dialback_in.cc File Reference

handle incoming server to server connections More...

#include "dialback.h"

Functions
void	dialback_in_dbic_cleanup (void *arg)
void	dialback_in_read_db (mio m, int flags, void *arg, xmlnode x, char *unused1, int unused2)
void	dialback_in_read (mio m, int flags, void *arg, xmlnode x, char *unused1, int unused2)
void	dialback_in_verify (db d, xmlnode x)

---

Detailed Description

handle incoming server to server connections

In this file there are the functions used to handle the incoming connections on the server connection manager.

After an other server has connected to us, we have to check its identity using dialback. If the check succeeds, we trust the peer, that it is allowed to send messages originating at the checked domain.

How dialback works is documented in XMPP core (RFC 3920)

---

Function Documentation

void dialback_in_dbic_cleanup

(

void *

arg

)

remove a incoming connection from the hashtable of all incoming connections waiting to be checked

Parameters:

arg	the connection that should be removed from the hash-table (type is dbic)

References dbic_struct::d, dbic_struct::id, db_struct::in_id, xhash_get(), and xhash_zap().

void dialback_in_read	(	mio	m,
		int	flags,
		void *	arg,
		xmlnode	x,
		char *	unused1,
		int	unused2
	)

callback for mio for accepted sockets

Our task is:

• Verify the stream root element
• Check the type of server-to-server stream (we support: dialback, xmpp+dialback)
• For xmpp+dialback: send stream:features (we support: starttls)
• Reset the mio callback. Stanzas are handled by dialback_in_read_db()

Parameters:

m	the connection on which the stream root element has been received
flags	the mio action, everything but MIO_XML_ROOT is ignored
arg	the db instance
x	the stream root element
unused1	unused/ignored
unused2	unused/ignored

References mio_st::authed_other_side, dbic_struct::d, dialback_get_loopcheck_token(), dialback_in_read_db(), dialback_miod_hash(), dialback_miod_new(), mio_st::fd, db_struct::hosts_auth, db_struct::hosts_tls, db_struct::hosts_xmpp, dbic_struct::id, db_struct::in_ok_db, mio_st::in_root, j_atoi(), j_strcmp(), jid_full(), jid_new(), jid_set(), log_debug2, LOGT_IO, dbic_struct::m, mio_close(), mio_is_encrypted(), mio_reset(), mio_ssl_starttls_possible(), mio_ssl_verify(), mio_write(), mio_write_root(), MIO_XML_ROOT, dbic_struct::other_domain, dbic_struct::we_domain, xhash_get_by_domain(), xmlnode_free(), xmlnode_get_attrib_ns(), xmlnode_insert_cdata(), xmlnode_insert_tag_ns(), xmlnode_new_tag_ns(), xmlnode_pool(), xmlnode_put_attrib_ns(), xmlnode_serialize_string(), dbic_struct::xmpp_version, and xstream_header().

Referenced by dialback(), and dialback_in_read_db().

void dialback_in_read_db	(	mio	m,
		int	flags,
		void *	arg,
		xmlnode	x,
		char *	unused1,
		int	unused2
	)

callback for mio for accepted sockets that are dialback

• We check if the other host wants to switch to using TLS.
• We check if the other host wants to verify a dialback connection we made to them
• We accept db:result element, where the peer wants to authenticate to use a domain
• We accept stanzas send from a sender the peer has been authorized to use
• Else we generate a stream:error

Parameters:

m	the connection on which the stanza has been read
flags	the mio action, should always be MIO_XML_NODE, other actions are ignored
arg	the dbic instance of the stream on which the stanza has been read
x	the stanza that has been read
unused1	unused/ignored
unused2	unused/ignored

References mio_st::authed_other_side, base64_decode(), dbic_struct::d, deliver(), dialback_check_settings(), dialback_in_read(), dialback_merlin(), dialback_miod_read(), dpacket_new(), xmppd::error, mio_st::fd, db_struct::hosts_auth, db_struct::hosts_tls, db_struct::i, dbic_struct::id, instance_struct::id, db_struct::in_ok_db, j_strcasecmp(), j_strcmp(), j_strlen(), jid_full(), jid_new(), jid_set(), jutil_tofrom(), log_debug2, log_error, log_notice(), log_warn(), LOGT_IO, miod_struct::m, dbic_struct::m, mio_close(), mio_ip, mio_reset(), mio_ssl_starttls_possible(), mio_ssl_verify(), mio_write(), MIO_XML_NODE, mio_xml_reset(), mio_xml_starttls(), dbic_struct::other_domain, mio_st::p, pmalloco(), pstrdup(), dbic_struct::results, db_struct::secret, dbic_struct::we_domain, xhash_get(), xhash_get_by_domain(), xmlnode_free(), xmlnode_get_attrib_ns(), xmlnode_get_data(), xmlnode_get_firstchild(), xmlnode_get_localname(), xmlnode_get_namespace(), xmlnode_hide(), xmlnode_insert_node(), xmlnode_insert_tag_node(), xmlnode_new_tag_ns(), xmlnode_new_tag_pool_ns(), xmlnode_pool(), xmlnode_put_attrib_ns(), xmlnode_serialize_string(), xmlnode_wrap_ns(), dbic_struct::xmpp_version, xstream_format_error(), and xstream_parse_error().

Referenced by dialback_in_read().

void dialback_in_verify	(	db	d,
		xmlnode	x
	)

Handle db:verify packets, that we got as a result to our dialback to the authoritive server.

We expect the to attribute to be our name and the from attribute to be the remote name.

We have to do:

• Check if there is (still) a connection for this dialback result
• If the we got type='valid' we have to authorize the peer to use the verified sender address
• Inform the peer about the result

Note:

dialback_out_connection_cleanup() calls this function as well to trash pending verifies. In that case we don't get the db:verify result, but the db:verify query (no type attribute set).

Parameters:

d	the db instance
x	the db:verify answer packet

References dbic_struct::d, dialback_check_settings(), dialback_miod_hash(), dialback_miod_new(), db_struct::i, dbic_struct::id, instance_struct::id, db_struct::in_id, db_struct::in_ok_db, j_strcmp(), jid_full(), jid_new(), jid_set(), log_debug2, log_warn(), LOGT_AUTH, dbic_struct::m, mio_write(), dbic_struct::results, db_struct::std_ns_prefixes, xhash_get(), xmlnode_free(), xmlnode_get_attrib_ns(), xmlnode_get_list_item(), xmlnode_get_tags(), xmlnode_hide(), xmlnode_new_tag_pool_ns(), xmlnode_pool(), xmlnode_put_attrib_ns(), xmlnode_serialize_string(), and dbic_struct::xmpp_version.

Referenced by dialback_out_connection_cleanup(), dialback_out_packet(), dialback_out_read(), dialback_out_read_db(), and dialback_packets().