
|
||||||
|
ok
|
||||||
end,
|
end,
|
||||||
(StateData#state.sockmod):close(StateData#state.socket),
|
(StateData#state.sockmod):close(StateData#state.socket),
|
||||||
ok.
|
ok.
|
||||||
|
@ -104,7 +104,8 @@ close_session(User, Resource) ->
|
|||||||
|
|
||||||
register_connection(User, Resource, Pid) ->
|
register_connection(User, Resource, Pid) ->
|
||||||
LUser = jlib:nodeprep(User),
|
LUser = jlib:nodeprep(User),
|
||||||
UR = {LUser, Resource},
|
LResource = jlib:nodeprep(Resource),
|
||||||
|
UR = {LUser, LResource},
|
||||||
F = fun() ->
|
F = fun() ->
|
||||||
Ss = mnesia:wread({session, UR}),
|
Ss = mnesia:wread({session, UR}),
|
||||||
Ls = mnesia:wread({local_session, UR}),
|
Ls = mnesia:wread({local_session, UR}),
|
||||||
@ -134,8 +135,9 @@ register_connection(User, Resource, Pid) ->
|
|||||||
|
|
||||||
replace_my_connection(User, Resource) ->
|
replace_my_connection(User, Resource) ->
|
||||||
LUser = jlib:nodeprep(User),
|
LUser = jlib:nodeprep(User),
|
||||||
|
LResource = jlib:nodeprep(Resource),
|
||||||
|
UR = {LUser, LResource},
|
||||||
F = fun() ->
|
F = fun() ->
|
||||||
UR = {LUser, Resource},
|
|
||||||
Es = mnesia:read({local_session, UR}),
|
Es = mnesia:read({local_session, UR}),
|
||||||
mnesia:delete({local_session, UR}),
|
mnesia:delete({local_session, UR}),
|
||||||
Es
|
Es
|
||||||
@ -153,8 +155,9 @@ replace_my_connection(User, Resource) ->
|
|||||||
|
|
||||||
remove_connection(User, Resource) ->
|
remove_connection(User, Resource) ->
|
||||||
LUser = jlib:nodeprep(User),
|
LUser = jlib:nodeprep(User),
|
||||||
|
LResource = jlib:nodeprep(Resource),
|
||||||
F = fun() ->
|
F = fun() ->
|
||||||
UR = {LUser, Resource},
|
UR = {LUser, LResource},
|
||||||
mnesia:delete({local_session, UR}),
|
mnesia:delete({local_session, UR}),
|
||||||
mnesia:delete({session, UR})
|
mnesia:delete({session, UR})
|
||||||
end,
|
end,
|
||||||
@ -178,10 +181,10 @@ clean_table_from_bad_node(Node) ->
|
|||||||
do_route(From, To, Packet) ->
|
do_route(From, To, Packet) ->
|
||||||
?DEBUG("session manager~n\tfrom ~p~n\tto ~p~n\tpacket ~P~n",
|
?DEBUG("session manager~n\tfrom ~p~n\tto ~p~n\tpacket ~P~n",
|
||||||
[From, To, Packet, 8]),
|
[From, To, Packet, 8]),
|
||||||
#jid{user = User, resource = Resource,
|
#jid{user = User,
|
||||||
luser = LUser, lserver = LServer, lresource = LResource} = To,
|
luser = LUser, lserver = LServer, lresource = LResource} = To,
|
||||||
{xmlelement, Name, Attrs, _Els} = Packet,
|
{xmlelement, Name, Attrs, _Els} = Packet,
|
||||||
case Resource of
|
case LResource of
|
||||||
"" ->
|
"" ->
|
||||||
case Name of
|
case Name of
|
||||||
"presence" ->
|
"presence" ->
|
||||||
|
@ -40,6 +40,7 @@
|
|||||||
|
|
||||||
-define(NS_SASL, "urn:ietf:params:xml:ns:xmpp-sasl").
|
-define(NS_SASL, "urn:ietf:params:xml:ns:xmpp-sasl").
|
||||||
-define(NS_SESSION, "urn:ietf:params:xml:ns:xmpp-session").
|
-define(NS_SESSION, "urn:ietf:params:xml:ns:xmpp-session").
|
||||||
|
-define(NS_BIND, "urn:ietf:params:xml:ns:xmpp-bind").
|
||||||
|
|
||||||
% TODO: remove "code" attribute (currently it used for backward-compatibility)
|
% TODO: remove "code" attribute (currently it used for backward-compatibility)
|
||||||
-define(STANZA_ERROR(Code, Type, Condition),
|
-define(STANZA_ERROR(Code, Type, Condition),
|
||||||
|
Loading…
Reference in New Issue
Block a user