mirror of
https://github.com/processone/ejabberd.git
synced 2024-11-28 16:34:13 +01:00
* doc/guide.tex: Updated
* src/ejabberd.cfg: Added "register" rule, added some comments, this file renamed to ejabberd.cfg.example * src/mod_register.erl (try_register): Fixed error reply, added check for "register" access rule * src/stringprep/Makefile.win32: Added Makefile for Win32 (thanks to Sergei Golovan) SVN Revision: 148
This commit is contained in:
parent
4b48617a2d
commit
146d464f96
13
ChangeLog
13
ChangeLog
@ -1,5 +1,18 @@
|
|||||||
|
2003-10-11 Alexey Shchepin <alexey@sevcom.net>
|
||||||
|
|
||||||
|
* doc/guide.tex: Updated
|
||||||
|
|
||||||
|
* src/ejabberd.cfg: Added "register" rule, added some comments,
|
||||||
|
this file renamed to ejabberd.cfg.example
|
||||||
|
|
||||||
|
* src/mod_register.erl (try_register): Fixed error reply, added
|
||||||
|
check for "register" access rule
|
||||||
|
|
||||||
2003-10-10 Alexey Shchepin <alexey@sevcom.net>
|
2003-10-10 Alexey Shchepin <alexey@sevcom.net>
|
||||||
|
|
||||||
|
* src/stringprep/Makefile.win32: Added Makefile for Win32 (thanks
|
||||||
|
to Sergei Golovan)
|
||||||
|
|
||||||
* src/stringprep/stringprep_drv.c: Removed needless iconv.h
|
* src/stringprep/stringprep_drv.c: Removed needless iconv.h
|
||||||
include
|
include
|
||||||
|
|
||||||
|
@ -695,13 +695,14 @@ these queries. Possible values are:
|
|||||||
be processed until finished this. Hence this discipline is not recommended
|
be processed until finished this. Hence this discipline is not recommended
|
||||||
if processing of query can take relative many time.
|
if processing of query can take relative many time.
|
||||||
<DT><B><TT>one_queue</TT></B><DD> In this case created separate queue for processing
|
<DT><B><TT>one_queue</TT></B><DD> In this case created separate queue for processing
|
||||||
IQ queries of namespace with this discipline, and processing of this queue
|
of IQ queries of namespace with this discipline, and processing of this queue
|
||||||
done in parallel with processing of other packets. This discipline is most
|
is done in parallel with processing of other packets. This discipline is most
|
||||||
recommended.
|
recommended.
|
||||||
<DT><B><TT>parallel</TT></B><DD> In this case for all packets with this discipline
|
<DT><B><TT>parallel</TT></B><DD> In this case for all packets with this discipline
|
||||||
spawned separate Erlang process, so all these packets processed in parallel.
|
spawned separate Erlang process, so all these packets processed in parallel.
|
||||||
Although spawning of Erlang process have relative low cost, this can broke
|
Although spawning of Erlang process have relatively low cost, this can broke
|
||||||
server normal work, because Erlang have limit of 32000 processes.
|
server normal work, because Erlang emulator have limit on number of processes
|
||||||
|
(32000 by default).
|
||||||
</DL>
|
</DL>
|
||||||
Example:
|
Example:
|
||||||
<PRE>
|
<PRE>
|
||||||
@ -731,6 +732,33 @@ Example:
|
|||||||
<H3><A NAME="htoc35">A.2</A> <TT>mod_register</TT></H3><!--SEC END -->
|
<H3><A NAME="htoc35">A.2</A> <TT>mod_register</TT></H3><!--SEC END -->
|
||||||
|
|
||||||
<A NAME="sec:modregister"></A>
|
<A NAME="sec:modregister"></A>
|
||||||
|
This module adds support for
|
||||||
|
<A HREF="http://www.jabber.org/jeps/jep-0077.html">JEP-0077</A> (In-Band
|
||||||
|
Registration). There is possible to restrict registration via ``register''
|
||||||
|
access rule. If this rule returns ``deny'' on requested user name, then
|
||||||
|
registration is not allowed for it.<BR>
|
||||||
|
<BR>
|
||||||
|
Options:
|
||||||
|
<DL COMPACT=compact><DT>
|
||||||
|
<B><TT>iqdisc</TT></B><DD> <TT>jabber:iq:register</TT> IQ queries processing
|
||||||
|
discipline.
|
||||||
|
</DL>
|
||||||
|
Example:
|
||||||
|
<PRE>
|
||||||
|
% Deny registration for users with too short name
|
||||||
|
{acl, shortname, {user_glob, "?"}}.
|
||||||
|
{acl, shortname, {user_glob, "??"}}.
|
||||||
|
% Another variant: {acl, shortname, {user_regexp, "^..?$"}}.
|
||||||
|
|
||||||
|
{access, register, [{deny, shortname},
|
||||||
|
{allow, all}]}.
|
||||||
|
|
||||||
|
{modules, [
|
||||||
|
...
|
||||||
|
{mod_register, []},
|
||||||
|
...
|
||||||
|
]}.
|
||||||
|
</PRE>
|
||||||
<!--TOC subsection <TT>mod_roster</TT>-->
|
<!--TOC subsection <TT>mod_roster</TT>-->
|
||||||
|
|
||||||
<H3><A NAME="htoc36">A.3</A> <TT>mod_roster</TT></H3><!--SEC END -->
|
<H3><A NAME="htoc36">A.3</A> <TT>mod_roster</TT></H3><!--SEC END -->
|
||||||
@ -772,7 +800,8 @@ Example:
|
|||||||
|
|
||||||
<A NAME="sec:modstats"></A>
|
<A NAME="sec:modstats"></A>
|
||||||
This module adds support for
|
This module adds support for
|
||||||
<A HREF="http://www.jabber.org/jeps/jep-0039.html">JEP-0039</A> (Statistics Gathering).<BR>
|
<A HREF="http://www.jabber.org/jeps/jep-0039.html">JEP-0039</A> (Statistics
|
||||||
|
Gathering).<BR>
|
||||||
<BR>
|
<BR>
|
||||||
Options:
|
Options:
|
||||||
<DL COMPACT=compact><DT>
|
<DL COMPACT=compact><DT>
|
||||||
|
@ -658,13 +658,14 @@ these queries. Possible values are:
|
|||||||
be processed until finished this. Hence this discipline is not recommended
|
be processed until finished this. Hence this discipline is not recommended
|
||||||
if processing of query can take relative many time.
|
if processing of query can take relative many time.
|
||||||
\item[\texttt{one\_queue}] In this case created separate queue for processing
|
\item[\texttt{one\_queue}] In this case created separate queue for processing
|
||||||
IQ queries of namespace with this discipline, and processing of this queue
|
of IQ queries of namespace with this discipline, and processing of this queue
|
||||||
done in parallel with processing of other packets. This discipline is most
|
is done in parallel with processing of other packets. This discipline is most
|
||||||
recommended.
|
recommended.
|
||||||
\item[\texttt{parallel}] In this case for all packets with this discipline
|
\item[\texttt{parallel}] In this case for all packets with this discipline
|
||||||
spawned separate Erlang process, so all these packets processed in parallel.
|
spawned separate Erlang process, so all these packets processed in parallel.
|
||||||
Although spawning of Erlang process have relative low cost, this can broke
|
Although spawning of Erlang process have relatively low cost, this can broke
|
||||||
server normal work, because Erlang have limit of 32000 processes.
|
server normal work, because Erlang emulator have limit on number of processes
|
||||||
|
(32000 by default).
|
||||||
\end{description}
|
\end{description}
|
||||||
|
|
||||||
Example:
|
Example:
|
||||||
@ -696,6 +697,36 @@ Example:
|
|||||||
\subsection{\modregister{}}
|
\subsection{\modregister{}}
|
||||||
\label{sec:modregister}
|
\label{sec:modregister}
|
||||||
|
|
||||||
|
This module adds support for
|
||||||
|
\footahref{http://www.jabber.org/jeps/jep-0077.html}{JEP-0077} (In-Band
|
||||||
|
Registration). There is possible to restrict registration via ``register''
|
||||||
|
access rule. If this rule returns ``deny'' on requested user name, then
|
||||||
|
registration is not allowed for it.
|
||||||
|
|
||||||
|
Options:
|
||||||
|
\begin{description}
|
||||||
|
\item[\texttt{iqdisc}] \ns{jabber:iq:register} IQ queries processing
|
||||||
|
discipline.
|
||||||
|
\end{description}
|
||||||
|
|
||||||
|
Example:
|
||||||
|
\begin{verbatim}
|
||||||
|
% Deny registration for users with too short name
|
||||||
|
{acl, shortname, {user_glob, "?"}}.
|
||||||
|
{acl, shortname, {user_glob, "??"}}.
|
||||||
|
% Another variant: {acl, shortname, {user_regexp, "^..?$"}}.
|
||||||
|
|
||||||
|
{access, register, [{deny, shortname},
|
||||||
|
{allow, all}]}.
|
||||||
|
|
||||||
|
{modules, [
|
||||||
|
...
|
||||||
|
{mod_register, []},
|
||||||
|
...
|
||||||
|
]}.
|
||||||
|
\end{verbatim}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
\subsection{\modroster{}}
|
\subsection{\modroster{}}
|
||||||
@ -738,7 +769,8 @@ Example:
|
|||||||
\label{sec:modstats}
|
\label{sec:modstats}
|
||||||
|
|
||||||
This module adds support for
|
This module adds support for
|
||||||
\footahref{http://www.jabber.org/jeps/jep-0039.html}{JEP-0039} (Statistics Gathering).
|
\footahref{http://www.jabber.org/jeps/jep-0039.html}{JEP-0039} (Statistics
|
||||||
|
Gathering).
|
||||||
|
|
||||||
Options:
|
Options:
|
||||||
\begin{description}
|
\begin{description}
|
||||||
|
@ -2,45 +2,51 @@
|
|||||||
|
|
||||||
%override_acls.
|
%override_acls.
|
||||||
|
|
||||||
{acl, admin, {user, "aleksey"}}.
|
|
||||||
{acl, admin, {user, "ermine"}}.
|
|
||||||
{acl, admin, {user, "test"}}.
|
|
||||||
{acl, admin, {user, "aleksey", "jabber.ru"}}.
|
|
||||||
{acl, admin, {user, "ermine", "jabber.ru"}}.
|
|
||||||
|
|
||||||
|
% Users that have admin access. Add line like one of the following after you
|
||||||
|
% will be successfully registered on server to get admin access:
|
||||||
|
%{acl, admin, {user, "aleksey"}}.
|
||||||
|
%{acl, admin, {user, "ermine"}}.
|
||||||
|
|
||||||
{acl, blocked, {user, "test2"}}.
|
% Blocked users:
|
||||||
|
%{acl, blocked, {user, "test"}}.
|
||||||
{acl, jabberorg, {server, "jabber.org"}}.
|
|
||||||
{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
|
|
||||||
|
|
||||||
|
% Another examples of ACLs:
|
||||||
|
%{acl, jabberorg, {server, "jabber.org"}}.
|
||||||
|
%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
|
||||||
%{acl, test, {user_regexp, "^test"}}.
|
%{acl, test, {user_regexp, "^test"}}.
|
||||||
%{acl, test2, {user_glob, "test*"}}.
|
%{acl, test, {user_glob, "test*"}}.
|
||||||
|
|
||||||
|
|
||||||
{shaper, normal, {maxrate, 1000}}.
|
% Only admins can use configuration interface:
|
||||||
|
|
||||||
|
|
||||||
{access, disco_admin, [{allow, admin},
|
|
||||||
{deny, all}]}.
|
|
||||||
|
|
||||||
{access, configure, [{allow, admin}]}.
|
{access, configure, [{allow, admin}]}.
|
||||||
|
|
||||||
|
% Every username can be registered via in-band registration:
|
||||||
|
{access, register, [{allow, all}]}.
|
||||||
|
|
||||||
|
|
||||||
|
% Only non-blocked users can use c2s connections:
|
||||||
{access, c2s, [{deny, blocked},
|
{access, c2s, [{deny, blocked},
|
||||||
{allow, all}]}.
|
{allow, all}]}.
|
||||||
|
|
||||||
|
% Set shaper with name "normal" to limit traffic speed to 1000B/s
|
||||||
|
{shaper, normal, {maxrate, 1000}}.
|
||||||
|
|
||||||
|
% For all users except admins used "normal" shaper
|
||||||
{access, c2s_shaper, [{none, admin},
|
{access, c2s_shaper, [{none, admin},
|
||||||
{normal, all}]}.
|
{normal, all}]}.
|
||||||
|
|
||||||
|
% Admins of this server are also admins of MUC service:
|
||||||
{access, muc_admin, [{allow, admin}]}.
|
{access, muc_admin, [{allow, admin}]}.
|
||||||
|
|
||||||
|
% Host name:
|
||||||
|
{host, "localhost"}.
|
||||||
|
|
||||||
{host, "e.localhost"}.
|
|
||||||
|
|
||||||
{listen, [{5522, ejabberd_c2s, [{access, c2s},
|
% Listened ports:
|
||||||
|
{listen, [{5222, ejabberd_c2s, [{access, c2s},
|
||||||
{shaper, c2s_shaper}]},
|
{shaper, c2s_shaper}]},
|
||||||
{5523, ejabberd_c2s, [{access, c2s},
|
{5223, ejabberd_c2s, [{access, c2s},
|
||||||
{ssl, [{certfile, "./ssl.pem"}]}]},
|
{ssl, [{certfile, "./ssl.pem"}]}]},
|
||||||
{5269, ejabberd_s2s_in, []},
|
{5269, ejabberd_s2s_in, []},
|
||||||
{8888, ejabberd_service, [{host,
|
{8888, ejabberd_service, [{host,
|
||||||
@ -48,9 +54,11 @@
|
|||||||
[{password, "asdqwe"}]}]}
|
[{password, "asdqwe"}]}]}
|
||||||
]}.
|
]}.
|
||||||
|
|
||||||
% This value (5569) is only for debugging, must be 5269
|
% If SRV lookup fails, then port 5269 used to communicate with other servers
|
||||||
{outgoing_s2s_port, 5569}.
|
{outgoing_s2s_port, 5269}.
|
||||||
|
|
||||||
|
|
||||||
|
% Used modules:
|
||||||
{modules, [
|
{modules, [
|
||||||
{mod_register, []},
|
{mod_register, []},
|
||||||
{mod_roster, []},
|
{mod_roster, []},
|
@ -52,7 +52,8 @@ init(Port, Module, Opts) ->
|
|||||||
{ok, ListenSocket} = gen_tcp:listen(Port, [binary,
|
{ok, ListenSocket} = gen_tcp:listen(Port, [binary,
|
||||||
{packet, 0},
|
{packet, 0},
|
||||||
{active, false},
|
{active, false},
|
||||||
{reuseaddr, true}]),
|
{reuseaddr, true},
|
||||||
|
{nodelay, true}]),
|
||||||
accept(ListenSocket, Module, Opts).
|
accept(ListenSocket, Module, Opts).
|
||||||
|
|
||||||
accept(ListenSocket, Module, Opts) ->
|
accept(ListenSocket, Module, Opts) ->
|
||||||
|
34
src/jlib.erl
34
src/jlib.erl
@ -227,25 +227,7 @@ jid_to_string({Node, Server, Resource}) ->
|
|||||||
is_nodename([]) ->
|
is_nodename([]) ->
|
||||||
false;
|
false;
|
||||||
is_nodename(J) ->
|
is_nodename(J) ->
|
||||||
is_nodename1(J).
|
nodeprep(J).
|
||||||
|
|
||||||
is_nodename1([C | J])
|
|
||||||
when (C =< 32) or
|
|
||||||
(C == $") or
|
|
||||||
(C == $&) or
|
|
||||||
(C == $') or
|
|
||||||
(C == $:) or
|
|
||||||
(C == $<) or
|
|
||||||
(C == $>) or
|
|
||||||
(C == $@) or
|
|
||||||
(C == $/) or
|
|
||||||
(C == 127)
|
|
||||||
->
|
|
||||||
false;
|
|
||||||
is_nodename1([C | J]) ->
|
|
||||||
is_nodename1(J);
|
|
||||||
is_nodename1([]) ->
|
|
||||||
true.
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -301,7 +283,19 @@ resourceprep(S) ->
|
|||||||
jid_tolower(#jid{luser = U, lserver = S, lresource = R}) ->
|
jid_tolower(#jid{luser = U, lserver = S, lresource = R}) ->
|
||||||
{U, S, R};
|
{U, S, R};
|
||||||
jid_tolower({U, S, R}) ->
|
jid_tolower({U, S, R}) ->
|
||||||
{tolower(U), tolower(S), R}.
|
case stringprep:nodeprep(U) of
|
||||||
|
error -> error;
|
||||||
|
LUser ->
|
||||||
|
case stringprep:nameprep(S) of
|
||||||
|
error -> error;
|
||||||
|
LServer ->
|
||||||
|
case stringprep:resourceprep(R) of
|
||||||
|
error -> error;
|
||||||
|
LResource ->
|
||||||
|
{LUser, LServer, LResource}
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end.
|
||||||
|
|
||||||
jid_remove_resource(#jid{} = JID) ->
|
jid_remove_resource(#jid{} = JID) ->
|
||||||
JID#jid{resource = "", lresource = ""};
|
JID#jid{resource = "", lresource = ""};
|
||||||
|
@ -116,14 +116,18 @@ try_register(User, Password) ->
|
|||||||
false ->
|
false ->
|
||||||
{error, ?ERR_BAD_REQUEST};
|
{error, ?ERR_BAD_REQUEST};
|
||||||
_ ->
|
_ ->
|
||||||
case ejabberd_auth:try_register(User, Password) of
|
case acl:match_rule(register, jlib:make_jid(User, ?MYNAME, "")) of
|
||||||
{atomic, ok} ->
|
deny ->
|
||||||
ok;
|
{error, ?ERR_CONFLICT};
|
||||||
{atomic, exists} ->
|
allow ->
|
||||||
% TODO: replace to "username unavailable"
|
case ejabberd_auth:try_register(User, Password) of
|
||||||
{error, ?ERR_NOT_ALLOWED};
|
{atomic, ok} ->
|
||||||
{error, Reason} ->
|
ok;
|
||||||
{error, ?ERR_INTERNAL_SERVER_ERROR}
|
{atomic, exists} ->
|
||||||
|
{error, ?ERR_CONFLICT};
|
||||||
|
{error, _Reason} ->
|
||||||
|
{error, ?ERR_INTERNAL_SERVER_ERROR}
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end.
|
end.
|
||||||
|
|
||||||
|
40
src/stringprep/Makefile.win32
Normal file
40
src/stringprep/Makefile.win32
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
|
||||||
|
include ..\Makefile.inc
|
||||||
|
|
||||||
|
OUTDIR = ..
|
||||||
|
EFLAGS = -I .. -pz ..
|
||||||
|
|
||||||
|
ALL : $(OUTDIR)\stringprep_drv.dll $(OUTDIR)\stringprep.beam
|
||||||
|
|
||||||
|
CLEAN :
|
||||||
|
-@erase $(OUTDIR)\stringprep_drv.dll
|
||||||
|
-@erase $(OUTDIR)\stringprep_drv.exp
|
||||||
|
-@erase $(OUTDIR)\stringprep_drv.lib
|
||||||
|
-@erase stringprep_drv.obj
|
||||||
|
-@erase stringprep_drv.pch
|
||||||
|
-@erase vc60.idb
|
||||||
|
-@erase $(OUTDIR)\stringprep.beam
|
||||||
|
|
||||||
|
$(OUTDIR)\stringprep.beam : stringprep.erl
|
||||||
|
erlc -W $(EFLAGS) -o $(OUTDIR) stringprep.erl
|
||||||
|
|
||||||
|
CPP=cl.exe
|
||||||
|
CPP_PROJ=/nologo /ML /W3 /GX /O2 /I "$(ERLANG_DIR)\usr\include" /I "$(EI_DIR)\include" /D "WIN32" /D "NDEBUG" /D "_USRDLL" /D "_MBCS" /Fpstringprep_drv.pch /YX /FD /c
|
||||||
|
|
||||||
|
.c.obj::
|
||||||
|
$(CPP) @<<
|
||||||
|
$(CPP_PROJ) $<
|
||||||
|
<<
|
||||||
|
|
||||||
|
LINK32=link.exe
|
||||||
|
LINK32_FLAGS=kernel32.lib "$(ERLANG_DIR)\usr\lib\erl_dll.lib" "$(EI_DIR)\lib\ei.lib" "$(EI_DIR)\lib\erl_interface.lib" /nologo /subsystem:console /dll /pdb:none /machine:I386 /out:$(OUTDIR)\stringprep_drv.dll
|
||||||
|
|
||||||
|
LINK32_OBJS=stringprep_drv.obj
|
||||||
|
|
||||||
|
$(OUTDIR)\stringprep_drv.dll : $(LINK32_OBJS)
|
||||||
|
$(LINK32) @<<
|
||||||
|
$(LINK32_FLAGS) $(LINK32_OBJS)
|
||||||
|
<<
|
||||||
|
|
||||||
|
stringprep_drv.obj : stringprep_drv.c
|
||||||
|
|
Loading…
Reference in New Issue
Block a user