Mercurial > prosody-modules
view mod_srvinjection/mod_srvinjection.lua @ 5285:8e1f1eb00b58
mod_sasl2_fast: Fix harmless off-by-one error (invalidates existing tokens!)
Problem:
This was causing the key to become "<token>--cur" instead of the expected
"<token>-cur". As the same key was used by the code to both set and get, it
still worked.
Rationale for change:
Although it worked, it's unintended, inconsistent and messy. It increases the
chances of future bugs due to the unexpected format.
Side-effects of change:
Existing '--cur' entries will not be checked after this change, and therefore
existing FAST clients will fail to authenticate until they attempt password
auth and obtain a new FAST token.
Existing '--cur' entries in storage will not be cleaned up by this commit, but
this is considered a minor issue, and okay for the relatively few FAST
deployments.
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Wed, 29 Mar 2023 16:12:15 +0100 |
parents | 47fb4f36dacd |
children |
line wrap: on
line source
module:set_global(); local adns = require "net.adns"; local map_config = module:get_option("srvinjection") or {}; local map = module:shared "s2s_map" for host, mapping in pairs(map_config) do if type(mapping) == "table" and type(mapping[1]) == "string" and (type(mapping[2]) == "number") then local connecthost, connectport = mapping[1], mapping[2] or 5269; map[host] = {{ srv = { target = connecthost.."."; port = connectport; priority = 1; weight = 0; }; }}; else module:log("warn", "Ignoring invalid SRV injection for host '%s'", host); map[host] = nil; end end local original_lookup = adns.lookup; function adns.lookup(handler, qname, qtype, qclass) if qtype == "SRV" then local host = qname:match("^_xmpp%-server%._tcp%.(.*)%.$"); local mapping = map[host] or map["*"]; if mapping then handler(mapping); return; end elseif qtype == "A" then if (qname == "localhost." or qname == "127.0.0.1.") then handler({{ a = "127.0.0.1" }}); return; end local ip = qname:match("^(%d+.%d+.%d+.%d+).$"); if ip then handler({{ a = ip }}); return; end end return original_lookup(handler, qname, qtype, qclass); end function module.unload() adns.lookup = original_lookup; end