mirror of
https://github.com/processone/ejabberd
synced 2025-10-04 18:29:20 +02:00
Only offer upgrades to methods that aren't already stored
This commit is contained in:
Pawel Chmielowski
parent
dacfad61d8
commit
f594620c68
5 changed files with 26 additions and 14 deletions
|
|
@ -416,8 +416,8 @@ unauthenticated_stream_features(#{lserver := LServer}) ->
|
||||||
authenticated_stream_features(#{lserver := LServer}) ->
|
authenticated_stream_features(#{lserver := LServer}) ->
|
||||||
ejabberd_hooks:run_fold(c2s_post_auth_features, LServer, [], [LServer]).
|
ejabberd_hooks:run_fold(c2s_post_auth_features, LServer, [], [LServer]).
|
||||||
|
|
||||||
inline_stream_features(#{lserver := LServer}) ->
|
inline_stream_features(#{lserver := LServer} = State) ->
|
||||||
ejabberd_hooks:run_fold(c2s_inline_features, LServer, {[], [], []}, [LServer]).
|
ejabberd_hooks:run_fold(c2s_inline_features, LServer, {[], [], []}, [LServer, State]).
|
||||||
|
|
||||||
sasl_mechanisms(Mechs, #{lserver := LServer, stream_encrypted := Encrypted} = State) ->
|
sasl_mechanisms(Mechs, #{lserver := LServer, stream_encrypted := Encrypted} = State) ->
|
||||||
Type = ejabberd_auth:store_type(LServer),
|
Type = ejabberd_auth:store_type(LServer),
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,7 @@
|
||||||
-export([start/2, stop/1, reload/3, depends/2, mod_options/1, mod_opt_type/1]).
|
-export([start/2, stop/1, reload/3, depends/2, mod_options/1, mod_opt_type/1]).
|
||||||
-export([mod_doc/0]).
|
-export([mod_doc/0]).
|
||||||
%% Hooks
|
%% Hooks
|
||||||
-export([c2s_inline_features/2, c2s_handle_sasl2_inline/1,
|
-export([c2s_inline_features/3, c2s_handle_sasl2_inline/1,
|
||||||
get_tokens/3, get_mechanisms/1, remove_user_tokens/2]).
|
get_tokens/3, get_mechanisms/1, remove_user_tokens/2]).
|
||||||
|
|
||||||
-include_lib("xmpp/include/xmpp.hrl").
|
-include_lib("xmpp/include/xmpp.hrl").
|
||||||
|
|
@ -131,7 +131,7 @@ get_tokens(LServer, LUser, UA) ->
|
||||||
{{Type, CreatedAt < ToRefresh}, Token}
|
{{Type, CreatedAt < ToRefresh}, Token}
|
||||||
end, Mod:get_tokens(LServer, LUser, ua_hash(UA))).
|
end, Mod:get_tokens(LServer, LUser, ua_hash(UA))).
|
||||||
|
|
||||||
c2s_inline_features({Sasl, Bind, Extra}, Host) ->
|
c2s_inline_features({Sasl, Bind, Extra}, Host, _State) ->
|
||||||
{Sasl ++ [#fast{mechs = get_mechanisms(Host)}], Bind, Extra}.
|
{Sasl ++ [#fast{mechs = get_mechanisms(Host)}], Bind, Extra}.
|
||||||
|
|
||||||
gen_token(#{sasl2_ua_id := UA, server := Server, user := User}) ->
|
gen_token(#{sasl2_ua_id := UA, server := Server, user := User}) ->
|
||||||
|
|
|
||||||
|
|
@ -38,7 +38,7 @@
|
||||||
iq_handler/1, disco_features/5,
|
iq_handler/1, disco_features/5,
|
||||||
depends/2, mod_options/1, mod_doc/0]).
|
depends/2, mod_options/1, mod_doc/0]).
|
||||||
-export([c2s_copy_session/2, c2s_session_opened/1, c2s_session_resumed/1,
|
-export([c2s_copy_session/2, c2s_session_opened/1, c2s_session_resumed/1,
|
||||||
c2s_inline_features/2, c2s_handle_bind2_inline/1]).
|
c2s_inline_features/3, c2s_handle_bind2_inline/1]).
|
||||||
%% For debugging purposes
|
%% For debugging purposes
|
||||||
-export([list/2]).
|
-export([list/2]).
|
||||||
|
|
||||||
|
|
@ -145,7 +145,7 @@ c2s_session_resumed(State) ->
|
||||||
c2s_session_opened(State) ->
|
c2s_session_opened(State) ->
|
||||||
maps:remove(carboncopy, State).
|
maps:remove(carboncopy, State).
|
||||||
|
|
||||||
c2s_inline_features({Sasl, Bind, Extra} = Acc, Host) ->
|
c2s_inline_features({Sasl, Bind, Extra} = Acc, Host, _State) ->
|
||||||
case gen_mod:is_loaded(Host, ?MODULE) of
|
case gen_mod:is_loaded(Host, ?MODULE) of
|
||||||
true ->
|
true ->
|
||||||
{Sasl, [#bind2_feature{var = ?NS_CARBONS_2} | Bind], Extra};
|
{Sasl, [#bind2_feature{var = ?NS_CARBONS_2} | Bind], Extra};
|
||||||
|
|
|
||||||
|
|
@ -27,7 +27,7 @@
|
||||||
-export([start/2, stop/1, reload/3, depends/2, mod_options/1, mod_opt_type/1]).
|
-export([start/2, stop/1, reload/3, depends/2, mod_options/1, mod_opt_type/1]).
|
||||||
-export([mod_doc/0]).
|
-export([mod_doc/0]).
|
||||||
%% Hooks
|
%% Hooks
|
||||||
-export([c2s_inline_features/2, c2s_handle_sasl2_inline/1,
|
-export([c2s_inline_features/3, c2s_handle_sasl2_inline/1,
|
||||||
c2s_handle_sasl2_task_next/4, c2s_handle_sasl2_task_data/3]).
|
c2s_handle_sasl2_task_next/4, c2s_handle_sasl2_task_data/3]).
|
||||||
|
|
||||||
-include_lib("xmpp/include/xmpp.hrl").
|
-include_lib("xmpp/include/xmpp.hrl").
|
||||||
|
|
@ -76,11 +76,23 @@ mod_doc() ->
|
||||||
" - sha256",
|
" - sha256",
|
||||||
" - sha512"]}.
|
" - sha512"]}.
|
||||||
|
|
||||||
c2s_inline_features({Sasl, Bind, Extra}, Host) ->
|
c2s_inline_features({Sasl, Bind, Extra}, Host, State) ->
|
||||||
Methods = lists:map(
|
KnowTypes = case State of
|
||||||
fun(sha256) -> #sasl_upgrade{cdata = <<"UPGR-SCRAM-SHA-256">>};
|
#{sasl2_password_fun := Fun} ->
|
||||||
(sha512) -> #sasl_upgrade{cdata = <<"UPGR-SCRAM-SHA-512">>}
|
case Fun(<<>>) of
|
||||||
end, mod_scram_upgrade_opt:offered_upgrades(Host)),
|
{Pass, _} -> lists:filtermap(
|
||||||
|
fun(#scram{hash = sha256}) -> {true, sha256};
|
||||||
|
(#scram{hash = sha512}) -> {true, sha512};
|
||||||
|
(_) -> false
|
||||||
|
end, Pass);
|
||||||
|
_ -> []
|
||||||
|
end;
|
||||||
|
_ -> []
|
||||||
|
end,
|
||||||
|
Methods = lists:filtermap(
|
||||||
|
fun(sha256) -> {true, #sasl_upgrade{cdata = <<"UPGR-SCRAM-SHA-256">>}};
|
||||||
|
(sha512) -> {true, #sasl_upgrade{cdata = <<"UPGR-SCRAM-SHA-512">>}}
|
||||||
|
end, mod_scram_upgrade_opt:offered_upgrades(Host) -- KnowTypes),
|
||||||
{Sasl, Bind, Methods ++ Extra}.
|
{Sasl, Bind, Methods ++ Extra}.
|
||||||
|
|
||||||
c2s_handle_sasl2_inline({State, Els, _Results} = Acc) ->
|
c2s_handle_sasl2_inline({State, Els, _Results} = Acc) ->
|
||||||
|
|
|
||||||
|
|
@ -33,7 +33,7 @@
|
||||||
c2s_authenticated_packet/2, c2s_unauthenticated_packet/2,
|
c2s_authenticated_packet/2, c2s_unauthenticated_packet/2,
|
||||||
c2s_unbinded_packet/2, c2s_closed/2, c2s_terminated/2,
|
c2s_unbinded_packet/2, c2s_closed/2, c2s_terminated/2,
|
||||||
c2s_handle_send/3, c2s_handle_info/2, c2s_handle_cast/2,
|
c2s_handle_send/3, c2s_handle_info/2, c2s_handle_cast/2,
|
||||||
c2s_handle_call/3, c2s_handle_recv/3, c2s_inline_features/2,
|
c2s_handle_call/3, c2s_handle_recv/3, c2s_inline_features/3,
|
||||||
c2s_handle_sasl2_inline/1, c2s_handle_sasl2_inline_post/3,
|
c2s_handle_sasl2_inline/1, c2s_handle_sasl2_inline_post/3,
|
||||||
c2s_handle_bind2_inline/1]).
|
c2s_handle_bind2_inline/1]).
|
||||||
%% adjust pending session timeout / access queue
|
%% adjust pending session timeout / access queue
|
||||||
|
|
@ -122,7 +122,7 @@ c2s_stream_features(Acc, Host) ->
|
||||||
Acc
|
Acc
|
||||||
end.
|
end.
|
||||||
|
|
||||||
c2s_inline_features({Sasl, Bind, Extra} = Acc, Host) ->
|
c2s_inline_features({Sasl, Bind, Extra} = Acc, Host, _State) ->
|
||||||
case gen_mod:is_loaded(Host, ?MODULE) of
|
case gen_mod:is_loaded(Host, ?MODULE) of
|
||||||
true ->
|
true ->
|
||||||
{[#feature_sm{xmlns = ?NS_STREAM_MGMT_3} | Sasl],
|
{[#feature_sm{xmlns = ?NS_STREAM_MGMT_3} | Sasl],
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue