Mercurial > prosody-modules
comparison mod_smacks/mod_smacks.lua @ 2701:d96831e46b64
Fix #889
Some buggy clients try to resume unauthenticated sessions and
session.username is nil in this case (that caused the bug).
| author | tmolitor <thilo@eightysoft.de> |
|---|---|
| date | Mon, 24 Apr 2017 20:56:56 +0200 |
| parents | 6e01878103c0 |
| children | eea1d5bac451 |
comparison
equal
deleted
inserted
replaced
| 2674:c971b2cee2cc | 2701:d96831e46b64 |
|---|---|
| 47 local function init_session_cache(max_entries, evict_callback) | 47 local function init_session_cache(max_entries, evict_callback) |
| 48 -- old prosody version < 0.10 (no limiting at all!) | 48 -- old prosody version < 0.10 (no limiting at all!) |
| 49 if not cache then | 49 if not cache then |
| 50 local store = {}; | 50 local store = {}; |
| 51 return { | 51 return { |
| 52 get = function(user, key) return store[key]; end; | 52 get = function(user, key) |
| 53 set = function(user, key, value) store[key] = value; end; | 53 if not user then return nil; end |
| 54 if not key then return nil; end | |
| 55 return store[key]; | |
| 56 end; | |
| 57 set = function(user, key, value) | |
| 58 if not user then return nil; end | |
| 59 if not key then return nil; end | |
| 60 store[key] = value; | |
| 61 end; | |
| 54 }; | 62 }; |
| 55 end | 63 end |
| 56 | 64 |
| 57 -- use per user limited cache for prosody >= 0.10 | 65 -- use per user limited cache for prosody >= 0.10 |
| 58 local stores = {}; | 66 local stores = {}; |
| 59 return { | 67 return { |
| 60 get = function(user, key) | 68 get = function(user, key) |
| 69 if not user then return nil; end | |
| 70 if not key then return nil; end | |
| 61 if not stores[user] then | 71 if not stores[user] then |
| 62 stores[user] = cache.new(max_entries, evict_callback); | 72 stores[user] = cache.new(max_entries, evict_callback); |
| 63 end | 73 end |
| 64 return stores[user]:get(key); | 74 return stores[user]:get(key); |
| 65 end; | 75 end; |
| 66 set = function(user, key, value) | 76 set = function(user, key, value) |
| 77 if not user then return nil; end | |
| 78 if not key then return nil; end | |
| 67 if not stores[user] then stores[user] = cache.new(max_entries, evict_callback); end | 79 if not stores[user] then stores[user] = cache.new(max_entries, evict_callback); end |
| 68 stores[user]:set(key, value); | 80 stores[user]:set(key, value); |
| 69 -- remove empty caches completely | 81 -- remove empty caches completely |
| 70 if not stores[user]:count() then stores[user] = nil; end | 82 if not stores[user]:count() then stores[user] = nil; end |
| 71 end; | 83 end; |
| 72 }; | 84 }; |
| 73 end | 85 end |
| 74 local old_session_registry = init_session_cache(max_old_sessions, nil); | 86 local old_session_registry = init_session_cache(max_old_sessions, nil); |
| 75 local session_registry = init_session_cache(max_hibernated_sessions, function(resumption_token, session) | 87 local session_registry = init_session_cache(max_hibernated_sessions, function(resumption_token, session) |
| 76 if session.destroyed then return; end | 88 if session.destroyed then return true; end -- destroyed session can always be removed from cache |
| 77 session.log("warn", "User has too much hibernated sessions, removing oldest session (token: %s)", resumption_token); | 89 session.log("warn", "User has too much hibernated sessions, removing oldest session (token: %s)", resumption_token); |
| 78 -- store old session's h values on force delete | 90 -- store old session's h values on force delete |
| 79 -- save only actual h value and username/host (for security) | 91 -- save only actual h value and username/host (for security) |
| 80 old_session_registry.set(session.username, resumption_token, { | 92 old_session_registry.set(session.username, resumption_token, { |
| 81 h = session.handled_stanza_count, | 93 h = session.handled_stanza_count, |
