# HG changeset patch # User Rob Hoelz # Date 1347921102 -7200 # Node ID 0c3638673464e11fccc4c83bad90bc68eff90c18 # Parent f160166612c25a6950a781dec5afbe4ab2d49092# Parent 87e847280aef14f35ef0d9b865aae2e503e84745 Merge upstream with my local LDAP work diff -r f160166612c2 -r 0c3638673464 mod_auth_dovecot/auth_dovecot/mod_auth_dovecot.lua --- a/mod_auth_dovecot/auth_dovecot/mod_auth_dovecot.lua Tue Sep 18 00:29:28 2012 +0200 +++ b/mod_auth_dovecot/auth_dovecot/mod_auth_dovecot.lua Tue Sep 18 00:31:42 2012 +0200 @@ -48,9 +48,7 @@ log("debug", "Mechanims found: %s", table.concat(m, ", ")); end -provider = { - name = module.name:gsub("^auth_",""); -}; +provider = {}; function provider.test_password(username, password) return new_sasl(module.host):plain_test(username, password); @@ -90,5 +88,5 @@ provider.get_sasl_handler = nil end -module:add_item("auth-provider", provider); +module:provides("auth", provider); diff -r f160166612c2 -r 0c3638673464 mod_auth_external/mod_auth_external.lua --- a/mod_auth_external/mod_auth_external.lua Tue Sep 18 00:29:28 2012 +0200 +++ b/mod_auth_external/mod_auth_external.lua Tue Sep 18 00:31:42 2012 +0200 @@ -93,53 +93,50 @@ end end -function new_external_provider(host) - local provider = { name = "external" }; - - function provider.test_password(username, password) - return do_query("auth", username, password); - end +local host = module.host; +local provider = {}; - function provider.set_password(username, password) - return do_query("setpass", username, password); - end - - function provider.user_exists(username) - return do_query("isuser", username); - end +function provider.test_password(username, password) + return do_query("auth", username, password); +end - function provider.create_user(username, password) return nil, "Account creation/modification not available."; end - - function provider.get_sasl_handler() - local testpass_authentication_profile = { - plain_test = function(sasl, username, password, realm) - local prepped_username = nodeprep(username); - if not prepped_username then - log("debug", "NODEprep failed on username: %s", username); - return "", nil; - end - return usermanager.test_password(prepped_username, realm, password), true; - end, - }; - return new_sasl(module.host, testpass_authentication_profile); - end +function provider.set_password(username, password) + return do_query("setpass", username, password); +end - function provider.is_admin(jid) - local admins = config.get(host, "core", "admins"); - if admins ~= config.get("*", "core", "admins") then - if type(admins) == "table" then - jid = jid_bare(jid); - for _,admin in ipairs(admins) do - if admin == jid then return true; end - end - elseif admins then - log("error", "Option 'admins' for host '%s' is not a table", host); - end - end - return usermanager.is_admin(jid); -- Test whether it's a global admin instead - end - - return provider; +function provider.user_exists(username) + return do_query("isuser", username); end -module:add_item("auth-provider", new_external_provider(module.host)); +function provider.create_user(username, password) return nil, "Account creation/modification not available."; end + +function provider.get_sasl_handler() + local testpass_authentication_profile = { + plain_test = function(sasl, username, password, realm) + local prepped_username = nodeprep(username); + if not prepped_username then + log("debug", "NODEprep failed on username: %s", username); + return "", nil; + end + return usermanager.test_password(prepped_username, realm, password), true; + end, + }; + return new_sasl(host, testpass_authentication_profile); +end + +function provider.is_admin(jid) + local admins = config.get(host, "core", "admins"); + if admins ~= config.get("*", "core", "admins") then + if type(admins) == "table" then + jid = jid_bare(jid); + for _,admin in ipairs(admins) do + if admin == jid then return true; end + end + elseif admins then + log("error", "Option 'admins' for host '%s' is not a table", host); + end + end + return usermanager.is_admin(jid); -- Test whether it's a global admin instead +end + +module:provides("auth", provider); diff -r f160166612c2 -r 0c3638673464 mod_auth_internal_yubikey/mod_auth_internal_yubikey.lua --- a/mod_auth_internal_yubikey/mod_auth_internal_yubikey.lua Tue Sep 18 00:29:28 2012 +0200 +++ b/mod_auth_internal_yubikey/mod_auth_internal_yubikey.lua Tue Sep 18 00:31:42 2012 +0200 @@ -45,83 +45,80 @@ local global_yubikey_key = module:get_option_string("yubikey_key"); -function new_default_provider(host) - local provider = { name = "internal_yubikey" }; - log("debug", "initializing default authentication provider for host '%s'", host); +local host = module.host; +local provider = {}; +log("debug", "initializing default authentication provider for host '%s'", host); + +function provider.test_password(username, password) + log("debug", "test password '%s' for user %s at host %s", password, username, module.host); - function provider.test_password(username, password) - log("debug", "test password '%s' for user %s at host %s", password, username, module.host); - - local account_info = datamanager.load(username, host, "accounts") or {}; - local yubikey_key = account_info.yubikey_key or global_yubikey_key; - if account_info.yubikey_key then - log("debug", "Authenticating Yubikey OTP for %s", username); - local authed, err = yubikey:authenticate(password, account_info.yubikey_key, account_info.yubikey_state or {}, { account = account_info, username = username, host = host }); - if not authed then - log("debug", "Failed to authenticate %s via OTP: %s", username, err); - return authed, err; - end - return authed; - elseif account_info.password and password == account_info.password then - -- No yubikey configured for this user, treat as normal password - log("debug", "No yubikey configured for %s, successful login using password auth", username); - return true; - else - return nil, "Auth failed. Invalid username or password."; - end - end - - function provider.get_password(username) - log("debug", "get_password for username '%s' at host '%s'", username, module.host); - return (datamanager.load(username, host, "accounts") or {}).password; - end - - function provider.set_password(username, password) - local account = datamanager.load(username, host, "accounts"); - if account then - account.password = password; - return datamanager.store(username, host, "accounts", account); + local account_info = datamanager.load(username, host, "accounts") or {}; + local yubikey_key = account_info.yubikey_key or global_yubikey_key; + if account_info.yubikey_key then + log("debug", "Authenticating Yubikey OTP for %s", username); + local authed, err = yubikey:authenticate(password, account_info.yubikey_key, account_info.yubikey_state or {}, { account = account_info, username = username, host = host }); + if not authed then + log("debug", "Failed to authenticate %s via OTP: %s", username, err); + return authed, err; end - return nil, "Account not available."; - end - - function provider.user_exists(username) - local account = datamanager.load(username, host, "accounts"); - if not account then - log("debug", "account not found for username '%s' at host '%s'", username, module.host); - return nil, "Auth failed. Invalid username"; - end + return authed; + elseif account_info.password and password == account_info.password then + -- No yubikey configured for this user, treat as normal password + log("debug", "No yubikey configured for %s, successful login using password auth", username); return true; - end - - function provider.create_user(username, password) - return datamanager.store(username, host, "accounts", {password = password}); - end - - function provider.delete_user(username) - return datamanager.store(username, host, "accounts", nil); + else + return nil, "Auth failed. Invalid username or password."; end +end - function provider.get_sasl_handler() - local realm = module:get_option("sasl_realm") or module.host; - local getpass_authentication_profile = { - plain_test = function(sasl, username, password, realm) - local prepped_username = nodeprep(username); - if not prepped_username then - log("debug", "NODEprep failed on username: %s", username); - return false, nil; - end - - return usermanager.test_password(username, realm, password), true; - end - }; - return new_sasl(realm, getpass_authentication_profile); - end - - return provider; +function provider.get_password(username) + log("debug", "get_password for username '%s' at host '%s'", username, module.host); + return (datamanager.load(username, host, "accounts") or {}).password; end -module:add_item("auth-provider", new_default_provider(module.host)); +function provider.set_password(username, password) + local account = datamanager.load(username, host, "accounts"); + if account then + account.password = password; + return datamanager.store(username, host, "accounts", account); + end + return nil, "Account not available."; +end + +function provider.user_exists(username) + local account = datamanager.load(username, host, "accounts"); + if not account then + log("debug", "account not found for username '%s' at host '%s'", username, module.host); + return nil, "Auth failed. Invalid username"; + end + return true; +end + +function provider.create_user(username, password) + return datamanager.store(username, host, "accounts", {password = password}); +end + +function provider.delete_user(username) + return datamanager.store(username, host, "accounts", nil); +end + +function provider.get_sasl_handler() + local realm = module:get_option("sasl_realm") or module.host; + local getpass_authentication_profile = { + plain_test = function(sasl, username, password, realm) + local prepped_username = nodeprep(username); + if not prepped_username then + log("debug", "NODEprep failed on username: %s", username); + return false, nil; + end + + return usermanager.test_password(username, realm, password), true; + end + }; + return new_sasl(realm, getpass_authentication_profile); +end + +module:provides("auth", provider); function module.command(arg) local command = arg[1]; diff -r f160166612c2 -r 0c3638673464 mod_auth_joomla/mod_auth_joomla.lua --- a/mod_auth_joomla/mod_auth_joomla.lua Tue Sep 18 00:29:28 2012 +0200 +++ b/mod_auth_joomla/mod_auth_joomla.lua Tue Sep 18 00:31:42 2012 +0200 @@ -104,7 +104,7 @@ end -provider = { name = "joomla" }; +provider = {}; function provider.test_password(username, password) local hash = get_password(username); @@ -178,5 +178,5 @@ return sasl; end -module:add_item("auth-provider", provider); +module:provides("auth", provider); diff -r f160166612c2 -r 0c3638673464 mod_auth_ldap/mod_auth_ldap.lua --- a/mod_auth_ldap/mod_auth_ldap.lua Tue Sep 18 00:29:28 2012 +0200 +++ b/mod_auth_ldap/mod_auth_ldap.lua Tue Sep 18 00:31:42 2012 +0200 @@ -19,7 +19,7 @@ end end -local provider = { name = "ldap" }; +local provider = {}; local function ldap_filter_escape(s) return (s:gsub("[\\*\\(\\)\\\\%z]", function(c) return ("\\%02x"):format(c:byte()) end)); end function provider.test_password(username, password) @@ -53,4 +53,4 @@ return new_sasl(module.host, testpass_authentication_profile); end -module:add_item("auth-provider", provider); +module:provides("auth", provider); diff -r f160166612c2 -r 0c3638673464 mod_auth_ldap2/mod_auth_ldap.lua --- a/mod_auth_ldap2/mod_auth_ldap.lua Tue Sep 18 00:29:28 2012 +0200 +++ b/mod_auth_ldap2/mod_auth_ldap.lua Tue Sep 18 00:31:42 2012 +0200 @@ -20,7 +20,7 @@ return; end -local provider = { name = 'ldap' } +local provider = {} function provider.test_password(username, password) return ldap.bind(username, password); @@ -81,4 +81,4 @@ }; end -module:add_item("auth-provider", provider); +module:provides("auth", provider); diff -r f160166612c2 -r 0c3638673464 mod_auth_phpbb3/mod_auth_phpbb3.lua --- a/mod_auth_phpbb3/mod_auth_phpbb3.lua Tue Sep 18 00:29:28 2012 +0200 +++ b/mod_auth_phpbb3/mod_auth_phpbb3.lua Tue Sep 18 00:31:42 2012 +0200 @@ -187,7 +187,7 @@ end -provider = { name = "phpbb3" }; +provider = {}; function provider.test_password(username, password) local hash = get_password(username); @@ -269,5 +269,5 @@ return sasl; end -module:add_item("auth-provider", provider); +module:provides("auth", provider); diff -r f160166612c2 -r 0c3638673464 mod_auth_sql/mod_auth_sql.lua --- a/mod_auth_sql/mod_auth_sql.lua Tue Sep 18 00:29:28 2012 +0200 +++ b/mod_auth_sql/mod_auth_sql.lua Tue Sep 18 00:31:42 2012 +0200 @@ -81,7 +81,7 @@ end -provider = { name = "sql" }; +provider = {}; function provider.test_password(username, password) return password and get_password(username) == password; @@ -114,4 +114,4 @@ return new_sasl(module.host, profile); end -module:add_item("auth-provider", provider); +module:provides("auth", provider); diff -r f160166612c2 -r 0c3638673464 mod_auth_wordpress/mod_auth_wordpress.lua --- a/mod_auth_wordpress/mod_auth_wordpress.lua Tue Sep 18 00:29:28 2012 +0200 +++ b/mod_auth_wordpress/mod_auth_wordpress.lua Tue Sep 18 00:31:42 2012 +0200 @@ -176,7 +176,7 @@ end -provider = { name = "wordpress" }; +provider = {}; function provider.test_password(username, password) local hash = get_password(username); @@ -250,5 +250,5 @@ return sasl; end -module:add_item("auth-provider", provider); +module:provides("auth", provider); diff -r f160166612c2 -r 0c3638673464 mod_couchdb/couchdb/mod_couchdb.lua --- a/mod_couchdb/couchdb/mod_couchdb.lua Tue Sep 18 00:29:28 2012 +0200 +++ b/mod_couchdb/couchdb/mod_couchdb.lua Tue Sep 18 00:31:42 2012 +0200 @@ -76,4 +76,4 @@ return instance; end -module:add_item("data-driver", driver); +module:provides("storage", driver); diff -r f160166612c2 -r 0c3638673464 mod_host_guard/mod_host_guard.lua --- a/mod_host_guard/mod_host_guard.lua Tue Sep 18 00:29:28 2012 +0200 +++ b/mod_host_guard/mod_host_guard.lua Tue Sep 18 00:31:42 2012 +0200 @@ -42,7 +42,7 @@ local function handle_activation (host, u) if guard_blockall:contains(host) or guard_protect:contains(host) then - if hosts[host] and hosts[host].events then + if hosts[host] and config.get(host, "core", "authentication") ~= "anonymous" then hosts[host].events.add_handler("s2sin-established", s2s_hook, 500) hosts[host].events.add_handler("route/remote", rr_hook, 500) hosts[host].events.add_handler("stanza/jabber:server:dialback:result", s2s_hook, 500) @@ -57,7 +57,7 @@ local function handle_deactivation (host, u, i) if guard_blockall:contains(host) or guard_protect:contains(host) then - if hosts[host] and hosts[host].events then + if hosts[host] and config.get(host, "core", "authentication") ~= "anonymous" then hosts[host].events.remove_handler("s2sin-established", s2s_hook) hosts[host].events.remove_handler("route/remote", rr_hook) hosts[host].events.remove_handler("stanza/jabber:server:dialback:result", s2s_hook) diff -r f160166612c2 -r 0c3638673464 mod_mam_muc/mod_mam_muc.lua --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_mam_muc/mod_mam_muc.lua Tue Sep 18 00:31:42 2012 +0200 @@ -0,0 +1,211 @@ +-- XEP-0313: Message Archive Management for Prosody +-- Copyright (C) 2011-2012 Kim Alvefur +-- +-- This file is MIT/X11 licensed. + +local xmlns_mam = "urn:xmpp:mam:tmp"; +local xmlns_delay = "urn:xmpp:delay"; +local xmlns_forward = "urn:xmpp:forward:0"; + +local st = require "util.stanza"; +local rsm = module:require "mod_mam/rsm"; +local jid_bare = require "util.jid".bare; +local jid_split = require "util.jid".split; +local jid_prep = require "util.jid".prep; +local host = module.host; + +local dm_list_load = require "util.datamanager".list_load; +local dm_list_append = require "util.datamanager".list_append; + +local tostring = tostring; +local time_now = os.time; +local m_min = math.min; +local timestamp, timestamp_parse = require "util.datetime".datetime, require "util.datetime".parse; +local uuid = require "util.uuid".generate; +local default_max_items, max_max_items = 20, module:get_option_number("max_archive_query_results", 50); +--local rooms_to_archive = module:get_option_set("rooms_to_archive",{}); +-- TODO Should be possible to enforce it too + +local archive_store = "archive2"; + +-- Handle archive queries +module:hook("iq/bare/"..xmlns_mam..":query", function(event) + local origin, stanza = event.origin, event.stanza; + local room = jid_split(stanza.attr.to); + local query = stanza.tags[1]; + + local room_obj = hosts[module.host].modules.muc.rooms[jid_bare(stanza.attr.to)]; + if not room_obj then + return -- FIXME not found + end + local from = jid_bare(stanza.attr.from); + + if room_obj._affiliations[from] == "outcast" + or room_obj._data.members_only and not room_obj._affiliations[from] then + return -- FIXME unauth + end + + if stanza.attr.type == "get" then + local qid = query.attr.queryid; + + -- Search query parameters + local qwith = query:get_child_text("with"); + local qstart = query:get_child_text("start"); + local qend = query:get_child_text("end"); + local qset = rsm.get(query); + module:log("debug", "Archive query, id %s with %s from %s until %s)", + tostring(qid), qwith or "anyone", qstart or "the dawn of time", qend or "now"); + + if qstart or qend then -- Validate timestamps + local vstart, vend = (qstart and timestamp_parse(qstart)), (qend and timestamp_parse(qend)) + if (qstart and not vstart) or (qend and not vend) then + origin.send(st.error_reply(stanza, "modify", "bad-request", "Invalid timestamp")) + return true + end + qstart, qend = vstart, vend; + end + + local qres; + if qwith then -- Validate the 'with' jid + local pwith = qwith and jid_prep(qwith); + if pwith and not qwith then -- it failed prepping + origin.send(st.error_reply(stanza, "modify", "bad-request", "Invalid JID")) + return true + end + local _, _, resource = jid_split(qwith); + qwith = jid_bare(pwith); + qres = resource; + end + + -- Load all the data! + local data, err = dm_list_load(room, module.host, archive_store); + if not data then + if (not err) then + module:log("debug", "The archive was empty."); + origin.send(st.reply(stanza)); + else + origin.send(st.error_reply(stanza, "cancel", "internal-server-error", "Error loading archive: "..tostring(err))); + end + return true + end + + -- RSM stuff + local qmax = m_min(qset and qset.max or default_max_items, max_max_items); + local qset_matches = not (qset and qset.after); + local first, last, index; + local n = 0; + local start = qset and qset.index or 1; + + module:log("debug", "Loaded %d items, about to filter", #data); + for i=start,#data do + local item = data[i]; + local when, nick = item.when, item.resource; + local id = item.id; + --module:log("debug", "id is %s", id); + + -- RSM pre-send-checking + if qset then + if qset.before == id then + module:log("debug", "End of matching range found"); + qset_matches = false; + break; + end + end + + --module:log("debug", "message with %s at %s", with, when or "???"); + -- Apply query filter + if (not qres or (qres == nick)) + and (not qstart or when >= qstart) + and (not qend or when <= qend) + and (not qset or qset_matches) then + local fwd_st = st.message{ to = stanza.attr.from } + :tag("result", { xmlns = xmlns_mam, queryid = qid, id = id }):up() + :tag("forwarded", { xmlns = xmlns_forward }) + :tag("delay", { xmlns = xmlns_delay, stamp = timestamp(when) }):up(); + local orig_stanza = st.deserialize(item.stanza); + orig_stanza.attr.xmlns = "jabber:client"; + fwd_st:add_child(orig_stanza); + origin.send(fwd_st); + if not first then + index = i; + first = id; + end + last = id; + n = n + 1; + elseif (qend and when > qend) then + module:log("debug", "We have passed into messages more recent than requested"); + break -- We have passed into messages more recent than requested + end + + -- RSM post-send-checking + if qset then + if qset.after == id then + module:log("debug", "Start of matching range found"); + qset_matches = true; + end + end + if n >= qmax then + module:log("debug", "Max number of items matched"); + break + end + end + -- That's all folks! + module:log("debug", "Archive query %s completed", tostring(qid)); + + local reply = st.reply(stanza); + if last then + -- This is a bit redundant, isn't it? + reply:query(xmlns_mam):add_child(rsm.generate{first = first, last = last, count = n}); + end + origin.send(reply); + return true + end +end); + +-- Handle messages +local function message_handler(event) + local origin, stanza = event.origin, event.stanza; + local orig_type = stanza.attr.type or "normal"; + local orig_to = stanza.attr.to; + local orig_from = stanza.attr.from; + + -- Still needed? + if not orig_from then + orig_from = origin.full_jid; + end + + -- Only store groupchat messages + if not (orig_type == "groupchat" and (stanza:get_child("body") or stanza:get_child("subject"))) then + return; + end + + local room = jid_split(orig_to); + local room_obj = hosts[host].modules.muc.rooms[orig_to] + if not room_obj then return end + + local id = uuid(); + local when = time_now(); + local stanza = st.clone(stanza); -- Private copy + --stanza.attr.to = nil; + local nick = room_obj._jid_nick[orig_from]; + if not nick then return end + stanza.attr.from = nick; + local _, _, nick = jid_split(nick); + -- And stash it + local ok, err = dm_list_append(room, host, archive_store, { + -- WARNING This format may change. + id = id, + when = when, + resource = nick, + stanza = st.preserialize(stanza) + }); + --[[ This was dropped from the spec + if ok then + stanza:tag("archived", { xmlns = xmlns_mam, by = host, id = id }):up(); + end + --]] +end + +module:hook("message/bare", message_handler, 2); + +module:add_feature(xmlns_mam); diff -r f160166612c2 -r 0c3638673464 mod_mam_muc_sql/mod_mam_muc_sql.lua --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_mam_muc_sql/mod_mam_muc_sql.lua Tue Sep 18 00:31:42 2012 +0200 @@ -0,0 +1,301 @@ +-- XEP-0313: Message Archive Management for Prosody +-- Copyright (C) 2011-2012 Kim Alvefur +-- +-- This file is MIT/X11 licensed. + +local xmlns_mam = "urn:xmpp:mam:tmp"; +local xmlns_delay = "urn:xmpp:delay"; +local xmlns_forward = "urn:xmpp:forward:0"; + +local st = require "util.stanza"; +local rsm = module:require "mod_mam/rsm"; +local jid_bare = require "util.jid".bare; +local jid_split = require "util.jid".split; +local jid_prep = require "util.jid".prep; +local host = module.host; + +local serialize, deserialize = require"util.json".encode, require"util.json".decode; +local unpack = unpack; +local tostring = tostring; +local time_now = os.time; +local t_insert = table.insert; +local m_min = math.min; +local timestamp, timestamp_parse = require "util.datetime".datetime, require "util.datetime".parse; +local default_max_items, max_max_items = 20, module:get_option_number("max_archive_query_results", 50); +--local rooms_to_archive = module:get_option_set("rooms_to_archive",{}); + +local sql, setsql, getsql = {}; +do -- SQL stuff +local dburi; +local connection; +local connections = module:shared "/*/sql/connection-cache"; +local build_url = require"socket.url".build; +local resolve_relative_path = require "core.configmanager".resolve_relative_path; +local params = module:get_option("mam_sql", module:get_option("sql")); + +local function db2uri(params) + return build_url{ + scheme = params.driver, + user = params.username, + password = params.password, + host = params.host, + port = params.port, + path = params.database, + }; +end + +local function test_connection() + if not connection then return nil; end + if connection:ping() then + return true; + else + module:log("debug", "Database connection closed"); + connection = nil; + connections[dburi] = nil; + end +end +local function connect() + if not test_connection() then + prosody.unlock_globals(); + local dbh, err = DBI.Connect( + params.driver, params.database, + params.username, params.password, + params.host, params.port + ); + prosody.lock_globals(); + if not dbh then + module:log("debug", "Database connection failed: %s", tostring(err)); + return nil, err; + end + module:log("debug", "Successfully connected to database"); + dbh:autocommit(false); -- don't commit automatically + connection = dbh; + + connections[dburi] = dbh; + end + return connection; +end + +do -- process options to get a db connection + local ok; + prosody.unlock_globals(); + ok, DBI = pcall(require, "DBI"); + if not ok then + package.loaded["DBI"] = {}; + module:log("error", "Failed to load the LuaDBI library for accessing SQL databases: %s", DBI); + module:log("error", "More information on installing LuaDBI can be found at http://prosody.im/doc/depends#luadbi"); + end + prosody.lock_globals(); + if not ok or not DBI.Connect then + return; -- Halt loading of this module + end + + params = params or { driver = "SQLite3" }; + + if params.driver == "SQLite3" then + params.database = resolve_relative_path(prosody.paths.data or ".", params.database or "prosody.sqlite"); + end + + assert(params.driver and params.database, "Both the SQL driver and the database need to be specified"); + + dburi = db2uri(params); + connection = connections[dburi]; + + assert(connect()); + +end + +function getsql(sql, ...) + if params.driver == "PostgreSQL" then + sql = sql:gsub("`", "\""); + end + -- do prepared statement stuff + local stmt, err = connection:prepare(sql); + if not stmt and not test_connection() then error("connection failed"); end + if not stmt then module:log("error", "QUERY FAILED: %s %s", err, debug.traceback()); return nil, err; end + -- run query + local ok, err = stmt:execute(...); + if not ok and not test_connection() then error("connection failed"); end + if not ok then return nil, err; end + + return stmt; +end +function setsql(sql, ...) + local stmt, err = getsql(sql, ...); + if not stmt then return stmt, err; end + return stmt:affected(); +end +function sql.rollback(...) + if connection then connection:rollback(); end -- FIXME check for rollback error? + return ...; +end +function sql.commit(...) + if not connection:commit() then return nil, "SQL commit failed"; end + return ...; +end + +end + +local archive_store = "archive2"; + +-- Handle archive queries +module:hook("iq/bare/"..xmlns_mam..":query", function(event) + local origin, stanza = event.origin, event.stanza; + local room = jid_split(stanza.attr.to); + local query = stanza.tags[1]; + + local room_obj = hosts[module.host].modules.muc.rooms[jid_bare(stanza.attr.to)]; + if not room_obj then + return -- FIXME not found + end + local from = jid_bare(stanza.attr.from); + + if room_obj._affiliations[from] == "outcast" + or room_obj._data.members_only and not room_obj._affiliations[from] then + return -- FIXME unauth + end + + if stanza.attr.type == "get" then + local qid = query.attr.queryid; + + -- Search query parameters + local qwith = query:get_child_text("with"); + local qstart = query:get_child_text("start"); + local qend = query:get_child_text("end"); + local qset = rsm.get(query); + module:log("debug", "Archive query, id %s with %s from %s until %s)", + tostring(qid), qwith or "anyone", qstart or "the dawn of time", qend or "now"); + + if qstart or qend then -- Validate timestamps + local vstart, vend = (qstart and timestamp_parse(qstart)), (qend and timestamp_parse(qend)) + if (qstart and not vstart) or (qend and not vend) then + origin.send(st.error_reply(stanza, "modify", "bad-request", "Invalid timestamp")) + return true + end + qstart, qend = vstart, vend; + end + + local qres; + if qwith then -- Validate the 'with' jid + local pwith = qwith and jid_prep(qwith); + if pwith and not qwith then -- it failed prepping + origin.send(st.error_reply(stanza, "modify", "bad-request", "Invalid JID")) + return true + end + local _, _, resource = jid_split(qwith); + qwith = jid_bare(pwith); + qres = resource; + end + + -- RSM stuff + local qmax = m_min(qset and qset.max or default_max_items, max_max_items); + local first, last; + local n = 0; + + local sql_query = ([[ + SELECT `id`, `when`, `stanza` + FROM `prosodyarchive` + WHERE `host` = ? AND `user` = ? AND `store` = ? + AND `when` BETWEEN ? AND ? + %s + AND `id` > ? + LIMIT ?; + ]]):format(qres and [[AND `resource` = ?]] or "") + + local p = { + host, room, archive_store, + qstart or 0, qend or time_now(), + qset and tonumber(qset.after) or 0, + qmax + }; + if qres then + t_insert(p, 6, qres); + end + module:log("debug", "getsql(sql_query, "..table.concat(p, ", ")); + local data, err = getsql(sql_query, unpack(p)); + if not data then + origin.send(st.error_reply(stanza, "cancel", "internal-server-error", "Error loading archive: "..tostring(err))); + return true + end + + for item in data:rows() do + local id, when, orig_stanza = unpack(item); + --module:log("debug", "id is %s", id); + + local fwd_st = st.message{ to = stanza.attr.from, from = stanza.attr.to } + :tag("result", { xmlns = xmlns_mam, queryid = qid, id = id }):up() + :tag("forwarded", { xmlns = xmlns_forward }) + :tag("delay", { xmlns = xmlns_delay, stamp = timestamp(when) }):up(); + orig_stanza = st.deserialize(deserialize(orig_stanza)); + orig_stanza.attr.xmlns = "jabber:client"; + fwd_st:add_child(orig_stanza); + origin.send(fwd_st); + last = id; + n = n + 1; + if not first then + first = id; + end + end + -- That's all folks! + module:log("debug", "Archive query %s completed", tostring(qid)); + + local reply = st.reply(stanza); + if last then + -- This is a bit redundant, isn't it? + reply:query(xmlns_mam):add_child(rsm.generate{first = first, last = last, count = n}); + end + origin.send(reply); + return true + end +end); + +-- Handle messages +local function message_handler(event) + local origin, stanza = event.origin, event.stanza; + local orig_type = stanza.attr.type or "normal"; + local orig_to = stanza.attr.to; + local orig_from = stanza.attr.from; + + -- Still needed? + if not orig_from then + orig_from = origin.full_jid; + end + + -- Only store groupchat messages + if not (orig_type == "groupchat" and (stanza:get_child("body") or stanza:get_child("subject"))) then + return; + end + + local room = jid_split(orig_to); + local room_obj = hosts[host].modules.muc.rooms[orig_to] + if not room_obj then return end + + local when = time_now(); + local stanza = st.clone(stanza); -- Private copy + --stanza.attr.to = nil; + local nick = room_obj._jid_nick[orig_from]; + if not nick then return end + stanza.attr.from = nick; + local _, _, nick = jid_split(nick); + -- And stash it + local ok, err = setsql([[ + INSERT INTO `prosodyarchive` + (`host`, `user`, `store`, `when`, `resource`, `stanza`) + VALUES (?, ?, ?, ?, ?, ?); + ]], host, room, archive_store, when, nick, serialize(st.preserialize(stanza))) + if ok then + sql.commit(); + else + module:log("error", "SQL error: %s", err); + sql.rollback(); + end + --[[ This was dropped from the spec + if ok then + stanza:tag("archived", { xmlns = xmlns_mam, by = host, id = id }):up(); + end + --]] +end + +module:hook("message/bare", message_handler, 2); + +module:add_feature(xmlns_mam); diff -r f160166612c2 -r 0c3638673464 mod_mam_sql/mod_mam_sql.lua --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_mam_sql/mod_mam_sql.lua Tue Sep 18 00:31:42 2012 +0200 @@ -0,0 +1,433 @@ +-- XEP-0313: Message Archive Management for Prosody +-- Copyright (C) 2011-2012 Kim Alvefur +-- +-- This file is MIT/X11 licensed. + +local xmlns_mam = "urn:xmpp:mam:tmp"; +local xmlns_delay = "urn:xmpp:delay"; +local xmlns_forward = "urn:xmpp:forward:0"; + +local st = require "util.stanza"; +local rsm = module:require "mod_mam/rsm"; +local jid_bare = require "util.jid".bare; +local jid_split = require "util.jid".split; +local jid_prep = require "util.jid".prep; +local host = module.host; + +local dm_load = require "util.datamanager".load; +local dm_store = require "util.datamanager".store; +local rm_load_roster = require "core.rostermanager".load_roster; + +local serialize, deserialize = require"util.json".encode, require"util.json".decode; +local unpack = unpack; +local tostring = tostring; +local time_now = os.time; +local t_insert = table.insert; +local m_min = math.min; +local timestamp, timestamp_parse = require "util.datetime".datetime, require "util.datetime".parse; +local default_max_items, max_max_items = 20, module:get_option_number("max_archive_query_results", 50); +local global_default_policy = module:get_option("default_archive_policy", false); +-- TODO Should be possible to enforce it too + +local sql, setsql, getsql = {}; +do -- SQL stuff +local dburi; +local connection; +local connections = module:shared "/*/sql/connection-cache"; +local build_url = require"socket.url".build; +local resolve_relative_path = require "core.configmanager".resolve_relative_path; +local params = module:get_option("mam_sql", module:get_option("sql")); + +local function db2uri(params) + return build_url{ + scheme = params.driver, + user = params.username, + password = params.password, + host = params.host, + port = params.port, + path = params.database, + }; +end + +local function test_connection() + if not connection then return nil; end + if connection:ping() then + return true; + else + module:log("debug", "Database connection closed"); + connection = nil; + connections[dburi] = nil; + end +end +local function connect() + if not test_connection() then + prosody.unlock_globals(); + local dbh, err = DBI.Connect( + params.driver, params.database, + params.username, params.password, + params.host, params.port + ); + prosody.lock_globals(); + if not dbh then + module:log("debug", "Database connection failed: %s", tostring(err)); + return nil, err; + end + module:log("debug", "Successfully connected to database"); + dbh:autocommit(false); -- don't commit automatically + connection = dbh; + + connections[dburi] = dbh; + end + return connection; +end + +do -- process options to get a db connection + local ok; + prosody.unlock_globals(); + ok, DBI = pcall(require, "DBI"); + if not ok then + package.loaded["DBI"] = {}; + module:log("error", "Failed to load the LuaDBI library for accessing SQL databases: %s", DBI); + module:log("error", "More information on installing LuaDBI can be found at http://prosody.im/doc/depends#luadbi"); + end + prosody.lock_globals(); + if not ok or not DBI.Connect then + return; -- Halt loading of this module + end + + params = params or { driver = "SQLite3" }; + + if params.driver == "SQLite3" then + params.database = resolve_relative_path(prosody.paths.data or ".", params.database or "prosody.sqlite"); + end + + assert(params.driver and params.database, "Both the SQL driver and the database need to be specified"); + + dburi = db2uri(params); + connection = connections[dburi]; + + assert(connect()); + +end + +function getsql(sql, ...) + if params.driver == "PostgreSQL" then + sql = sql:gsub("`", "\""); + end + -- do prepared statement stuff + local stmt, err = connection:prepare(sql); + if not stmt and not test_connection() then error("connection failed"); end + if not stmt then module:log("error", "QUERY FAILED: %s %s", err, debug.traceback()); return nil, err; end + -- run query + local ok, err = stmt:execute(...); + if not ok and not test_connection() then error("connection failed"); end + if not ok then return nil, err; end + + return stmt; +end +function setsql(sql, ...) + local stmt, err = getsql(sql, ...); + if not stmt then return stmt, err; end + return stmt:affected(); +end +function sql.rollback(...) + if connection then connection:rollback(); end -- FIXME check for rollback error? + return ...; +end +function sql.commit(...) + if not connection:commit() then return nil, "SQL commit failed"; end + return ...; +end + +end + +-- For translating preference names from string to boolean and back +local default_attrs = { + always = true, [true] = "always", + never = false, [false] = "never", + roster = "roster", +} + +do + local prefs_format = { + [false] = "roster", + -- default ::= true | false | "roster" + -- true = always, false = never, nil = global default + ["romeo@montague.net"] = true, -- always + ["montague@montague.net"] = false, -- newer + }; +end + +local archive_store = "archive2"; +local prefs_store = archive_store .. "_prefs"; +local function get_prefs(user) + return dm_load(user, host, prefs_store) or + { [false] = global_default_policy }; +end +local function set_prefs(user, prefs) + return dm_store(user, host, prefs_store, prefs); +end + + +-- Handle prefs. +module:hook("iq/self/"..xmlns_mam..":prefs", function(event) + local origin, stanza = event.origin, event.stanza; + local user = origin.username; + if stanza.attr.type == "get" then + local prefs = get_prefs(user); + local default = prefs[false]; + default = default ~= nil and default_attrs[default] or global_default_policy; + local reply = st.reply(stanza):tag("prefs", { xmlns = xmlns_mam, default = default }) + local always = st.stanza("always"); + local never = st.stanza("never"); + for k,v in pairs(prefs) do + if k then + (v and always or never):tag("jid"):text(k):up(); + end + end + reply:add_child(always):add_child(never); + origin.send(reply); + return true + else -- type == "set" + local prefs = {}; + local new_prefs = stanza:get_child("prefs", xmlns_mam); + local new_default = new_prefs.attr.default; + if new_default then + prefs[false] = default_attrs[new_default]; + end + + local always = new_prefs:get_child("always"); + if always then + for rule in always:childtags("jid") do + local jid = rule:get_text(); + prefs[jid] = true; + end + end + + local never = new_prefs:get_child("never"); + if never then + for rule in never:childtags("jid") do + local jid = rule:get_text(); + prefs[jid] = false; + end + end + + local ok, err = set_prefs(user, prefs); + if not ok then + origin.send(st.error_reply(stanza, "cancel", "internal-server-error", "Error storing preferences: "..tostring(err))); + else + origin.send(st.reply(stanza)); + end + return true + end +end); + +-- Handle archive queries +module:hook("iq/self/"..xmlns_mam..":query", function(event) + local origin, stanza = event.origin, event.stanza; + local query = stanza.tags[1]; + if stanza.attr.type == "get" then + local qid = query.attr.queryid; + + -- Search query parameters + local qwith = query:get_child_text("with"); + local qstart = query:get_child_text("start"); + local qend = query:get_child_text("end"); + local qset = rsm.get(query); + module:log("debug", "Archive query, id %s with %s from %s until %s)", + tostring(qid), qwith or "anyone", qstart or "the dawn of time", qend or "now"); + + if qstart or qend then -- Validate timestamps + local vstart, vend = (qstart and timestamp_parse(qstart)), (qend and timestamp_parse(qend)) + if (qstart and not vstart) or (qend and not vend) then + origin.send(st.error_reply(stanza, "modify", "bad-request", "Invalid timestamp")) + return true + end + qstart, qend = vstart, vend; + end + + local qres; + if qwith then -- Validate the 'with' jid + local pwith = qwith and jid_prep(qwith); + if pwith and not qwith then -- it failed prepping + origin.send(st.error_reply(stanza, "modify", "bad-request", "Invalid JID")) + return true + end + local _, _, resource = jid_split(qwith); + qwith = jid_bare(pwith); + qres = resource; + end + + -- RSM stuff + local qmax = m_min(qset and qset.max or default_max_items, max_max_items); + local last; + + local sql_query = ([[ + SELECT `id`, `when`, `stanza` + FROM `prosodyarchive` + WHERE `host` = ? AND `user` = ? AND `store` = ? + AND `when` BETWEEN ? AND ? + %s %s + AND `id` > ? + LIMIT ?; + ]]):format(qwith and [[AND `with` = ?]] or "", qres and [[AND `resource` = ?]] or "") + + local p = { + host, origin.username, archive_store, + qstart or 0, qend or time_now(), + qset and tonumber(qset.after) or 0, + qmax + }; + if qwith then + if qres then + t_insert(p, 6, qres); + end + t_insert(p, 6, qwith); + end + local data, err = getsql(sql_query, unpack(p)); + if not data then + origin.send(st.error_reply(stanza, "cancel", "internal-server-error", "Error loading archive: "..tostring(err))); + return true + end + + for item in data:rows() do + local id, when, orig_stanza = unpack(item); + --module:log("debug", "id is %s", id); + + local fwd_st = st.message{ to = origin.full_jid } + :tag("result", { xmlns = xmlns_mam, queryid = qid, id = id }):up() + :tag("forwarded", { xmlns = xmlns_forward }) + :tag("delay", { xmlns = xmlns_delay, stamp = timestamp(when) }):up(); + orig_stanza = st.deserialize(deserialize(orig_stanza)); + orig_stanza.attr.xmlns = "jabber:client"; + fwd_st:add_child(orig_stanza); + origin.send(fwd_st); + last = id; + end + -- That's all folks! + module:log("debug", "Archive query %s completed", tostring(qid)); + + local reply = st.reply(stanza); + if last then + -- This is a bit redundant, isn't it? + reply:query(xmlns_mam):add_child(rsm.generate{last = last}); + end + origin.send(reply); + return true + end +end); + +local function has_in_roster(user, who) + local roster = rm_load_roster(user, host); + module:log("debug", "%s has %s in roster? %s", user, who, roster[who] and "yes" or "no"); + return roster[who]; +end + +local function shall_store(user, who) + -- TODO Cache this? + local prefs = get_prefs(user); + local rule = prefs[who]; + module:log("debug", "%s's rule for %s is %s", user, who, tostring(rule)) + if rule ~= nil then + return rule; + else -- Below could be done by a metatable + local default = prefs[false]; + module:log("debug", "%s's default rule is %s", user, tostring(default)) + if default == nil then + default = global_default_policy; + module:log("debug", "Using global default rule, %s", tostring(default)) + end + if default == "roster" then + return has_in_roster(user, who); + end + return default; + end +end + +-- Handle messages +local function message_handler(event, c2s) + local origin, stanza = event.origin, event.stanza; + local orig_type = stanza.attr.type or "normal"; + local orig_to = stanza.attr.to; + local orig_from = stanza.attr.from; + + if not orig_from and c2s then + orig_from = origin.full_jid; + end + orig_to = orig_to or orig_from; -- Weird corner cases + + -- Don't store messages of these types + if orig_type == "error" + or orig_type == "headline" + or orig_type == "groupchat" + or not stanza:get_child("body") then + return; + -- TODO Maybe headlines should be configurable? + end + + local store_user, store_host = jid_split(c2s and orig_from or orig_to); + local target_jid = c2s and orig_to or orig_from; + local target_bare = jid_bare(target_jid); + local _, _, target_resource = jid_split(target_jid); + + if shall_store(store_user, target_bare) then + module:log("debug", "Archiving stanza: %s", stanza:top_tag()); + + --local id = uuid(); + local when = time_now(); + -- And stash it + local ok, err = setsql([[ + INSERT INTO `prosodyarchive` + (`host`, `user`, `store`, `when`, `with`, `resource`, `stanza`) + VALUES (?, ?, ?, ?, ?, ?, ?); + ]], store_host, store_user, archive_store, when, target_bare, target_resource, serialize(st.preserialize(stanza))) + if ok then + sql.commit(); + else + module:log("error", "SQL error: %s", err); + sql.rollback(); + end + --[[ This was dropped from the spec + if ok then + stanza:tag("archived", { xmlns = xmlns_mam, by = host, id = id }):up(); + end + --]] + else + module:log("debug", "Not archiving stanza: %s", stanza:top_tag()); + end +end + +local function c2s_message_handler(event) + return message_handler(event, true); +end + +-- Stanzas sent by local clients +module:hook("pre-message/bare", c2s_message_handler, 2); +module:hook("pre-message/full", c2s_message_handler, 2); +-- Stanszas to local clients +module:hook("message/bare", message_handler, 2); +module:hook("message/full", message_handler, 2); + +module:add_feature(xmlns_mam); + +-- In the telnet console, run: +-- >hosts["this host"].modules.mam_sql.environment.create_sql() +function create_sql() + local stm = getsql[[ + CREATE TABLE `prosodyarchive` ( + `host` TEXT, + `user` TEXT, + `store` TEXT, + `id` INTEGER PRIMARY KEY AUTOINCREMENT, + `when` INTEGER, + `with` TEXT, + `resource` TEXT, + `stanza` TEXT + ); + CREATE INDEX `hus` ON `prosodyarchive` (`host`, `user`, `store`); + CREATE INDEX `with` ON `prosodyarchive` (`with`); + CREATE INDEX `thetime` ON `prosodyarchive` (`when`); + ]]; + stm:execute(); + sql.commit(); +end diff -r f160166612c2 -r 0c3638673464 mod_smacks/mod_smacks.lua --- a/mod_smacks/mod_smacks.lua Tue Sep 18 00:29:28 2012 +0200 +++ b/mod_smacks/mod_smacks.lua Tue Sep 18 00:31:42 2012 +0200 @@ -84,7 +84,7 @@ queue[#queue+1] = cached_stanza; end local ok, err = _send(stanza); - if ok and #queue > max_unacked_stanzas and not session.awaiting_ack then + if ok and #queue > max_unacked_stanzas and not session.awaiting_ack and attr and not attr.xmlns then session.awaiting_ack = true; return _send(st.stanza("r", sm_attr)); end @@ -224,8 +224,8 @@ -- matches the smacks session this timer is for in case it changed -- (for example, the client may have bound a new resource and -- started a new smacks session, or not be using smacks) - local curr_session = hosts[session.host].sessions[session.username].sessions[session.resource]; - if curr_session.resumption_token == resumption_token + local curr_session = full_sessions[session.full_jid]; + if curr_session and curr_session.resumption_token == resumption_token -- Check the hibernate time still matches what we think it is, -- otherwise the session resumed and re-hibernated. and session.hibernating == hibernate_time then diff -r f160166612c2 -r 0c3638673464 mod_storage_ldap/mod_storage_ldap.lua --- a/mod_storage_ldap/mod_storage_ldap.lua Tue Sep 18 00:29:28 2012 +0200 +++ b/mod_storage_ldap/mod_storage_ldap.lua Tue Sep 18 00:31:42 2012 +0200 @@ -167,7 +167,7 @@ -- Driver Definition -- ---------------------------------------- -local driver = { name = "ldap" }; +local driver = {}; function driver:open(store, typ) local adapter = adapters[store]; @@ -177,4 +177,4 @@ end return nil, "unsupported-store"; end -module:add_item("data-driver", driver); +module:provides("storage", driver); diff -r f160166612c2 -r 0c3638673464 mod_storage_mongodb/mod_storage_mongodb.lua --- a/mod_storage_mongodb/mod_storage_mongodb.lua Tue Sep 18 00:29:28 2012 +0200 +++ b/mod_storage_mongodb/mod_storage_mongodb.lua Tue Sep 18 00:31:42 2012 +0200 @@ -44,7 +44,7 @@ end; end -local driver = { name = "mongodb" }; +local driver = {}; function driver:open(store, typ) if not conn then @@ -61,4 +61,4 @@ return nil, "unsupported-store"; end -module:add_item("data-driver", driver); +module:provides("storage", driver);