2002-12-06 21:59:19 +01:00
|
|
|
%%%----------------------------------------------------------------------
|
|
|
|
|
%%% File : ejabberd_s2s_in.erl
|
2007-12-24 12:41:41 +01:00
|
|
|
%%% Author : Alexey Shchepin <alexey@process-one.net>
|
2006-01-13 02:55:20 +01:00
|
|
|
%%% Purpose : Serve incoming s2s connection
|
2007-12-24 12:41:41 +01:00
|
|
|
%%% Created : 6 Dec 2002 by Alexey Shchepin <alexey@process-one.net>
|
|
|
|
|
%%%
|
|
|
|
|
%%%
|
2017-01-02 21:41:53 +01:00
|
|
|
%%% ejabberd, Copyright (C) 2002-2017 ProcessOne
|
2007-12-24 12:41:41 +01:00
|
|
|
%%%
|
|
|
|
|
%%% This program is free software; you can redistribute it and/or
|
|
|
|
|
%%% modify it under the terms of the GNU General Public License as
|
|
|
|
|
%%% published by the Free Software Foundation; either version 2 of the
|
|
|
|
|
%%% License, or (at your option) any later version.
|
|
|
|
|
%%%
|
|
|
|
|
%%% This program is distributed in the hope that it will be useful,
|
|
|
|
|
%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
%%% General Public License for more details.
|
2009-01-12 15:44:42 +01:00
|
|
|
%%%
|
2014-02-22 11:27:40 +01:00
|
|
|
%%% You should have received a copy of the GNU General Public License along
|
|
|
|
|
%%% with this program; if not, write to the Free Software Foundation, Inc.,
|
|
|
|
|
%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
2007-12-24 12:41:41 +01:00
|
|
|
%%%
|
2002-12-06 21:59:19 +01:00
|
|
|
%%%----------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
-module(ejabberd_s2s_in).
|
2013-03-14 10:33:02 +01:00
|
|
|
|
2015-06-01 14:38:27 +02:00
|
|
|
-behaviour(ejabberd_config).
|
|
|
|
|
|
2007-12-24 12:41:41 +01:00
|
|
|
-author('alexey@process-one.net').
|
2002-12-06 21:59:19 +01:00
|
|
|
|
2011-12-02 19:30:20 +01:00
|
|
|
-behaviour(p1_fsm).
|
2002-12-06 21:59:19 +01:00
|
|
|
|
|
|
|
|
%% External exports
|
2014-04-28 01:42:02 +02:00
|
|
|
-export([start/2, start_link/2, socket_type/0]).
|
2002-12-06 21:59:19 +01:00
|
|
|
|
2013-03-14 10:33:02 +01:00
|
|
|
-export([init/1, wait_for_stream/2,
|
|
|
|
|
wait_for_feature_request/2, stream_established/2,
|
|
|
|
|
handle_event/3, handle_sync_event/4, code_change/4,
|
2015-06-01 14:38:27 +02:00
|
|
|
handle_info/3, print_state/1, terminate/3, opt_type/1]).
|
2002-12-06 21:59:19 +01:00
|
|
|
|
|
|
|
|
-include("ejabberd.hrl").
|
2013-04-08 11:12:54 +02:00
|
|
|
-include("logger.hrl").
|
2013-03-14 10:33:02 +01:00
|
|
|
|
2016-07-27 09:45:08 +02:00
|
|
|
-include("xmpp.hrl").
|
2013-03-14 10:33:02 +01:00
|
|
|
|
2003-10-29 21:09:09 +01:00
|
|
|
-define(DICT, dict).
|
|
|
|
|
|
2013-03-14 10:33:02 +01:00
|
|
|
-record(state,
|
|
|
|
|
{socket :: ejabberd_socket:socket_state(),
|
|
|
|
|
sockmod = ejabberd_socket :: ejabberd_socket | ejabberd_frontend_socket,
|
|
|
|
|
streamid = <<"">> :: binary(),
|
|
|
|
|
shaper = none :: shaper:shaper(),
|
|
|
|
|
tls = false :: boolean(),
|
|
|
|
|
tls_enabled = false :: boolean(),
|
|
|
|
|
tls_required = false :: boolean(),
|
|
|
|
|
tls_certverify = false :: boolean(),
|
|
|
|
|
tls_options = [] :: list(),
|
|
|
|
|
server = <<"">> :: binary(),
|
|
|
|
|
authenticated = false :: boolean(),
|
|
|
|
|
auth_domain = <<"">> :: binary(),
|
2015-02-11 12:08:16 +01:00
|
|
|
connections = (?DICT):new() :: ?TDICT,
|
2013-03-14 10:33:02 +01:00
|
|
|
timer = make_ref() :: reference()}).
|
2002-12-07 21:27:26 +01:00
|
|
|
|
2016-08-09 09:56:32 +02:00
|
|
|
-type state_name() :: wait_for_stream | wait_for_feature_request | stream_established.
|
2016-07-27 09:45:08 +02:00
|
|
|
-type state() :: #state{}.
|
|
|
|
|
-type fsm_next() :: {next_state, state_name(), state()}.
|
|
|
|
|
-type fsm_stop() :: {stop, normal, state()}.
|
|
|
|
|
-type fsm_transition() :: fsm_stop() | fsm_next().
|
2002-12-06 21:59:19 +01:00
|
|
|
|
2016-07-27 09:45:08 +02:00
|
|
|
%%-define(DBGFSM, true).
|
2002-12-06 21:59:19 +01:00
|
|
|
-ifdef(DBGFSM).
|
|
|
|
|
-define(FSMOPTS, [{debug, [trace]}]).
|
|
|
|
|
-else.
|
|
|
|
|
-define(FSMOPTS, []).
|
2013-03-14 10:33:02 +01:00
|
|
|
-endif.
|
2011-12-02 19:30:20 +01:00
|
|
|
|
2015-11-04 16:24:35 +01:00
|
|
|
start(SockData, Opts) ->
|
|
|
|
|
supervisor:start_child(ejabberd_s2s_in_sup,
|
|
|
|
|
[SockData, Opts]).
|
2003-07-20 22:35:35 +02:00
|
|
|
|
2003-11-10 22:25:36 +01:00
|
|
|
start_link(SockData, Opts) ->
|
2013-03-14 10:33:02 +01:00
|
|
|
p1_fsm:start_link(ejabberd_s2s_in, [SockData, Opts],
|
|
|
|
|
?FSMOPTS ++ fsm_limit_opts(Opts)).
|
2002-12-06 21:59:19 +01:00
|
|
|
|
2013-03-14 10:33:02 +01:00
|
|
|
socket_type() -> xml_stream.
|
2006-09-25 05:51:11 +02:00
|
|
|
|
2002-12-06 21:59:19 +01:00
|
|
|
%%%----------------------------------------------------------------------
|
|
|
|
|
%%% Callback functions from gen_fsm
|
|
|
|
|
%%%----------------------------------------------------------------------
|
|
|
|
|
|
2006-10-01 03:53:37 +02:00
|
|
|
init([{SockMod, Socket}, Opts]) ->
|
2007-09-14 16:16:04 +02:00
|
|
|
?DEBUG("started: ~p", [{SockMod, Socket}]),
|
2003-11-10 22:25:36 +01:00
|
|
|
Shaper = case lists:keysearch(shaper, 1, Opts) of
|
2013-03-14 10:33:02 +01:00
|
|
|
{value, {_, S}} -> S;
|
|
|
|
|
_ -> none
|
2003-11-10 22:25:36 +01:00
|
|
|
end,
|
2013-03-14 10:33:02 +01:00
|
|
|
{StartTLS, TLSRequired, TLSCertverify} =
|
2013-08-12 14:25:05 +02:00
|
|
|
case ejabberd_config:get_option(
|
2013-03-14 10:33:02 +01:00
|
|
|
s2s_use_starttls,
|
|
|
|
|
fun(false) -> false;
|
|
|
|
|
(true) -> true;
|
|
|
|
|
(optional) -> optional;
|
|
|
|
|
(required) -> required;
|
|
|
|
|
(required_trusted) -> required_trusted
|
|
|
|
|
end,
|
|
|
|
|
false) of
|
|
|
|
|
UseTls
|
|
|
|
|
when (UseTls == undefined) or
|
|
|
|
|
(UseTls == false) ->
|
|
|
|
|
{false, false, false};
|
|
|
|
|
UseTls
|
|
|
|
|
when (UseTls == true) or
|
|
|
|
|
(UseTls ==
|
|
|
|
|
optional) ->
|
|
|
|
|
{true, false, false};
|
|
|
|
|
required -> {true, true, false};
|
|
|
|
|
required_trusted ->
|
|
|
|
|
{true, true, true}
|
|
|
|
|
end,
|
2013-08-12 14:25:05 +02:00
|
|
|
TLSOpts1 = case ejabberd_config:get_option(
|
2013-03-14 10:33:02 +01:00
|
|
|
s2s_certfile,
|
|
|
|
|
fun iolist_to_binary/1) of
|
|
|
|
|
undefined -> [];
|
|
|
|
|
CertFile -> [{certfile, CertFile}]
|
2005-10-25 03:08:37 +02:00
|
|
|
end,
|
2013-11-28 18:39:11 +01:00
|
|
|
TLSOpts2 = case ejabberd_config:get_option(
|
|
|
|
|
s2s_ciphers, fun iolist_to_binary/1) of
|
|
|
|
|
undefined -> TLSOpts1;
|
|
|
|
|
Ciphers -> [{ciphers, Ciphers} | TLSOpts1]
|
|
|
|
|
end,
|
2014-04-01 21:57:33 +02:00
|
|
|
TLSOpts3 = case ejabberd_config:get_option(
|
|
|
|
|
s2s_protocol_options,
|
|
|
|
|
fun (Options) ->
|
|
|
|
|
[_|O] = lists:foldl(
|
|
|
|
|
fun(X, Acc) -> X ++ Acc end, [],
|
|
|
|
|
[["|" | binary_to_list(Opt)] || Opt <- Options, is_binary(Opt)]
|
|
|
|
|
),
|
|
|
|
|
iolist_to_binary(O)
|
|
|
|
|
end) of
|
|
|
|
|
undefined -> TLSOpts2;
|
|
|
|
|
ProtocolOpts -> [{protocol_options, ProtocolOpts} | TLSOpts2]
|
|
|
|
|
end,
|
2015-05-26 21:06:04 +02:00
|
|
|
TLSOpts4 = case ejabberd_config:get_option(
|
|
|
|
|
s2s_dhfile, fun iolist_to_binary/1) of
|
|
|
|
|
undefined -> TLSOpts3;
|
|
|
|
|
DHFile -> [{dhfile, DHFile} | TLSOpts3]
|
|
|
|
|
end,
|
2013-07-17 14:28:23 +02:00
|
|
|
TLSOpts = case proplists:get_bool(tls_compression, Opts) of
|
2015-05-26 21:06:04 +02:00
|
|
|
false -> [compression_none | TLSOpts4];
|
|
|
|
|
true -> TLSOpts4
|
2013-07-17 14:28:23 +02:00
|
|
|
end,
|
2003-12-06 20:58:49 +01:00
|
|
|
Timer = erlang:start_timer(?S2STIMEOUT, self(), []),
|
2003-05-12 20:36:13 +02:00
|
|
|
{ok, wait_for_stream,
|
2013-03-14 10:33:02 +01:00
|
|
|
#state{socket = Socket, sockmod = SockMod,
|
|
|
|
|
streamid = new_id(), shaper = Shaper, tls = StartTLS,
|
|
|
|
|
tls_enabled = false, tls_required = TLSRequired,
|
|
|
|
|
tls_certverify = TLSCertverify, tls_options = TLSOpts,
|
2003-12-06 20:58:49 +01:00
|
|
|
timer = Timer}}.
|
2002-12-06 21:59:19 +01:00
|
|
|
|
|
|
|
|
%%----------------------------------------------------------------------
|
|
|
|
|
%% Func: StateName/2
|
|
|
|
|
%% Returns: {next_state, NextStateName, NextStateData} |
|
|
|
|
|
%% {next_state, NextStateName, NextStateData, Timeout} |
|
2007-09-14 16:15:44 +02:00
|
|
|
%% {stop, Reason, NewStateData}
|
2002-12-06 21:59:19 +01:00
|
|
|
%%----------------------------------------------------------------------
|
2016-07-27 09:45:08 +02:00
|
|
|
wait_for_stream({xmlstreamstart, Name, Attrs}, StateData) ->
|
|
|
|
|
try xmpp:decode(#xmlel{name = Name, attrs = Attrs}) of
|
|
|
|
|
#stream_start{xmlns = NS_SERVER, stream_xmlns = NS_STREAM}
|
|
|
|
|
when NS_SERVER /= ?NS_SERVER; NS_STREAM /= ?NS_STREAM ->
|
2016-09-23 11:30:33 +02:00
|
|
|
send_header(StateData, {1,0}),
|
2016-07-27 09:45:08 +02:00
|
|
|
send_element(StateData, xmpp:serr_invalid_namespace()),
|
|
|
|
|
{stop, normal, StateData};
|
|
|
|
|
#stream_start{to = #jid{lserver = Server},
|
2016-09-23 11:30:33 +02:00
|
|
|
from = From, version = {1,0}}
|
2016-07-27 09:45:08 +02:00
|
|
|
when StateData#state.tls and not StateData#state.authenticated ->
|
2016-09-23 11:30:33 +02:00
|
|
|
send_header(StateData, {1,0}),
|
2016-07-27 09:45:08 +02:00
|
|
|
Auth = if StateData#state.tls_enabled ->
|
2016-09-23 11:30:33 +02:00
|
|
|
case From of
|
|
|
|
|
#jid{} ->
|
|
|
|
|
{Result, Message} =
|
|
|
|
|
ejabberd_s2s:check_peer_certificate(
|
|
|
|
|
StateData#state.sockmod,
|
|
|
|
|
StateData#state.socket,
|
|
|
|
|
From#jid.lserver),
|
|
|
|
|
{Result, From#jid.lserver, Message};
|
|
|
|
|
undefined ->
|
|
|
|
|
{error, <<"(unknown)">>,
|
|
|
|
|
<<"Got no valid 'from' attribute">>}
|
|
|
|
|
end;
|
2016-07-27 09:45:08 +02:00
|
|
|
true ->
|
|
|
|
|
{no_verify, <<"(unknown)">>, <<"TLS not (yet) enabled">>}
|
|
|
|
|
end,
|
|
|
|
|
StartTLS = if StateData#state.tls_enabled -> [];
|
|
|
|
|
not StateData#state.tls_enabled and
|
2013-03-14 10:33:02 +01:00
|
|
|
not StateData#state.tls_required ->
|
2016-07-27 09:45:08 +02:00
|
|
|
[#starttls{required = false}];
|
|
|
|
|
not StateData#state.tls_enabled and
|
2013-03-14 10:33:02 +01:00
|
|
|
StateData#state.tls_required ->
|
2016-07-27 09:45:08 +02:00
|
|
|
[#starttls{required = true}]
|
|
|
|
|
end,
|
|
|
|
|
case Auth of
|
|
|
|
|
{error, RemoteServer, CertError}
|
|
|
|
|
when StateData#state.tls_certverify ->
|
|
|
|
|
?INFO_MSG("Closing s2s connection: ~s <--> ~s (~s)",
|
|
|
|
|
[StateData#state.server, RemoteServer, CertError]),
|
|
|
|
|
send_element(StateData,
|
|
|
|
|
xmpp:serr_policy_violation(CertError, ?MYLANG)),
|
|
|
|
|
{stop, normal, StateData};
|
|
|
|
|
{VerifyResult, RemoteServer, Msg} ->
|
|
|
|
|
{SASL, NewStateData} =
|
|
|
|
|
case VerifyResult of
|
|
|
|
|
ok ->
|
|
|
|
|
{[#sasl_mechanisms{list = [<<"EXTERNAL">>]}],
|
|
|
|
|
StateData#state{auth_domain = RemoteServer}};
|
|
|
|
|
error ->
|
|
|
|
|
?DEBUG("Won't accept certificate of ~s: ~s",
|
|
|
|
|
[RemoteServer, Msg]),
|
|
|
|
|
{[], StateData};
|
|
|
|
|
no_verify ->
|
|
|
|
|
{[], StateData}
|
|
|
|
|
end,
|
|
|
|
|
send_element(NewStateData,
|
|
|
|
|
#stream_features{
|
|
|
|
|
sub_els = SASL ++ StartTLS ++
|
|
|
|
|
ejabberd_hooks:run_fold(
|
|
|
|
|
s2s_stream_features, Server, [],
|
|
|
|
|
[Server])}),
|
|
|
|
|
{next_state, wait_for_feature_request,
|
|
|
|
|
NewStateData#state{server = Server}}
|
|
|
|
|
end;
|
|
|
|
|
#stream_start{to = #jid{lserver = Server},
|
2016-09-23 11:30:33 +02:00
|
|
|
version = {1,0}} when StateData#state.authenticated ->
|
|
|
|
|
send_header(StateData, {1,0}),
|
2016-07-27 09:45:08 +02:00
|
|
|
send_element(StateData,
|
|
|
|
|
#stream_features{
|
|
|
|
|
sub_els = ejabberd_hooks:run_fold(
|
|
|
|
|
s2s_stream_features, Server, [],
|
|
|
|
|
[Server])}),
|
|
|
|
|
{next_state, stream_established, StateData};
|
|
|
|
|
#stream_start{db_xmlns = ?NS_SERVER_DIALBACK}
|
|
|
|
|
when (StateData#state.tls_required and StateData#state.tls_enabled)
|
|
|
|
|
or (not StateData#state.tls_required) ->
|
2016-09-23 11:30:33 +02:00
|
|
|
send_header(StateData, undefined),
|
2016-07-27 09:45:08 +02:00
|
|
|
{next_state, stream_established, StateData};
|
|
|
|
|
#stream_start{} ->
|
2016-09-23 11:30:33 +02:00
|
|
|
send_header(StateData, {1,0}),
|
2016-07-27 09:45:08 +02:00
|
|
|
send_element(StateData, xmpp:serr_undefined_condition()),
|
2016-09-23 11:30:33 +02:00
|
|
|
{stop, normal, StateData};
|
|
|
|
|
_ ->
|
|
|
|
|
send_header(StateData, {1,0}),
|
|
|
|
|
send_element(StateData, xmpp:serr_invalid_xml()),
|
|
|
|
|
{stop, normal, StateData}
|
2016-07-27 09:45:08 +02:00
|
|
|
catch _:{xmpp_codec, Why} ->
|
|
|
|
|
Txt = xmpp:format_error(Why),
|
2016-09-23 11:30:33 +02:00
|
|
|
send_header(StateData, {1,0}),
|
|
|
|
|
send_element(StateData, xmpp:serr_invalid_xml(Txt, ?MYLANG)),
|
2016-07-27 09:45:08 +02:00
|
|
|
{stop, normal, StateData}
|
2002-12-06 21:59:19 +01:00
|
|
|
end;
|
2003-05-12 20:36:13 +02:00
|
|
|
wait_for_stream({xmlstreamerror, _}, StateData) ->
|
2016-09-23 11:30:33 +02:00
|
|
|
send_header(StateData, {1,0}),
|
2016-07-27 09:45:08 +02:00
|
|
|
send_element(StateData, xmpp:serr_not_well_formed()),
|
2003-05-12 20:36:13 +02:00
|
|
|
{stop, normal, StateData};
|
|
|
|
|
wait_for_stream(timeout, StateData) ->
|
2016-09-23 11:30:33 +02:00
|
|
|
send_header(StateData, {1,0}),
|
2016-07-27 09:45:08 +02:00
|
|
|
send_element(StateData, xmpp:serr_connection_timeout()),
|
2003-05-12 20:36:13 +02:00
|
|
|
{stop, normal, StateData};
|
2002-12-06 21:59:19 +01:00
|
|
|
wait_for_stream(closed, StateData) ->
|
|
|
|
|
{stop, normal, StateData}.
|
|
|
|
|
|
2016-07-27 09:45:08 +02:00
|
|
|
wait_for_feature_request({xmlstreamelement, El}, StateData) ->
|
|
|
|
|
decode_element(El, wait_for_feature_request, StateData);
|
|
|
|
|
wait_for_feature_request(#starttls{},
|
|
|
|
|
#state{tls = true, tls_enabled = false} = StateData) ->
|
|
|
|
|
case (StateData#state.sockmod):get_sockmod(StateData#state.socket) of
|
|
|
|
|
gen_tcp ->
|
|
|
|
|
?DEBUG("starttls", []),
|
|
|
|
|
Socket = StateData#state.socket,
|
|
|
|
|
TLSOpts1 = case
|
|
|
|
|
ejabberd_config:get_option(
|
|
|
|
|
{domain_certfile, StateData#state.server},
|
|
|
|
|
fun iolist_to_binary/1) of
|
|
|
|
|
undefined -> StateData#state.tls_options;
|
|
|
|
|
CertFile ->
|
|
|
|
|
lists:keystore(certfile, 1,
|
|
|
|
|
StateData#state.tls_options,
|
|
|
|
|
{certfile, CertFile})
|
|
|
|
|
end,
|
2016-09-23 11:30:33 +02:00
|
|
|
TLSOpts2 = case ejabberd_config:get_option(
|
|
|
|
|
{s2s_cafile, StateData#state.server},
|
|
|
|
|
fun iolist_to_binary/1) of
|
|
|
|
|
undefined -> TLSOpts1;
|
|
|
|
|
CAFile ->
|
|
|
|
|
lists:keystore(cafile, 1, TLSOpts1,
|
|
|
|
|
{cafile, CAFile})
|
|
|
|
|
end,
|
2016-07-27 09:45:08 +02:00
|
|
|
TLSOpts = case ejabberd_config:get_option(
|
|
|
|
|
{s2s_tls_compression, StateData#state.server},
|
|
|
|
|
fun(true) -> true;
|
|
|
|
|
(false) -> false
|
|
|
|
|
end, false) of
|
2016-09-23 11:30:33 +02:00
|
|
|
true -> lists:delete(compression_none, TLSOpts2);
|
|
|
|
|
false -> [compression_none | TLSOpts2]
|
2016-07-27 09:45:08 +02:00
|
|
|
end,
|
|
|
|
|
TLSSocket = (StateData#state.sockmod):starttls(
|
|
|
|
|
Socket, TLSOpts,
|
2016-08-09 09:56:32 +02:00
|
|
|
fxml:element_to_binary(
|
|
|
|
|
xmpp:encode(#starttls_proceed{}))),
|
2016-07-27 09:45:08 +02:00
|
|
|
{next_state, wait_for_stream,
|
|
|
|
|
StateData#state{socket = TLSSocket, streamid = new_id(),
|
|
|
|
|
tls_enabled = true, tls_options = TLSOpts}};
|
|
|
|
|
_ ->
|
2016-09-23 11:30:33 +02:00
|
|
|
send_element(StateData, #starttls_failure{}),
|
2016-07-27 09:45:08 +02:00
|
|
|
{stop, normal, StateData}
|
|
|
|
|
end;
|
|
|
|
|
wait_for_feature_request(#sasl_auth{mechanism = Mech},
|
|
|
|
|
#state{tls_enabled = true} = StateData) ->
|
|
|
|
|
case Mech of
|
|
|
|
|
<<"EXTERNAL">> when StateData#state.auth_domain /= <<"">> ->
|
|
|
|
|
AuthDomain = StateData#state.auth_domain,
|
|
|
|
|
AllowRemoteHost = ejabberd_s2s:allow_host(<<"">>, AuthDomain),
|
|
|
|
|
if AllowRemoteHost ->
|
|
|
|
|
(StateData#state.sockmod):reset_stream(StateData#state.socket),
|
|
|
|
|
send_element(StateData, #sasl_success{}),
|
|
|
|
|
?INFO_MSG("Accepted s2s EXTERNAL authentication for ~s (TLS=~p)",
|
|
|
|
|
[AuthDomain, StateData#state.tls_enabled]),
|
|
|
|
|
change_shaper(StateData, <<"">>, jid:make(AuthDomain)),
|
|
|
|
|
{next_state, wait_for_stream,
|
|
|
|
|
StateData#state{streamid = new_id(),
|
|
|
|
|
authenticated = true}};
|
|
|
|
|
true ->
|
2016-09-23 11:30:33 +02:00
|
|
|
Txt = xmpp:mk_text(<<"Denied by ACL">>, ?MYLANG),
|
|
|
|
|
send_element(StateData,
|
|
|
|
|
#sasl_failure{reason = 'not-authorized',
|
|
|
|
|
text = Txt}),
|
2016-07-27 09:45:08 +02:00
|
|
|
{stop, normal, StateData}
|
|
|
|
|
end;
|
|
|
|
|
_ ->
|
|
|
|
|
send_element(StateData, #sasl_failure{reason = 'invalid-mechanism'}),
|
|
|
|
|
{stop, normal, StateData}
|
2005-10-25 03:08:37 +02:00
|
|
|
end;
|
2016-07-27 09:45:08 +02:00
|
|
|
wait_for_feature_request({xmlstreamend, _Name}, StateData) ->
|
2005-10-25 03:08:37 +02:00
|
|
|
{stop, normal, StateData};
|
2016-07-27 09:45:08 +02:00
|
|
|
wait_for_feature_request({xmlstreamerror, _}, StateData) ->
|
|
|
|
|
send_element(StateData, xmpp:serr_not_well_formed()),
|
2005-10-25 03:08:37 +02:00
|
|
|
{stop, normal, StateData};
|
|
|
|
|
wait_for_feature_request(closed, StateData) ->
|
2016-07-27 09:45:08 +02:00
|
|
|
{stop, normal, StateData};
|
|
|
|
|
wait_for_feature_request(_Pkt, #state{tls_required = TLSRequired,
|
|
|
|
|
tls_enabled = TLSEnabled} = StateData)
|
|
|
|
|
when TLSRequired and not TLSEnabled ->
|
|
|
|
|
Txt = <<"Use of STARTTLS required">>,
|
|
|
|
|
send_element(StateData, xmpp:serr_policy_violation(Txt, ?MYLANG)),
|
|
|
|
|
{stop, normal, StateData};
|
|
|
|
|
wait_for_feature_request(El, StateData) ->
|
|
|
|
|
stream_established({xmlstreamelement, El}, StateData).
|
2005-10-25 03:08:37 +02:00
|
|
|
|
2003-10-29 21:09:09 +01:00
|
|
|
stream_established({xmlstreamelement, El}, StateData) ->
|
2003-12-06 20:58:49 +01:00
|
|
|
cancel_timer(StateData#state.timer),
|
|
|
|
|
Timer = erlang:start_timer(?S2STIMEOUT, self(), []),
|
2016-07-27 09:45:08 +02:00
|
|
|
decode_element(El, stream_established, StateData#state{timer = Timer});
|
|
|
|
|
stream_established(#db_result{to = To, from = From, key = Key},
|
|
|
|
|
StateData) ->
|
|
|
|
|
?DEBUG("GET KEY: ~p", [{To, From, Key}]),
|
2016-08-09 09:56:32 +02:00
|
|
|
case {ejabberd_s2s:allow_host(To, From),
|
|
|
|
|
lists:member(To, ejabberd_router:dirty_get_all_domains())} of
|
2016-07-27 09:45:08 +02:00
|
|
|
{true, true} ->
|
2016-08-09 09:56:32 +02:00
|
|
|
ejabberd_s2s_out:terminate_if_waiting_delay(To, From),
|
|
|
|
|
ejabberd_s2s_out:start(To, From,
|
2016-07-27 09:45:08 +02:00
|
|
|
{verify, self(), Key,
|
|
|
|
|
StateData#state.streamid}),
|
2016-08-09 09:56:32 +02:00
|
|
|
Conns = (?DICT):store({From, To},
|
2016-07-27 09:45:08 +02:00
|
|
|
wait_for_verification,
|
|
|
|
|
StateData#state.connections),
|
2016-08-09 09:56:32 +02:00
|
|
|
change_shaper(StateData, To, jid:make(From)),
|
2016-07-27 09:45:08 +02:00
|
|
|
{next_state, stream_established,
|
|
|
|
|
StateData#state{connections = Conns}};
|
|
|
|
|
{_, false} ->
|
|
|
|
|
send_element(StateData, xmpp:serr_host_unknown()),
|
|
|
|
|
{stop, normal, StateData};
|
|
|
|
|
{false, _} ->
|
|
|
|
|
send_element(StateData, xmpp:serr_invalid_from()),
|
|
|
|
|
{stop, normal, StateData}
|
2003-12-06 20:58:49 +01:00
|
|
|
end;
|
2016-07-27 09:45:08 +02:00
|
|
|
stream_established(#db_verify{to = To, from = From, id = Id, key = Key},
|
|
|
|
|
StateData) ->
|
|
|
|
|
?DEBUG("VERIFY KEY: ~p", [{To, From, Id, Key}]),
|
2016-08-09 09:56:32 +02:00
|
|
|
Type = case ejabberd_s2s:make_key({To, From}, Id) of
|
2016-07-27 09:45:08 +02:00
|
|
|
Key -> valid;
|
|
|
|
|
_ -> invalid
|
|
|
|
|
end,
|
|
|
|
|
send_element(StateData,
|
|
|
|
|
#db_verify{from = To, to = From, id = Id, type = Type}),
|
|
|
|
|
{next_state, stream_established, StateData};
|
|
|
|
|
stream_established(Pkt, StateData) when ?is_stanza(Pkt) ->
|
|
|
|
|
From = xmpp:get_from(Pkt),
|
|
|
|
|
To = xmpp:get_to(Pkt),
|
|
|
|
|
if To /= undefined, From /= undefined ->
|
|
|
|
|
LFrom = From#jid.lserver,
|
|
|
|
|
LTo = To#jid.lserver,
|
|
|
|
|
if StateData#state.authenticated ->
|
|
|
|
|
case LFrom == StateData#state.auth_domain andalso
|
|
|
|
|
lists:member(LTo, ejabberd_router:dirty_get_all_domains()) of
|
|
|
|
|
true ->
|
|
|
|
|
ejabberd_hooks:run(s2s_receive_packet, LTo,
|
|
|
|
|
[From, To, Pkt]),
|
|
|
|
|
ejabberd_router:route(From, To, Pkt);
|
|
|
|
|
false ->
|
|
|
|
|
send_error(StateData, Pkt, xmpp:err_not_authorized())
|
|
|
|
|
end;
|
|
|
|
|
true ->
|
|
|
|
|
case (?DICT):find({LFrom, LTo}, StateData#state.connections) of
|
|
|
|
|
{ok, established} ->
|
|
|
|
|
ejabberd_hooks:run(s2s_receive_packet, LTo,
|
|
|
|
|
[From, To, Pkt]),
|
|
|
|
|
ejabberd_router:route(From, To, Pkt);
|
|
|
|
|
_ ->
|
|
|
|
|
send_error(StateData, Pkt, xmpp:err_not_authorized())
|
|
|
|
|
end
|
|
|
|
|
end;
|
|
|
|
|
true ->
|
|
|
|
|
send_error(StateData, Pkt, xmpp:err_jid_malformed())
|
|
|
|
|
end,
|
|
|
|
|
ejabberd_hooks:run(s2s_loop_debug, [{xmlstreamelement, Pkt}]),
|
|
|
|
|
{next_state, stream_established, StateData};
|
2003-10-29 21:09:09 +01:00
|
|
|
stream_established({valid, From, To}, StateData) ->
|
2005-10-25 03:08:37 +02:00
|
|
|
send_element(StateData,
|
2016-07-27 09:45:08 +02:00
|
|
|
#db_result{from = To, to = From, type = valid}),
|
2014-08-05 14:10:32 +02:00
|
|
|
?INFO_MSG("Accepted s2s dialback authentication for ~s (TLS=~p)",
|
|
|
|
|
[From, StateData#state.tls_enabled]),
|
2013-03-14 10:33:02 +01:00
|
|
|
NSD = StateData#state{connections =
|
2016-08-09 09:56:32 +02:00
|
|
|
(?DICT):store({From, To}, established,
|
2013-03-14 10:33:02 +01:00
|
|
|
StateData#state.connections)},
|
2003-12-06 20:58:49 +01:00
|
|
|
{next_state, stream_established, NSD};
|
2003-10-29 21:09:09 +01:00
|
|
|
stream_established({invalid, From, To}, StateData) ->
|
2005-10-25 03:08:37 +02:00
|
|
|
send_element(StateData,
|
2016-07-27 09:45:08 +02:00
|
|
|
#db_result{from = To, to = From, type = invalid}),
|
2013-03-14 10:33:02 +01:00
|
|
|
NSD = StateData#state{connections =
|
2016-08-09 09:56:32 +02:00
|
|
|
(?DICT):erase({From, To},
|
2013-03-14 10:33:02 +01:00
|
|
|
StateData#state.connections)},
|
2003-12-06 20:58:49 +01:00
|
|
|
{next_state, stream_established, NSD};
|
2003-10-29 21:09:09 +01:00
|
|
|
stream_established({xmlstreamend, _Name}, StateData) ->
|
2003-05-12 20:36:13 +02:00
|
|
|
{stop, normal, StateData};
|
|
|
|
|
stream_established({xmlstreamerror, _}, StateData) ->
|
2016-07-27 09:45:08 +02:00
|
|
|
send_element(StateData, xmpp:serr_not_well_formed()),
|
2002-12-07 21:27:26 +01:00
|
|
|
{stop, normal, StateData};
|
2003-01-26 21:16:53 +01:00
|
|
|
stream_established(timeout, StateData) ->
|
2016-07-27 09:45:08 +02:00
|
|
|
send_element(StateData, xmpp:serr_connection_timeout()),
|
2003-01-26 21:16:53 +01:00
|
|
|
{stop, normal, StateData};
|
2002-12-07 21:27:26 +01:00
|
|
|
stream_established(closed, StateData) ->
|
2016-07-27 09:45:08 +02:00
|
|
|
{stop, normal, StateData};
|
|
|
|
|
stream_established(Pkt, StateData) ->
|
|
|
|
|
ejabberd_hooks:run(s2s_loop_debug, [{xmlstreamelement, Pkt}]),
|
|
|
|
|
{next_state, stream_established, StateData}.
|
2002-12-06 21:59:19 +01:00
|
|
|
|
|
|
|
|
%%----------------------------------------------------------------------
|
|
|
|
|
%% Func: StateName/3
|
|
|
|
|
%% Returns: {next_state, NextStateName, NextStateData} |
|
|
|
|
|
%% {next_state, NextStateName, NextStateData, Timeout} |
|
|
|
|
|
%% {reply, Reply, NextStateName, NextStateData} |
|
|
|
|
|
%% {reply, Reply, NextStateName, NextStateData, Timeout} |
|
|
|
|
|
%% {stop, Reason, NewStateData} |
|
2007-09-14 16:15:44 +02:00
|
|
|
%% {stop, Reason, Reply, NewStateData}
|
2002-12-06 21:59:19 +01:00
|
|
|
%%----------------------------------------------------------------------
|
2003-01-24 21:18:33 +01:00
|
|
|
%state_name(Event, From, StateData) ->
|
|
|
|
|
% Reply = ok,
|
|
|
|
|
% {reply, Reply, state_name, StateData}.
|
2002-12-06 21:59:19 +01:00
|
|
|
|
2003-10-29 21:09:09 +01:00
|
|
|
handle_event(_Event, StateName, StateData) ->
|
2003-12-06 20:58:49 +01:00
|
|
|
{next_state, StateName, StateData}.
|
2013-03-14 10:33:02 +01:00
|
|
|
|
|
|
|
|
handle_sync_event(get_state_infos, _From, StateName,
|
|
|
|
|
StateData) ->
|
2009-05-19 11:38:17 +02:00
|
|
|
SockMod = StateData#state.sockmod,
|
2013-03-14 10:33:02 +01:00
|
|
|
{Addr, Port} = try
|
|
|
|
|
SockMod:peername(StateData#state.socket)
|
|
|
|
|
of
|
|
|
|
|
{ok, {A, P}} -> {A, P};
|
|
|
|
|
{error, _} -> {unknown, unknown}
|
|
|
|
|
catch
|
|
|
|
|
_:_ -> {unknown, unknown}
|
|
|
|
|
end,
|
|
|
|
|
Domains = get_external_hosts(StateData),
|
|
|
|
|
Infos = [{direction, in}, {statename, StateName},
|
|
|
|
|
{addr, Addr}, {port, Port},
|
2009-05-19 11:38:17 +02:00
|
|
|
{streamid, StateData#state.streamid},
|
|
|
|
|
{tls, StateData#state.tls},
|
|
|
|
|
{tls_enabled, StateData#state.tls_enabled},
|
|
|
|
|
{tls_options, StateData#state.tls_options},
|
|
|
|
|
{authenticated, StateData#state.authenticated},
|
2013-03-14 10:33:02 +01:00
|
|
|
{shaper, StateData#state.shaper}, {sockmod, SockMod},
|
|
|
|
|
{domains, Domains}],
|
2009-05-19 11:38:17 +02:00
|
|
|
Reply = {state_infos, Infos},
|
2013-03-14 10:33:02 +01:00
|
|
|
{reply, Reply, StateName, StateData};
|
2002-12-06 21:59:19 +01:00
|
|
|
%%----------------------------------------------------------------------
|
|
|
|
|
%% Func: handle_sync_event/4
|
|
|
|
|
%% Returns: {next_state, NextStateName, NextStateData} |
|
|
|
|
|
%% {next_state, NextStateName, NextStateData, Timeout} |
|
|
|
|
|
%% {reply, Reply, NextStateName, NextStateData} |
|
|
|
|
|
%% {reply, Reply, NextStateName, NextStateData, Timeout} |
|
|
|
|
|
%% {stop, Reason, NewStateData} |
|
2007-09-14 16:15:44 +02:00
|
|
|
%% {stop, Reason, Reply, NewStateData}
|
2002-12-06 21:59:19 +01:00
|
|
|
%%----------------------------------------------------------------------
|
2013-03-14 10:33:02 +01:00
|
|
|
handle_sync_event(_Event, _From, StateName,
|
|
|
|
|
StateData) ->
|
|
|
|
|
Reply = ok, {reply, Reply, StateName, StateData}.
|
2002-12-06 21:59:19 +01:00
|
|
|
|
2003-10-29 21:09:09 +01:00
|
|
|
code_change(_OldVsn, StateName, StateData, _Extra) ->
|
2003-01-24 21:18:33 +01:00
|
|
|
{ok, StateName, StateData}.
|
|
|
|
|
|
2002-12-06 21:59:19 +01:00
|
|
|
handle_info({send_text, Text}, StateName, StateData) ->
|
2005-10-25 03:08:37 +02:00
|
|
|
send_text(StateData, Text),
|
2002-12-07 21:27:26 +01:00
|
|
|
{next_state, StateName, StateData};
|
2016-07-27 09:45:08 +02:00
|
|
|
handle_info({timeout, Timer, _}, StateName,
|
2003-12-06 20:58:49 +01:00
|
|
|
#state{timer = Timer} = StateData) ->
|
2016-07-27 09:45:08 +02:00
|
|
|
if StateName == wait_for_stream ->
|
2016-09-23 11:30:33 +02:00
|
|
|
send_header(StateData, undefined);
|
2016-07-27 09:45:08 +02:00
|
|
|
true ->
|
|
|
|
|
ok
|
|
|
|
|
end,
|
|
|
|
|
send_element(StateData, xmpp:serr_connection_timeout()),
|
2003-12-06 20:58:49 +01:00
|
|
|
{stop, normal, StateData};
|
2003-10-29 21:09:09 +01:00
|
|
|
handle_info(_, StateName, StateData) ->
|
|
|
|
|
{next_state, StateName, StateData}.
|
2002-12-07 21:27:26 +01:00
|
|
|
|
2003-10-29 21:09:09 +01:00
|
|
|
terminate(Reason, _StateName, StateData) ->
|
2007-09-14 16:16:04 +02:00
|
|
|
?DEBUG("terminated: ~p", [Reason]),
|
2011-12-02 19:30:20 +01:00
|
|
|
case Reason of
|
2013-03-14 10:33:02 +01:00
|
|
|
{process_limit, _} ->
|
|
|
|
|
[ejabberd_s2s:external_host_overloaded(Host)
|
|
|
|
|
|| Host <- get_external_hosts(StateData)];
|
|
|
|
|
_ -> ok
|
2011-12-02 19:30:20 +01:00
|
|
|
end,
|
2016-07-27 09:45:08 +02:00
|
|
|
catch send_trailer(StateData),
|
2006-10-01 03:53:37 +02:00
|
|
|
(StateData#state.sockmod):close(StateData#state.socket),
|
2002-12-06 21:59:19 +01:00
|
|
|
ok.
|
|
|
|
|
|
2011-12-02 19:30:20 +01:00
|
|
|
get_external_hosts(StateData) ->
|
|
|
|
|
case StateData#state.authenticated of
|
2013-03-14 10:33:02 +01:00
|
|
|
true -> [StateData#state.auth_domain];
|
|
|
|
|
false ->
|
|
|
|
|
Connections = StateData#state.connections,
|
|
|
|
|
[D
|
|
|
|
|
|| {{D, _}, established} <- dict:to_list(Connections)]
|
2011-12-02 19:30:20 +01:00
|
|
|
end.
|
|
|
|
|
|
2013-03-14 10:33:02 +01:00
|
|
|
print_state(State) -> State.
|
2011-12-02 19:30:20 +01:00
|
|
|
|
2002-12-06 21:59:19 +01:00
|
|
|
%%%----------------------------------------------------------------------
|
|
|
|
|
%%% Internal functions
|
|
|
|
|
%%%----------------------------------------------------------------------
|
|
|
|
|
|
2016-07-27 09:45:08 +02:00
|
|
|
-spec send_text(state(), iodata()) -> ok.
|
2005-10-25 03:08:37 +02:00
|
|
|
send_text(StateData, Text) ->
|
2013-03-14 10:33:02 +01:00
|
|
|
(StateData#state.sockmod):send(StateData#state.socket,
|
|
|
|
|
Text).
|
2002-12-06 21:59:19 +01:00
|
|
|
|
2016-07-27 09:45:08 +02:00
|
|
|
-spec send_element(state(), xmpp_element()) -> ok.
|
2005-10-25 03:08:37 +02:00
|
|
|
send_element(StateData, El) ->
|
2016-09-24 13:17:21 +02:00
|
|
|
El1 = xmpp:encode(El, ?NS_SERVER),
|
2016-07-27 09:45:08 +02:00
|
|
|
send_text(StateData, fxml:element_to_binary(El1)).
|
|
|
|
|
|
2016-09-08 16:08:48 +02:00
|
|
|
-spec send_error(state(), xmlel() | stanza(), stanza_error()) -> ok.
|
2016-07-27 09:45:08 +02:00
|
|
|
send_error(StateData, Stanza, Error) ->
|
|
|
|
|
Type = xmpp:get_type(Stanza),
|
|
|
|
|
if Type == error; Type == result;
|
|
|
|
|
Type == <<"error">>; Type == <<"result">> ->
|
|
|
|
|
ok;
|
|
|
|
|
true ->
|
|
|
|
|
send_element(StateData, xmpp:make_error(Stanza, Error))
|
|
|
|
|
end.
|
|
|
|
|
|
|
|
|
|
-spec send_trailer(state()) -> ok.
|
|
|
|
|
send_trailer(StateData) ->
|
|
|
|
|
send_text(StateData, <<"</stream:stream>">>).
|
2002-12-06 21:59:19 +01:00
|
|
|
|
2016-09-23 11:30:33 +02:00
|
|
|
-spec send_header(state(), undefined | {integer(), integer()}) -> ok.
|
2016-07-27 09:45:08 +02:00
|
|
|
send_header(StateData, Version) ->
|
2016-09-23 11:30:33 +02:00
|
|
|
Header = xmpp:encode(
|
|
|
|
|
#stream_start{xmlns = ?NS_SERVER,
|
|
|
|
|
stream_xmlns = ?NS_STREAM,
|
|
|
|
|
db_xmlns = ?NS_SERVER_DIALBACK,
|
|
|
|
|
id = StateData#state.streamid,
|
|
|
|
|
version = Version}),
|
|
|
|
|
send_text(StateData, fxml:element_to_header(Header)).
|
2016-07-27 09:45:08 +02:00
|
|
|
|
|
|
|
|
-spec change_shaper(state(), binary(), jid()) -> ok.
|
2005-06-20 05:18:13 +02:00
|
|
|
change_shaper(StateData, Host, JID) ->
|
2013-03-14 10:33:02 +01:00
|
|
|
Shaper = acl:match_rule(Host, StateData#state.shaper,
|
|
|
|
|
JID),
|
|
|
|
|
(StateData#state.sockmod):change_shaper(StateData#state.socket,
|
|
|
|
|
Shaper).
|
2002-12-07 21:27:26 +01:00
|
|
|
|
2016-07-27 09:45:08 +02:00
|
|
|
-spec new_id() -> binary().
|
2013-03-14 10:33:02 +01:00
|
|
|
new_id() -> randoms:get_string().
|
2002-12-06 21:59:19 +01:00
|
|
|
|
2016-07-27 09:45:08 +02:00
|
|
|
-spec cancel_timer(reference()) -> ok.
|
2003-12-06 20:58:49 +01:00
|
|
|
cancel_timer(Timer) ->
|
|
|
|
|
erlang:cancel_timer(Timer),
|
2013-03-14 10:33:02 +01:00
|
|
|
receive {timeout, Timer, _} -> ok after 0 -> ok end.
|
|
|
|
|
|
|
|
|
|
fsm_limit_opts(Opts) ->
|
|
|
|
|
case lists:keysearch(max_fsm_queue, 1, Opts) of
|
|
|
|
|
{value, {_, N}} when is_integer(N) -> [{max_queue, N}];
|
|
|
|
|
_ ->
|
2013-08-12 14:25:05 +02:00
|
|
|
case ejabberd_config:get_option(
|
2013-03-14 10:33:02 +01:00
|
|
|
max_fsm_queue,
|
|
|
|
|
fun(I) when is_integer(I), I > 0 -> I end) of
|
|
|
|
|
undefined -> [];
|
|
|
|
|
N -> [{max_queue, N}]
|
|
|
|
|
end
|
2005-11-17 06:29:33 +01:00
|
|
|
end.
|
2015-06-01 14:38:27 +02:00
|
|
|
|
2016-09-23 11:30:33 +02:00
|
|
|
-spec decode_element(xmlel() | xmpp_element(), state_name(), state()) -> fsm_transition().
|
2016-07-27 09:45:08 +02:00
|
|
|
decode_element(#xmlel{} = El, StateName, StateData) ->
|
2016-09-23 11:30:33 +02:00
|
|
|
Opts = if StateName == stream_established ->
|
|
|
|
|
[ignore_els];
|
|
|
|
|
true ->
|
|
|
|
|
[]
|
|
|
|
|
end,
|
2016-09-24 13:17:21 +02:00
|
|
|
try xmpp:decode(El, ?NS_SERVER, Opts) of
|
2016-07-27 09:45:08 +02:00
|
|
|
Pkt -> ?MODULE:StateName(Pkt, StateData)
|
|
|
|
|
catch error:{xmpp_codec, Why} ->
|
|
|
|
|
case xmpp:is_stanza(El) of
|
|
|
|
|
true ->
|
|
|
|
|
Lang = xmpp:get_lang(El),
|
|
|
|
|
Txt = xmpp:format_error(Why),
|
|
|
|
|
send_error(StateData, El, xmpp:err_bad_request(Txt, Lang));
|
|
|
|
|
false ->
|
|
|
|
|
ok
|
|
|
|
|
end,
|
|
|
|
|
{next_state, StateName, StateData}
|
2016-09-23 11:30:33 +02:00
|
|
|
end;
|
|
|
|
|
decode_element(Pkt, StateName, StateData) ->
|
|
|
|
|
?MODULE:StateName(Pkt, StateData).
|
2016-07-27 09:45:08 +02:00
|
|
|
|
2015-06-01 14:38:27 +02:00
|
|
|
opt_type(domain_certfile) -> fun iolist_to_binary/1;
|
|
|
|
|
opt_type(max_fsm_queue) ->
|
|
|
|
|
fun (I) when is_integer(I), I > 0 -> I end;
|
|
|
|
|
opt_type(s2s_certfile) -> fun iolist_to_binary/1;
|
2016-09-23 11:30:33 +02:00
|
|
|
opt_type(s2s_cafile) -> fun iolist_to_binary/1;
|
2015-06-01 14:38:27 +02:00
|
|
|
opt_type(s2s_ciphers) -> fun iolist_to_binary/1;
|
2015-06-16 15:18:34 +02:00
|
|
|
opt_type(s2s_dhfile) -> fun iolist_to_binary/1;
|
2015-06-01 14:38:27 +02:00
|
|
|
opt_type(s2s_protocol_options) ->
|
|
|
|
|
fun (Options) ->
|
|
|
|
|
[_ | O] = lists:foldl(fun (X, Acc) -> X ++ Acc end, [],
|
|
|
|
|
[["|" | binary_to_list(Opt)]
|
|
|
|
|
|| Opt <- Options, is_binary(Opt)]),
|
|
|
|
|
iolist_to_binary(O)
|
|
|
|
|
end;
|
|
|
|
|
opt_type(s2s_tls_compression) ->
|
|
|
|
|
fun (true) -> true;
|
|
|
|
|
(false) -> false
|
|
|
|
|
end;
|
|
|
|
|
opt_type(s2s_use_starttls) ->
|
|
|
|
|
fun (false) -> false;
|
|
|
|
|
(true) -> true;
|
|
|
|
|
(optional) -> optional;
|
|
|
|
|
(required) -> required;
|
|
|
|
|
(required_trusted) -> required_trusted
|
|
|
|
|
end;
|
|
|
|
|
opt_type(_) ->
|
2016-09-23 11:30:33 +02:00
|
|
|
[domain_certfile, max_fsm_queue, s2s_certfile, s2s_cafile,
|
2015-06-20 00:14:54 +02:00
|
|
|
s2s_ciphers, s2s_dhfile, s2s_protocol_options,
|
|
|
|
|
s2s_tls_compression, s2s_use_starttls].
|
