diff mod_sasl2/mod_sasl2.lua @ 6524:aaf92bf929e5

mod_sasl2: Advertise stream limits after auth
author Matthew Wild <mwild1@gmail.com>
date Thu, 30 Apr 2026 10:53:14 +0100
parents 045abdc53ba4
children
line wrap: on
line diff
--- a/mod_sasl2/mod_sasl2.lua	Tue Apr 28 21:40:23 2026 -0500
+++ b/mod_sasl2/mod_sasl2.lua	Thu Apr 30 10:53:14 2026 +0100
@@ -23,6 +23,12 @@
 local insecure_mechanisms = module:get_option_set("insecure_sasl_mechanisms", allow_unencrypted_plain_auth and {} or {"PLAIN", "LOGIN"});
 local disabled_mechanisms = module:get_option_set("disable_sasl_mechanisms", { "DIGEST-MD5" });
 
+local advertised_idle_timeout = 14*60; -- default in all net.server implementations
+local network_settings = module:get_option("network_settings");
+if type(network_settings) == "table" and type(network_settings.read_timeout) == "number" then
+	advertised_idle_timeout = network_settings.read_timeout;
+end
+
 local host = module.host;
 
 local function tls_unique(self)
@@ -175,6 +181,17 @@
 	local session = event.session;
 	local features = st.stanza("stream:features");
 	module:fire_event("stream-features", { origin = session, features = features });
+	if session.stanza_size_limit or advertised_idle_timeout then
+		features:reset();
+		local limits = features:tag("limits", { xmlns = "urn:xmpp:stream-limits:0" });
+		if session.stanza_size_limit then
+			limits:text_tag("max-bytes", string.format("%d", session.stanza_size_limit));
+		end
+		if advertised_idle_timeout then
+			limits:text_tag("idle-seconds", string.format("%d", advertised_idle_timeout));
+		end
+		limits:reset();
+	end
 	session.send(features);
 end, -1500);