2 files changed, 19 insertions, 9 deletions

diff --git a/ChangeLog b/ChangeLog
index d43576dc..6c74ced8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2008-11-06  Badlop  <badlop@process-one.net>
+
+	* src/extauth.erl: When the extauth call fails or timeouts, deny
+	authorization. Use two timeouts: 60s for script initialization and
+	10s for regular calls. (thanks to Kevin Crosbie from
+	Ravenpack) (EJAB-627)
+
 2008-11-03  Alexey Shchepin  <alexey@process-one.net>
 
 	* src/ejabberd_c2s.erl: Disable zlib when STARTTLS is required
diff --git a/src/extauth.erl b/src/extauth.erl
index c4acb305..99fc1fae 100644
--- a/src/extauth.erl
+++ b/src/extauth.erl
@@ -32,7 +32,8 @@
 
 -include("ejabberd.hrl").
 
--define(CALL_TIMEOUT, 30000). % Timeout is in milliseconds: 30 seconds == 30000
+-define(INIT_TIMEOUT, 60000). % Timeout is in milliseconds: 60 seconds == 60000
+-define(CALL_TIMEOUT, 10000). % Timeout is in milliseconds: 10 seconds == 10000
 
 start(Host, ExtPrg) ->
     spawn(?MODULE, init, [Host, ExtPrg]).
@@ -41,7 +42,7 @@ init(Host, ExtPrg) ->
     register(gen_mod:get_module_proc(Host, eauth), self()),
     process_flag(trap_exit,true),
     Port = open_port({spawn, ExtPrg}, [{packet,2}]),
-    loop(Port).
+    loop(Port, ?INIT_TIMEOUT).
 
 stop(Host) ->
     gen_mod:get_module_proc(Host, eauth) ! stop.
@@ -63,21 +64,23 @@ call_port(Server, Msg) ->
 	    Result
     end.
 
-loop(Port) ->
+loop(Port, Timeout) ->
     receive
 	{call, Caller, Msg} ->
 	    Port ! {self(), {command, encode(Msg)}},
 	    receive
 		{Port, {data, Data}} ->
                     ?DEBUG("extauth call '~p' received data response:~n~p", [Msg, Data]),
-		    Caller ! {eauth, decode(Data)};
-                {Port, Other} ->
-                    ?ERROR_MSG("extauth call '~p' received strange response:~n~p", [Msg, Other])
+                    Caller ! {eauth, decode(Data)};
+		{Port, Other} ->
+                    ?ERROR_MSG("extauth call '~p' received strange response:~n~p", [Msg, Other]),
+                    Caller ! {eauth, false}
             after
-                ?CALL_TIMEOUT ->
-                    ?ERROR_MSG("extauth call '~p' didn't receive response~n", [Msg])
+                Timeout ->
+                    ?ERROR_MSG("extauth call '~p' didn't receive response", [Msg]),
+                    Caller ! {eauth, false}
 	    end,
-	    loop(Port);
+	    loop(Port, ?CALL_TIMEOUT);
 	stop ->
 	    Port ! {self(), close},
 	    receive