comparison mod_smacks/mod_smacks.lua @ 2701:d96831e46b64

Fix #889 Some buggy clients try to resume unauthenticated sessions and session.username is nil in this case (that caused the bug).
author tmolitor <thilo@eightysoft.de>
date Mon, 24 Apr 2017 20:56:56 +0200
parents 6e01878103c0
children eea1d5bac451
comparison
equal deleted inserted replaced
2674:c971b2cee2cc 2701:d96831e46b64
47 local function init_session_cache(max_entries, evict_callback) 47 local function init_session_cache(max_entries, evict_callback)
48 -- old prosody version < 0.10 (no limiting at all!) 48 -- old prosody version < 0.10 (no limiting at all!)
49 if not cache then 49 if not cache then
50 local store = {}; 50 local store = {};
51 return { 51 return {
52 get = function(user, key) return store[key]; end; 52 get = function(user, key)
53 set = function(user, key, value) store[key] = value; end; 53 if not user then return nil; end
54 if not key then return nil; end
55 return store[key];
56 end;
57 set = function(user, key, value)
58 if not user then return nil; end
59 if not key then return nil; end
60 store[key] = value;
61 end;
54 }; 62 };
55 end 63 end
56 64
57 -- use per user limited cache for prosody >= 0.10 65 -- use per user limited cache for prosody >= 0.10
58 local stores = {}; 66 local stores = {};
59 return { 67 return {
60 get = function(user, key) 68 get = function(user, key)
69 if not user then return nil; end
70 if not key then return nil; end
61 if not stores[user] then 71 if not stores[user] then
62 stores[user] = cache.new(max_entries, evict_callback); 72 stores[user] = cache.new(max_entries, evict_callback);
63 end 73 end
64 return stores[user]:get(key); 74 return stores[user]:get(key);
65 end; 75 end;
66 set = function(user, key, value) 76 set = function(user, key, value)
77 if not user then return nil; end
78 if not key then return nil; end
67 if not stores[user] then stores[user] = cache.new(max_entries, evict_callback); end 79 if not stores[user] then stores[user] = cache.new(max_entries, evict_callback); end
68 stores[user]:set(key, value); 80 stores[user]:set(key, value);
69 -- remove empty caches completely 81 -- remove empty caches completely
70 if not stores[user]:count() then stores[user] = nil; end 82 if not stores[user]:count() then stores[user] = nil; end
71 end; 83 end;
72 }; 84 };
73 end 85 end
74 local old_session_registry = init_session_cache(max_old_sessions, nil); 86 local old_session_registry = init_session_cache(max_old_sessions, nil);
75 local session_registry = init_session_cache(max_hibernated_sessions, function(resumption_token, session) 87 local session_registry = init_session_cache(max_hibernated_sessions, function(resumption_token, session)
76 if session.destroyed then return; end 88 if session.destroyed then return true; end -- destroyed session can always be removed from cache
77 session.log("warn", "User has too much hibernated sessions, removing oldest session (token: %s)", resumption_token); 89 session.log("warn", "User has too much hibernated sessions, removing oldest session (token: %s)", resumption_token);
78 -- store old session's h values on force delete 90 -- store old session's h values on force delete
79 -- save only actual h value and username/host (for security) 91 -- save only actual h value and username/host (for security)
80 old_session_registry.set(session.username, resumption_token, { 92 old_session_registry.set(session.username, resumption_token, {
81 h = session.handled_stanza_count, 93 h = session.handled_stanza_count,