annotate mod_sasl2_bind2/mod_sasl2_bind2.lua @ 5043:17b87fffdb91

mod_sasl2_bind2: Move <inline> into <bind> feature element This mirrors the equivalent change in SASL2.
author Matthew Wild <mwild1@gmail.com>
date Wed, 21 Sep 2022 10:31:50 +0100
parents c0d243b27e64
children f64d834ba744
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
5029
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 local base64 = require "util.encodings".base64;
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 local sha1 = require "util.hashes".sha1;
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3 local st = require "util.stanza";
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 local sm_bind_resource = require "core.sessionmanager".bind_resource;
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 local xmlns_bind2 = "urn:xmpp:bind2:1";
5039
c0d243b27e64 mod_sasl2, mod_sasl_bind2, mod_sasl2_sm: Bump XEP-0388 namespace
Matthew Wild <mwild1@gmail.com>
parents: 5037
diff changeset
8 local xmlns_sasl2 = "urn:xmpp:sasl:2";
5029
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10 -- Advertise what we can do
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11
5043
17b87fffdb91 mod_sasl2_bind2: Move <inline> into <bind> feature element
Matthew Wild <mwild1@gmail.com>
parents: 5039
diff changeset
12 module:hook("advertise-sasl-features", function(event)
17b87fffdb91 mod_sasl2_bind2: Move <inline> into <bind> feature element
Matthew Wild <mwild1@gmail.com>
parents: 5039
diff changeset
13 local bind = st.stanza("bind", { xmlns = xmlns_bind2 });
17b87fffdb91 mod_sasl2_bind2: Move <inline> into <bind> feature element
Matthew Wild <mwild1@gmail.com>
parents: 5039
diff changeset
14 local inline = st.stanza("inline");
17b87fffdb91 mod_sasl2_bind2: Move <inline> into <bind> feature element
Matthew Wild <mwild1@gmail.com>
parents: 5039
diff changeset
15 module:fire_event("advertise-bind-features", { origin = event.session, features = inline });
17b87fffdb91 mod_sasl2_bind2: Move <inline> into <bind> feature element
Matthew Wild <mwild1@gmail.com>
parents: 5039
diff changeset
16 bind:add_direct_child(inline);
5029
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17
5043
17b87fffdb91 mod_sasl2_bind2: Move <inline> into <bind> feature element
Matthew Wild <mwild1@gmail.com>
parents: 5039
diff changeset
18 event.features:add_direct_child(bind);
5029
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 end, 1);
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 -- Helper to actually bind a resource to a session
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 local function do_bind(session, bind_request)
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24 local resource;
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
26 local client_id_tag = bind_request:get_child("client-id");
5032
71a84474fcfb mod_sasl2_bind2: Use correct method to get text
Matthew Wild <mwild1@gmail.com>
parents: 5031
diff changeset
27 local client_id = client_id_tag and client_id_tag:get_text() or session.client_id;
5029
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28 if client_id and client_id ~= "" then
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
29 local tag = client_id_tag and client_id_tag.attr.tag or "client";
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
30 resource = ("%s~%s"):format(tag, base64.encode(sha1(client_id):sub(1, 9)));
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
31 end
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
32
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33 local success, err_type, err, err_msg = sm_bind_resource(session, resource);
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34 if not success then
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35 session.log("debug", "Resource bind failed: %s", err_msg or err);
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36 return nil, { type = err_type, condition = err, text = err_msg };
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37 end
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39 session.log("debug", "Resource bound: %s", session.full_jid);
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
40 return st.stanza("bound", { xmlns = xmlns_bind2 })
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
41 :text_tag("jid", session.full_jid)
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
42 end
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
44 -- Enable inline features requested by the client
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
45
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
46 local function enable_features(session, bind_request, bind_result)
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
47 local features = bind_request:get_child("features");
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
48 if not features then return; end
5033
9afd98178011 mod_sasl2_bind2: Fix event name
Matthew Wild <mwild1@gmail.com>
parents: 5032
diff changeset
49 module:fire_event("enable-bind-features", {
5029
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
50 session = session;
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
51 features = features;
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
52 result = bind_result;
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
53 });
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
54 end
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
55
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
56 -- SASL 2 integration
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
57
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
58 module:hook_tag(xmlns_sasl2, "authenticate", function (session, auth)
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
59 -- Cache action for future processing (after auth success)
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
60 session.sasl2_bind_request = auth:child_with_ns(xmlns_bind2);
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
61 end, 100);
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
62
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
63 module:hook("sasl2/c2s/success", function (event)
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
64 local session = event.session;
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
65
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
66 local bind_request = session.sasl2_bind_request;
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
67 if not bind_request then return; end -- No bind requested
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
68 session.sasl2_bind_request = nil;
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
69
5037
8a8100fff580 mod_sasl2_bind2, mod_sasl2_sm: Move sasl2_sm_success to session
Matthew Wild <mwild1@gmail.com>
parents: 5036
diff changeset
70 local sm_success = session.sasl2_sm_success;
5029
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
71 if sm_success and sm_success.type == "resumed" then
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
72 return; -- No need to bind a resource
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
73 end
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
74
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
75 local bind_result, err = do_bind(session, bind_request);
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
76 if not bind_result then
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
77 bind_result = st.stanza("failed", { xmlns = xmlns_bind2 })
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
78 :add_error(err);
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
79 else
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
80 enable_features(session, bind_request, bind_result);
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
81 end
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
82
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
83 event.success:add_child(bind_result);
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
84 end, 100);
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
85
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
86 -- Inline features
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
87
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
88 module:hook("advertise-bind-features", function (event)
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
89 local features = event.features;
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
90 features:tag("feature", { var = "urn:xmpp:carbons:2" }):up();
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
91 features:tag("feature", { var = "urn:xmpp:csi:0" }):up();
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
92 end);
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
93
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
94 module:hook("enable-bind-features", function (event)
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
95 local session, features = event.session, event.features;
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
96
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
97 -- Carbons
5036
9ef5625d0d39 mod_sasl2_bind2: Indicate to the client when carbons has been enabled
Matthew Wild <mwild1@gmail.com>
parents: 5033
diff changeset
98 if features:get_child("enable", "urn:xmpp:carbons:2") then
9ef5625d0d39 mod_sasl2_bind2: Indicate to the client when carbons has been enabled
Matthew Wild <mwild1@gmail.com>
parents: 5033
diff changeset
99 session.want_carbons = true;
9ef5625d0d39 mod_sasl2_bind2: Indicate to the client when carbons has been enabled
Matthew Wild <mwild1@gmail.com>
parents: 5033
diff changeset
100 event.result:tag("enabled", { xmlns = "urn:xmpp:carbons:2" }):up();
9ef5625d0d39 mod_sasl2_bind2: Indicate to the client when carbons has been enabled
Matthew Wild <mwild1@gmail.com>
parents: 5033
diff changeset
101 end
5029
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
102
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
103 -- CSI
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
104 local csi_state_tag = features:child_with_ns("urn:xmpp:csi:0");
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
105 if csi_state_tag then
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
106 session.state = csi_state_tag.name;
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
107 end
56b9f0b1409f mod_sasl2_bind: Support for Bind 2.0 with SASL2
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
108 end, 10);