matty/peertube-plugin-livechat
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix session.secure for outgoint websocket s2s.

Browse Source
This commit is contained in:
John Livingston 2023-05-25 10:32:33 +02:00
parent cf6dce693a
commit 9d40405f75
No known key found for this signature in database
GPG Key ID: B17B5640CE66CDBC
2 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -12,7 +12,6 @@
TODO: documentation, and settings names/descriptions changes related to direct XMPP S2S connections. TODO: documentation, and settings names/descriptions changes related to direct XMPP S2S connections.
TODO?: mod_s2s_peertubelivechat: dont allow to connect to remote server that are not Peertube servers? TODO?: mod_s2s_peertubelivechat: dont allow to connect to remote server that are not Peertube servers?
TODO: when sanitizing remote chat endpoint, check that the domain is the same as the video domain (or is room.videodomain.tld). TODO: when sanitizing remote chat endpoint, check that the domain is the same as the video domain (or is room.videodomain.tld).
TODO: outgoing s2s connection have a session.secure=true hardcoded. Should not.
TODO: only compatible with Prosody 0.12.x. So it should be documented for people using «system Prosody». And i should fix the ARM AppImage. TODO: only compatible with Prosody 0.12.x. So it should be documented for people using «system Prosody». And i should fix the ARM AppImage.
TODO: it seems that in some case A->B can be Websocket, and B->A direct S2S. Check if this is fine. And maybe we can optimise some code, by allowing directS2S event if current server dont accept it. TODO: it seems that in some case A->B can be Websocket, and B->A direct S2S. Check if this is fine. And maybe we can optimise some code, by allowing directS2S event if current server dont accept it.
TODO: check that the keepalive is working with websocket s2s. It seems the connection is often close and reopened. TODO: check that the keepalive is working with websocket s2s. It seems the connection is often close and reopened.

15
prosody-modules/mod_websocket_s2s_peertubelivechat/mod_websocket_s2s_peertubelivechat.lua
View File

@ -546,6 +546,10 @@ function route_to_new_session(event)
log("debug", "No websocket s2s capabilities from remote host %s", to_host); log("debug", "No websocket s2s capabilities from remote host %s", to_host);
return; return;
end end
local ws_url = ws_properties.url;
if (not ws_url) then
log("error", "Missing url in the discover-websocket-s2s result");
end
log("debug", "Found a Websocket endpoint for s2s communications to remote host %s", to_host); log("debug", "Found a Websocket endpoint for s2s communications to remote host %s", to_host);
local session = s2s_new_outgoing(from_host, to_host); local session = s2s_new_outgoing(from_host, to_host);
@ -561,12 +565,19 @@ function route_to_new_session(event)
session.open_stream = session_open_stream; session.open_stream = session_open_stream;
session.close = session_close; session.close = session_close;
session.secure = true; -- FIXME should test if protocol is wss or ws
local ex = {}; local ex = {};
ex["headers"] = ws_properties.extra_headers or {}; ex["headers"] = ws_properties.extra_headers or {};
ex["protocol"] = "xmpp"; ex["protocol"] = "xmpp";
if ws_url:find('^wss') ~= nil then
log("debug", "Outgoing WS S2S Session is considered secure, we are using wss");
session.secure = true;
else
log("debug", "Outgoing WS S2S Session is considered insecure, because the endpoint is not using wss");
session.secure = false;
end
-- now we start using the session logger -- now we start using the session logger
local log = session.log; local log = session.log;
log("debug", "Starting the s2s websocket connection process"); log("debug", "Starting the s2s websocket connection process");
@ -595,7 +606,7 @@ function route_to_new_session(event)
-- is called. But here, we switch the connection listener to use the -- is called. But here, we switch the connection listener to use the
-- s2s_listener as soon as the connection is open. So it can't work. -- s2s_listener as soon as the connection is open. So it can't work.
-- That's why I use net.http, and handle the Websocket handshake by hand. -- That's why I use net.http, and handle the Websocket handshake by hand.
local ws_connection = custom_connect(ws_properties['url'], ex, { local ws_connection = custom_connect(ws_url, ex, {
onopen = onopen; onopen = onopen;
onclose = onclose; onclose = onclose;
}); });