From 146d464f96228db6e61c3ca9bdff4990fea25343 Mon Sep 17 00:00:00 2001
From: Alexey Shchepin <alexey@process-one.net>
Date: Sat, 11 Oct 2003 17:39:36 +0000
Subject: [PATCH] * doc/guide.tex: Updated

* src/ejabberd.cfg: Added "register" rule, added some comments,
this file renamed to ejabberd.cfg.example

* src/mod_register.erl (try_register): Fixed error reply, added
check for "register" access rule

* src/stringprep/Makefile.win32: Added Makefile for Win32 (thanks
to Sergei Golovan)

SVN Revision: 148
---
 ChangeLog                                  | 13 ++++++
 doc/guide.html                             | 39 ++++++++++++++---
 doc/guide.tex                              | 42 +++++++++++++++---
 src/{ejabberd.cfg => ejabberd.cfg.example} | 50 +++++++++++++---------
 src/ejabberd_listener.erl                  |  3 +-
 src/jlib.erl                               | 34 ++++++---------
 src/mod_register.erl                       | 20 +++++----
 src/stringprep/Makefile.win32              | 40 +++++++++++++++++
 8 files changed, 181 insertions(+), 60 deletions(-)
 rename src/{ejabberd.cfg => ejabberd.cfg.example} (52%)
 create mode 100644 src/stringprep/Makefile.win32

diff --git a/ChangeLog b/ChangeLog
index e166fcd31..610b4307e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,18 @@
+2003-10-11  Alexey Shchepin  <alexey@sevcom.net>
+
+	* doc/guide.tex: Updated
+
+	* src/ejabberd.cfg: Added "register" rule, added some comments,
+	this file renamed to ejabberd.cfg.example
+
+	* src/mod_register.erl (try_register): Fixed error reply, added
+	check for "register" access rule
+
 2003-10-10  Alexey Shchepin  <alexey@sevcom.net>
 
+	* src/stringprep/Makefile.win32: Added Makefile for Win32 (thanks
+	to Sergei Golovan)
+
 	* src/stringprep/stringprep_drv.c: Removed needless iconv.h
 	include
 
diff --git a/doc/guide.html b/doc/guide.html
index b67031a26..1cd15fece 100644
--- a/doc/guide.html
+++ b/doc/guide.html
@@ -695,13 +695,14 @@ these queries. Possible values are:
  be processed until finished this. Hence this discipline is not recommended
  if processing of query can take relative many time.
 <DT><B><TT>one_queue</TT></B><DD> In this case created separate queue for processing
- IQ queries of namespace with this discipline, and processing of this queue
- done in parallel with processing of other packets. This discipline is most
+ of IQ queries of namespace with this discipline, and processing of this queue
+ is done in parallel with processing of other packets. This discipline is most
  recommended.
 <DT><B><TT>parallel</TT></B><DD> In this case for all packets with this discipline
  spawned separate Erlang process, so all these packets processed in parallel.
- Although spawning of Erlang process have relative low cost, this can broke
- server normal work, because Erlang have limit of 32000 processes.
+ Although spawning of Erlang process have relatively low cost, this can broke
+ server normal work, because Erlang emulator have limit on number of processes
+ (32000 by default).
 </DL>
 Example:
 <PRE>
@@ -731,6 +732,33 @@ Example:
 <H3><A NAME="htoc35">A.2</A>&nbsp;&nbsp;<TT>mod_register</TT></H3><!--SEC END -->
 
 <A NAME="sec:modregister"></A>
+This module adds support for
+<A HREF="http://www.jabber.org/jeps/jep-0077.html">JEP-0077</A> (In-Band
+Registration). There is possible to restrict registration via ``register''
+access rule. If this rule returns ``deny'' on requested user name, then
+registration is not allowed for it.<BR>
+<BR>
+Options:
+<DL COMPACT=compact><DT>
+<B><TT>iqdisc</TT></B><DD> <TT>jabber:iq:register</TT> IQ queries processing
+ discipline.
+</DL>
+Example:
+<PRE>
+% Deny registration for users with too short name
+{acl, shortname, {user_glob, "?"}}.
+{acl, shortname, {user_glob, "??"}}.
+% Another variant: {acl, shortname, {user_regexp, "^..?$"}}.
+
+{access, register, [{deny, shortname},
+                    {allow, all}]}.
+
+{modules, [
+           ...
+           {mod_register, []},
+           ...
+          ]}.
+</PRE>
 <!--TOC subsection <TT>mod_roster</TT>-->
 
 <H3><A NAME="htoc36">A.3</A>&nbsp;&nbsp;<TT>mod_roster</TT></H3><!--SEC END -->
@@ -772,7 +800,8 @@ Example:
 
 <A NAME="sec:modstats"></A>
 This module adds support for
-<A HREF="http://www.jabber.org/jeps/jep-0039.html">JEP-0039</A> (Statistics Gathering).<BR>
+<A HREF="http://www.jabber.org/jeps/jep-0039.html">JEP-0039</A> (Statistics
+Gathering).<BR>
 <BR>
 Options:
 <DL COMPACT=compact><DT>
diff --git a/doc/guide.tex b/doc/guide.tex
index e07f93401..53bbdd036 100644
--- a/doc/guide.tex
+++ b/doc/guide.tex
@@ -658,13 +658,14 @@ these queries.  Possible values are:
   be processed until finished this.  Hence this discipline is not recommended
   if processing of query can take relative many time.
 \item[\texttt{one\_queue}] In this case created separate queue for processing
-  IQ queries of namespace with this discipline, and processing of this queue
-  done in parallel with processing of other packets. This discipline is most
+  of IQ queries of namespace with this discipline, and processing of this queue
+  is done in parallel with processing of other packets. This discipline is most
   recommended.
 \item[\texttt{parallel}] In this case for all packets with this discipline
   spawned separate Erlang process, so all these packets processed in parallel.
-  Although spawning of Erlang process have relative low cost, this can broke
-  server normal work, because Erlang have limit of 32000 processes.
+  Although spawning of Erlang process have relatively low cost, this can broke
+  server normal work, because Erlang emulator have limit on number of processes
+  (32000 by default).
 \end{description}
 
 Example:
@@ -696,6 +697,36 @@ Example:
 \subsection{\modregister{}}
 \label{sec:modregister}
 
+This module adds support for
+\footahref{http://www.jabber.org/jeps/jep-0077.html}{JEP-0077} (In-Band
+Registration).  There is possible to restrict registration via ``register''
+access rule.  If this rule returns ``deny'' on requested user name, then
+registration is not allowed for it.
+
+Options:
+\begin{description}
+\item[\texttt{iqdisc}] \ns{jabber:iq:register} IQ queries processing
+  discipline.
+\end{description}
+
+Example:
+\begin{verbatim}
+% Deny registration for users with too short name
+{acl, shortname, {user_glob, "?"}}.
+{acl, shortname, {user_glob, "??"}}.
+% Another variant: {acl, shortname, {user_regexp, "^..?$"}}.
+
+{access, register, [{deny, shortname},
+                    {allow, all}]}.
+
+{modules, [
+           ...
+           {mod_register, []},
+           ...
+          ]}.
+\end{verbatim}
+
+
 
 
 \subsection{\modroster{}}
@@ -738,7 +769,8 @@ Example:
 \label{sec:modstats}
 
 This module adds support for
-\footahref{http://www.jabber.org/jeps/jep-0039.html}{JEP-0039} (Statistics Gathering).
+\footahref{http://www.jabber.org/jeps/jep-0039.html}{JEP-0039} (Statistics
+Gathering).
 
 Options:
 \begin{description}
diff --git a/src/ejabberd.cfg b/src/ejabberd.cfg.example
similarity index 52%
rename from src/ejabberd.cfg
rename to src/ejabberd.cfg.example
index 7c4bf9cd2..2cc561b65 100644
--- a/src/ejabberd.cfg
+++ b/src/ejabberd.cfg.example
@@ -2,45 +2,51 @@
 
 %override_acls.
 
-{acl, admin, {user, "aleksey"}}.
-{acl, admin, {user, "ermine"}}.
-{acl, admin, {user, "test"}}.
-{acl, admin, {user, "aleksey", "jabber.ru"}}.
-{acl, admin, {user, "ermine", "jabber.ru"}}.
 
+% Users that have admin access.  Add line like one of the following after you
+% will be successfully registered on server to get admin access:
+%{acl, admin, {user, "aleksey"}}.
+%{acl, admin, {user, "ermine"}}.
 
-{acl, blocked, {user, "test2"}}.
-
-{acl, jabberorg, {server, "jabber.org"}}.
-{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
+% Blocked users:
+%{acl, blocked, {user, "test"}}.
 
+% Another examples of ACLs:
+%{acl, jabberorg, {server, "jabber.org"}}.
+%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
 %{acl, test,  {user_regexp, "^test"}}.
-%{acl, test2, {user_glob, "test*"}}.
+%{acl, test, {user_glob, "test*"}}.
 
 
-{shaper, normal, {maxrate, 1000}}.
-
-
-{access, disco_admin, [{allow, admin},
-                       {deny, all}]}.
-
+% Only admins can use configuration interface:
 {access, configure, [{allow, admin}]}.
 
+% Every username can be registered via in-band registration:
+{access, register, [{allow, all}]}.
+
+
+% Only non-blocked users can use c2s connections:
 {access, c2s, [{deny, blocked},
 	       {allow, all}]}.
 
+% Set shaper with name "normal" to limit traffic speed to 1000B/s
+{shaper, normal, {maxrate, 1000}}.
 
+% For all users except admins used "normal" shaper
 {access, c2s_shaper, [{none, admin},
 		      {normal, all}]}.
 
+% Admins of this server are also admins of MUC service:
 {access, muc_admin, [{allow, admin}]}.
 
+% Host name:
+{host, "localhost"}.
 
-{host, "e.localhost"}.
 
-{listen, [{5522, ejabberd_c2s,     [{access, c2s},
+% Listened ports:
+{listen, [{5222, ejabberd_c2s,     [{access, c2s},
 				    {shaper, c2s_shaper}]},
-	  {5523, ejabberd_c2s,     [{access, c2s},
+	  {5223, ejabberd_c2s,     [{access, c2s},
 				    {ssl, [{certfile, "./ssl.pem"}]}]},
           {5269, ejabberd_s2s_in,  []},
           {8888, ejabberd_service, [{host,
@@ -48,9 +54,11 @@
 				     [{password, "asdqwe"}]}]}
          ]}.
 
-% This value (5569) is only for debugging, must be 5269
-{outgoing_s2s_port, 5569}.
+% If SRV lookup fails, then port 5269 used to communicate with other servers
+{outgoing_s2s_port, 5269}.
 
+
+% Used modules:
 {modules, [
            {mod_register,  []},
            {mod_roster,    []},
diff --git a/src/ejabberd_listener.erl b/src/ejabberd_listener.erl
index 9de102be0..36dad2e13 100644
--- a/src/ejabberd_listener.erl
+++ b/src/ejabberd_listener.erl
@@ -52,7 +52,8 @@ init(Port, Module, Opts) ->
     {ok, ListenSocket} = gen_tcp:listen(Port, [binary,
 					       {packet, 0}, 
 					       {active, false},
-					       {reuseaddr, true}]),
+					       {reuseaddr, true},
+					       {nodelay, true}]),
     accept(ListenSocket, Module, Opts).
 
 accept(ListenSocket, Module, Opts) ->
diff --git a/src/jlib.erl b/src/jlib.erl
index ced408945..839d6739c 100644
--- a/src/jlib.erl
+++ b/src/jlib.erl
@@ -227,25 +227,7 @@ jid_to_string({Node, Server, Resource}) ->
 is_nodename([]) ->
     false;
 is_nodename(J) ->
-    is_nodename1(J).
-
-is_nodename1([C | J])
-  when (C =< 32) or
-       (C == $") or
-       (C == $&) or
-       (C == $') or
-       (C == $:) or
-       (C == $<) or
-       (C == $>) or
-       (C == $@) or
-       (C == $/) or
-       (C == 127)
-       ->
-    false;
-is_nodename1([C | J]) ->
-    is_nodename1(J);
-is_nodename1([]) ->
-    true.
+    nodeprep(J).
 
 
 
@@ -301,7 +283,19 @@ resourceprep(S) ->
 jid_tolower(#jid{luser = U, lserver = S, lresource = R}) ->
     {U, S, R};
 jid_tolower({U, S, R}) ->
-    {tolower(U), tolower(S), R}.
+    case stringprep:nodeprep(U) of
+	error -> error;
+	LUser ->
+	    case stringprep:nameprep(S) of
+		error -> error;
+		LServer ->
+		    case stringprep:resourceprep(R) of
+			error -> error;
+			LResource ->
+			    {LUser, LServer, LResource}
+		    end
+	    end
+    end.
 
 jid_remove_resource(#jid{} = JID) ->
     JID#jid{resource = "", lresource = ""};
diff --git a/src/mod_register.erl b/src/mod_register.erl
index b480dace9..9bf89f05e 100644
--- a/src/mod_register.erl
+++ b/src/mod_register.erl
@@ -116,14 +116,18 @@ try_register(User, Password) ->
 	false ->
 	    {error, ?ERR_BAD_REQUEST};
 	_ ->
-	    case ejabberd_auth:try_register(User, Password) of
-		{atomic, ok} ->
-		    ok;
-		{atomic, exists} ->
-		    % TODO: replace to "username unavailable"
-		    {error, ?ERR_NOT_ALLOWED};
-		{error, Reason} ->
-		    {error, ?ERR_INTERNAL_SERVER_ERROR}
+	    case acl:match_rule(register, jlib:make_jid(User, ?MYNAME, "")) of
+		deny ->
+		    {error, ?ERR_CONFLICT};
+		allow ->
+		    case ejabberd_auth:try_register(User, Password) of
+			{atomic, ok} ->
+			    ok;
+			{atomic, exists} ->
+			    {error, ?ERR_CONFLICT};
+			{error, _Reason} ->
+			    {error, ?ERR_INTERNAL_SERVER_ERROR}
+		    end
 	    end
     end.
 
diff --git a/src/stringprep/Makefile.win32 b/src/stringprep/Makefile.win32
new file mode 100644
index 000000000..5339e3d2e
--- /dev/null
+++ b/src/stringprep/Makefile.win32
@@ -0,0 +1,40 @@
+
+include ..\Makefile.inc
+
+OUTDIR = ..
+EFLAGS = -I .. -pz ..
+
+ALL : $(OUTDIR)\stringprep_drv.dll $(OUTDIR)\stringprep.beam
+
+CLEAN :
+	-@erase $(OUTDIR)\stringprep_drv.dll
+	-@erase $(OUTDIR)\stringprep_drv.exp
+	-@erase $(OUTDIR)\stringprep_drv.lib
+	-@erase stringprep_drv.obj
+	-@erase stringprep_drv.pch
+	-@erase vc60.idb
+	-@erase $(OUTDIR)\stringprep.beam
+
+$(OUTDIR)\stringprep.beam : stringprep.erl
+	erlc -W $(EFLAGS) -o $(OUTDIR) stringprep.erl
+
+CPP=cl.exe
+CPP_PROJ=/nologo /ML /W3 /GX /O2 /I "$(ERLANG_DIR)\usr\include" /I "$(EI_DIR)\include" /D "WIN32" /D "NDEBUG" /D "_USRDLL" /D "_MBCS" /Fpstringprep_drv.pch /YX /FD /c 
+
+.c.obj::
+    $(CPP) @<<
+    $(CPP_PROJ) $< 
+<<
+
+LINK32=link.exe
+LINK32_FLAGS=kernel32.lib "$(ERLANG_DIR)\usr\lib\erl_dll.lib" "$(EI_DIR)\lib\ei.lib" "$(EI_DIR)\lib\erl_interface.lib" /nologo /subsystem:console /dll /pdb:none /machine:I386 /out:$(OUTDIR)\stringprep_drv.dll
+
+LINK32_OBJS=stringprep_drv.obj
+
+$(OUTDIR)\stringprep_drv.dll : $(LINK32_OBJS)
+    $(LINK32) @<<
+    $(LINK32_FLAGS) $(LINK32_OBJS)
+<<
+
+stringprep_drv.obj : stringprep_drv.c
+