Mercurial > prosody-hg
comparison plugins/mod_bosh.lua @ 14124:a4327478678f 13.0
mod_bosh: Apply different stanza size limit before authentication
This is a bit tricky since each request creates a new stream and we
have to start parsing the stream before we know if it belongs to an
already authenticated session.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 17 Apr 2026 12:07:12 +0200 |
| parents | 08c2b7accd94 |
| children | c1469296190d |
comparison
equal
deleted
inserted
replaced
| 14123:166ac7d65cb6 | 14124:a4327478678f |
|---|---|
| 43 -- (the client can set this to a lower value when it connects, if it chooses) | 43 -- (the client can set this to a lower value when it connects, if it chooses) |
| 44 local bosh_max_wait = module:get_option_period("bosh_max_wait", 120); | 44 local bosh_max_wait = module:get_option_period("bosh_max_wait", 120); |
| 45 | 45 |
| 46 local consider_bosh_secure = module:get_option_boolean("consider_bosh_secure"); | 46 local consider_bosh_secure = module:get_option_boolean("consider_bosh_secure"); |
| 47 local cross_domain = module:get_option("cross_domain_bosh"); | 47 local cross_domain = module:get_option("cross_domain_bosh"); |
| 48 local stanza_size_limit = module:get_option_integer("c2s_stanza_size_limit", 1024*256, 10000); | 48 local unauthed_stanza_size_limit = module:get_option_integer("c2s_stanza_size_limit", 10000, 1000); |
| 49 | 49 |
| 50 if cross_domain ~= nil then | 50 if cross_domain ~= nil then |
| 51 module:log("info", "The 'cross_domain_bosh' option has been deprecated"); | 51 module:log("info", "The 'cross_domain_bosh' option has been deprecated"); |
| 52 end | 52 end |
| 53 | 53 |
| 121 local request, response = event.request, event.response; | 121 local request, response = event.request, event.response; |
| 122 response.on_destroy = on_destroy_request; | 122 response.on_destroy = on_destroy_request; |
| 123 local body = request.body; | 123 local body = request.body; |
| 124 | 124 |
| 125 local context = { request = request, response = response, notopen = true }; | 125 local context = { request = request, response = response, notopen = true }; |
| 126 local stream = new_xmpp_stream(context, stream_callbacks, stanza_size_limit); | 126 local stream = new_xmpp_stream(context, stream_callbacks, unauthed_stanza_size_limit); |
| 127 response.context = context; | 127 response.context = context; |
| 128 context.stream = stream; | |
| 128 | 129 |
| 129 local headers = response.headers; | 130 local headers = response.headers; |
| 130 headers.content_type = "text/xml; charset=utf-8"; | 131 headers.content_type = "text/xml; charset=utf-8"; |
| 131 | 132 |
| 132 -- stream:feed() calls the stream_callbacks, so all stanzas in | 133 -- stream:feed() calls the stream_callbacks, so all stanzas in |
| 331 bosh_max_inactive = bosh_max_inactivity, bosh_responses = cache.new(BOSH_HOLD+1):table(); | 332 bosh_max_inactive = bosh_max_inactivity, bosh_responses = cache.new(BOSH_HOLD+1):table(); |
| 332 requests = { }, send_buffer = {}, reset_stream = bosh_reset_stream, | 333 requests = { }, send_buffer = {}, reset_stream = bosh_reset_stream, |
| 333 close = bosh_close_stream, dispatch_stanza = core_process_stanza, notopen = true, | 334 close = bosh_close_stream, dispatch_stanza = core_process_stanza, notopen = true, |
| 334 log = logger.init("bosh"..sid), secure = consider_bosh_secure or request.secure, | 335 log = logger.init("bosh"..sid), secure = consider_bosh_secure or request.secure, |
| 335 ip = request.ip; | 336 ip = request.ip; |
| 337 stanza_size_limit = unauthed_stanza_size_limit; | |
| 336 }; | 338 }; |
| 337 sessions[sid] = session; | 339 sessions[sid] = session; |
| 338 | 340 |
| 339 session.thread = runner(function (stanza) | 341 session.thread = runner(function (stanza) |
| 340 session:dispatch_stanza(stanza); | 342 session:dispatch_stanza(stanza); |
| 404 context.notopen = nil; | 406 context.notopen = nil; |
| 405 return; | 407 return; |
| 406 end | 408 end |
| 407 | 409 |
| 408 session.conn = request.conn; | 410 session.conn = request.conn; |
| 411 session.stream = context.stream; | |
| 412 | |
| 413 if session.stanza_size_limit then | |
| 414 session.stream:set_stanza_size_limit(session.stanza_size_limit); | |
| 415 end | |
| 409 | 416 |
| 410 if session.rid then | 417 if session.rid then |
| 411 local diff = rid - session.rid; | 418 local diff = rid - session.rid; |
| 412 -- Diff should be 1 for a healthy request | 419 -- Diff should be 1 for a healthy request |
| 413 session.log("debug", "rid: %d, sess: %s, diff: %d", rid, session.rid, diff) | 420 session.log("debug", "rid: %d, sess: %s, diff: %d", rid, session.rid, diff) |
| 542 -- <p>For more information see <a href="https://prosody.im/doc/setting_up_bosh">Prosody: Setting up BOSH</a>.</p> | 549 -- <p>For more information see <a href="https://prosody.im/doc/setting_up_bosh">Prosody: Setting up BOSH</a>.</p> |
| 543 }) or "This is the Prosody BOSH endpoint."; | 550 }) or "This is the Prosody BOSH endpoint."; |
| 544 end | 551 end |
| 545 | 552 |
| 546 function module.add_host(module) | 553 function module.add_host(module) |
| 554 module:depends("c2s"); -- updates stanza_size_limit on authentication | |
| 547 module:depends("http"); | 555 module:depends("http"); |
| 548 module:provides("http", { | 556 module:provides("http", { |
| 549 default_path = "/http-bind"; | 557 default_path = "/http-bind"; |
| 550 cors = { | 558 cors = { |
| 551 enabled = true; | 559 enabled = true; |
