Mercurial > prosody-modules
comparison mod_smacks/mod_smacks.lua @ 2701:d96831e46b64
Fix #889
Some buggy clients try to resume unauthenticated sessions and
session.username is nil in this case (that caused the bug).
author | tmolitor <thilo@eightysoft.de> |
---|---|
date | Mon, 24 Apr 2017 20:56:56 +0200 |
parents | 6e01878103c0 |
children | eea1d5bac451 |
comparison
equal
deleted
inserted
replaced
2674:c971b2cee2cc | 2701:d96831e46b64 |
---|---|
47 local function init_session_cache(max_entries, evict_callback) | 47 local function init_session_cache(max_entries, evict_callback) |
48 -- old prosody version < 0.10 (no limiting at all!) | 48 -- old prosody version < 0.10 (no limiting at all!) |
49 if not cache then | 49 if not cache then |
50 local store = {}; | 50 local store = {}; |
51 return { | 51 return { |
52 get = function(user, key) return store[key]; end; | 52 get = function(user, key) |
53 set = function(user, key, value) store[key] = value; end; | 53 if not user then return nil; end |
54 if not key then return nil; end | |
55 return store[key]; | |
56 end; | |
57 set = function(user, key, value) | |
58 if not user then return nil; end | |
59 if not key then return nil; end | |
60 store[key] = value; | |
61 end; | |
54 }; | 62 }; |
55 end | 63 end |
56 | 64 |
57 -- use per user limited cache for prosody >= 0.10 | 65 -- use per user limited cache for prosody >= 0.10 |
58 local stores = {}; | 66 local stores = {}; |
59 return { | 67 return { |
60 get = function(user, key) | 68 get = function(user, key) |
69 if not user then return nil; end | |
70 if not key then return nil; end | |
61 if not stores[user] then | 71 if not stores[user] then |
62 stores[user] = cache.new(max_entries, evict_callback); | 72 stores[user] = cache.new(max_entries, evict_callback); |
63 end | 73 end |
64 return stores[user]:get(key); | 74 return stores[user]:get(key); |
65 end; | 75 end; |
66 set = function(user, key, value) | 76 set = function(user, key, value) |
77 if not user then return nil; end | |
78 if not key then return nil; end | |
67 if not stores[user] then stores[user] = cache.new(max_entries, evict_callback); end | 79 if not stores[user] then stores[user] = cache.new(max_entries, evict_callback); end |
68 stores[user]:set(key, value); | 80 stores[user]:set(key, value); |
69 -- remove empty caches completely | 81 -- remove empty caches completely |
70 if not stores[user]:count() then stores[user] = nil; end | 82 if not stores[user]:count() then stores[user] = nil; end |
71 end; | 83 end; |
72 }; | 84 }; |
73 end | 85 end |
74 local old_session_registry = init_session_cache(max_old_sessions, nil); | 86 local old_session_registry = init_session_cache(max_old_sessions, nil); |
75 local session_registry = init_session_cache(max_hibernated_sessions, function(resumption_token, session) | 87 local session_registry = init_session_cache(max_hibernated_sessions, function(resumption_token, session) |
76 if session.destroyed then return; end | 88 if session.destroyed then return true; end -- destroyed session can always be removed from cache |
77 session.log("warn", "User has too much hibernated sessions, removing oldest session (token: %s)", resumption_token); | 89 session.log("warn", "User has too much hibernated sessions, removing oldest session (token: %s)", resumption_token); |
78 -- store old session's h values on force delete | 90 -- store old session's h values on force delete |
79 -- save only actual h value and username/host (for security) | 91 -- save only actual h value and username/host (for security) |
80 old_session_registry.set(session.username, resumption_token, { | 92 old_session_registry.set(session.username, resumption_token, { |
81 h = session.handled_stanza_count, | 93 h = session.handled_stanza_count, |