Mercurial > prosody-hg
comparison plugins/mod_s2s.lua @ 14152:fed0dd8dda09 0.12
mod_c2s,mod_s2s: Introduce separate pre-authentication stanza size limit
This should prevent unauthenticated resource use via the XML parser.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 07 Apr 2026 20:35:41 +0200 |
| parents | d5f322dd424b |
| children | 363a79f54109 |
comparison
equal
deleted
inserted
replaced
| 13636:1ef39ce837be | 14152:fed0dd8dda09 |
|---|---|
| 39 local opt_keepalives = module:get_option_boolean("s2s_tcp_keepalives", module:get_option_boolean("tcp_keepalives", true)); | 39 local opt_keepalives = module:get_option_boolean("s2s_tcp_keepalives", module:get_option_boolean("tcp_keepalives", true)); |
| 40 local secure_auth = module:get_option_boolean("s2s_secure_auth", false); -- One day... | 40 local secure_auth = module:get_option_boolean("s2s_secure_auth", false); -- One day... |
| 41 local secure_domains, insecure_domains = | 41 local secure_domains, insecure_domains = |
| 42 module:get_option_set("s2s_secure_domains", {})._items, module:get_option_set("s2s_insecure_domains", {})._items; | 42 module:get_option_set("s2s_secure_domains", {})._items, module:get_option_set("s2s_insecure_domains", {})._items; |
| 43 local require_encryption = module:get_option_boolean("s2s_require_encryption", true); | 43 local require_encryption = module:get_option_boolean("s2s_require_encryption", true); |
| 44 local stanza_size_limit = module:get_option_number("s2s_stanza_size_limit", 1024*512); | 44 local unauthed_stanza_size_limit = module:get_option_number("s2s_unauthed_stanza_size_limit", 10000, 1000); |
| 45 local authed_stanza_size_limit = module:get_option_number("s2s_stanza_size_limit", 1024*512, 10000); | |
| 45 | 46 |
| 46 local measure_connections_inbound = module:metric( | 47 local measure_connections_inbound = module:metric( |
| 47 "gauge", "connections_inbound", "", | 48 "gauge", "connections_inbound", "", |
| 48 "Established incoming s2s connections", | 49 "Established incoming s2s connections", |
| 49 {"host", "type", "ip_family"} | 50 {"host", "type", "ip_family"} |
| 211 local from_host, to_host, stanza = event.from_host, event.to_host, event.stanza; | 212 local from_host, to_host, stanza = event.from_host, event.to_host, event.stanza; |
| 212 log("debug", "opening a new outgoing connection for this stanza"); | 213 log("debug", "opening a new outgoing connection for this stanza"); |
| 213 local host_session = s2s_new_outgoing(from_host, to_host); | 214 local host_session = s2s_new_outgoing(from_host, to_host); |
| 214 host_session.version = 1; | 215 host_session.version = 1; |
| 215 | 216 |
| 217 host_session.stanza_size_limit = unauthed_stanza_size_limit; | |
| 218 | |
| 216 -- Store in buffer | 219 -- Store in buffer |
| 217 host_session.bounce_sendq = bounce_sendq; | 220 host_session.bounce_sendq = bounce_sendq; |
| 218 host_session.sendq = { {tostring(stanza), stanza.attr.type ~= "error" and stanza.attr.type ~= "result" and st.reply(stanza)} }; | 221 host_session.sendq = { {tostring(stanza), stanza.attr.type ~= "error" and stanza.attr.type ~= "result" and st.reply(stanza)} }; |
| 219 log("debug", "stanza [%s] queued until connection complete", stanza.name); | 222 log("debug", "stanza [%s] queued until connection complete", stanza.name); |
| 220 -- FIXME Cleaner solution to passing extra data from resolvers to net.server | 223 -- FIXME Cleaner solution to passing extra data from resolvers to net.server |
| 370 elseif session.type == "s2sin_unauthed" then | 373 elseif session.type == "s2sin_unauthed" then |
| 371 session.type = "s2sin"; | 374 session.type = "s2sin"; |
| 372 elseif session.type ~= "s2sin" and session.type ~= "s2sout" then | 375 elseif session.type ~= "s2sin" and session.type ~= "s2sout" then |
| 373 return false; | 376 return false; |
| 374 end | 377 end |
| 378 | |
| 379 session.stanza_size_limit = authed_stanza_size_limit; | |
| 380 session.stream:set_stanza_size_limit(session.stanza_size_limit); | |
| 375 | 381 |
| 376 if session.incoming and host then | 382 if session.incoming and host then |
| 377 if not session.hosts[host] then session.hosts[host] = {}; end | 383 if not session.hosts[host] then session.hosts[host] = {}; end |
| 378 session.hosts[host].authed = true; | 384 session.hosts[host].authed = true; |
| 379 end | 385 end |
| 728 end | 734 end |
| 729 end | 735 end |
| 730 | 736 |
| 731 -- Session initialization logic shared by incoming and outgoing | 737 -- Session initialization logic shared by incoming and outgoing |
| 732 local function initialize_session(session) | 738 local function initialize_session(session) |
| 733 local stream = new_xmpp_stream(session, stream_callbacks, stanza_size_limit); | 739 local stream = new_xmpp_stream(session, stream_callbacks, session.stanza_size_limit or unauthed_stanza_size_limit); |
| 734 | 740 |
| 735 session.thread = runner(function (stanza) | 741 session.thread = runner(function (stanza) |
| 736 if st.is_stanza(stanza) then | 742 if st.is_stanza(stanza) then |
| 737 core_process_stanza(session, stanza); | 743 core_process_stanza(session, stanza); |
| 738 elseif stanza.stream == "opened" then | 744 elseif stanza.stream == "opened" then |
