25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-10-15 15:19:20 +02:00

* src/ejabberd_c2s.erl: Init shaper with a default value first

after stream opening

* src/ejabberd_c2s.erl: Log failed SASL login attempts
* src/cyrsasl.erl: Updated API
* src/cyrsasl_plain.erl: Likewise
* src/cyrsasl_digest.erl: Likewise

SVN Revision: 735
This commit is contained in:
Alexey Shchepin 2007-02-19 23:35:42 +00:00
parent aa68cff85e
commit 379b0d9e54
5 changed files with 58 additions and 22 deletions

View File

@ -1,33 +1,46 @@
2007-02-20 Alexey Shchepin <alexey@sevcom.net>
* src/ejabberd_c2s.erl: Init shaper with a default value first
after stream opening
* src/ejabberd_c2s.erl: Log failed SASL login attempts
* src/cyrsasl.erl: Updated API
* src/cyrsasl_plain.erl: Likewise
* src/cyrsasl_digest.erl: Likewise
2007-02-19 Mickael Remond <mickael.remond@process-one.net>
* src/mod_muc/mod_muc_room.erl: Added an option set affiliations.
* doc/api/*: Added Erlang documentation generation script (EJAB-188).
* doc/api/*: Added Erlang documentation generation script
(EJAB-188).
* doc/version.tex: Updated.
* src/ejabberd.app: Updated.
* src/odbc/pg.sql: last table, state column cannot be NULL (EJAB-191).
* src/odbc/pg.sql: last table, state column cannot be NULL
(EJAB-191).
* src/odbc/mysql.sql: likewise.
* src/odbc/mssql.sql. likewise.
* src/odbc/mssql.sql: likewise.
* src/ejabberd_auth_ldap.erl: prevent anonymous bind on LDAP servers
as ejabberd is providing other anonymous authentication mechanism
* src/ejabberd_auth_ldap.erl: prevent anonymous bind on LDAP
servers as ejabberd is providing other anonymous authentication
mechanism
(EJAB-190).
* src/cyrsasl_plain.erl: bad-auth error code replaced by not-authorized
(EJAB-187).
* src/cyrsasl_plain.erl: bad-auth error code replaced by
not-authorized (EJAB-187).
* src/aclocal.m4: configure --with-erlang option is now working (Thanks
to Jerome Sautret) (EJAB-186).
* src/aclocal.m4: configure --with-erlang option is now working
(Thanks to Jerome Sautret) (EJAB-186).
* src/mod_muc/mod_muc_log.erl: Spam prevention: The default behaviour
is now to use the nofollow rel attributes for links that are submitted
by users (EJAB-185).
* src/mod_muc/mod_muc_log.erl: Spam prevention: The default
behaviour is now to use the nofollow rel attributes for links that
are submitted by users (EJAB-185).
* doc/guide.tex: Likewise.
* src/mod_muc/mod_muc_room.erl: API improvement: Implementation of an
event to destroy MUC room from an external application (Thanks to
Massimiliano Mirra) (EJAB-184).
* src/mod_muc/mod_muc_room.erl: API improvement: Implementation of
an event to destroy MUC room from an external application (Thanks
to Massimiliano Mirra) (EJAB-184).
2007-02-18 Alexey Shchepin <alexey@sevcom.net>
@ -119,16 +132,16 @@
2007-01-11 Mickael Remond <mickael.remond@process-one.net>
* doc/guide.tex: Latex / Hevea related improvements for documentation
generation (thanks to Sander Devrieze).
* doc/guide.tex: Latex / Hevea related improvements for
documentation generation (thanks to Sander Devrieze).
* doc/introduction.tex: Likewise.
* doc/dev.tex: Likewise.
* doc/features.tex: Likewise.
2007-01-08 Christophe Romain <christophe.romain@process-one.net>
* src/mod_pubsub/mod_pubsub.erl: add presence_based_delivery cluster
support
* src/mod_pubsub/mod_pubsub.erl: add presence_based_delivery
cluster support
2007-01-05 Alexey Shchepin <alexey@sevcom.net>

View File

@ -136,6 +136,8 @@ server_step(State, ClientIn) ->
{continue, ServerOut, NewMechState} ->
{continue, ServerOut,
State#sasl_state{mech_state = NewMechState}};
{error, Error, Username} ->
{error, Error, Username};
{error, Error} ->
{error, Error}
end.

View File

@ -44,7 +44,7 @@ mech_step(#state{step = 3, nonce = Nonce} = State, ClientIn) ->
AuthzId = xml:get_attr_s("authzid", KeyVals),
case (State#state.get_password)(UserName) of
false ->
{error, "not-authorized"};
{error, "not-authorized", UserName};
Passwd ->
Response = response(KeyVals, UserName, Passwd,
Nonce, AuthzId, "AUTHENTICATE"),
@ -59,7 +59,7 @@ mech_step(#state{step = 3, nonce = Nonce} = State, ClientIn) ->
username = UserName,
authzid = AuthzId}};
_ ->
{error, "not-authorized"}
{error, "not-authorized", UserName}
end
end
end;

View File

@ -33,7 +33,7 @@ mech_step(State, ClientIn) ->
true ->
{ok, [{username, User}, {authzid, AuthzId}]};
_ ->
{error, "not-authorized"}
{error, "not-authorized", User}
end;
_ ->
{error, "bad-protocol"}

View File

@ -174,6 +174,7 @@ wait_for_stream({xmlstreamstart, _Name, Attrs}, StateData) ->
case lists:member(Server, ?MYHOSTS) of
true ->
Lang = xml:get_attr_s("xml:lang", Attrs),
change_shaper(StateData, jlib:make_jid("", Server, "")),
case xml:get_attr_s("version", Attrs) of
"1.0" ->
Header = io_lib:format(?STREAM_HEADER,
@ -493,6 +494,16 @@ wait_for_feature_request({xmlstreamelement, El}, StateData) ->
jlib:encode_base64(ServerOut)}]}),
{next_state, wait_for_sasl_response,
StateData#state{sasl_state = NewSASLState}};
{error, Error, Username} ->
?INFO_MSG(
"(~w) Failed authentication for ~s@~s",
[StateData#state.socket,
Username, StateData#state.server]),
send_element(StateData,
{xmlelement, "failure",
[{"xmlns", ?NS_SASL}],
[{xmlelement, Error, [], []}]}),
{next_state, wait_for_feature_request, StateData};
{error, Error} ->
send_element(StateData,
{xmlelement, "failure",
@ -609,6 +620,16 @@ wait_for_sasl_response({xmlstreamelement, El}, StateData) ->
jlib:encode_base64(ServerOut)}]}),
{next_state, wait_for_sasl_response,
StateData#state{sasl_state = NewSASLState}};
{error, Error, Username} ->
?INFO_MSG(
"(~w) Failed authentication for ~s@~s",
[StateData#state.socket,
Username, StateData#state.server]),
send_element(StateData,
{xmlelement, "failure",
[{"xmlns", ?NS_SASL}],
[{xmlelement, Error, [], []}]}),
{next_state, wait_for_feature_request, StateData};
{error, Error} ->
send_element(StateData,
{xmlelement, "failure",