annotate mod_s2s_status/mod_s2s_status.lua @ 5511:0860497152af

mod_http_oauth2: Record hash of client_id to allow future verification RFC 6819 section 5.2.2.2 states that refresh tokens MUST be bound to the client. In order to do that, we must record something that can definitely tie the client to the grant. Since the full client_id is so large (why we have this client_subset function), a hash is stored instead.
author Kim Alvefur <zash@zash.se>
date Fri, 02 Jun 2023 10:14:16 +0200
parents b86282953663
children 31c331d05a75
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4791
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 local status_out = module:shared("out");
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3 local errors = require "util.error";
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 local function get_session_info(session)
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6 local direction, peer_host = session.direction;
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 if direction == "outgoing" then
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 peer_host = session.to_host;
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9 elseif direction == "incoming" then
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10 peer_host = session.from_host;
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12 return peer_host, direction, session.id;
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15 local function get_domain_log_out(peer_domain)
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16 local domain_log = status_out[peer_domain];
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17 if not domain_log then
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18 domain_log = {};
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 status_out[peer_domain] = domain_log;
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 local function get_connection_record(domain_log, id)
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24 for _, record in ipairs(domain_log) do
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 if record.id == id then
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
26 return record;
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
27 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
29 -- No record for this connection yet, create it
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
30 local record = { id = id };
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
31 table.insert(domain_log, 1, record);
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
32 return record;
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35 local function log_new_connection_out(peer_domain, id)
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36 local domain_log = get_domain_log_out(peer_domain);
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37 local record = get_connection_record(domain_log, id);
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38 record.status, record.time_started = "connecting", os.time();
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
40
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
41 local function log_successful_connection_out(peer_domain, id)
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
42 local domain_log = get_domain_log_out(peer_domain);
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43 local record = get_connection_record(domain_log, id);
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
44 record.status, record.time_connected = "connected", os.time();
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
45 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
46
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
47 local function log_ended_connection_out(peer_domain, id, reason)
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
48 local domain_log = get_domain_log_out(peer_domain);
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
49 local record = get_connection_record(domain_log, id);
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
50
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
51 if record.status == "connecting" then
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
52 record.status = "failed";
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
53 elseif record.status == "connected" then
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
54 record.status = "disconnected";
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
55 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
56 if reason then
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
57 local e_reason = errors.new(reason);
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
58 record.error = {
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
59 type = e_reason.type;
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
60 condition = e_reason.condition;
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
61 text = e_reason.text;
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
62 };
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
63 if not record.error.text and type(reason) == "string" then
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
64 record.error.text = reason;
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
65 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
66 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
67 local now = os.time();
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
68 record.time_ended = now;
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
69 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
70
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
71 local function s2sout_established(event)
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
72 local peer_domain, _, id = get_session_info(event.session);
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
73 log_successful_connection_out(peer_domain, id);
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
74 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
75
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
76 local function s2sout_destroyed(event)
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
77 local peer_domain, _, id = get_session_info(event.session);
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
78 log_ended_connection_out(peer_domain, id);
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
79 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
80
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
81 local function s2s_created(event)
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
82 local peer_domain, direction, id = get_session_info(event.session);
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
83 if direction == "outgoing" then
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
84 log_new_connection_out(peer_domain, id);
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
85 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
86 end
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
87
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
88 module:hook("s2s-created", s2s_created);
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
89 module:hook("s2sout-established", s2sout_established);
b86282953663 mod_s2s_status: Module to track status of s2s connections by domain
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
90 module:hook("s2sout-destroyed", s2sout_destroyed);