mirror of
https://github.com/processone/ejabberd.git
synced 2024-12-26 17:38:45 +01:00
* src/ejabberd_sm.erl: An option to limit the number of opened sessions
for a given user have been added. As a default, a given user can only log in 10 times with different resources. After that, new connections replace the older ones. * src/ejabberd.cfg.example: Likewise. * doc/guide.tex: Likewise. SVN Revision: 567
This commit is contained in:
parent
21b912a375
commit
043c2ccf51
@ -1,3 +1,12 @@
|
||||
2006-05-21 Mickael Remond <mickael.remond@process-one.net>
|
||||
|
||||
* src/ejabberd_sm.erl: An option to limit the number of opened sessions
|
||||
for a given user have been added. As a default, a given user can only
|
||||
log in 10 times with different resources. After that, new connections
|
||||
replace the older ones.
|
||||
* src/ejabberd.cfg.example: Likewise.
|
||||
* doc/guide.tex: Likewise.
|
||||
|
||||
2006-05-15 Mickael Remond <mickael.remond@process-one.net>
|
||||
|
||||
* src/web/ejabberd_http_poll.erl: Timeout disconnection were not
|
||||
|
183
doc/guide.html
183
doc/guide.html
@ -55,105 +55,6 @@ BLOCKQUOTE{margin-left:4ex;margin-right:4ex;text-align:left;}
|
||||
|
||||
<H2 CLASS="section">Contents</H2><!--SEC END -->
|
||||
|
||||
<UL CLASS="toc"><LI CLASS="li-toc">
|
||||
<A HREF="#htoc1">1 Introduction</A>
|
||||
<UL CLASS="toc"><LI CLASS="li-toc">
|
||||
<A HREF="#htoc2">1.1 Key Features</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc3">1.2 Additional Features</A>
|
||||
</UL>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc4">2 Installation from Source</A>
|
||||
<UL CLASS="toc"><LI CLASS="li-toc">
|
||||
<A HREF="#htoc5">2.1 Installation Requirements</A>
|
||||
<UL CLASS="toc"><LI CLASS="li-toc">
|
||||
<A HREF="#htoc6">2.1.1 “Unix-like” operating systems</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc7">2.1.2 Windows</A>
|
||||
</UL>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc8">2.2 Obtaining <TT>ejabberd</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc9">2.3 Compilation</A>
|
||||
<UL CLASS="toc"><LI CLASS="li-toc">
|
||||
<A HREF="#htoc10">2.3.1 “Unix-like” operating systems</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc11">2.3.2 Windows</A>
|
||||
</UL>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc12">2.4 Starting</A>
|
||||
</UL>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc13">3 Configuration</A>
|
||||
<UL CLASS="toc"><LI CLASS="li-toc">
|
||||
<A HREF="#htoc14">3.1 Initial Configuration</A>
|
||||
<UL CLASS="toc"><LI CLASS="li-toc">
|
||||
<A HREF="#htoc15">3.1.1 Host Names</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc16">3.1.2 Default Language</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc17">3.1.3 Access Rules</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc18">3.1.4 Shapers</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc19">3.1.5 Listened Sockets</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc20">3.1.6 Modules</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc21">3.1.7 Virtual Hosting</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc22">3.1.8 SASL anonymous and anonymous login</A>
|
||||
</UL>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc23">3.2 Relational Database Support</A>
|
||||
<UL CLASS="toc"><LI CLASS="li-toc">
|
||||
<A HREF="#htoc24">3.2.1 Authentication against a relational database</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc25">3.2.2 Relational database for other modules</A>
|
||||
</UL>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc26">3.3 Creating an Initial Administrator</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc27">3.4 Online Configuration and Monitoring</A>
|
||||
<UL CLASS="toc"><LI CLASS="li-toc">
|
||||
<A HREF="#htoc28">3.4.1 Web Interface</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc29">3.4.2 <TT>ejabberdctl</TT></A>
|
||||
</UL>
|
||||
</UL>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc30">4 Firewall Settings</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc31">5 SRV Records</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc32">6 Clustering</A>
|
||||
<UL CLASS="toc"><LI CLASS="li-toc">
|
||||
<A HREF="#htoc33">6.1 How it Works</A>
|
||||
<UL CLASS="toc"><LI CLASS="li-toc">
|
||||
<A HREF="#htoc34">6.1.1 Router</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc35">6.1.2 Local Router</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc36">6.1.3 Session Manager</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc37">6.1.4 s2s Manager</A>
|
||||
</UL>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc38">6.2 Clustering Setup</A>
|
||||
</UL>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc39">A Built-in Modules</A>
|
||||
<UL CLASS="toc"><LI CLASS="li-toc">
|
||||
<A HREF="#htoc40">A.1 Overview</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc41">A.2 Common Options</A>
|
||||
<UL CLASS="toc"><LI CLASS="li-toc">
|
||||
<A HREF="#htoc42">A.2.1 <TT>iqdisc</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc43">A.2.2 <TT>hosts</TT></A>
|
||||
</UL>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc44">A.3 <TT>mod_announce</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc45">A.4 <TT>mod_disco</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc46">A.5 <TT>mod_echo</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc47">A.6 <TT>mod_irc</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc48">A.7 <TT>mod_last</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc49">A.8 <TT>mod_muc</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc50">A.9 <TT>mod_muc_log</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc51">A.10 <TT>mod_offline</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc52">A.11 <TT>mod_privacy</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc53">A.12 <TT>mod_private</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc54">A.13 <TT>mod_pubsub</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc55">A.14 <TT>mod_register</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc56">A.15 <TT>mod_roster</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc57">A.16 <TT>mod_service_log</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc58">A.17 <TT>mod_shared_roster</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc59">A.18 <TT>mod_stats</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc60">A.19 <TT>mod_time</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc61">A.20 <TT>mod_vcard</TT></A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc62">A.21 <TT>mod_version</TT></A>
|
||||
</UL>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc63">B Internationalization and Localization</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc64">C Release Notes</A>
|
||||
<UL CLASS="toc"><LI CLASS="li-toc">
|
||||
<A HREF="#htoc65">C.1 ejabberd 0.9</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc66">C.2 ejabberd 0.9.1</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc67">C.3 ejabberd 0.9.8</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc68">C.4 ejabberd 1.0.0</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc69">C.5 ejabberd 1.1.0</A>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc70">C.6 ejabberd 1.1.1</A>
|
||||
</UL>
|
||||
<LI CLASS="li-toc"><A HREF="#htoc71">D Acknowledgements</A>
|
||||
</UL>
|
||||
|
||||
<!--TOC section Introduction-->
|
||||
|
||||
@ -631,9 +532,9 @@ Currently next modules are implemented:
|
||||
<TR><TD VALIGN=top ALIGN=left NOWRAP> </TD>
|
||||
<TD VALIGN=top ALIGN=left NOWRAP>Options</TD>
|
||||
<TD VALIGN=top ALIGN=left><TT>access</TT>, <TT>certfile</TT>, <TT>inet6</TT>,
|
||||
<TT>ip</TT>, <TT>max_stanza_size</TT>, <TT>shaper</TT>, <TT>ssl</TT>,
|
||||
<TT>tls</TT>, <TT>starttls</TT>, <TT>starttls_required</TT>,
|
||||
<TT>zlib</TT></TD>
|
||||
<TT>ip</TT>, <TT>max_stanza_size</TT>, <TT>max_user_sessions</TT>,
|
||||
<TT>shaper</TT>, <TT>ssl</TT>, <TT>tls</TT>, <TT>starttls</TT>,
|
||||
<TT>starttls_required</TT>, <TT>zlib</TT></TD>
|
||||
</TR>
|
||||
<TR><TD VALIGN=top ALIGN=left NOWRAP><TT>ejabberd_s2s_in</TT></TD>
|
||||
<TD VALIGN=top ALIGN=left NOWRAP>Description</TD>
|
||||
@ -694,9 +595,19 @@ If HTTP Polling is enabled, it will be available at
|
||||
<DT CLASS="dt-description"><B><TT>{max_stanza_size, Size}</TT></B><DD CLASS="dd-description"> This
|
||||
option specifies an approximate maximal size in bytes of XML stanzas.
|
||||
For example <CODE>{max\_stanza\_size, 65536}</CODE>. The default value
|
||||
is “<TT>infinity</TT>”.
|
||||
<DT CLASS="dt-description"><B><TT>{shaper, <access rule>}</TT></B><DD CLASS="dd-description"> This option defines a
|
||||
shaper for the port (see section <A HREF="#sec:configshaper">3.1.4</A>). The default value
|
||||
is “<TT>infinity</TT>”.<BR>
|
||||
<BR>
|
||||
<DT CLASS="dt-description"><B><TT>{max_user_sessions, Max}</TT></B><DD CLASS="dd-description"> This
|
||||
option specifies the maximum number of sessions (authenticated
|
||||
connections) per user. If a user tries to open more than the maximum
|
||||
number of allowed sessions, with different resources, the first opened
|
||||
session will be disconnected. The error “<TT>session replaced</TT>” is
|
||||
send to the disconnected session. This value is either a number or
|
||||
<TT>infinity</TT>. For example <CODE>{max\_user\_sessions, 10}</CODE>. The
|
||||
default value is <TT>10</TT>.<BR>
|
||||
<BR>
|
||||
<DT CLASS="dt-description"><B><TT>{shaper, <access rule>}</TT></B><DD CLASS="dd-description"> This option defines a
|
||||
shaper for the port (see section <A HREF="#sec:configshaper">??</A>). The default value
|
||||
is “<TT>none</TT>”.
|
||||
<DT CLASS="dt-description"><B><TT>ssl</TT></B><DD CLASS="dd-description"> This option specifies that traffic on
|
||||
the port will be encrypted using SSL. You should also set the
|
||||
@ -741,7 +652,7 @@ c2s connections are listened for on port 5222 and 5223 (SSL) and denied
|
||||
traffic enabled.
|
||||
<LI CLASS="li-itemize">Port 5280 is serving the web interface and the HTTP Polling service. Note
|
||||
that it is also possible to serve them on different ports. The second
|
||||
example in section <A HREF="#sec:webadm">3.4.1</A> shows how exactly this can be done.
|
||||
example in section <A HREF="#sec:webadm">??</A> shows how exactly this can be done.
|
||||
<LI CLASS="li-itemize">All users except for the administrators have a traffic of limit
|
||||
1,000 Bytes/second
|
||||
<LI CLASS="li-itemize">The
|
||||
@ -836,7 +747,7 @@ services you have to make the transports log and do XDB by themselves:
|
||||
The option <TT>modules</TT> defines the list of modules that will be loaded after
|
||||
<TT>ejabberd</TT>'s startup. Each entry in the list is a tuple in which the first
|
||||
element is the name of a module and the second is a list of options for that
|
||||
module. Read section <A HREF="#sec:modules">A</A> for detailed information about modules.<BR>
|
||||
module. Read section <A HREF="#sec:modules">??</A> for detailed information about modules.<BR>
|
||||
<BR>
|
||||
Examples:
|
||||
<UL CLASS="itemize"><LI CLASS="li-itemize">
|
||||
@ -922,7 +833,7 @@ very special cases. It defaults to false.<BR>
|
||||
enabled.
|
||||
</UL>
|
||||
Those options are defined for each virtual host with the <TT>host_config</TT>
|
||||
parameter (see section <A HREF="#sec:configvirtualhost">3.1.7</A>).<BR>
|
||||
parameter (see section <A HREF="#sec:configvirtualhost">??</A>).<BR>
|
||||
<BR>
|
||||
Examples:
|
||||
<UL CLASS="itemize"><LI CLASS="li-itemize">
|
||||
@ -1043,10 +954,10 @@ Register an account on your <TT>ejabberd</TT> deployment. An account can be
|
||||
created in two ways:
|
||||
<OL CLASS="enumerate" type=a><LI CLASS="li-enumerate">
|
||||
Using the tool <TT>ejabberdctl</TT> (see
|
||||
section <A HREF="#sec:ejabberdctl">3.4.2</A>):
|
||||
section <A HREF="#sec:ejabberdctl">??</A>):
|
||||
<PRE CLASS="verbatim">
|
||||
% ejabberdctl node@host register admin example.org password
|
||||
</PRE><LI CLASS="li-enumerate">Using In-Band Registration (see section <A HREF="#sec:modregister">A.14</A>): you can
|
||||
</PRE><LI CLASS="li-enumerate">Using In-Band Registration (see section <A HREF="#sec:modregister">??</A>): you can
|
||||
use a Jabber client to register an account.
|
||||
</OL>
|
||||
<LI CLASS="li-enumerate">Edit the configuration file to promote the account created in the previous
|
||||
@ -1074,11 +985,11 @@ Register an account on your <TT>ejabberd</TT> deployment. An account can be
|
||||
|
||||
To perform online configuration of <TT>ejabberd</TT> you need to enable the
|
||||
<TT>ejabberd_http</TT> listener with the option <TT>web_admin</TT> (see
|
||||
section <A HREF="#sec:configlistened">3.1.5</A>). Then you can open
|
||||
section <A HREF="#sec:configlistened">??</A>). Then you can open
|
||||
<CODE>http://server:port/admin/</CODE> in your favourite web browser. You
|
||||
will be asked to enter the username (the <EM>full</EM> Jabber ID) and password
|
||||
of an <TT>ejabberd</TT> user with administrator rights. After authentication
|
||||
you will see a page similar to figure <A HREF="#fig:webadmmain">1</A>.
|
||||
you will see a page similar to figure <A HREF="#fig:webadmmain">??</A>.
|
||||
<BLOCKQUOTE CLASS="figure"><DIV CLASS="center"><DIV CLASS="center"><HR WIDTH="80%" SIZE=2></DIV>
|
||||
|
||||
<IMG SRC="webadmmain.png">
|
||||
@ -1208,11 +1119,11 @@ You need to take the following TCP ports in mind when configuring your firewall:
|
||||
<TD ALIGN=left NOWRAP>s2s connections.</TD>
|
||||
</TR>
|
||||
<TR><TD ALIGN=left NOWRAP>4369</TD>
|
||||
<TD ALIGN=left NOWRAP>Only for clustering (see <A HREF="#sec:clustering">6</A>).</TD>
|
||||
<TD ALIGN=left NOWRAP>Only for clustering (see <A HREF="#sec:clustering">??</A>).</TD>
|
||||
</TR>
|
||||
<TR><TD ALIGN=left NOWRAP>port range</TD>
|
||||
<TD ALIGN=left NOWRAP>Only for clustring (see <A HREF="#sec:clustering">6</A>). This range
|
||||
is configurable (see <A HREF="#sec:starting">2.4</A>).</TD>
|
||||
<TD ALIGN=left NOWRAP>Only for clustring (see <A HREF="#sec:clustering">??</A>). This range
|
||||
is configurable (see <A HREF="#sec:starting">??</A>).</TD>
|
||||
</TR></TABLE>
|
||||
<DIV CLASS="center"><HR WIDTH="80%" SIZE=2></DIV></DIV></BLOCKQUOTE>
|
||||
<!--TOC section SRV Records-->
|
||||
@ -1686,7 +1597,7 @@ hosts:
|
||||
to several resources, only the resource with the highest priority will receive
|
||||
the message. If the registered user is not connected, the message will be
|
||||
stored offline in assumption that offline storage
|
||||
(see section <A HREF="#sec:modoffline">A.10</A>) is enabled.
|
||||
(see section <A HREF="#sec:modoffline">??</A>) is enabled.
|
||||
<DT CLASS="dt-description"><B><TT>example.org/announce/online (example.org/announce/all-hosts/online)</TT></B><DD CLASS="dd-description">The
|
||||
message is sent to all connected users. If the user is online and connected
|
||||
to several resources, all resources will receive the message.
|
||||
@ -1753,7 +1664,7 @@ Options:
|
||||
<B><TT>iqdisc</TT></B><DD CLASS="dd-description"> This specifies
|
||||
the processing discipline for Service Discovery (<TT>http://jabber.org/protocol/disco#items</TT> and
|
||||
<TT>http://jabber.org/protocol/disco#info</TT>) IQ queries
|
||||
(see section <A HREF="#sec:modiqdiscoption">A.2.1</A>).
|
||||
(see section <A HREF="#sec:modiqdiscoption">??</A>).
|
||||
<DT CLASS="dt-description"><B><TT>extra_domains</TT></B><DD CLASS="dd-description"> With this option,
|
||||
extra domains can be added to the Service Discovery item list.
|
||||
</DL>
|
||||
@ -1800,7 +1711,7 @@ Options:
|
||||
<DL CLASS="description" COMPACT=compact><DT CLASS="dt-description">
|
||||
|
||||
<B><TT>hosts</TT></B><DD CLASS="dd-description"> This option defines the hostnames of the
|
||||
service (see section <A HREF="#sec:modhostsoption">A.2.2</A>). If neither <TT>hosts</TT> nor
|
||||
service (see section <A HREF="#sec:modhostsoption">??</A>). If neither <TT>hosts</TT> nor
|
||||
the old <TT>host</TT> is present, the prefix “<TT>echo.</TT>” is added to all
|
||||
<TT>ejabberd</TT> hostnames.
|
||||
|
||||
@ -1817,7 +1728,7 @@ Mirror, mirror, on the wall, who is the most beautiful
|
||||
...
|
||||
]}.
|
||||
</PRE><LI CLASS="li-itemize">If you still do not understand the inner workings of <TT>mod_echo</TT>,
|
||||
you can find a few more examples in section <A HREF="#sec:modhostsoption">A.2.2</A>.
|
||||
you can find a few more examples in section <A HREF="#sec:modhostsoption">??</A>.
|
||||
</UL>
|
||||
<!--TOC subsection <TT>mod_irc</TT>-->
|
||||
|
||||
@ -1850,7 +1761,7 @@ Options:
|
||||
<DL CLASS="description" COMPACT=compact><DT CLASS="dt-description">
|
||||
|
||||
<B><TT>hosts</TT></B><DD CLASS="dd-description"> This option defines the hostnames of the
|
||||
service (see section <A HREF="#sec:modhostsoption">A.2.2</A>). If neither <TT>hosts</TT> nor
|
||||
service (see section <A HREF="#sec:modhostsoption">??</A>). If neither <TT>hosts</TT> nor
|
||||
the old <TT>host</TT> is present, the prefix “<TT>irc.</TT>” is added to all
|
||||
<TT>ejabberd</TT> hostnames.
|
||||
|
||||
@ -1904,7 +1815,7 @@ Options:
|
||||
<DL CLASS="description" COMPACT=compact><DT CLASS="dt-description">
|
||||
<B><TT>iqdisc</TT></B><DD CLASS="dd-description"> This specifies
|
||||
the processing discipline for Last activity (<TT>jabber:iq:last</TT>) IQ queries
|
||||
(see section <A HREF="#sec:modiqdiscoption">A.2.1</A>).
|
||||
(see section <A HREF="#sec:modiqdiscoption">??</A>).
|
||||
</DL>
|
||||
<!--TOC subsection <TT>mod_muc</TT>-->
|
||||
|
||||
@ -1928,7 +1839,7 @@ Options:
|
||||
<DL CLASS="description" COMPACT=compact><DT CLASS="dt-description">
|
||||
|
||||
<B><TT>hosts</TT></B><DD CLASS="dd-description"> This option defines the hostnames of the
|
||||
service (see section <A HREF="#sec:modhostsoption">A.2.2</A>). If neither <TT>hosts</TT> nor
|
||||
service (see section <A HREF="#sec:modhostsoption">??</A>). If neither <TT>hosts</TT> nor
|
||||
the old <TT>host</TT> is present, the prefix “<TT>conference.</TT>” is added to all
|
||||
<TT>ejabberd</TT> hostnames.
|
||||
|
||||
@ -2078,7 +1989,7 @@ This module implements offline message storage. This means that all messages
|
||||
sent to an offline user will be stored on the server until that user comes
|
||||
online again. Thus it is very similar to how email works. Note that
|
||||
<TT>ejabberdctl</TT> has a command to delete expired messages
|
||||
(see section <A HREF="#sec:ejabberdctl">3.4.2</A>).<BR>
|
||||
(see section <A HREF="#sec:ejabberdctl">??</A>).<BR>
|
||||
<BR>
|
||||
<!--TOC subsection <TT>mod_privacy</TT>-->
|
||||
|
||||
@ -2113,7 +2024,7 @@ Options:
|
||||
<DL CLASS="description" COMPACT=compact><DT CLASS="dt-description">
|
||||
<B><TT>iqdisc</TT></B><DD CLASS="dd-description"> This specifies
|
||||
the processing discipline for Blocking Communication (<TT>jabber:iq:privacy</TT>) IQ queries
|
||||
(see section <A HREF="#sec:modiqdiscoption">A.2.1</A>).
|
||||
(see section <A HREF="#sec:modiqdiscoption">??</A>).
|
||||
</DL>
|
||||
<!--TOC subsection <TT>mod_private</TT>-->
|
||||
|
||||
@ -2132,7 +2043,7 @@ Options:
|
||||
<DL CLASS="description" COMPACT=compact><DT CLASS="dt-description">
|
||||
<B><TT>iqdisc</TT></B><DD CLASS="dd-description"> This specifies
|
||||
the processing discipline for Private XML Storage (<TT>jabber:iq:private</TT>) IQ queries
|
||||
(see section <A HREF="#sec:modiqdiscoption">A.2.1</A>).
|
||||
(see section <A HREF="#sec:modiqdiscoption">??</A>).
|
||||
</DL>
|
||||
<!--TOC subsection <TT>mod_pubsub</TT>-->
|
||||
|
||||
@ -2166,7 +2077,7 @@ Options:
|
||||
<DL CLASS="description" COMPACT=compact><DT CLASS="dt-description">
|
||||
|
||||
<B><TT>hosts</TT></B><DD CLASS="dd-description"> This option defines the hostnames of the
|
||||
service (see section <A HREF="#sec:modhostsoption">A.2.2</A>). If neither <TT>hosts</TT> nor
|
||||
service (see section <A HREF="#sec:modhostsoption">??</A>). If neither <TT>hosts</TT> nor
|
||||
the old <TT>host</TT> is present, the prefix “<TT>pubsub.</TT>” is added to all
|
||||
<TT>ejabberd</TT> hostnames.
|
||||
|
||||
@ -2204,7 +2115,7 @@ Options:
|
||||
restrictions by default).
|
||||
<DT CLASS="dt-description"><B><TT>iqdisc</TT></B><DD CLASS="dd-description"> This specifies
|
||||
the processing discipline for In-Band Registration (<TT>jabber:iq:register</TT>) IQ queries
|
||||
(see section <A HREF="#sec:modiqdiscoption">A.2.1</A>).
|
||||
(see section <A HREF="#sec:modiqdiscoption">??</A>).
|
||||
</DL>
|
||||
Examples:
|
||||
<UL CLASS="itemize"><LI CLASS="li-itemize">
|
||||
@ -2252,7 +2163,7 @@ Options:
|
||||
<DL CLASS="description" COMPACT=compact><DT CLASS="dt-description">
|
||||
<B><TT>iqdisc</TT></B><DD CLASS="dd-description"> This specifies
|
||||
the processing discipline for Roster Management (<TT>jabber:iq:roster</TT>) IQ queries
|
||||
(see section <A HREF="#sec:modiqdiscoption">A.2.1</A>).
|
||||
(see section <A HREF="#sec:modiqdiscoption">??</A>).
|
||||
</DL>
|
||||
<!--TOC subsection <TT>mod_service_log</TT>-->
|
||||
|
||||
@ -2439,7 +2350,7 @@ Options:
|
||||
<DL CLASS="description" COMPACT=compact><DT CLASS="dt-description">
|
||||
<B><TT>iqdisc</TT></B><DD CLASS="dd-description"> This specifies
|
||||
the processing discipline for Statistics Gathering (<TT>http://jabber.org/protocol/stats</TT>) IQ queries
|
||||
(see section <A HREF="#sec:modiqdiscoption">A.2.1</A>).
|
||||
(see section <A HREF="#sec:modiqdiscoption">??</A>).
|
||||
</DL>
|
||||
As there are only a small amount of clients (for example
|
||||
<A HREF="http://tkabber.jabber.ru/">Tkabber</A>) and software libraries with
|
||||
@ -2476,7 +2387,7 @@ Options:
|
||||
<DL CLASS="description" COMPACT=compact><DT CLASS="dt-description">
|
||||
<B><TT>iqdisc</TT></B><DD CLASS="dd-description"> This specifies
|
||||
the processing discipline for Entity Time (<TT>jabber:iq:time</TT>) IQ queries
|
||||
(see section <A HREF="#sec:modiqdiscoption">A.2.1</A>).
|
||||
(see section <A HREF="#sec:modiqdiscoption">??</A>).
|
||||
</DL>
|
||||
<!--TOC subsection <TT>mod_vcard</TT>-->
|
||||
|
||||
@ -2493,13 +2404,13 @@ Options:
|
||||
<DL CLASS="description" COMPACT=compact><DT CLASS="dt-description">
|
||||
|
||||
<B><TT>hosts</TT></B><DD CLASS="dd-description"> This option defines the hostnames of the
|
||||
service (see section <A HREF="#sec:modhostsoption">A.2.2</A>). If neither <TT>hosts</TT> nor
|
||||
service (see section <A HREF="#sec:modhostsoption">??</A>). If neither <TT>hosts</TT> nor
|
||||
the old <TT>host</TT> is present, the prefix “<TT>vjud.</TT>” is added to all
|
||||
<TT>ejabberd</TT> hostnames.
|
||||
|
||||
<DT CLASS="dt-description"><B><TT>iqdisc</TT></B><DD CLASS="dd-description"> This specifies
|
||||
the processing discipline for <TT>vcard-temp</TT> IQ queries
|
||||
(see section <A HREF="#sec:modiqdiscoption">A.2.1</A>).
|
||||
(see section <A HREF="#sec:modiqdiscoption">??</A>).
|
||||
<DT CLASS="dt-description"><B><TT>search</TT></B><DD CLASS="dd-description"> This option specifies whether the search
|
||||
functionality is enabled (value: <TT>true</TT>) or disabled
|
||||
(value: <TT>false</TT>). If disabled, the option <TT>hosts</TT> will be
|
||||
@ -2557,7 +2468,7 @@ Options:
|
||||
<DL CLASS="description" COMPACT=compact><DT CLASS="dt-description">
|
||||
<B><TT>iqdisc</TT></B><DD CLASS="dd-description"> This specifies
|
||||
the processing discipline for Software Version (<TT>jabber:iq:version</TT>) IQ queries
|
||||
(see section <A HREF="#sec:modiqdiscoption">A.2.1</A>).
|
||||
(see section <A HREF="#sec:modiqdiscoption">??</A>).
|
||||
</DL>
|
||||
<!--TOC section Internationalization and Localization-->
|
||||
|
||||
@ -2566,7 +2477,7 @@ the processing discipline for Software Version (<TT>jabber:iq:version</TT>) IQ q
|
||||
<A NAME="sec:i18nl10n"></A>
|
||||
|
||||
All built-in modules support the <TT>xml:lang</TT> attribute inside IQ queries.
|
||||
Figure <A HREF="#fig:discorus">2</A>, for example, shows the reply to the following query:
|
||||
Figure <A HREF="#fig:discorus">??</A>, for example, shows the reply to the following query:
|
||||
<PRE CLASS="verbatim">
|
||||
<iq id='5'
|
||||
to='example.org'
|
||||
@ -2588,7 +2499,7 @@ Figure <A HREF="#fig:discorus">2</A>, for example, shows the reply to the f
|
||||
<A NAME="fig:discorus"></A>
|
||||
<DIV CLASS="center"><HR WIDTH="80%" SIZE=2></DIV></DIV></BLOCKQUOTE>
|
||||
The web interface also supports the <CODE>Accept-Language</CODE> HTTP header (compare
|
||||
figure <A HREF="#fig:webadmmainru">3</A> with figure <A HREF="#fig:webadmmain">1</A>)
|
||||
figure <A HREF="#fig:webadmmainru">??</A> with figure <A HREF="#fig:webadmmain">??</A>)
|
||||
<BLOCKQUOTE CLASS="figure"><DIV CLASS="center"><DIV CLASS="center"><HR WIDTH="80%" SIZE=2></DIV>
|
||||
|
||||
<IMG SRC="webadmmainru.png">
|
||||
@ -3138,7 +3049,7 @@ END
|
||||
|
||||
This release fix a security issue introduced in ejabberd 1.1.0. In SASL
|
||||
mode, anonymous login was enabled as a default. Upgrading ejabberd 1.1.0 to
|
||||
ejabberd 1.1.1 is highly recommanded.
|
||||
ejabberd 1.1.1 is highly recommended.
|
||||
|
||||
ejabberd can be downloaded from the Process-one website:
|
||||
http://www.process-one.net/en/projects/ejabberd/
|
||||
|
@ -526,9 +526,9 @@ Currently next modules are implemented:
|
||||
\begin{tabular}{|l|l|p{87mm}|}
|
||||
\hline \texttt{ejabberd\_c2s}& Description& Handles c2s connections.\\
|
||||
\cline{2-3} & Options& \texttt{access}, \texttt{certfile}, \texttt{inet6},
|
||||
\texttt{ip}, \texttt{max\_stanza\_size}, \texttt{shaper}, \texttt{ssl},
|
||||
\texttt{tls}, \texttt{starttls}, \texttt{starttls\_required},
|
||||
\texttt{zlib}\\
|
||||
\texttt{ip}, \texttt{max\_stanza\_size}, \texttt{max\_user\_sessions},
|
||||
\texttt{shaper}, \texttt{ssl}, \texttt{tls}, \texttt{starttls},
|
||||
\texttt{starttls\_required}, \texttt{zlib}\\
|
||||
\hline \texttt{ejabberd\_s2s\_in}& Description& Handles incoming s2s
|
||||
connections.\\
|
||||
\cline{2-3} & Options& \texttt{inet6}, \texttt{ip},
|
||||
@ -574,6 +574,16 @@ The following options are available:
|
||||
option specifies an approximate maximal size in bytes of XML stanzas.
|
||||
For example \verb|{max\_stanza\_size, 65536}|. The default value
|
||||
is ``\term{infinity}''.
|
||||
|
||||
\titem{\{max\_user\_sessions, Max\}} \ind{options!max\_user\_sessions}This
|
||||
option specifies the maximum number of sessions (authenticated
|
||||
connections) per user. If a user tries to open more than the maximum
|
||||
number of allowed sessions, with different resources, the first opened
|
||||
session will be disconnected. The error ``\term{session replaced}'' is
|
||||
send to the disconnected session. This value is either a number or
|
||||
\term{infinity}. For example \verb|{max\_user\_sessions, 10}|. The
|
||||
default value is \term{10}.
|
||||
|
||||
\titem{\{shaper, <access rule>\}} \ind{options!shaper}This option defines a
|
||||
shaper for the port (see section~\ref{sec:configshaper}). The default value
|
||||
is ``\term{none}''.
|
||||
|
@ -114,6 +114,7 @@
|
||||
{listen,
|
||||
[{5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper},
|
||||
{max_stanza_size, 65536},
|
||||
{max_user_sessions, 10},
|
||||
starttls, {certfile, "./ssl.pem"}]},
|
||||
{5223, ejabberd_c2s, [{access, c2s},
|
||||
{max_stanza_size, 65536},
|
||||
|
@ -42,6 +42,9 @@
|
||||
-record(session, {sid, usr, us, priority}).
|
||||
-record(state, {}).
|
||||
|
||||
%% default value for the maximum number of user connections
|
||||
-define(MAX_USER_SESSIONS, 10).
|
||||
|
||||
%%====================================================================
|
||||
%% API
|
||||
%%====================================================================
|
||||
@ -63,6 +66,7 @@ route(From, To, Packet) ->
|
||||
|
||||
open_session(SID, User, Server, Resource) ->
|
||||
set_session(SID, User, Server, Resource, undefined),
|
||||
check_for_sessions_to_replace(User, Server, Resource),
|
||||
JID = jlib:make_jid(User, Server, Resource),
|
||||
ejabberd_hooks:run(sm_register_connection_hook, JID#jid.lserver,
|
||||
[SID, JID]).
|
||||
@ -177,6 +181,7 @@ init([]) ->
|
||||
{"connected-users-number", "print a number of established sessions"},
|
||||
{"user-resources user server", "print user's connected resources"}],
|
||||
?MODULE, ctl_process),
|
||||
|
||||
{ok, #state{}}.
|
||||
|
||||
%%--------------------------------------------------------------------
|
||||
@ -270,23 +275,7 @@ set_session(SID, User, Server, Resource, Priority) ->
|
||||
us = US,
|
||||
priority = Priority})
|
||||
end,
|
||||
mnesia:sync_dirty(F),
|
||||
SIDs = mnesia:dirty_select(
|
||||
session,
|
||||
[{#session{sid = '$1', usr = USR, _ = '_'}, [], ['$1']}]),
|
||||
if
|
||||
SIDs == [] ->
|
||||
ok;
|
||||
true ->
|
||||
MaxSID = lists:max(SIDs),
|
||||
lists:foreach(
|
||||
fun({_, Pid} = S) when S /= MaxSID ->
|
||||
Pid ! replaced;
|
||||
(_) ->
|
||||
ok
|
||||
end, SIDs)
|
||||
end.
|
||||
|
||||
mnesia:sync_dirty(F).
|
||||
|
||||
clean_table_from_bad_node(Node) ->
|
||||
F = fun() ->
|
||||
@ -509,6 +498,69 @@ get_user_present_resources(LUser, LServer) ->
|
||||
S <- clean_session_list(Ss), is_integer(S#session.priority)]
|
||||
end.
|
||||
|
||||
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||
|
||||
%% On new session, check if some existing connections need to be replace
|
||||
check_for_sessions_to_replace(User, Server, Resource) ->
|
||||
LUser = jlib:nodeprep(User),
|
||||
LServer = jlib:nameprep(Server),
|
||||
LResource = jlib:resourceprep(Resource),
|
||||
|
||||
%% TODO: Depending on how this is executed, there could be an unneeded
|
||||
%% replacement for max_sessions. We need to check this at some point.
|
||||
check_existing_resources(LUser, LServer, LResource),
|
||||
check_max_sessions(LUser, LServer).
|
||||
|
||||
check_existing_resources(LUser, LServer, LResource) ->
|
||||
USR = {LUser, LServer, LResource},
|
||||
%% A connection exist with the same resource. We replace it:
|
||||
SIDs = mnesia:dirty_select(
|
||||
session,
|
||||
[{#session{sid = '$1', usr = USR, _ = '_'}, [], ['$1']}]),
|
||||
if
|
||||
SIDs == [] -> ok;
|
||||
true ->
|
||||
MaxSID = lists:max(SIDs),
|
||||
lists:foreach(
|
||||
fun({_, Pid} = S) when S /= MaxSID ->
|
||||
Pid ! replaced;
|
||||
(_) -> ok
|
||||
end, SIDs)
|
||||
end.
|
||||
|
||||
check_max_sessions(LUser, LServer) ->
|
||||
%% If the max number of sessions for a given is reached, we replace the
|
||||
%% first one
|
||||
SIDs = mnesia:dirty_select(
|
||||
session,
|
||||
[{#session{sid = '$1', usr = {LUser, LServer, '_'}, _ = '_'}, [], ['$1']}]),
|
||||
MaxSessions = get_max_user_sessions(),
|
||||
if length(SIDs) =< MaxSessions -> ok;
|
||||
true -> {_, Pid} = lists:min(SIDs),
|
||||
Pid ! replaced
|
||||
end.
|
||||
|
||||
|
||||
%% Get the user_max_session setting
|
||||
%% This option defines the max number of time a given users are allowed to
|
||||
%% log in
|
||||
%% This option is only used on c2s connections
|
||||
%% Defaults to 10
|
||||
%% Can be set to infinity
|
||||
get_max_user_sessions() ->
|
||||
case ejabberd_config:get_local_option(listen) of
|
||||
undefined -> ?MAX_USER_SESSIONS;
|
||||
Listeners ->
|
||||
case lists:keysearch(ejabberd_c2s, 2, Listeners) of
|
||||
{value, {_Port, _Method, Opts}} ->
|
||||
case lists:keysearch(max_user_sessions, 1, Opts) of
|
||||
{value, {_, Max}} -> Max;
|
||||
_ -> ?MAX_USER_SESSIONS
|
||||
end;
|
||||
_ -> ?MAX_USER_SESSIONS
|
||||
end
|
||||
end.
|
||||
|
||||
|
||||
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user