Mercurial > prosody-modules
view mod_s2s_smacks_timeout/README.md @ 5285:8e1f1eb00b58
mod_sasl2_fast: Fix harmless off-by-one error (invalidates existing tokens!)
Problem:
This was causing the key to become "<token>--cur" instead of the expected
"<token>-cur". As the same key was used by the code to both set and get, it
still worked.
Rationale for change:
Although it worked, it's unintended, inconsistent and messy. It increases the
chances of future bugs due to the unexpected format.
Side-effects of change:
Existing '--cur' entries will not be checked after this change, and therefore
existing FAST clients will fail to authenticate until they attempt password
auth and obtain a new FAST token.
Existing '--cur' entries in storage will not be cleaned up by this commit, but
this is considered a minor issue, and okay for the relatively few FAST
deployments.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Wed, 29 Mar 2023 16:12:15 +0100 |
| parents | f0fe95f9e21c |
| children | 78368d2865dd |
line wrap: on
line source
# Introduction This module closes s2s connections when [mod_smacks][doc:modules:mod_smacks] reports that a connection has not received a timely acknowledgement as requested, indicating that the connection is broken or the remote server is not responding. With the connection closed, the next stanza to be directed to that server will trigger Prosody to establish a new connection, instead of queueing it on the potentially broken connection. This should prevent messages from being stuck in a queue for a potentially long time before being bounced back to the sender as delivery failure reports. Normally the amount of time it takes for a broken connection to time out is determined by TCP. If this is deemed sensible behavior then it will likely be merged into Prosody itself somewhere.