fix(visitors): Fixes leaking s2s connections. (#13391)

* fix(visitors): Fixes leaking s2s connections.

* squash: Split patches in two.

* squash: Adds some comments in patch.

* squash: Fix patch destination.

resources/extra-large-conference/README.md

@@ -5,11 +5,9 @@ configured threshold will be just viewers (visitors) and there is no promotion
 mechanism to become a main participant yet.
 
 TODO:
-* Merge messaging between visitor nodes and main conference
 * Polls
-* Raise hand to be promoted to enter the main conference
-* Make sure it works with tenants.
-
+* Speaker stats
+* call duration
 
 # Low-latency conference streaming to very large audiences
 
@@ -31,6 +29,7 @@ prosodies will be enough for one 10k participants meeting.
 <img src="imgs/visitors-prosody.svg" alt="diagram of a central prosody connected to several visitor prosodies" width="500"/>
 
 # Configuration
+If using older than Prosody 0.12.4 you need to apply the patch - s2sout_override1.patch and s2sout_override2.patch.
 Use the `pre-configure.sh` script to configure your system, passing it the
 number of visitor prosodies to set up.
 `./pre-configure.sh 8`
@@ -46,30 +45,30 @@ Setting up configuration for the main prosody is a manual process:
 ```
       "s2s_bidi";
       "certs_s2soutinjection";
-      "s2soutinjection";
+      "s2sout_override";
       "s2s_whitelist";
 ```
 
 - Add the following config also in the general part (matching the number of prosodies you generated config for):
 ```
 -- targets must be IPs, not hostnames
-s2s_connect_overrides = {
-    ["conference.v1.meet.jitsi"] = { "127.0.0.1", 52691 };
-    ["v1.meet.jitsi"] = { "127.0.0.1", 52691 }; -- needed for v1.meet.jitsi->visitors.jitmeet.example.com
-    ["conference.v2.meet.jitsi"] = { "127.0.0.1", 52692 };
-    ["v2.meet.jitsi"] = { "127.0.0.1", 52692 };
-    ["conference.v3.meet.jitsi"] = { "127.0.0.1", 52693 };
-    ["v3.meet.jitsi"] = { "127.0.0.1", 52693 };
-    ["conference.v4.meet.jitsi"] = { "127.0.0.1", 52694 };
-    ["v4.meet.jitsi"] = { "127.0.0.1", 52694 };
-    ["conference.v5.meet.jitsi"] = { "127.0.0.1", 52695 };
-    ["v5.meet.jitsi"] = { "127.0.0.1", 52695 };
-    ["conference.v6.meet.jitsi"] = { "127.0.0.1", 52696 };
-    ["v6.meet.jitsi"] = { "127.0.0.1", 52696 };
-    ["conference.v7.meet.jitsi"] = { "127.0.0.1", 52697 };
-    ["v7.meet.jitsi"] = { "127.0.0.1", 52697 };
-    ["conference.v8.meet.jitsi"] = { "127.0.0.1", 52698 };
-    ["v8.meet.jitsi"] = { "127.0.0.1", 52698 };
+s2sout_override = {
+    ["conference.v1.meet.jitsi"] = "tcp://127.0.0.1:52691";
+    ["v1.meet.jitsi"] = "tcp://127.0.0.1:52691"; -- needed for v1.meet.jitsi->visitors.jitmeet.example.com
+    ["conference.v2.meet.jitsi"] = "tcp://127.0.0.1:52692";
+    ["v2.meet.jitsi"] = "tcp://127.0.0.1:52692";
+    ["conference.v3.meet.jitsi"] = "tcp://127.0.0.1:52693";
+    ["v3.meet.jitsi"] = "tcp://127.0.0.1:52693";
+    ["conference.v4.meet.jitsi"] = "tcp://127.0.0.1:52694";
+    ["v4.meet.jitsi"] = "tcp://127.0.0.1:52694";
+    ["conference.v5.meet.jitsi"] = "tcp://127.0.0.1:52695";
+    ["v5.meet.jitsi"] = "tcp://127.0.0.1:52695";
+    ["conference.v6.meet.jitsi"] = "tcp://127.0.0.1:52696";
+    ["v6.meet.jitsi"] = "tcp://127.0.0.1:52696";
+    ["conference.v7.meet.jitsi"] = "tcp://127.0.0.1:52697";
+    ["v7.meet.jitsi"] = "tcp://127.0.0.1:52697";
+    ["conference.v8.meet.jitsi"] = "tcp://127.0.0.1:52698";
+    ["v8.meet.jitsi"] = "tcp://127.0.0.1:52698";
 }
 -- allowed list of server-2-server connections
 s2s_whitelist = {

resources/extra-large-conference/prosody.cfg.lua.visitor.template

@@ -30,7 +30,7 @@ modules_enabled = {
       'bosh';
       's2s_bidi';
       's2s_whitelist';
-      's2soutinjection';
+      's2sout_override';
       'certs_s2soutinjection';
 };
 
@@ -40,10 +40,10 @@ s2s_whitelist = {
     'jitmeet.example.com'; -- unavailable presences back to main room
 };
 
-s2s_connect_overrides = {
-    ["conference.jitmeet.example.com"] = { "127.0.0.1", 5269 }; -- needed for visitors to send messages to main room
-    ["jitmeet.example.com"] = { "127.0.0.1", 5269 }; -- needed for the main room when connecting in to send main participants
-    ["visitors.jitmeet.example.com"] = { "127.0.0.1", 5269 }; -- needed for sending promotion request to visitors.jitmeet.example.com component
+s2sout_override = {
+    ["conference.jitmeet.example.com"] = "tcp://127.0.0.1"5269"; -- needed for visitors to send messages to main room
+    ["jitmeet.example.com"] = "tcp://127.0.0.1:5269"; -- needed for the main room when connecting in to send main participants
+    ["visitors.jitmeet.example.com"] = "tcp://127.0.0.1:5269"; -- needed for sending promotion request to visitors.jitmeet.example.com component
 }
 
 external_service_secret = '__turnSecret__';

resources/prosody-plugins/mod_certs_s2soutinjection.lua

@@ -1,9 +1,13 @@
 -- global module
--- validates certificates for all hosts used for s2soutinjection
+-- validates certificates for all hosts used for s2soutinjection or s2sout_override
 module:set_global();
 
 local s2s_overrides = module:get_option("s2s_connect_overrides");
 
+if not s2s_overrides then
+    s2s_overrides = module:get_option("s2sout_override");
+end
+
 function attach(event)
     local session = event.session;
 

resources/prosody-plugins/mod_s2sout_override.lua

@@ -0,0 +1,20 @@
+-- Using as a base version https://hg.prosody.im/prosody-modules/file/6cf2f32dbf40/mod_s2sout_override/mod_s2sout_override.lua
+--% requires: s2sout-pre-connect-event
+
+local url = require"socket.url";
+local basic_resolver = require "net.resolvers.basic";
+
+local override_for = module:get_option(module.name, {}); -- map of host to "tcp://example.com:5269"
+
+module:hook("s2sout-pre-connect", function(event)
+	local override = override_for[event.session.to_host];
+	if type(override) == "string" then
+		override = url.parse(override);
+	end
+	if type(override) == "table" and override.scheme == "tcp" and type(override.host) == "string" then
+		event.resolver = basic_resolver.new(override.host, tonumber(override.port) or 5269, override.scheme, {});
+	elseif type(override) == "table" and override.scheme == "tls" and type(override.host) == "string" then
+		event.resolver = basic_resolver.new(override.host, tonumber(override.port) or 5270, "tcp",
+			{ servername = event.session.to_host; sslctx = event.session.ssl_ctx });
+	end
+end);

resources/prosody-plugins/s2sout_override1.patch

@@ -0,0 +1,11 @@
+diff -r 214a679823e8 core/features.lua
+--- a/core/features.lua	Mon May 01 15:10:32 2023 +0200
++++ b/core/features.lua	Wed May 24 11:53:34 2023 -0500
+@@ -4,5 +4,7 @@
+ 	available = set.new{
+ 		-- mod_bookmarks bundled
+ 		"mod_bookmarks";
++
++		"s2sout-pre-connect-event";
+ 	};
+ };

resources/prosody-plugins/s2sout_override2.patch

@@ -0,0 +1,14 @@
+diff -r 214a679823e8 plugins/mod_s2s.lua
+--- a/mod_s2s.lua	Mon May 01 15:10:32 2023 +0200
++++ b/mod_s2s.lua	Wed May 24 11:53:34 2023 -0500
+@@ -230,6 +230,10 @@
+ 			resolver;
+ 		});
+ 	end
++
++	local pre_event = { session = host_session; resolver = resolver };
++	module:context(from_host):fire_event("s2sout-pre-connect", pre_event);
++	resolver = pre_event.resolver;
+ 	connect(resolver, listener, nil, { session = host_session });
+ 	m_initiated_connections:with_labels(from_host):add(1)
+ 	return true;

resources/prosody-plugins/stanza_router_no-log.patch

@@ -0,0 +1,14 @@
+diff -r 423f240d1173 core/stanza_router.lua
+--- a/core/stanza_router.lua	Tue Feb 21 10:06:54 2023 +0000
++++ b/core/stanza_router.lua	Wed May 24 11:56:02 2023 -0500
+@@ -207,7 +207,7 @@
+ 	else
+ 		local host_session = hosts[from_host];
+ 		if not host_session then
+-			log("error", "No hosts[from_host] (please report): %s", stanza);
++			-- moved it to debug as it fills visitor's prosody logs and this is a situation where we try to send
++			-- presence back to the main server and we don't need anyway as it came from there
++			log("debug", "No hosts[from_host] (please report): %s", stanza);
+ 		else
+ 			local xmlns = stanza.attr.xmlns;
+ 			stanza.attr.xmlns = nil;