Commit 16e16fc9 authored by Marius Burkard's avatar Marius Burkard

- removed xmpp from core

parent b0bdaede
......@@ -57,7 +57,6 @@ $autoupdate['reconfigure_crontab'] = 'yes'; // yes (default), no
$autoupdate['svc_detect_change_mail_server'] = 'yes'; // yes (default), no
$autoupdate['svc_detect_change_web_server'] = 'yes'; // yes (default), no
$autoupdate['svc_detect_change_dns_server'] = 'yes'; // yes (default), no
$autoupdate['svc_detect_change_xmpp_server'] = 'yes'; // yes (default), no
$autoupdate['svc_detect_change_firewall_server'] = 'yes'; // yes (default), no
$autoupdate['svc_detect_change_vserver_server'] = 'yes'; // yes (default), no
$autoupdate['svc_detect_change_db_server'] = 'yes'; // yes (default), no
......
#!/bin/bash
IFS=":"
AUTH_OK=1
AUTH_FAILED=0
LOGFILE="/var/log/prosody/auth.log"
USELOG=true
while read ACTION USER HOST PASS ; do
[ $USELOG == true ] && { echo "Date: $(date) Action: $ACTION User: $USER Host: $HOST" >> $LOGFILE; }
case $ACTION in
"auth")
if [ `/usr/bin/php /usr/local/lib/prosody/auth/db_auth.php $USER $HOST $PASS 2>/dev/null` == 1 ] ; then
echo $AUTH_OK
[ $USELOG == true ] && { echo "AUTH OK" >> $LOGFILE; }
else
echo $AUTH_FAILED
[ $USELOG == true ] && { echo "AUTH FAILED" >> $LOGFILE; }
fi
;;
"isuser")
if [ `/usr/bin/php /usr/local/lib/prosody/auth/db_isuser.php $USER $HOST 2>/dev/null` == 1 ] ; then
echo $AUTH_OK
[ $USELOG == true ] && { echo "ISUSER OK" >> $LOGFILE; }
else
echo $AUTH_FAILED
[ $USELOG == true ] && { echo "ISUSER FAILED" >> $LOGFILE; }
fi
;;
*)
echo $AUTH_FAILED
[ $USELOG == true ] && { echo "UNKNOWN ACTION GIVEN: $ACTION" >> $LOGFILE; }
;;
esac
done
<?php
ini_set('display_errors', false);
require_once('db_conf.inc.php');
try{
// Connect database
$db = new mysqli($db_host, $db_user, $db_pass, $db_name);
result_false(mysqli_connect_errno());
// Get arguments
$arg_email = '';
$arg_password = '';
result_false(count($argv) != 4);
$arg_email = $argv[1].'@'.$argv[2];
$arg_password = $argv[3];
// check for existing user
$dbmail = $db->real_escape_string($arg_email);
$query = $db->prepare("SELECT jid, password FROM xmpp_user WHERE jid LIKE ? AND active='y' AND server_id=?");
$query->bind_param('si', $arg_email, $isp_server_id);
$query->execute();
$query->bind_result($jid, $password);
$query->fetch();
$query->close();
result_false(is_null($jid));
checkAuth($arg_password, $password);
}catch(Exception $ex){
echo 0;
exit();
}
function result_false($cond = true){
if(!$cond) return;
echo 0;
exit();
}
function result_true(){
echo 1;
exit();
}
function checkAuth($pw_arg, $pw_db){
if(crypt($pw_arg, $pw_db) == $pw_db)
result_true();
result_false();
}
?>
\ No newline at end of file
<?php
$db_user = '{mysql_server_ispconfig_user}';
$db_pass = '{mysql_server_ispconfig_password}';
$db_name = '{mysql_server_database}';
$db_host = '{mysql_server_ip}';
$isp_server_id = '{server_id}';
\ No newline at end of file
<?php
ini_set('display_errors', false);
require_once('db_conf.inc.php');
try{
// Connect database
$db = new mysqli($db_host, $db_user, $db_pass, $db_name);
result_false(mysqli_connect_errno());
// Get arguments
$arg_email = '';
result_false(count($argv) != 3);
$arg_email = $argv[1].'@'.$argv[2];
// check for existing user
$dbmail = $db->real_escape_string($arg_email);
$query = $db->prepare("SELECT count(*) AS usercount FROM xmpp_user WHERE jid LIKE ? AND active='y' AND server_id=?");
$query->bind_param('si', $arg_email, $isp_server_id);
$query->execute();
$query->bind_result($usercount);
$query->fetch();
$query->close();
result_false($usercount != 1);
result_true();
}catch(Exception $ex){
echo 0;
exit();
}
function result_false($cond = true){
if(!$cond) return;
echo 0;
exit();
}
function result_true(){
echo 1;
exit();
}
?>
#!/usr/bin/php
<?php
define('DEBUG', true);
usage(count($argv) < 3 || count($argv) > 4);
$operation = $argv[1];
$host = $argv[2];
$configFile = file_get_contents('/etc/prosody/storage.cfg.lua');
preg_match_all('/(host|database|port|username|password) *= *"?([^"\n]*)"?;/', $configFile, $matches);
$config = array();
foreach($matches[1] AS $ix => $key) {
$config[$key] = $matches[2][$ix];
}
try {
// Connect to database
$db = new mysqli($config['host'], $config['username'], $config['password'], $config['database']);
switch($operation){
case 'user':
usage(count($argv) != 4);
$user = $argv[3];
do_query($db->prepare("DELETE FROM prosody WHERE user = ? AND host = ?"), $host, $user);
do_query($db->prepare("DELETE FROM prosodyarchive WHERE user = ? AND host = ?"), $host, $user);
break;
case 'domain':
do_query($db->prepare("DELETE FROM prosody WHERE host = ?"), $host);
do_query($db->prepare("DELETE FROM prosodyarchive WHERE host = ?"), $host);
do_query($db->prepare("DELETE FROM prosody WHERE host LIKE ?"), "%.$host");
do_query($db->prepare("DELETE FROM prosodyarchive WHERE host LIKE ?"), "%.$host");
break;
}
$db->close();
} catch (Exception $ex) {
var_dump($ex);
}
function do_query($query, $host, $user = false){
if($user !== false)
$query->bind_param('ss', $user, $host);
else
$query->bind_param('s', $host);
$query->execute();
$entries = $query->affected_rows;
$query->close();
if(DEBUG) echo "$entries deleted!\n";
return $entries;
}
function result_false($cond = true) {
if(!$cond) return;
exit(1);
}
function usage($cond = false){
if(!$cond) return;
echo "USAGE: \n prosody-purge domain my.domain.com \n prosody-purge user my.domain.com username \n";
result_false();
}
#!/bin/bash
IFS=":"
AUTH_OK=1
AUTH_FAILED=0
LOGFILE="/var/log/metronome/auth.log"
USELOG=true
while read ACTION USER HOST PASS ; do
[ $USELOG == true ] && { echo "Date: $(date) Action: $ACTION User: $USER Host: $HOST" >> $LOGFILE; }
case $ACTION in
"auth")
if [ `/usr/bin/php /usr/lib/metronome/isp-modules/mod_auth_external/db_auth.php $USER $HOST $PASS 2>/dev/null` == 1 ] ; then
echo $AUTH_OK
[ $USELOG == true ] && { echo "AUTH OK" >> $LOGFILE; }
else
echo $AUTH_FAILED
[ $USELOG == true ] && { echo "AUTH FAILED" >> $LOGFILE; }
fi
;;
"isuser")
if [ `/usr/bin/php /usr/lib/metronome/isp-modules/mod_auth_external/db_isuser.php $USER $HOST 2>/dev/null` == 1 ] ; then
echo $AUTH_OK
[ $USELOG == true ] && { echo "ISUSER OK" >> $LOGFILE; }
else
echo $AUTH_FAILED
[ $USELOG == true ] && { echo "ISUSER FAILED" >> $LOGFILE; }
fi
;;
*)
echo $AUTH_FAILED
[ $USELOG == true ] && { echo "UNKNOWN ACTION GIVEN: $ACTION" >> $LOGFILE; }
;;
esac
done
<?php
ini_set('display_errors', false);
require_once('db_conf.inc.php');
try{
// Connect database
$db = new mysqli($db_host, $db_user, $db_pass, $db_name);
result_false(mysqli_connect_errno());
// Get arguments
$arg_email = '';
$arg_password = '';
result_false(count($argv) != 4);
$arg_email = $argv[1].'@'.$argv[2];
$arg_password = $argv[3];
// check for existing user
$dbmail = $db->real_escape_string($arg_email);
$query = $db->prepare("SELECT jid, password FROM xmpp_user WHERE jid LIKE ? AND active='y' AND server_id=?");
$query->bind_param('si', $arg_email, $isp_server_id);
$query->execute();
$query->bind_result($jid, $password);
$query->fetch();
$query->close();
result_false(is_null($jid));
checkAuth($arg_password, $password);
}catch(Exception $ex){
echo 0;
exit();
}
function result_false($cond = true){
if(!$cond) return;
echo 0;
exit();
}
function result_true(){
echo 1;
exit();
}
function checkAuth($pw_arg, $pw_db){
if(crypt($pw_arg, $pw_db) == $pw_db)
result_true();
result_false();
}
?>
\ No newline at end of file
<?php
$db_user = '{mysql_server_ispconfig_user}';
$db_pass = '{mysql_server_ispconfig_password}';
$db_name = '{mysql_server_database}';
$db_host = '{mysql_server_ip}';
$isp_server_id = '{server_id}';
\ No newline at end of file
<?php
ini_set('display_errors', false);
require_once('db_conf.inc.php');
try{
// Connect database
$db = new mysqli($db_host, $db_user, $db_pass, $db_name);
result_false(mysqli_connect_errno());
// Get arguments
$arg_email = '';
result_false(count($argv) != 3);
$arg_email = $argv[1].'@'.$argv[2];
// check for existing user
$dbmail = $db->real_escape_string($arg_email);
$query = $db->prepare("SELECT count(*) AS usercount FROM xmpp_user WHERE jid LIKE ? AND active='y' AND server_id=?");
$query->bind_param('si', $arg_email, $isp_server_id);
$query->execute();
$query->bind_result($usercount);
$query->fetch();
$query->close();
result_false($usercount != 1);
result_true();
}catch(Exception $ex){
echo 0;
exit();
}
function result_false($cond = true){
if(!$cond) return;
echo 0;
exit();
}
function result_true(){
echo 1;
exit();
}
?>
local nodeprep = require "util.encodings".stringprep.nodeprep;
local lpc = require "lpc";
local config = require "core.configmanager";
local log = module._log;
local host = module.host;
local script_type = config.get(host, "external_auth_protocol") or "generic";
assert(script_type == "ejabberd" or script_type == "generic");
local command = config.get(host, "external_auth_command") or "";
assert(type(command) == "string");
assert(not host:find(":"));
local usermanager = require "core.usermanager";
local jid_bare = require "util.jid".bare;
local new_sasl = require "util.sasl".new;
local pid;
local readfile;
local writefile;
local function send_query(text)
if pid and lpc.wait(pid,1) ~= nil then
log("debug","error, process died, force reopen");
pid=nil;
end
if not pid then
log("debug", "Opening process " .. command);
pid, writefile, readfile = lpc.run(command);
end
if not pid then
log("debug", "Process failed to open");
return nil;
end
writefile:write(text);
writefile:flush();
if script_type == "ejabberd" then
return readfile:read(4);
elseif script_type == "generic" then
return readfile:read();
end
end
function do_query(kind, username, password)
if not username then return nil, "not-acceptable"; end
username = nodeprep(username);
if not username then return nil, "jid-malformed"; end
local query = (password and "%s:%s:%s:%s" or "%s:%s:%s"):format(kind, username, host, password);
local len = #query
if len > 1000 then return nil, "policy-violation"; end
if script_type == "ejabberd" then
local lo = len % 256;
local hi = (len - lo) / 256;
query = string.char(hi, lo)..query;
end
if script_type == "generic" then
query = query..'\n';
end
local response = send_query(query);
if (script_type == "ejabberd" and response == "\0\2\0\0") or
(script_type == "generic" and response == "0") then
return nil, "not-authorized";
elseif (script_type == "ejabberd" and response == "\0\2\0\1") or
(script_type == "generic" and response == "1") then
return true;
else
log("debug", "Nonsense back");
return nil, "internal-server-error";
end
end
function new_external_provider(host)
local provider = { name = "external" };
function provider.test_password(username, password)
return do_query("auth", username, password);
end
function provider.set_password(username, password)
return do_query("setpass", username, password);
end
function provider.user_exists(username)
return do_query("isuser", username);
end
function provider.create_user(username, password) return nil, "Account creation/modification not available."; end
function provider.get_sasl_handler()
local testpass_authentication_profile = {
plain_test = function(sasl, username, password, realm)
return usermanager.test_password(username, realm, password), true;
end,
};
return new_sasl(module.host, testpass_authentication_profile);
end
function provider.is_admin(jid)
local admins = config.get(host, "admins");
if admins ~= config.get("*", "admins") then
if type(admins) == "table" then
jid = jid_bare(jid);
for _,admin in ipairs(admins) do
if admin == jid then return true; end
end
elseif admins then
log("error", "Option 'admins' for host '%s' is not a table", host);
end
end
return usermanager.is_admin(jid);
end
return provider;
end
module:add_item("auth-provider", new_external_provider(host));
\ No newline at end of file
-- * Metronome IM *
--
-- This file is part of the Metronome XMPP server and is released under the
-- ISC License, please see the LICENSE file in this source package for more
-- information about copyright and licensing.
--
-- As per the sublicensing clause, this file is also MIT/X11 Licensed.
-- ** Copyright (c) 2009, Waqas Hussain
local st = require "util.stanza";
local result_query = st.stanza("query", {xmlns = "http://jabber.org/protocol/disco#items"});
for _, item in ipairs(module:get_option("disco_items") or {}) do
result_query:tag("item", {jid = item[1], name = item[2]}):up();
end
module:hook("iq/host/http://jabber.org/protocol/disco#items:query", function(event)
local stanza = event.stanza;
local query = stanza.tags[1];
if stanza.attr.type == "get" and not query.attr.node then
event.origin.send(st.reply(stanza):add_child(result_query));
return true;
end
end, 100);
module:depends("http");
local jid_split = require "util.jid".prepped_split;
local b64 = require "util.encodings".base64.encode;
local sha1 = require "util.hashes".sha1;
local stanza = require "util.stanza".stanza;
local json = require "util.json".encode_ordered;
local function require_resource(name)
local icon_path = module:get_option_string("presence_icons", "icons");
local f, err = module:load_resource(icon_path.."/"..name);
if f then
return f:read("*a");
end
module:log("warn", "Failed to open image file %s", icon_path..name);
return "";
end
local statuses = { online = {}, away = {}, xa = {}, dnd = {}, chat = {}, offline = {} };
local function handle_request(event, path)
local status, message;
local jid, type = path:match("([^/]+)/?(.*)$");
if jid then
local user, host = jid_split(jid);
if host and not user then
user, host = host, event.request.headers.host;
if host then host = host:gsub(":%d+$", ""); end
end
if user and host then
local user_sessions = hosts[host] and hosts[host].sessions[user];
if user_sessions then
status = user_sessions.top_resources[1];
if status and status.presence then
message = status.presence:child_with_name("status");
status = status.presence:child_with_name("show");
if not status then
status = "online";
else
status = status:get_text();
end
if message then
message = message:get_text();
end
end
end
end
end
status = status or "offline";
statuses[status].image = function()
return { status_code = 200, headers = { content_type = "image/png" },
body = require_resource("status_"..status..".png")
};
end;
statuses[status].html = function()
local jid_hash = sha1(jid, true);
return { status_code = 200, headers = { content_type = "text/html" },
body = [[<!DOCTYPE html>]]..
tostring(
stanza("html")
:tag("head")
:tag("title"):text("XMPP Status Page for "..jid):up():up()
:tag("body")
:tag("div", { id = jid_hash.."_status", class = "xmpp_status" })
:tag("img", { id = jid_hash.."_img", class = "xmpp_status_image xmpp_status_"..status,
src = "data:image/png;base64,"..b64(require_resource("status_"..status..".png")) }):up()
:tag("span", { id = jid_hash.."_status_name", class = "xmpp_status_name" })
:text("\194\160"..status):up()
:tag("span", { id = jid_hash.."_status_message", class = "xmpp_status_message" })
:text(message and "\194\160"..message.."" or "")
)
};
end;
statuses[status].text = function()
return { status_code = 200, headers = { content_type = "text/plain" },
body = status
};
end;
statuses[status].message = function()
return { status_code = 200, headers = { content_type = "text/plain" },
body = (message and message or "")
};
end;
statuses[status].json = function()
return { status_code = 200, headers = { content_type = "application/json" },
body = json({
jid = jid,
show = status,
status = (message and message or "null")
})
};
end;
statuses[status].xml = function()
return { status_code = 200, headers = { content_type = "application/xml" },
body = [[<?xml version="1.0" encoding="utf-8"?>]]..
tostring(
stanza("result")
:tag("jid"):text(jid):up()
:tag("show"):text(status):up()
:tag("status"):text(message)
)
};
end
if ((type == "") or (not statuses[status][type])) then
type = "image"
end;
return statuses[status][type]();
end
module:provides("http", {
default_path = "/status";
route = {
["GET /*"] = handle_request;
};
});
......@@ -226,18 +226,5 @@ $conf['cron']['init_script'] = 'cron';
$conf['cron']['crontab_dir'] = '/etc/cron.d';
$conf['cron']['wget'] = '/usr/bin/wget';
//* Metronome XMPP
$conf['metronome']['installed'] = false;
$conf['metronome']['init_script'] = 'metronome';
$conf['metronome']['initial_modules'] = 'saslauth, tls, dialback, disco, discoitems, version, uptime, time, ping, admin_adhoc, admin_telnet, bosh, posix, announce, offline, webpresence, mam, stream_management, message_carbons';
//* Prosody XMPP
$conf['prosody']['installed'] = false;
$conf['prosody']['init_script'] = 'prosody';
$conf['prosody']['storage_database'] = 'prosody';
$conf['prosody']['storage_user'] = 'prosody';
$conf['prosody']['storage_password'] = md5(uniqid(rand()));
$conf['prosody']['initial_modules'] = 'roster, saslauth, tls, dialback, disco, carbons, pep, private, blocklist, vcard, version, uptime, time, ping, admin_adhoc, mam, bosh, websocket, http_files, announce, proxy65, offline, posix, webpresence, smacks, csi_battery_saver, pep_vcard_avatar, omemo_all_access';