~samwhited/xmpp

xmpp/websocket d---------
xmpp: make stream config more flexible

Previously the stream config was a struct and the only thing that could
be changed between stream restarts was the features we advertised.
However, we may want to change other parts of the stream config between
restarts. For example, if we figure out the users JID after the first
step we may want to look them up in the database and set the default
stream language based on their preferences.

To accomplish this we now take a stream config function instead of
taking the struct directly (and the Features field has gone back to
being a slice and is no longer a function itself).
Each time we iterate we update the config by calling the function, which
can look up properties of the session before deciding what config needs
to change.

Fixes #106

Signed-off-by: Sam Whited <sam@samwhited.com>
xmpp, websocket: move websocket negotiator config

Previously we configured whether to use websockets in the stream config.
This meant that in a future version of this library where the stream
config can be changed on each feature negotiation step (eg. to set the
language once we know the JID we're trying to auth as) we could swap
back and forth between websockets and the normal way, which is not
ideal. It also just felt wrong there: the websocket negotiator should
obviously be in the websocket package.
However, splitting it out was difficult because unless we copy/paste the
entire implementation (a maintainability nightmare) we end up with
import loops.
To fix this a somewhat jank internal API was added so that we can use
the same implementation but copy/pate a single string key instead of the
whole thing. For now this works and is hidden from the user.

Signed-off-by: Sam Whited <sam@samwhited.com>
all: update build tags for Go 1.17

See: https://golang.org/issues/41184

Signed-off-by: Sam Whited <sam@samwhited.com>
all: update default TLS config to use TLS >= 1.2

Signed-off-by: Sam Whited <sam@samwhited.com>
all: change stream features to a callback

Previously the stream features were set before the session was
negotiated, meaning that we couldn't send a stream feature only for a
particular JID (eg. based on a server virtual host configuration).
Making them a callback allows for greater flexibility and brings us one
step closer to supporting virtual hosts in a clean way.

See #61

Signed-off-by: Sam Whited <sam@samwhited.com>
all: allow setting session state up front

Previously we could only mark a session as secure or as a
server-to-server connection in the negotiator. However, this left us in
a weird spot where we had two different sources of information and where
the first run of a feature in the default negotiator wouldn't know about
the initial session bits without hacks that made it impossible to
implement the same negotiator outside of the xmpp package.
This provides us with a way to set the session bits before creating the
session or using the negotiator meaning that we can mark a connection as
secure when we pass the connection in and not at some later time. This
also gives us the ability to do partial negotiation and then resume
negotiating later with a different negotiator for some stream
initialization protocols.

Fixes #100

Signed-off-by: Sam Whited <sam@samwhited.com>
all: rework session negotiation functions

Signed-off-by: Sam Whited <sam@samwhited.com>
websocket: split negotiate function in two

Signed-off-by: Sam Whited <sam@samwhited.com>
xmpp: split up NegotiateSession into two functions

Signed-off-by: Sam Whited <sam@samwhited.com>
websocket: test against Ejabberd

Signed-off-by: Sam Whited <sam@samwhited.com>
all: add WebSocket/HTTP options in Prosody tests

Add options to easily configure HTTP and/or WebSocket's on a randomized
port and use them in existing tests.

Signed-off-by: Sam Whited <sam@samwhited.com>
websocket: mark WSS connections as secure

In the various functions that don't let you configure the Negotiator,
mark WSS connections as secure so that authentication can proceed.

Signed-off-by: Sam Whited <sam@samwhited.com>
websocket: add package for dialing websockets

Signed-off-by: Sam Whited <sam@samwhited.com>
Remove accidentally comitted websocket code
Run tests with race detector
Remove experimental websocket code
Actually write the websocket protocol resp header
Add initial websocket structs

And a quick handler implementation