annotate mod_flash_policy/mod_flash_policy.lua @ 6319:04c3273cb81f

mod_auth_cyrus: Add empty 'profile' table to SASL handler objects This is for compatibility with Prosody's built-in util.sasl objects. A SASL profile table usually includes methods supported by the backend, which can be used by SASL mechanism handlers to perform operations (such as testing the password). It also optionally contains a 'cb' field with channel binding method handlers. The Cyrus backend doesn't support channel binding, and doesn't have the same concept of auth backend methods (it handles all that internally, and Prosody has no insight or control over it). Thus, we create an empty profile which informs Prosody that the SASL handler does not support any of the auth or channel binding methods. Some features will not work, but they didn't work anyway. This just makes it explicit. This fixes a traceback in mod_sasl2_fast, which expected SASL handlers to always contain a 'profile' field.
author Matthew Wild <mwild1@gmail.com>
date Thu, 04 Sep 2025 10:14:46 +0100
parents 7dbde05b48a9
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
394
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
1 local filters = require "util.filters";
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
2 local config = {}
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
3 config.file = module:get_option_string("crossdomain_file", "");
395
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
4 config.string = module:get_option_string("crossdomain_string", [[<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><site-control permitted-cross-domain-policies="master-only"/><allow-access-from domain="*" /></cross-domain-policy>]]);
394
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
5 local string = ''
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
6 if not config.file ~= '' then
395
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
7 local f = assert(io.open(config.file));
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
8 string = f:read("*all");
394
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
9 else
395
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
10 string = config.string
394
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
11 end
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
12
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
13 module:log("debug", "crossdomain string: "..string);
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
14
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
15 module:set_global();
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
16
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
17 function filter_policy(data, session)
395
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
18 -- Since we only want to check the first block of data, remove the filter
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
19 filters.remove_filter(session, "bytes/in", filter_policy);
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
20 if data == "<policy-file-request/>\0" then
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
21 session.send(string.."\0");
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
22 return nil; -- Drop data to prevent it reaching the XMPP parser
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
23 else
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
24 return data; -- Pass data through, it wasn't a policy request
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
25 end
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 395
diff changeset
26
394
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
27 end
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
28
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
29 function filter_session(session)
395
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
30 if session.type == "c2s_unauthed" then
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
31 filters.add_filter(session, "bytes/in", filter_policy, -1);
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
32 end
394
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
33 end
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
34
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
35 function module.load()
395
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
36 filters.add_filter_hook(filter_session);
394
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
37 end
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
38
4219f69be1cf Let session.send() actually send the config string
leonbogaert@gmail.com
parents: 379
diff changeset
39 function module.unload()
395
77ca0947647b Copied from bash :s
leonbogaert@gmail.com
parents: 394
diff changeset
40 filters.remove_filter_hook(filter_session);
379
eebc19c224fb Moved the file to a directory
leonbogaert
parents:
diff changeset
41 end