2006-04-07 02:51:53 +02:00
|
|
|
%%%----------------------------------------------------------------------
|
|
|
|
%%% File : ejabberd_auth_anonymous.erl
|
|
|
|
%%% Author : Mickael Remond <mickael.remond@process-one.net>
|
|
|
|
%%% Purpose : Anonymous feature support in ejabberd
|
|
|
|
%%% Created : 17 Feb 2006 by Mickael Remond <mremond@process-one.net>
|
|
|
|
%%%
|
|
|
|
%%%
|
2012-02-23 16:52:34 +01:00
|
|
|
%%% ejabberd, Copyright (C) 2002-2012 ProcessOne
|
2007-12-24 12:41:41 +01:00
|
|
|
%%%
|
|
|
|
%%% This program is free software; you can redistribute it and/or
|
|
|
|
%%% modify it under the terms of the GNU General Public License as
|
|
|
|
%%% published by the Free Software Foundation; either version 2 of the
|
|
|
|
%%% License, or (at your option) any later version.
|
|
|
|
%%%
|
|
|
|
%%% This program is distributed in the hope that it will be useful,
|
|
|
|
%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
%%% General Public License for more details.
|
2009-01-12 15:44:42 +01:00
|
|
|
%%%
|
2007-12-24 12:41:41 +01:00
|
|
|
%%% You should have received a copy of the GNU General Public License
|
|
|
|
%%% along with this program; if not, write to the Free Software
|
|
|
|
%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
|
|
%%% 02111-1307 USA
|
|
|
|
%%%
|
2006-04-07 02:51:53 +02:00
|
|
|
%%%----------------------------------------------------------------------
|
|
|
|
|
|
|
|
-module(ejabberd_auth_anonymous).
|
2012-09-11 15:45:59 +02:00
|
|
|
|
2006-04-07 02:51:53 +02:00
|
|
|
-author('mickael.remond@process-one.net').
|
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
-behaviour(ejabberd_auth).
|
|
|
|
|
|
|
|
-export([start/1, allow_anonymous/1,
|
2006-04-07 02:51:53 +02:00
|
|
|
is_sasl_anonymous_enabled/1,
|
2012-09-11 15:45:59 +02:00
|
|
|
is_login_anonymous_enabled/1, anonymous_user_exist/2,
|
|
|
|
allow_multiple_connections/1, register_connection/3,
|
2010-09-20 19:17:52 +02:00
|
|
|
unregister_migrated_connection/3,
|
2012-09-11 15:45:59 +02:00
|
|
|
unregister_connection/3]).
|
2006-04-07 02:51:53 +02:00
|
|
|
|
|
|
|
%% Function used by ejabberd_auth:
|
2012-09-11 15:45:59 +02:00
|
|
|
-export([login/2, set_password/3, check_password/3,
|
|
|
|
check_password/5, try_register/3,
|
|
|
|
dirty_get_registered_users/0, get_vh_registered_users/1,
|
|
|
|
get_vh_registered_users/2, get_vh_registered_users_number/1,
|
|
|
|
get_vh_registered_users_number/2, get_password_s/2,
|
|
|
|
get_password/2, get_password/3, is_user_exists/2,
|
|
|
|
remove_user/2, remove_user/3, store_type/0,
|
2006-04-07 02:51:53 +02:00
|
|
|
plain_password_required/0]).
|
|
|
|
|
|
|
|
-include("ejabberd.hrl").
|
2012-09-11 15:45:59 +02:00
|
|
|
|
2006-04-07 02:51:53 +02:00
|
|
|
-include("jlib.hrl").
|
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
-record(anonymous, {us = {<<"">>, <<"">>} :: {binary(), binary()},
|
|
|
|
sid = {now(), self()} :: ejabberd_sm:sid()}).
|
|
|
|
|
2006-04-07 02:51:53 +02:00
|
|
|
start(Host) ->
|
2010-07-13 12:04:30 +02:00
|
|
|
update_tables(),
|
2012-09-11 15:45:59 +02:00
|
|
|
mnesia:create_table(anonymous,
|
|
|
|
[{ram_copies, [node()]}, {type, bag},
|
|
|
|
{local_content, true},
|
|
|
|
{attributes, record_info(fields, anonymous)}]),
|
2010-07-13 12:04:30 +02:00
|
|
|
mnesia:add_table_copy(anonymous, node(), ram_copies),
|
2006-04-07 02:51:53 +02:00
|
|
|
ejabberd_hooks:add(sm_register_connection_hook, Host,
|
|
|
|
?MODULE, register_connection, 100),
|
2012-09-11 15:45:59 +02:00
|
|
|
ejabberd_hooks:add(sm_remove_migrated_connection_hook,
|
|
|
|
Host, ?MODULE, unregister_migrated_connection, 100),
|
2006-04-07 02:51:53 +02:00
|
|
|
ejabberd_hooks:add(sm_remove_connection_hook, Host,
|
|
|
|
?MODULE, unregister_connection, 100),
|
|
|
|
ok.
|
|
|
|
|
|
|
|
allow_anonymous(Host) ->
|
2006-04-20 17:42:51 +02:00
|
|
|
lists:member(?MODULE, ejabberd_auth:auth_modules(Host)).
|
2006-04-07 02:51:53 +02:00
|
|
|
|
|
|
|
is_sasl_anonymous_enabled(Host) ->
|
|
|
|
case allow_anonymous(Host) of
|
2012-09-11 15:45:59 +02:00
|
|
|
false -> false;
|
|
|
|
true ->
|
|
|
|
case anonymous_protocol(Host) of
|
|
|
|
sasl_anon -> true;
|
|
|
|
both -> true;
|
|
|
|
_Other -> false
|
|
|
|
end
|
2006-04-07 02:51:53 +02:00
|
|
|
end.
|
|
|
|
|
|
|
|
is_login_anonymous_enabled(Host) ->
|
|
|
|
case allow_anonymous(Host) of
|
2012-09-11 15:45:59 +02:00
|
|
|
false -> false;
|
|
|
|
true ->
|
|
|
|
case anonymous_protocol(Host) of
|
|
|
|
login_anon -> true;
|
|
|
|
both -> true;
|
|
|
|
_Other -> false
|
|
|
|
end
|
2006-04-07 02:51:53 +02:00
|
|
|
end.
|
|
|
|
|
|
|
|
anonymous_protocol(Host) ->
|
2012-09-11 15:45:59 +02:00
|
|
|
ejabberd_config:get_local_option(
|
|
|
|
{anonymous_protocol, Host},
|
|
|
|
fun(sasl_anon) -> sasl_anon;
|
|
|
|
(login_anon) -> login_anon;
|
|
|
|
(both) -> both
|
|
|
|
end,
|
|
|
|
sasl_anon).
|
2006-04-07 02:51:53 +02:00
|
|
|
|
|
|
|
allow_multiple_connections(Host) ->
|
2010-01-09 16:15:46 +01:00
|
|
|
ejabberd_config:get_local_option(
|
2012-09-11 15:45:59 +02:00
|
|
|
{allow_multiple_connections, Host},
|
|
|
|
fun(V) when is_boolean(V) -> V end,
|
|
|
|
false).
|
2006-04-07 02:51:53 +02:00
|
|
|
|
|
|
|
anonymous_user_exist(User, Server) ->
|
2011-11-23 15:07:02 +01:00
|
|
|
LUser = jlib:nodeprep(User),
|
|
|
|
LServer = jlib:nameprep(Server),
|
|
|
|
US = {LUser, LServer},
|
|
|
|
Ss = case ejabberd_cluster:get_node(US) of
|
2012-09-11 15:45:59 +02:00
|
|
|
Node when Node == node() ->
|
|
|
|
catch mnesia:dirty_read({anonymous, US});
|
|
|
|
Node ->
|
|
|
|
catch rpc:call(Node, mnesia, dirty_read,
|
|
|
|
[{anonymous, US}], 5000)
|
|
|
|
end,
|
2011-11-23 15:07:02 +01:00
|
|
|
case Ss of
|
2012-09-11 15:45:59 +02:00
|
|
|
[_H | _T] -> true;
|
|
|
|
_ -> false
|
2011-11-23 15:07:02 +01:00
|
|
|
end.
|
2006-04-07 02:51:53 +02:00
|
|
|
|
|
|
|
remove_connection(SID, LUser, LServer) ->
|
2011-11-23 15:07:02 +01:00
|
|
|
US = {LUser, LServer},
|
2012-09-11 15:45:59 +02:00
|
|
|
F = fun () -> mnesia:delete_object({anonymous, US, SID})
|
|
|
|
end,
|
2011-11-23 15:07:02 +01:00
|
|
|
mnesia:async_dirty(F).
|
2006-04-07 02:51:53 +02:00
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
register_connection(SID,
|
|
|
|
#jid{luser = LUser, lserver = LServer}, Info) ->
|
|
|
|
AuthModule = list_to_atom(binary_to_list(xml:get_attr_s(<<"auth_module">>, Info))),
|
|
|
|
case AuthModule == (?MODULE) of
|
|
|
|
true ->
|
|
|
|
ejabberd_hooks:run(register_user, LServer,
|
|
|
|
[LUser, LServer]),
|
|
|
|
US = {LUser, LServer},
|
|
|
|
mnesia:async_dirty(fun () ->
|
|
|
|
mnesia:write(#anonymous{us = US,
|
|
|
|
sid = SID})
|
|
|
|
end);
|
|
|
|
false -> ok
|
2008-04-22 19:41:30 +02:00
|
|
|
end.
|
2006-04-07 02:51:53 +02:00
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
unregister_connection(SID,
|
|
|
|
#jid{luser = LUser, lserver = LServer}, _) ->
|
|
|
|
purge_hook(anonymous_user_exist(LUser, LServer), LUser,
|
|
|
|
LServer),
|
2006-04-07 02:51:53 +02:00
|
|
|
remove_connection(SID, LUser, LServer).
|
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
unregister_migrated_connection(SID,
|
|
|
|
#jid{luser = LUser, lserver = LServer}, _) ->
|
2010-09-20 19:17:52 +02:00
|
|
|
remove_connection(SID, LUser, LServer).
|
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
purge_hook(false, _LUser, _LServer) -> ok;
|
2007-06-28 19:39:53 +02:00
|
|
|
purge_hook(true, LUser, LServer) ->
|
2012-09-11 15:45:59 +02:00
|
|
|
ejabberd_hooks:run(anonymous_purge_hook, LServer,
|
|
|
|
[LUser, LServer]).
|
2007-06-28 19:39:53 +02:00
|
|
|
|
2006-04-07 02:51:53 +02:00
|
|
|
%% ---------------------------------
|
|
|
|
%% Specific anonymous auth functions
|
|
|
|
%% ---------------------------------
|
|
|
|
|
|
|
|
check_password(User, Server, Password) ->
|
2012-09-11 15:45:59 +02:00
|
|
|
check_password(User, Server, Password, undefined,
|
|
|
|
undefined).
|
|
|
|
|
|
|
|
check_password(User, Server, _Password, _Digest,
|
|
|
|
_DigestGen) ->
|
|
|
|
case
|
|
|
|
ejabberd_auth:is_user_exists_in_other_modules(?MODULE,
|
|
|
|
User, Server)
|
|
|
|
of
|
|
|
|
%% If user exists in other module, reject anonnymous authentication
|
|
|
|
true -> false;
|
|
|
|
%% If we are not sure whether the user exists in other module, reject anon auth
|
|
|
|
maybe -> false;
|
|
|
|
false -> login(User, Server)
|
2006-04-07 02:51:53 +02:00
|
|
|
end.
|
|
|
|
|
|
|
|
login(User, Server) ->
|
|
|
|
case is_login_anonymous_enabled(Server) of
|
2012-09-11 15:45:59 +02:00
|
|
|
false -> false;
|
|
|
|
true ->
|
|
|
|
case anonymous_user_exist(User, Server) of
|
|
|
|
%% Reject the login if an anonymous user with the same login
|
|
|
|
%% is already logged and if multiple login has not been enable
|
|
|
|
%% in the config file.
|
|
|
|
true -> allow_multiple_connections(Server);
|
|
|
|
%% Accept login and add user to the anonymous table
|
|
|
|
false -> true
|
|
|
|
end
|
2006-04-07 02:51:53 +02:00
|
|
|
end.
|
|
|
|
|
|
|
|
set_password(User, Server, _Password) ->
|
|
|
|
case anonymous_user_exist(User, Server) of
|
2012-09-11 15:45:59 +02:00
|
|
|
true -> ok;
|
|
|
|
false -> {error, not_allowed}
|
2006-04-07 02:51:53 +02:00
|
|
|
end.
|
|
|
|
|
|
|
|
try_register(_User, _Server, _Password) ->
|
|
|
|
{error, not_allowed}.
|
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
dirty_get_registered_users() -> [].
|
2006-04-07 02:51:53 +02:00
|
|
|
|
2010-06-10 12:01:15 +02:00
|
|
|
get_vh_registered_users(Server) ->
|
2012-09-11 15:45:59 +02:00
|
|
|
[{U, S}
|
|
|
|
|| {U, S, _R}
|
|
|
|
<- ejabberd_sm:get_vh_session_list(Server)].
|
|
|
|
|
|
|
|
get_vh_registered_users(Server, _) ->
|
|
|
|
get_vh_registered_users(Server).
|
|
|
|
|
|
|
|
get_vh_registered_users_number(Server) ->
|
|
|
|
length(get_vh_registered_users(Server)).
|
2006-04-07 02:51:53 +02:00
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
get_vh_registered_users_number(Server, _) ->
|
|
|
|
get_vh_registered_users_number(Server).
|
2006-04-07 02:51:53 +02:00
|
|
|
|
|
|
|
get_password(User, Server) ->
|
2012-09-11 15:45:59 +02:00
|
|
|
get_password(User, Server, <<"">>).
|
2006-04-07 02:51:53 +02:00
|
|
|
|
|
|
|
get_password(User, Server, DefaultValue) ->
|
2012-09-11 15:45:59 +02:00
|
|
|
case anonymous_user_exist(User, Server) or
|
|
|
|
login(User, Server)
|
|
|
|
of
|
|
|
|
%% We return the default value if the user is anonymous
|
|
|
|
true -> DefaultValue;
|
|
|
|
%% We return the permanent user password otherwise
|
|
|
|
false -> false
|
|
|
|
end.
|
|
|
|
|
|
|
|
get_password_s(User, Server) ->
|
|
|
|
case get_password(User, Server) of
|
|
|
|
false ->
|
|
|
|
<<"">>;
|
|
|
|
Password ->
|
|
|
|
Password
|
2006-04-07 02:51:53 +02:00
|
|
|
end.
|
|
|
|
|
|
|
|
is_user_exists(User, Server) ->
|
|
|
|
anonymous_user_exist(User, Server).
|
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
remove_user(_User, _Server) -> {error, not_allowed}.
|
2006-04-07 02:51:53 +02:00
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
remove_user(_User, _Server, _Password) -> not_allowed.
|
2006-04-07 02:51:53 +02:00
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
plain_password_required() -> false.
|
2010-07-13 12:04:30 +02:00
|
|
|
|
|
|
|
update_tables() ->
|
2012-09-11 15:45:59 +02:00
|
|
|
case catch mnesia:table_info(anonymous, local_content)
|
|
|
|
of
|
|
|
|
false -> mnesia:delete_table(anonymous);
|
|
|
|
_ -> ok
|
2010-07-13 12:04:30 +02:00
|
|
|
end.
|
2011-08-24 18:29:25 +02:00
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
store_type() -> plain.
|