Mercurial > prosody-modules

changeset 5291:2aecad5a6c54

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Merge accidental extra head One does not simply rebase public mercurial changesets
author Kim Alvefur <zash@zash.se>
date Wed, 29 Mar 2023 17:55:29 +0200
parents dddac5a3f447 (diff) f61564b522f7 (current diff)
children 231d9cc750d9
files
diffstat 2 files changed, 21 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/mod_sasl2_fast/mod_sasl2_fast.lua	Wed Mar 29 17:21:45 2023 +0200
+++ b/mod_sasl2_fast/mod_sasl2_fast.lua	Wed Mar 29 17:55:29 2023 +0200
@@ -67,7 +67,7 @@
 						-- The new token is becoming the current token
 						token_store:set_keys(username, {
 							[key] = token_store.remove;
-							[key:sub(1, -4).."-cur"] = token;
+							[key:sub(1, -5).."-cur"] = token;
 						});
 					end
 					local rotation_needed;
@@ -84,7 +84,7 @@
 				log("debug", "Trying next token...");
 				-- Try again with the current token instead
 				tried_current_token = true;
-				key = key:sub(1, -4).."-cur";
+				key = key:sub(1, -5).."-cur";
 			else
 				log("debug", "No matching %s token found for %s/%s", mechanism, username, key);
 				return nil;
@@ -112,6 +112,7 @@
 	end
 	local sasl_handler = get_sasl_handler(username);
 	if not sasl_handler then return; end
+	sasl_handler.fast_auth = true; -- For informational purposes
 	-- Copy channel binding info from primary SASL handler
 	sasl_handler.profile.cb = session.sasl_handler.profile.cb;
 	sasl_handler.userdata = session.sasl_handler.userdata;
@@ -227,3 +228,20 @@
 register_ht_mechanism("HT-SHA-256-UNIQ", "ht_sha_256", "tls-unique");
 register_ht_mechanism("HT-SHA-256-ENDP", "ht_sha_256", "tls-server-end-point");
 register_ht_mechanism("HT-SHA-256-EXPR", "ht_sha_256", "tls-exporter");
+
+-- Public API
+
+--luacheck: ignore 131
+function is_client_fast(username, client_id, last_password_change)
+	local client_id_hash = hash.sha256(client_id, true);
+	local curr_time = now();
+	local cur = token_store:get(username, client_id_hash.."-cur");
+	if cur and cur.expires_at >= curr_time and (not last_password_change or last_password_change < cur.issued_at) then
+		return true;
+	end
+	local new = token_store:get(username, client_id_hash.."-new");
+	if new and new.expires_at >= curr_time and (not last_password_change or last_password_change < new.issued_at) then
+		return true;
+	end
+	return false;
+end
--- a/mod_vcard_muc/mod_vcard_muc.lua	Wed Mar 29 17:21:45 2023 +0200
+++ b/mod_vcard_muc/mod_vcard_muc.lua	Wed Mar 29 17:55:29 2023 +0200
@@ -76,7 +76,7 @@
 			session.send(st.error_reply(stanza, "cancel", "item-not-found"));
 		end
 	else
-		if from_affiliation == "owner" then
+		if from_affiliation == "owner" or (module.may and module:may("muc:automatic-ownership", from)) then
 			if vcards:set(room_node, st.preserialize(stanza.tags[1])) then
 				session.send(st.reply(stanza):tag("vCard", { xmlns = "vcard-temp" }));
 				broadcast_presence(room, nil)