2002-12-08 18:23:21 +01:00
|
|
|
%%%----------------------------------------------------------------------
|
|
|
|
|
%%% File : mod_register.erl
|
2007-12-24 13:58:05 +01:00
|
|
|
%%% Author : Alexey Shchepin <alexey@process-one.net>
|
2005-06-20 05:18:13 +02:00
|
|
|
%%% Purpose : Inband registration support
|
2007-12-24 13:58:05 +01:00
|
|
|
%%% Created : 8 Dec 2002 by Alexey Shchepin <alexey@process-one.net>
|
|
|
|
|
%%%
|
|
|
|
|
%%%
|
2013-03-27 10:36:48 +01:00
|
|
|
%%% ejabberd, Copyright (C) 2002-2013 ProcessOne
|
2007-12-24 13:58:05 +01:00
|
|
|
%%%
|
|
|
|
|
%%% This program is free software; you can redistribute it and/or
|
|
|
|
|
%%% modify it under the terms of the GNU General Public License as
|
|
|
|
|
%%% published by the Free Software Foundation; either version 2 of the
|
|
|
|
|
%%% License, or (at your option) any later version.
|
|
|
|
|
%%%
|
|
|
|
|
%%% This program is distributed in the hope that it will be useful,
|
|
|
|
|
%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
%%% General Public License for more details.
|
2009-01-12 15:44:42 +01:00
|
|
|
%%%
|
2007-12-24 13:58:05 +01:00
|
|
|
%%% You should have received a copy of the GNU General Public License
|
|
|
|
|
%%% along with this program; if not, write to the Free Software
|
|
|
|
|
%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
|
|
|
%%% 02111-1307 USA
|
|
|
|
|
%%%
|
2002-12-08 18:23:21 +01:00
|
|
|
%%%----------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
-module(mod_register).
|
2012-09-11 15:45:59 +02:00
|
|
|
|
2007-12-24 13:58:05 +01:00
|
|
|
-author('alexey@process-one.net').
|
2002-12-08 18:23:21 +01:00
|
|
|
|
2003-01-24 21:18:33 +01:00
|
|
|
-behaviour(gen_mod).
|
|
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
-export([start/2, stop/1, stream_feature_register/2,
|
|
|
|
|
unauthenticated_iq_register/4, try_register/5,
|
|
|
|
|
process_iq/3, send_registration_notifications/3]).
|
2002-12-08 18:23:21 +01:00
|
|
|
|
|
|
|
|
-include("ejabberd.hrl").
|
2012-09-11 15:45:59 +02:00
|
|
|
|
2003-03-09 21:46:47 +01:00
|
|
|
-include("jlib.hrl").
|
2002-12-08 18:23:21 +01:00
|
|
|
|
2005-06-20 05:18:13 +02:00
|
|
|
start(Host, Opts) ->
|
2012-09-11 15:45:59 +02:00
|
|
|
IQDisc = gen_mod:get_opt(iqdisc, Opts, fun gen_iq_handler:check_type/1,
|
|
|
|
|
one_queue),
|
|
|
|
|
gen_iq_handler:add_iq_handler(ejabberd_local, Host,
|
|
|
|
|
?NS_REGISTER, ?MODULE, process_iq, IQDisc),
|
|
|
|
|
gen_iq_handler:add_iq_handler(ejabberd_sm, Host,
|
|
|
|
|
?NS_REGISTER, ?MODULE, process_iq, IQDisc),
|
|
|
|
|
ejabberd_hooks:add(c2s_stream_features, Host, ?MODULE,
|
|
|
|
|
stream_feature_register, 50),
|
2005-07-15 00:28:21 +02:00
|
|
|
ejabberd_hooks:add(c2s_unauthenticated_iq, Host,
|
2012-09-11 15:45:59 +02:00
|
|
|
?MODULE, unauthenticated_iq_register, 50),
|
2008-04-22 23:51:32 +02:00
|
|
|
mnesia:create_table(mod_register_ip,
|
2012-09-11 15:45:59 +02:00
|
|
|
[{ram_copies, [node()]}, {local_content, true},
|
2008-04-22 23:51:32 +02:00
|
|
|
{attributes, [key, value]}]),
|
2012-09-11 15:45:59 +02:00
|
|
|
mnesia:add_table_copy(mod_register_ip, node(),
|
|
|
|
|
ram_copies),
|
2002-12-11 21:57:45 +01:00
|
|
|
ok.
|
|
|
|
|
|
2005-06-20 05:18:13 +02:00
|
|
|
stop(Host) ->
|
2005-07-15 00:28:21 +02:00
|
|
|
ejabberd_hooks:delete(c2s_stream_features, Host,
|
2012-09-11 15:45:59 +02:00
|
|
|
?MODULE, stream_feature_register, 50),
|
2005-07-15 00:28:21 +02:00
|
|
|
ejabberd_hooks:delete(c2s_unauthenticated_iq, Host,
|
|
|
|
|
?MODULE, unauthenticated_iq_register, 50),
|
2012-09-11 15:45:59 +02:00
|
|
|
gen_iq_handler:remove_iq_handler(ejabberd_local, Host,
|
|
|
|
|
?NS_REGISTER),
|
|
|
|
|
gen_iq_handler:remove_iq_handler(ejabberd_sm, Host,
|
|
|
|
|
?NS_REGISTER).
|
2005-07-15 00:28:21 +02:00
|
|
|
|
2010-05-07 18:32:57 +02:00
|
|
|
stream_feature_register(Acc, _Host) ->
|
2012-09-11 15:45:59 +02:00
|
|
|
[#xmlel{name = <<"register">>,
|
|
|
|
|
attrs = [{<<"xmlns">>, ?NS_FEATURE_IQREGISTER}],
|
|
|
|
|
children = []}
|
|
|
|
|
| Acc].
|
2005-07-15 00:28:21 +02:00
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
unauthenticated_iq_register(_Acc, Server,
|
|
|
|
|
#iq{xmlns = ?NS_REGISTER} = IQ, IP) ->
|
2008-04-22 23:51:32 +02:00
|
|
|
Address = case IP of
|
2012-09-11 15:45:59 +02:00
|
|
|
{A, _Port} -> A;
|
|
|
|
|
_ -> undefined
|
2008-04-22 23:51:32 +02:00
|
|
|
end,
|
2012-09-11 15:45:59 +02:00
|
|
|
ResIQ = process_iq(jlib:make_jid(<<"">>, <<"">>,
|
|
|
|
|
<<"">>),
|
|
|
|
|
jlib:make_jid(<<"">>, Server, <<"">>), IQ, Address),
|
|
|
|
|
Res1 = jlib:replace_from_to(jlib:make_jid(<<"">>,
|
|
|
|
|
Server, <<"">>),
|
|
|
|
|
jlib:make_jid(<<"">>, <<"">>, <<"">>),
|
|
|
|
|
jlib:iq_to_xml(ResIQ)),
|
|
|
|
|
jlib:remove_attr(<<"to">>, Res1);
|
2008-04-22 23:51:32 +02:00
|
|
|
unauthenticated_iq_register(Acc, _Server, _IQ, _IP) ->
|
2005-07-15 00:28:21 +02:00
|
|
|
Acc.
|
|
|
|
|
|
2008-04-22 23:51:32 +02:00
|
|
|
process_iq(From, To, IQ) ->
|
2010-11-05 19:00:16 +01:00
|
|
|
process_iq(From, To, IQ, jlib:jid_tolower(From)).
|
2008-04-22 23:51:32 +02:00
|
|
|
|
2005-06-20 05:18:13 +02:00
|
|
|
process_iq(From, To,
|
2012-09-11 15:45:59 +02:00
|
|
|
#iq{type = Type, lang = Lang, sub_el = SubEl, id = ID} =
|
|
|
|
|
IQ,
|
2008-04-22 23:51:32 +02:00
|
|
|
Source) ->
|
2012-09-11 15:45:59 +02:00
|
|
|
IsCaptchaEnabled = case
|
|
|
|
|
gen_mod:get_module_opt(To#jid.lserver, ?MODULE,
|
|
|
|
|
captcha_protected,
|
|
|
|
|
fun(B) when is_boolean(B) -> B end,
|
|
|
|
|
false)
|
|
|
|
|
of
|
|
|
|
|
true -> true;
|
|
|
|
|
_ -> false
|
2010-10-24 07:30:16 +02:00
|
|
|
end,
|
2002-12-08 18:23:21 +01:00
|
|
|
case Type of
|
2012-09-11 15:45:59 +02:00
|
|
|
set ->
|
|
|
|
|
UTag = xml:get_subtag(SubEl, <<"username">>),
|
|
|
|
|
PTag = xml:get_subtag(SubEl, <<"password">>),
|
|
|
|
|
RTag = xml:get_subtag(SubEl, <<"remove">>),
|
|
|
|
|
Server = To#jid.lserver,
|
|
|
|
|
Access = gen_mod:get_module_opt(Server, ?MODULE, access,
|
|
|
|
|
fun(A) when is_atom(A) -> A end,
|
|
|
|
|
all),
|
|
|
|
|
AllowRemove = allow ==
|
|
|
|
|
acl:match_rule(Server, Access, From),
|
|
|
|
|
if (UTag /= false) and (RTag /= false) and
|
|
|
|
|
AllowRemove ->
|
|
|
|
|
User = xml:get_tag_cdata(UTag),
|
|
|
|
|
case From of
|
|
|
|
|
#jid{user = User, lserver = Server} ->
|
|
|
|
|
ejabberd_auth:remove_user(User, Server),
|
|
|
|
|
IQ#iq{type = result, sub_el = [SubEl]};
|
|
|
|
|
_ ->
|
|
|
|
|
if PTag /= false ->
|
|
|
|
|
Password = xml:get_tag_cdata(PTag),
|
|
|
|
|
case ejabberd_auth:remove_user(User, Server,
|
|
|
|
|
Password)
|
|
|
|
|
of
|
|
|
|
|
ok -> IQ#iq{type = result, sub_el = [SubEl]};
|
|
|
|
|
%% TODO FIXME: This piece of
|
|
|
|
|
%% code does not work since
|
|
|
|
|
%% the code have been changed
|
|
|
|
|
%% to allow several auth
|
|
|
|
|
%% modules. lists:foreach can
|
|
|
|
|
%% only return ok:
|
|
|
|
|
not_allowed ->
|
2003-12-17 21:13:21 +01:00
|
|
|
IQ#iq{type = error,
|
2012-09-11 15:45:59 +02:00
|
|
|
sub_el = [SubEl, ?ERR_NOT_ALLOWED]};
|
|
|
|
|
not_exists ->
|
|
|
|
|
IQ#iq{type = error,
|
|
|
|
|
sub_el =
|
|
|
|
|
[SubEl, ?ERR_ITEM_NOT_FOUND]};
|
2010-10-24 07:30:16 +02:00
|
|
|
_ ->
|
2003-12-17 21:13:21 +01:00
|
|
|
IQ#iq{type = error,
|
2012-09-11 15:45:59 +02:00
|
|
|
sub_el =
|
|
|
|
|
[SubEl,
|
|
|
|
|
?ERR_INTERNAL_SERVER_ERROR]}
|
|
|
|
|
end;
|
|
|
|
|
true ->
|
|
|
|
|
IQ#iq{type = error,
|
|
|
|
|
sub_el = [SubEl, ?ERR_BAD_REQUEST]}
|
|
|
|
|
end
|
|
|
|
|
end;
|
|
|
|
|
(UTag == false) and (RTag /= false) and AllowRemove ->
|
|
|
|
|
case From of
|
|
|
|
|
#jid{user = User, lserver = Server,
|
|
|
|
|
resource = Resource} ->
|
|
|
|
|
ResIQ = #iq{type = result, xmlns = ?NS_REGISTER,
|
|
|
|
|
id = ID, sub_el = [SubEl]},
|
|
|
|
|
ejabberd_router:route(jlib:make_jid(User, Server,
|
|
|
|
|
Resource),
|
|
|
|
|
jlib:make_jid(User, Server,
|
|
|
|
|
Resource),
|
|
|
|
|
jlib:iq_to_xml(ResIQ)),
|
|
|
|
|
ejabberd_auth:remove_user(User, Server),
|
|
|
|
|
ignore;
|
|
|
|
|
_ ->
|
|
|
|
|
IQ#iq{type = error, sub_el = [SubEl, ?ERR_NOT_ALLOWED]}
|
|
|
|
|
end;
|
|
|
|
|
(UTag /= false) and (PTag /= false) ->
|
|
|
|
|
User = xml:get_tag_cdata(UTag),
|
|
|
|
|
Password = xml:get_tag_cdata(PTag),
|
|
|
|
|
try_register_or_set_password(User, Server, Password,
|
|
|
|
|
From, IQ, SubEl, Source, Lang,
|
|
|
|
|
not IsCaptchaEnabled);
|
|
|
|
|
IsCaptchaEnabled ->
|
|
|
|
|
case ejabberd_captcha:process_reply(SubEl) of
|
|
|
|
|
ok ->
|
|
|
|
|
case process_xdata_submit(SubEl) of
|
|
|
|
|
{ok, User, Password} ->
|
|
|
|
|
try_register_or_set_password(User, Server,
|
|
|
|
|
Password, From, IQ,
|
|
|
|
|
SubEl, Source, Lang,
|
|
|
|
|
true);
|
|
|
|
|
_ ->
|
|
|
|
|
IQ#iq{type = error,
|
|
|
|
|
sub_el = [SubEl, ?ERR_BAD_REQUEST]}
|
|
|
|
|
end;
|
|
|
|
|
{error, malformed} ->
|
|
|
|
|
IQ#iq{type = error, sub_el = [SubEl, ?ERR_BAD_REQUEST]};
|
|
|
|
|
_ ->
|
|
|
|
|
ErrText = <<"The CAPTCHA verification has failed">>,
|
|
|
|
|
IQ#iq{type = error,
|
|
|
|
|
sub_el = [SubEl, ?ERRT_NOT_ALLOWED(Lang, ErrText)]}
|
|
|
|
|
end;
|
|
|
|
|
true ->
|
|
|
|
|
IQ#iq{type = error, sub_el = [SubEl, ?ERR_BAD_REQUEST]}
|
|
|
|
|
end;
|
|
|
|
|
get ->
|
|
|
|
|
{IsRegistered, UsernameSubels, QuerySubels} = case From
|
|
|
|
|
of
|
|
|
|
|
#jid{user = User,
|
|
|
|
|
lserver =
|
|
|
|
|
Server} ->
|
|
|
|
|
case
|
|
|
|
|
ejabberd_auth:is_user_exists(User,
|
|
|
|
|
Server)
|
|
|
|
|
of
|
|
|
|
|
true ->
|
|
|
|
|
{true,
|
|
|
|
|
[{xmlcdata,
|
|
|
|
|
User}],
|
|
|
|
|
[#xmlel{name
|
|
|
|
|
=
|
|
|
|
|
<<"registered">>,
|
|
|
|
|
attrs
|
|
|
|
|
=
|
|
|
|
|
[],
|
|
|
|
|
children
|
|
|
|
|
=
|
|
|
|
|
[]}]};
|
|
|
|
|
false ->
|
|
|
|
|
{false,
|
|
|
|
|
[{xmlcdata,
|
|
|
|
|
User}],
|
|
|
|
|
[]}
|
|
|
|
|
end;
|
|
|
|
|
_ -> {false, [], []}
|
|
|
|
|
end,
|
|
|
|
|
if IsCaptchaEnabled and not IsRegistered ->
|
|
|
|
|
TopInstrEl = #xmlel{name = <<"instructions">>,
|
|
|
|
|
attrs = [],
|
|
|
|
|
children =
|
|
|
|
|
[{xmlcdata,
|
|
|
|
|
translate:translate(Lang,
|
|
|
|
|
<<"You need a client that supports x:data "
|
|
|
|
|
"and CAPTCHA to register">>)}]},
|
|
|
|
|
InstrEl = #xmlel{name = <<"instructions">>, attrs = [],
|
|
|
|
|
children =
|
|
|
|
|
[{xmlcdata,
|
|
|
|
|
translate:translate(Lang,
|
|
|
|
|
<<"Choose a username and password to register "
|
|
|
|
|
"with this server">>)}]},
|
|
|
|
|
UField = #xmlel{name = <<"field">>,
|
|
|
|
|
attrs =
|
|
|
|
|
[{<<"type">>, <<"text-single">>},
|
|
|
|
|
{<<"label">>,
|
|
|
|
|
translate:translate(Lang, <<"User">>)},
|
|
|
|
|
{<<"var">>, <<"username">>}],
|
|
|
|
|
children =
|
|
|
|
|
[#xmlel{name = <<"required">>, attrs = [],
|
|
|
|
|
children = []}]},
|
|
|
|
|
PField = #xmlel{name = <<"field">>,
|
|
|
|
|
attrs =
|
|
|
|
|
[{<<"type">>, <<"text-private">>},
|
|
|
|
|
{<<"label">>,
|
|
|
|
|
translate:translate(Lang,
|
|
|
|
|
<<"Password">>)},
|
|
|
|
|
{<<"var">>, <<"password">>}],
|
|
|
|
|
children =
|
|
|
|
|
[#xmlel{name = <<"required">>, attrs = [],
|
|
|
|
|
children = []}]},
|
|
|
|
|
case ejabberd_captcha:create_captcha_x(ID, To, Lang,
|
|
|
|
|
Source,
|
|
|
|
|
[InstrEl, UField,
|
|
|
|
|
PField])
|
|
|
|
|
of
|
|
|
|
|
{ok, CaptchaEls} ->
|
|
|
|
|
IQ#iq{type = result,
|
|
|
|
|
sub_el =
|
|
|
|
|
[#xmlel{name = <<"query">>,
|
|
|
|
|
attrs =
|
|
|
|
|
[{<<"xmlns">>,
|
|
|
|
|
<<"jabber:iq:register">>}],
|
|
|
|
|
children =
|
2010-10-25 19:47:14 +02:00
|
|
|
[TopInstrEl | CaptchaEls]}]};
|
2012-09-11 15:45:59 +02:00
|
|
|
{error, limit} ->
|
|
|
|
|
ErrText = <<"Too many CAPTCHA requests">>,
|
|
|
|
|
IQ#iq{type = error,
|
|
|
|
|
sub_el =
|
|
|
|
|
[SubEl,
|
|
|
|
|
?ERRT_RESOURCE_CONSTRAINT(Lang, ErrText)]};
|
|
|
|
|
_Err ->
|
|
|
|
|
ErrText = <<"Unable to generate a CAPTCHA">>,
|
|
|
|
|
IQ#iq{type = error,
|
|
|
|
|
sub_el =
|
|
|
|
|
[SubEl,
|
|
|
|
|
?ERRT_INTERNAL_SERVER_ERROR(Lang, ErrText)]}
|
|
|
|
|
end;
|
|
|
|
|
true ->
|
|
|
|
|
IQ#iq{type = result,
|
|
|
|
|
sub_el =
|
|
|
|
|
[#xmlel{name = <<"query">>,
|
|
|
|
|
attrs =
|
|
|
|
|
[{<<"xmlns">>,
|
|
|
|
|
<<"jabber:iq:register">>}],
|
|
|
|
|
children =
|
|
|
|
|
[#xmlel{name = <<"instructions">>,
|
|
|
|
|
attrs = [],
|
|
|
|
|
children =
|
|
|
|
|
[{xmlcdata,
|
|
|
|
|
translate:translate(Lang,
|
|
|
|
|
<<"Choose a username and password to register "
|
|
|
|
|
"with this server">>)}]},
|
|
|
|
|
#xmlel{name = <<"username">>,
|
|
|
|
|
attrs = [],
|
|
|
|
|
children = UsernameSubels},
|
|
|
|
|
#xmlel{name = <<"password">>,
|
|
|
|
|
attrs = [], children = []}
|
|
|
|
|
| QuerySubels]}]}
|
|
|
|
|
end
|
2010-10-24 07:30:16 +02:00
|
|
|
end.
|
|
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
try_register_or_set_password(User, Server, Password,
|
|
|
|
|
From, IQ, SubEl, Source, Lang, CaptchaSucceed) ->
|
2010-10-24 07:30:16 +02:00
|
|
|
case From of
|
2012-09-11 15:45:59 +02:00
|
|
|
#jid{user = User, lserver = Server} ->
|
|
|
|
|
try_set_password(User, Server, Password, IQ, SubEl,
|
|
|
|
|
Lang);
|
|
|
|
|
_ when CaptchaSucceed ->
|
|
|
|
|
case check_from(From, Server) of
|
|
|
|
|
allow ->
|
|
|
|
|
case try_register(User, Server, Password, Source, Lang)
|
|
|
|
|
of
|
|
|
|
|
ok -> IQ#iq{type = result, sub_el = [SubEl]};
|
|
|
|
|
{error, Error} ->
|
|
|
|
|
IQ#iq{type = error, sub_el = [SubEl, Error]}
|
|
|
|
|
end;
|
|
|
|
|
deny ->
|
|
|
|
|
IQ#iq{type = error, sub_el = [SubEl, ?ERR_FORBIDDEN]}
|
|
|
|
|
end;
|
|
|
|
|
_ ->
|
|
|
|
|
IQ#iq{type = error, sub_el = [SubEl, ?ERR_NOT_ALLOWED]}
|
2002-12-08 18:23:21 +01:00
|
|
|
end.
|
|
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
try_set_password(User, Server, Password, IQ, SubEl,
|
|
|
|
|
Lang) ->
|
2010-10-24 09:17:30 +02:00
|
|
|
case is_strong_password(Server, Password) of
|
2012-09-11 15:45:59 +02:00
|
|
|
true ->
|
|
|
|
|
case ejabberd_auth:set_password(User, Server, Password)
|
|
|
|
|
of
|
|
|
|
|
ok -> IQ#iq{type = result, sub_el = [SubEl]};
|
|
|
|
|
{error, empty_password} ->
|
|
|
|
|
IQ#iq{type = error, sub_el = [SubEl, ?ERR_BAD_REQUEST]};
|
|
|
|
|
{error, not_allowed} ->
|
|
|
|
|
IQ#iq{type = error, sub_el = [SubEl, ?ERR_NOT_ALLOWED]};
|
|
|
|
|
{error, invalid_jid} ->
|
|
|
|
|
IQ#iq{type = error,
|
|
|
|
|
sub_el = [SubEl, ?ERR_ITEM_NOT_FOUND]};
|
|
|
|
|
_ ->
|
|
|
|
|
IQ#iq{type = error,
|
|
|
|
|
sub_el = [SubEl, ?ERR_INTERNAL_SERVER_ERROR]}
|
|
|
|
|
end;
|
|
|
|
|
false ->
|
|
|
|
|
ErrText = <<"The password is too weak">>,
|
|
|
|
|
IQ#iq{type = error,
|
|
|
|
|
sub_el = [SubEl, ?ERRT_NOT_ACCEPTABLE(Lang, ErrText)]}
|
2008-08-18 20:21:10 +02:00
|
|
|
end.
|
2002-12-08 18:23:21 +01:00
|
|
|
|
2010-11-05 19:00:16 +01:00
|
|
|
try_register(User, Server, Password, SourceRaw, Lang) ->
|
2003-01-24 21:18:33 +01:00
|
|
|
case jlib:is_nodename(User) of
|
2012-09-11 15:45:59 +02:00
|
|
|
false -> {error, ?ERR_BAD_REQUEST};
|
|
|
|
|
_ ->
|
|
|
|
|
JID = jlib:make_jid(User, Server, <<"">>),
|
|
|
|
|
Access = gen_mod:get_module_opt(Server, ?MODULE, access,
|
|
|
|
|
fun(A) when is_atom(A) -> A end,
|
|
|
|
|
all),
|
|
|
|
|
IPAccess = get_ip_access(Server),
|
|
|
|
|
case {acl:match_rule(Server, Access, JID),
|
|
|
|
|
check_ip_access(SourceRaw, IPAccess)}
|
|
|
|
|
of
|
|
|
|
|
{deny, _} -> {error, ?ERR_FORBIDDEN};
|
|
|
|
|
{_, deny} -> {error, ?ERR_FORBIDDEN};
|
|
|
|
|
{allow, allow} ->
|
|
|
|
|
Source = may_remove_resource(SourceRaw),
|
|
|
|
|
case check_timeout(Source) of
|
|
|
|
|
true ->
|
|
|
|
|
case is_strong_password(Server, Password) of
|
2008-04-22 23:51:32 +02:00
|
|
|
true ->
|
2012-09-11 15:45:59 +02:00
|
|
|
case ejabberd_auth:try_register(User, Server,
|
|
|
|
|
Password)
|
|
|
|
|
of
|
|
|
|
|
{atomic, ok} ->
|
|
|
|
|
send_welcome_message(JID),
|
|
|
|
|
send_registration_notifications(
|
|
|
|
|
?MODULE, JID, Source),
|
|
|
|
|
ok;
|
|
|
|
|
Error ->
|
|
|
|
|
remove_timeout(Source),
|
|
|
|
|
case Error of
|
|
|
|
|
{atomic, exists} -> {error, ?ERR_CONFLICT};
|
|
|
|
|
{error, invalid_jid} ->
|
|
|
|
|
{error, ?ERR_JID_MALFORMED};
|
|
|
|
|
{error, not_allowed} ->
|
|
|
|
|
{error, ?ERR_NOT_ALLOWED};
|
|
|
|
|
{error, _Reason} ->
|
|
|
|
|
{error, ?ERR_INTERNAL_SERVER_ERROR}
|
|
|
|
|
end
|
2008-04-22 23:51:32 +02:00
|
|
|
end;
|
|
|
|
|
false ->
|
2012-09-11 15:45:59 +02:00
|
|
|
ErrText = <<"The password is too weak">>,
|
|
|
|
|
{error, ?ERRT_NOT_ACCEPTABLE(Lang, ErrText)}
|
|
|
|
|
end;
|
|
|
|
|
false ->
|
|
|
|
|
ErrText =
|
|
|
|
|
<<"Users are not allowed to register accounts "
|
|
|
|
|
"so quickly">>,
|
|
|
|
|
{error, ?ERRT_RESOURCE_CONSTRAINT(Lang, ErrText)}
|
|
|
|
|
end
|
|
|
|
|
end
|
2002-12-08 18:23:21 +01:00
|
|
|
end.
|
|
|
|
|
|
2003-10-14 21:34:17 +02:00
|
|
|
send_welcome_message(JID) ->
|
2005-07-13 05:24:13 +02:00
|
|
|
Host = JID#jid.lserver,
|
2012-09-11 15:45:59 +02:00
|
|
|
case gen_mod:get_module_opt(Host, ?MODULE, welcome_message,
|
|
|
|
|
fun({S, B}) ->
|
|
|
|
|
{iolist_to_binary(S),
|
|
|
|
|
iolist_to_binary(B)}
|
|
|
|
|
end, {<<"">>, <<"">>})
|
|
|
|
|
of
|
|
|
|
|
{<<"">>, <<"">>} -> ok;
|
|
|
|
|
{Subj, Body} ->
|
|
|
|
|
ejabberd_router:route(jlib:make_jid(<<"">>, Host,
|
|
|
|
|
<<"">>),
|
|
|
|
|
JID,
|
|
|
|
|
#xmlel{name = <<"message">>,
|
|
|
|
|
attrs = [{<<"type">>, <<"normal">>}],
|
|
|
|
|
children =
|
|
|
|
|
[#xmlel{name = <<"subject">>,
|
|
|
|
|
attrs = [],
|
|
|
|
|
children =
|
|
|
|
|
[{xmlcdata, Subj}]},
|
|
|
|
|
#xmlel{name = <<"body">>,
|
|
|
|
|
attrs = [],
|
|
|
|
|
children =
|
|
|
|
|
[{xmlcdata, Body}]}]});
|
|
|
|
|
_ -> ok
|
2003-10-14 21:34:17 +02:00
|
|
|
end.
|
2002-12-08 18:23:21 +01:00
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
send_registration_notifications(Mod, UJID, Source) ->
|
2005-07-13 05:24:13 +02:00
|
|
|
Host = UJID#jid.lserver,
|
2012-09-11 15:45:59 +02:00
|
|
|
case gen_mod:get_module_opt(
|
|
|
|
|
Host, Mod, registration_watchers,
|
|
|
|
|
fun(Ss) ->
|
|
|
|
|
[#jid{} = jlib:string_to_jid(iolist_to_binary(S))
|
|
|
|
|
|| S <- Ss]
|
|
|
|
|
end, []) of
|
|
|
|
|
[] -> ok;
|
|
|
|
|
JIDs when is_list(JIDs) ->
|
|
|
|
|
Body =
|
|
|
|
|
iolist_to_binary(io_lib:format("[~s] The account ~s was registered from "
|
|
|
|
|
"IP address ~s on node ~w using ~p.",
|
|
|
|
|
[get_time_string(),
|
|
|
|
|
jlib:jid_to_string(UJID),
|
|
|
|
|
ip_to_string(Source), node(),
|
|
|
|
|
Mod])),
|
|
|
|
|
lists:foreach(
|
|
|
|
|
fun(JID) ->
|
|
|
|
|
ejabberd_router:route(
|
|
|
|
|
jlib:make_jid(<<"">>, Host, <<"">>),
|
|
|
|
|
JID,
|
|
|
|
|
#xmlel{name = <<"message">>,
|
|
|
|
|
attrs = [{<<"type">>, <<"chat">>}],
|
|
|
|
|
children = [#xmlel{name = <<"body">>,
|
|
|
|
|
attrs = [],
|
|
|
|
|
children = [{xmlcdata,Body}]}]})
|
|
|
|
|
end, JIDs)
|
2003-10-19 18:19:55 +02:00
|
|
|
end.
|
2008-04-22 23:51:32 +02:00
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
check_from(#jid{user = <<"">>, server = <<"">>},
|
|
|
|
|
_Server) ->
|
2010-01-31 14:55:10 +01:00
|
|
|
allow;
|
|
|
|
|
check_from(JID, Server) ->
|
2012-09-11 15:45:59 +02:00
|
|
|
Access = gen_mod:get_module_opt(Server, ?MODULE, access_from,
|
|
|
|
|
fun(A) when is_atom(A) -> A end,
|
|
|
|
|
none),
|
2010-01-31 14:55:10 +01:00
|
|
|
acl:match_rule(Server, Access, JID).
|
2008-04-22 23:51:32 +02:00
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
check_timeout(undefined) -> true;
|
2008-04-22 23:51:32 +02:00
|
|
|
check_timeout(Source) ->
|
2012-09-11 15:45:59 +02:00
|
|
|
Timeout = ejabberd_config:get_local_option(
|
|
|
|
|
registration_timeout,
|
|
|
|
|
fun(TO) when is_integer(TO), TO > 0 ->
|
|
|
|
|
TO;
|
|
|
|
|
(infinity) ->
|
|
|
|
|
infinity;
|
|
|
|
|
(unlimited) ->
|
|
|
|
|
infinity
|
|
|
|
|
end, 600),
|
|
|
|
|
if is_integer(Timeout) ->
|
|
|
|
|
{MSec, Sec, _USec} = now(),
|
|
|
|
|
Priority = -(MSec * 1000000 + Sec),
|
|
|
|
|
CleanPriority = Priority + Timeout,
|
|
|
|
|
F = fun () ->
|
|
|
|
|
Treap = case mnesia:read(mod_register_ip, treap, write)
|
|
|
|
|
of
|
|
|
|
|
[] -> treap:empty();
|
|
|
|
|
[{mod_register_ip, treap, T}] -> T
|
|
|
|
|
end,
|
|
|
|
|
Treap1 = clean_treap(Treap, CleanPriority),
|
|
|
|
|
case treap:lookup(Source, Treap1) of
|
|
|
|
|
error ->
|
|
|
|
|
Treap2 = treap:insert(Source, Priority, [],
|
|
|
|
|
Treap1),
|
|
|
|
|
mnesia:write({mod_register_ip, treap, Treap2}),
|
|
|
|
|
true;
|
|
|
|
|
{ok, _, _} ->
|
|
|
|
|
mnesia:write({mod_register_ip, treap, Treap1}),
|
|
|
|
|
false
|
|
|
|
|
end
|
|
|
|
|
end,
|
|
|
|
|
case mnesia:transaction(F) of
|
|
|
|
|
{atomic, Res} -> Res;
|
|
|
|
|
{aborted, Reason} ->
|
|
|
|
|
?ERROR_MSG("mod_register: timeout check error: ~p~n",
|
|
|
|
|
[Reason]),
|
|
|
|
|
true
|
|
|
|
|
end;
|
|
|
|
|
true -> true
|
2008-04-22 23:51:32 +02:00
|
|
|
end.
|
|
|
|
|
|
|
|
|
|
clean_treap(Treap, CleanPriority) ->
|
|
|
|
|
case treap:is_empty(Treap) of
|
2012-09-11 15:45:59 +02:00
|
|
|
true -> Treap;
|
|
|
|
|
false ->
|
|
|
|
|
{_Key, Priority, _Value} = treap:get_root(Treap),
|
|
|
|
|
if Priority > CleanPriority ->
|
|
|
|
|
clean_treap(treap:delete_root(Treap), CleanPriority);
|
|
|
|
|
true -> Treap
|
|
|
|
|
end
|
2008-04-22 23:51:32 +02:00
|
|
|
end.
|
2008-04-23 15:14:08 +02:00
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
remove_timeout(undefined) -> true;
|
2008-04-23 15:14:08 +02:00
|
|
|
remove_timeout(Source) ->
|
2012-09-11 15:45:59 +02:00
|
|
|
Timeout = ejabberd_config:get_local_option(
|
|
|
|
|
registration_timeout,
|
|
|
|
|
fun(TO) when is_integer(TO), TO > 0 ->
|
|
|
|
|
TO;
|
|
|
|
|
(infinity) ->
|
|
|
|
|
infinity;
|
|
|
|
|
(unlimited) ->
|
|
|
|
|
infinity
|
|
|
|
|
end, 600),
|
|
|
|
|
if is_integer(Timeout) ->
|
|
|
|
|
F = fun () ->
|
|
|
|
|
Treap = case mnesia:read(mod_register_ip, treap, write)
|
|
|
|
|
of
|
|
|
|
|
[] -> treap:empty();
|
|
|
|
|
[{mod_register_ip, treap, T}] -> T
|
|
|
|
|
end,
|
|
|
|
|
Treap1 = treap:delete(Source, Treap),
|
|
|
|
|
mnesia:write({mod_register_ip, treap, Treap1}),
|
|
|
|
|
ok
|
|
|
|
|
end,
|
|
|
|
|
case mnesia:transaction(F) of
|
|
|
|
|
{atomic, ok} -> ok;
|
|
|
|
|
{aborted, Reason} ->
|
|
|
|
|
?ERROR_MSG("mod_register: timeout remove error: "
|
|
|
|
|
"~p~n",
|
|
|
|
|
[Reason]),
|
|
|
|
|
ok
|
|
|
|
|
end;
|
|
|
|
|
true -> ok
|
2008-04-23 15:14:08 +02:00
|
|
|
end.
|
|
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
ip_to_string(Source) when is_tuple(Source) ->
|
|
|
|
|
jlib:ip_to_list(Source);
|
|
|
|
|
ip_to_string(undefined) -> <<"undefined">>;
|
|
|
|
|
ip_to_string(_) -> <<"unknown">>.
|
2009-11-17 12:14:31 +01:00
|
|
|
|
|
|
|
|
get_time_string() -> write_time(erlang:localtime()).
|
2012-09-11 15:45:59 +02:00
|
|
|
|
|
|
|
|
write_time({{Y, Mo, D}, {H, Mi, S}}) ->
|
2009-11-17 12:14:31 +01:00
|
|
|
io_lib:format("~w-~.2.0w-~.2.0w ~.2.0w:~.2.0w:~.2.0w",
|
|
|
|
|
[Y, Mo, D, H, Mi, S]).
|
2010-10-24 07:30:16 +02:00
|
|
|
|
|
|
|
|
process_xdata_submit(El) ->
|
2012-09-11 15:45:59 +02:00
|
|
|
case xml:get_subtag(El, <<"x">>) of
|
|
|
|
|
false -> error;
|
|
|
|
|
Xdata ->
|
|
|
|
|
Fields = jlib:parse_xdata_submit(Xdata),
|
|
|
|
|
case catch {proplists:get_value(<<"username">>, Fields),
|
|
|
|
|
proplists:get_value(<<"password">>, Fields)}
|
|
|
|
|
of
|
|
|
|
|
{[User | _], [Pass | _]} -> {ok, User, Pass};
|
|
|
|
|
_ -> error
|
|
|
|
|
end
|
2010-10-24 07:30:16 +02:00
|
|
|
end.
|
2010-10-24 09:17:30 +02:00
|
|
|
|
|
|
|
|
is_strong_password(Server, Password) ->
|
|
|
|
|
LServer = jlib:nameprep(Server),
|
2012-09-11 15:45:59 +02:00
|
|
|
case gen_mod:get_module_opt(LServer, ?MODULE, password_strength,
|
|
|
|
|
fun(N) when is_number(N), N>=0 -> N end,
|
|
|
|
|
0) of
|
|
|
|
|
0 ->
|
|
|
|
|
true;
|
|
|
|
|
Entropy ->
|
|
|
|
|
ejabberd_auth:entropy(Password) >= Entropy
|
2010-10-24 09:17:30 +02:00
|
|
|
end.
|
2010-11-05 19:00:16 +01:00
|
|
|
|
|
|
|
|
%%%
|
|
|
|
|
%%% ip_access management
|
|
|
|
|
%%%
|
|
|
|
|
|
|
|
|
|
may_remove_resource({_, _, _} = From) ->
|
|
|
|
|
jlib:jid_remove_resource(From);
|
2012-09-11 15:45:59 +02:00
|
|
|
may_remove_resource(From) -> From.
|
2010-11-05 19:00:16 +01:00
|
|
|
|
|
|
|
|
get_ip_access(Host) ->
|
2012-09-11 15:45:59 +02:00
|
|
|
gen_mod:get_module_opt(Host, ?MODULE, ip_access,
|
|
|
|
|
fun(IPAccess) ->
|
|
|
|
|
lists:flatmap(
|
|
|
|
|
fun({Access, S}) ->
|
|
|
|
|
{ok, IP, Mask} =
|
|
|
|
|
parse_ip_netmask(
|
|
|
|
|
iolist_to_binary(S)),
|
|
|
|
|
[{Access, IP, Mask}]
|
|
|
|
|
end, IPAccess)
|
|
|
|
|
end, []).
|
2010-11-05 19:00:16 +01:00
|
|
|
|
|
|
|
|
parse_ip_netmask(S) ->
|
2012-09-11 15:45:59 +02:00
|
|
|
case str:tokens(S, <<"/">>) of
|
|
|
|
|
[IPStr] ->
|
|
|
|
|
case inet_parse:address(binary_to_list(IPStr)) of
|
|
|
|
|
{ok, {_, _, _, _} = IP} -> {ok, IP, 32};
|
|
|
|
|
{ok, {_, _, _, _, _, _, _, _} = IP} -> {ok, IP, 128};
|
|
|
|
|
_ -> error
|
|
|
|
|
end;
|
|
|
|
|
[IPStr, MaskStr] ->
|
|
|
|
|
case catch jlib:binary_to_integer(MaskStr) of
|
|
|
|
|
Mask when is_integer(Mask), Mask >= 0 ->
|
|
|
|
|
case inet_parse:address(binary_to_list(IPStr)) of
|
|
|
|
|
{ok, {_, _, _, _} = IP} when Mask =< 32 ->
|
|
|
|
|
{ok, IP, Mask};
|
|
|
|
|
{ok, {_, _, _, _, _, _, _, _} = IP} when Mask =< 128 ->
|
|
|
|
|
{ok, IP, Mask};
|
|
|
|
|
_ -> error
|
|
|
|
|
end;
|
|
|
|
|
_ -> error
|
|
|
|
|
end;
|
|
|
|
|
_ -> error
|
2010-11-05 19:00:16 +01:00
|
|
|
end.
|
|
|
|
|
|
2012-09-11 15:45:59 +02:00
|
|
|
check_ip_access(_Source, []) -> allow;
|
2010-11-05 19:00:16 +01:00
|
|
|
check_ip_access({User, Server, Resource}, IPAccess) ->
|
|
|
|
|
case ejabberd_sm:get_user_ip(User, Server, Resource) of
|
2012-09-11 15:45:59 +02:00
|
|
|
{IPAddress, _PortNumber} ->
|
|
|
|
|
check_ip_access(IPAddress, IPAccess);
|
|
|
|
|
_ -> true
|
2010-11-05 19:00:16 +01:00
|
|
|
end;
|
|
|
|
|
check_ip_access({_, _, _, _} = IP,
|
|
|
|
|
[{Access, {_, _, _, _} = Net, Mask} | IPAccess]) ->
|
|
|
|
|
IPInt = ip_to_integer(IP),
|
|
|
|
|
NetInt = ip_to_integer(Net),
|
2012-09-11 15:45:59 +02:00
|
|
|
M = bnot (1 bsl (32 - Mask) - 1),
|
|
|
|
|
if IPInt band M =:= NetInt band M -> Access;
|
|
|
|
|
true -> check_ip_access(IP, IPAccess)
|
2010-11-05 19:00:16 +01:00
|
|
|
end;
|
|
|
|
|
check_ip_access({_, _, _, _, _, _, _, _} = IP,
|
2012-09-11 15:45:59 +02:00
|
|
|
[{Access, {_, _, _, _, _, _, _, _} = Net, Mask}
|
|
|
|
|
| IPAccess]) ->
|
2010-11-05 19:00:16 +01:00
|
|
|
IPInt = ip_to_integer(IP),
|
|
|
|
|
NetInt = ip_to_integer(Net),
|
2012-09-11 15:45:59 +02:00
|
|
|
M = bnot (1 bsl (128 - Mask) - 1),
|
|
|
|
|
if IPInt band M =:= NetInt band M -> Access;
|
|
|
|
|
true -> check_ip_access(IP, IPAccess)
|
2010-11-05 19:00:16 +01:00
|
|
|
end;
|
|
|
|
|
check_ip_access(IP, [_ | IPAccess]) ->
|
|
|
|
|
check_ip_access(IP, IPAccess).
|
|
|
|
|
|
|
|
|
|
ip_to_integer({IP1, IP2, IP3, IP4}) ->
|
2012-09-11 15:45:59 +02:00
|
|
|
IP1 bsl 8 bor IP2 bsl 8 bor IP3 bsl 8 bor IP4;
|
|
|
|
|
ip_to_integer({IP1, IP2, IP3, IP4, IP5, IP6, IP7,
|
|
|
|
|
IP8}) ->
|
|
|
|
|
IP1 bsl 16 bor IP2 bsl 16 bor IP3 bsl 16 bor IP4 bsl 16
|
|
|
|
|
bor IP5
|
|
|
|
|
bsl 16
|
|
|
|
|
bor IP6
|
|
|
|
|
bsl 16
|
|
|
|
|
bor IP7
|
|
|
|
|
bsl 16
|
|
|
|
|
bor IP8.
|
