diff options
| -rw-r--r-- | ChangeLog | 7 | ||||
| -rw-r--r-- | src/extauth.erl | 21 |
2 files changed, 19 insertions, 9 deletions
@@ -1,3 +1,10 @@ +2008-11-06 Badlop <badlop@process-one.net> + + * src/extauth.erl: When the extauth call fails or timeouts, deny + authorization. Use two timeouts: 60s for script initialization and + 10s for regular calls. (thanks to Kevin Crosbie from + Ravenpack) (EJAB-627) + 2008-11-03 Alexey Shchepin <alexey@process-one.net> * src/ejabberd_c2s.erl: Disable zlib when STARTTLS is required diff --git a/src/extauth.erl b/src/extauth.erl index c4acb305d..99fc1fae3 100644 --- a/src/extauth.erl +++ b/src/extauth.erl @@ -32,7 +32,8 @@ -include("ejabberd.hrl"). --define(CALL_TIMEOUT, 30000). % Timeout is in milliseconds: 30 seconds == 30000 +-define(INIT_TIMEOUT, 60000). % Timeout is in milliseconds: 60 seconds == 60000 +-define(CALL_TIMEOUT, 10000). % Timeout is in milliseconds: 10 seconds == 10000 start(Host, ExtPrg) -> spawn(?MODULE, init, [Host, ExtPrg]). @@ -41,7 +42,7 @@ init(Host, ExtPrg) -> register(gen_mod:get_module_proc(Host, eauth), self()), process_flag(trap_exit,true), Port = open_port({spawn, ExtPrg}, [{packet,2}]), - loop(Port). + loop(Port, ?INIT_TIMEOUT). stop(Host) -> gen_mod:get_module_proc(Host, eauth) ! stop. @@ -63,21 +64,23 @@ call_port(Server, Msg) -> Result end. -loop(Port) -> +loop(Port, Timeout) -> receive {call, Caller, Msg} -> Port ! {self(), {command, encode(Msg)}}, receive {Port, {data, Data}} -> ?DEBUG("extauth call '~p' received data response:~n~p", [Msg, Data]), - Caller ! {eauth, decode(Data)}; - {Port, Other} -> - ?ERROR_MSG("extauth call '~p' received strange response:~n~p", [Msg, Other]) + Caller ! {eauth, decode(Data)}; + {Port, Other} -> + ?ERROR_MSG("extauth call '~p' received strange response:~n~p", [Msg, Other]), + Caller ! {eauth, false} after - ?CALL_TIMEOUT -> - ?ERROR_MSG("extauth call '~p' didn't receive response~n", [Msg]) + Timeout -> + ?ERROR_MSG("extauth call '~p' didn't receive response", [Msg]), + Caller ! {eauth, false} end, - loop(Port); + loop(Port, ?CALL_TIMEOUT); stop -> Port ! {self(), close}, receive |