Mercurial > prosody-modules
comparison mod_compression_unsafe/mod_compression_unsafe.lua @ 2776:3092ae96c1f0
mod_compression: Rename to mod_compression_unsafe and add security note
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Tue, 26 Sep 2017 14:08:39 +0100 (2017-09-26) |
parents | mod_compression/mod_compression.lua@c96a53b0b820 |
children | d42e9da671fd |
comparison
equal
deleted
inserted
replaced
2775:8407137c0a3b | 2776:3092ae96c1f0 |
---|---|
1 -- Prosody IM | |
2 -- Copyright (C) 2009-2012 Tobias Markmann | |
3 -- | |
4 -- This project is MIT/X11 licensed. Please see the | |
5 -- COPYING file in the source package for more information. | |
6 -- | |
7 | |
8 local st = require "util.stanza"; | |
9 local zlib = require "zlib"; | |
10 local pcall = pcall; | |
11 local tostring = tostring; | |
12 | |
13 local xmlns_compression_feature = "http://jabber.org/features/compress" | |
14 local xmlns_compression_protocol = "http://jabber.org/protocol/compress" | |
15 local xmlns_stream = "http://etherx.jabber.org/streams"; | |
16 local compression_stream_feature = st.stanza("compression", {xmlns=xmlns_compression_feature}):tag("method"):text("zlib"):up(); | |
17 local add_filter = require "util.filters".add_filter; | |
18 | |
19 local compression_level = module:get_option_number("compression_level", 7); | |
20 | |
21 if not compression_level or compression_level < 1 or compression_level > 9 then | |
22 module:log("warn", "Invalid compression level in config: %s", tostring(compression_level)); | |
23 module:log("warn", "Module loading aborted. Compression won't be available."); | |
24 return; | |
25 end | |
26 | |
27 module:hook("stream-features", function(event) | |
28 local origin, features = event.origin, event.features; | |
29 if not origin.compressed and origin.type == "c2s" then | |
30 features:add_child(compression_stream_feature); | |
31 end | |
32 end); | |
33 | |
34 module:hook("s2s-stream-features", function(event) | |
35 local origin, features = event.origin, event.features; | |
36 if not origin.compressed and origin.type == "s2sin" then | |
37 features:add_child(compression_stream_feature); | |
38 end | |
39 end); | |
40 | |
41 -- Hook to activate compression if remote server supports it. | |
42 module:hook_stanza(xmlns_stream, "features", | |
43 function (session, stanza) | |
44 if not session.compressed and session.type == "s2sout" then | |
45 -- does remote server support compression? | |
46 local comp_st = stanza:get_child("compression", xmlns_compression_feature); | |
47 if comp_st then | |
48 -- do we support the mechanism | |
49 for a in comp_st:childtags("method") do | |
50 local algorithm = a:get_text(); | |
51 if algorithm == "zlib" then | |
52 session.sends2s(st.stanza("compress", {xmlns=xmlns_compression_protocol}):tag("method"):text("zlib")) | |
53 session.log("debug", "Enabled compression using zlib.") | |
54 return true; | |
55 end | |
56 end | |
57 session.log("debug", "Remote server supports no compression algorithm we support.") | |
58 end | |
59 end | |
60 end | |
61 , 250); | |
62 | |
63 | |
64 -- returns either nil or a fully functional ready to use inflate stream | |
65 local function get_deflate_stream(session) | |
66 local status, deflate_stream = pcall(zlib.deflate, compression_level); | |
67 if status == false then | |
68 local error_st = st.stanza("failure", {xmlns=xmlns_compression_protocol}):tag("setup-failed"); | |
69 (session.sends2s or session.send)(error_st); | |
70 session.log("error", "Failed to create zlib.deflate filter."); | |
71 module:log("error", "%s", tostring(deflate_stream)); | |
72 return | |
73 end | |
74 return deflate_stream | |
75 end | |
76 | |
77 -- returns either nil or a fully functional ready to use inflate stream | |
78 local function get_inflate_stream(session) | |
79 local status, inflate_stream = pcall(zlib.inflate); | |
80 if status == false then | |
81 local error_st = st.stanza("failure", {xmlns=xmlns_compression_protocol}):tag("setup-failed"); | |
82 (session.sends2s or session.send)(error_st); | |
83 session.log("error", "Failed to create zlib.inflate filter."); | |
84 module:log("error", "%s", tostring(inflate_stream)); | |
85 return | |
86 end | |
87 return inflate_stream | |
88 end | |
89 | |
90 -- setup compression for a stream | |
91 local function setup_compression(session, deflate_stream) | |
92 add_filter(session, "bytes/out", function(t) | |
93 local status, compressed, eof = pcall(deflate_stream, tostring(t), 'sync'); | |
94 if status == false then | |
95 module:log("warn", "%s", tostring(compressed)); | |
96 session:close({ | |
97 condition = "undefined-condition"; | |
98 text = compressed; | |
99 extra = st.stanza("failure", {xmlns="http://jabber.org/protocol/compress"}):tag("processing-failed"); | |
100 }); | |
101 return; | |
102 end | |
103 return compressed; | |
104 end); | |
105 end | |
106 | |
107 -- setup decompression for a stream | |
108 local function setup_decompression(session, inflate_stream) | |
109 add_filter(session, "bytes/in", function(data) | |
110 local status, decompressed, eof = pcall(inflate_stream, data); | |
111 if status == false then | |
112 module:log("warn", "%s", tostring(decompressed)); | |
113 session:close({ | |
114 condition = "undefined-condition"; | |
115 text = decompressed; | |
116 extra = st.stanza("failure", {xmlns="http://jabber.org/protocol/compress"}):tag("processing-failed"); | |
117 }); | |
118 return; | |
119 end | |
120 return decompressed; | |
121 end); | |
122 end | |
123 | |
124 module:hook("stanza/http://jabber.org/protocol/compress:compressed", function(event) | |
125 local session = event.origin; | |
126 | |
127 if session.type == "s2sout" then | |
128 session.log("debug", "Activating compression...") | |
129 -- create deflate and inflate streams | |
130 local deflate_stream = get_deflate_stream(session); | |
131 if not deflate_stream then return true; end | |
132 | |
133 local inflate_stream = get_inflate_stream(session); | |
134 if not inflate_stream then return true; end | |
135 | |
136 -- setup compression for session.w | |
137 setup_compression(session, deflate_stream); | |
138 | |
139 -- setup decompression for session.data | |
140 setup_decompression(session, inflate_stream); | |
141 session:reset_stream(); | |
142 session:open_stream(session.from_host, session.to_host); | |
143 session.compressed = true; | |
144 return true; | |
145 end | |
146 end); | |
147 | |
148 module:hook("stanza/http://jabber.org/protocol/compress:failure", function(event) | |
149 local err = event.stanza:get_child(); | |
150 (event.origin.log or module._log)("warn", "Compression setup failed (%s)", err and err.name or "unknown reason"); | |
151 return true; | |
152 end); | |
153 | |
154 module:hook("stanza/http://jabber.org/protocol/compress:compress", function(event) | |
155 local session, stanza = event.origin, event.stanza; | |
156 | |
157 if session.type == "c2s" or session.type == "s2sin" then | |
158 -- fail if we are already compressed | |
159 if session.compressed then | |
160 local error_st = st.stanza("failure", {xmlns=xmlns_compression_protocol}):tag("setup-failed"); | |
161 (session.sends2s or session.send)(error_st); | |
162 session.log("debug", "Client tried to establish another compression layer."); | |
163 return true; | |
164 end | |
165 | |
166 -- checking if the compression method is supported | |
167 local method = stanza:get_child_text("method"); | |
168 if method == "zlib" then | |
169 session.log("debug", "zlib compression enabled."); | |
170 | |
171 -- create deflate and inflate streams | |
172 local deflate_stream = get_deflate_stream(session); | |
173 if not deflate_stream then return true; end | |
174 | |
175 local inflate_stream = get_inflate_stream(session); | |
176 if not inflate_stream then return true; end | |
177 | |
178 (session.sends2s or session.send)(st.stanza("compressed", {xmlns=xmlns_compression_protocol})); | |
179 session:reset_stream(); | |
180 | |
181 -- setup compression for session.w | |
182 setup_compression(session, deflate_stream); | |
183 | |
184 -- setup decompression for session.data | |
185 setup_decompression(session, inflate_stream); | |
186 | |
187 session.compressed = true; | |
188 elseif method then | |
189 session.log("debug", "%s compression selected, but we don't support it.", tostring(method)); | |
190 local error_st = st.stanza("failure", {xmlns=xmlns_compression_protocol}):tag("unsupported-method"); | |
191 (session.sends2s or session.send)(error_st); | |
192 else | |
193 (session.sends2s or session.send)(st.stanza("failure", {xmlns=xmlns_compression_protocol}):tag("setup-failed")); | |
194 end | |
195 return true; | |
196 end | |
197 end); | |
198 |