25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-24 16:23:40 +01:00

* src/ejabberd_c2s.erl: Init shaper with a default value first

after stream opening

* src/ejabberd_c2s.erl: Log failed SASL login attempts
* src/cyrsasl.erl: Updated API
* src/cyrsasl_plain.erl: Likewise
* src/cyrsasl_digest.erl: Likewise

SVN Revision: 735
This commit is contained in:
Alexey Shchepin 2007-02-19 23:35:42 +00:00
parent aa68cff85e
commit 379b0d9e54
5 changed files with 58 additions and 22 deletions

View File

@ -1,33 +1,46 @@
2007-02-20 Alexey Shchepin <alexey@sevcom.net>
* src/ejabberd_c2s.erl: Init shaper with a default value first
after stream opening
* src/ejabberd_c2s.erl: Log failed SASL login attempts
* src/cyrsasl.erl: Updated API
* src/cyrsasl_plain.erl: Likewise
* src/cyrsasl_digest.erl: Likewise
2007-02-19 Mickael Remond <mickael.remond@process-one.net> 2007-02-19 Mickael Remond <mickael.remond@process-one.net>
* src/mod_muc/mod_muc_room.erl: Added an option set affiliations. * src/mod_muc/mod_muc_room.erl: Added an option set affiliations.
* doc/api/*: Added Erlang documentation generation script (EJAB-188). * doc/api/*: Added Erlang documentation generation script
(EJAB-188).
* doc/version.tex: Updated. * doc/version.tex: Updated.
* src/ejabberd.app: Updated. * src/ejabberd.app: Updated.
* src/odbc/pg.sql: last table, state column cannot be NULL (EJAB-191). * src/odbc/pg.sql: last table, state column cannot be NULL
(EJAB-191).
* src/odbc/mysql.sql: likewise. * src/odbc/mysql.sql: likewise.
* src/odbc/mssql.sql. likewise. * src/odbc/mssql.sql: likewise.
* src/ejabberd_auth_ldap.erl: prevent anonymous bind on LDAP servers * src/ejabberd_auth_ldap.erl: prevent anonymous bind on LDAP
as ejabberd is providing other anonymous authentication mechanism servers as ejabberd is providing other anonymous authentication
mechanism
(EJAB-190). (EJAB-190).
* src/cyrsasl_plain.erl: bad-auth error code replaced by not-authorized * src/cyrsasl_plain.erl: bad-auth error code replaced by
(EJAB-187). not-authorized (EJAB-187).
* src/aclocal.m4: configure --with-erlang option is now working (Thanks * src/aclocal.m4: configure --with-erlang option is now working
to Jerome Sautret) (EJAB-186). (Thanks to Jerome Sautret) (EJAB-186).
* src/mod_muc/mod_muc_log.erl: Spam prevention: The default behaviour * src/mod_muc/mod_muc_log.erl: Spam prevention: The default
is now to use the nofollow rel attributes for links that are submitted behaviour is now to use the nofollow rel attributes for links that
by users (EJAB-185). are submitted by users (EJAB-185).
* doc/guide.tex: Likewise. * doc/guide.tex: Likewise.
* src/mod_muc/mod_muc_room.erl: API improvement: Implementation of an * src/mod_muc/mod_muc_room.erl: API improvement: Implementation of
event to destroy MUC room from an external application (Thanks to an event to destroy MUC room from an external application (Thanks
Massimiliano Mirra) (EJAB-184). to Massimiliano Mirra) (EJAB-184).
2007-02-18 Alexey Shchepin <alexey@sevcom.net> 2007-02-18 Alexey Shchepin <alexey@sevcom.net>
@ -119,16 +132,16 @@
2007-01-11 Mickael Remond <mickael.remond@process-one.net> 2007-01-11 Mickael Remond <mickael.remond@process-one.net>
* doc/guide.tex: Latex / Hevea related improvements for documentation * doc/guide.tex: Latex / Hevea related improvements for
generation (thanks to Sander Devrieze). documentation generation (thanks to Sander Devrieze).
* doc/introduction.tex: Likewise. * doc/introduction.tex: Likewise.
* doc/dev.tex: Likewise. * doc/dev.tex: Likewise.
* doc/features.tex: Likewise. * doc/features.tex: Likewise.
2007-01-08 Christophe Romain <christophe.romain@process-one.net> 2007-01-08 Christophe Romain <christophe.romain@process-one.net>
* src/mod_pubsub/mod_pubsub.erl: add presence_based_delivery cluster * src/mod_pubsub/mod_pubsub.erl: add presence_based_delivery
support cluster support
2007-01-05 Alexey Shchepin <alexey@sevcom.net> 2007-01-05 Alexey Shchepin <alexey@sevcom.net>

View File

@ -136,6 +136,8 @@ server_step(State, ClientIn) ->
{continue, ServerOut, NewMechState} -> {continue, ServerOut, NewMechState} ->
{continue, ServerOut, {continue, ServerOut,
State#sasl_state{mech_state = NewMechState}}; State#sasl_state{mech_state = NewMechState}};
{error, Error, Username} ->
{error, Error, Username};
{error, Error} -> {error, Error} ->
{error, Error} {error, Error}
end. end.

View File

@ -44,7 +44,7 @@ mech_step(#state{step = 3, nonce = Nonce} = State, ClientIn) ->
AuthzId = xml:get_attr_s("authzid", KeyVals), AuthzId = xml:get_attr_s("authzid", KeyVals),
case (State#state.get_password)(UserName) of case (State#state.get_password)(UserName) of
false -> false ->
{error, "not-authorized"}; {error, "not-authorized", UserName};
Passwd -> Passwd ->
Response = response(KeyVals, UserName, Passwd, Response = response(KeyVals, UserName, Passwd,
Nonce, AuthzId, "AUTHENTICATE"), Nonce, AuthzId, "AUTHENTICATE"),
@ -59,7 +59,7 @@ mech_step(#state{step = 3, nonce = Nonce} = State, ClientIn) ->
username = UserName, username = UserName,
authzid = AuthzId}}; authzid = AuthzId}};
_ -> _ ->
{error, "not-authorized"} {error, "not-authorized", UserName}
end end
end end
end; end;

View File

@ -33,7 +33,7 @@ mech_step(State, ClientIn) ->
true -> true ->
{ok, [{username, User}, {authzid, AuthzId}]}; {ok, [{username, User}, {authzid, AuthzId}]};
_ -> _ ->
{error, "not-authorized"} {error, "not-authorized", User}
end; end;
_ -> _ ->
{error, "bad-protocol"} {error, "bad-protocol"}

View File

@ -174,6 +174,7 @@ wait_for_stream({xmlstreamstart, _Name, Attrs}, StateData) ->
case lists:member(Server, ?MYHOSTS) of case lists:member(Server, ?MYHOSTS) of
true -> true ->
Lang = xml:get_attr_s("xml:lang", Attrs), Lang = xml:get_attr_s("xml:lang", Attrs),
change_shaper(StateData, jlib:make_jid("", Server, "")),
case xml:get_attr_s("version", Attrs) of case xml:get_attr_s("version", Attrs) of
"1.0" -> "1.0" ->
Header = io_lib:format(?STREAM_HEADER, Header = io_lib:format(?STREAM_HEADER,
@ -493,6 +494,16 @@ wait_for_feature_request({xmlstreamelement, El}, StateData) ->
jlib:encode_base64(ServerOut)}]}), jlib:encode_base64(ServerOut)}]}),
{next_state, wait_for_sasl_response, {next_state, wait_for_sasl_response,
StateData#state{sasl_state = NewSASLState}}; StateData#state{sasl_state = NewSASLState}};
{error, Error, Username} ->
?INFO_MSG(
"(~w) Failed authentication for ~s@~s",
[StateData#state.socket,
Username, StateData#state.server]),
send_element(StateData,
{xmlelement, "failure",
[{"xmlns", ?NS_SASL}],
[{xmlelement, Error, [], []}]}),
{next_state, wait_for_feature_request, StateData};
{error, Error} -> {error, Error} ->
send_element(StateData, send_element(StateData,
{xmlelement, "failure", {xmlelement, "failure",
@ -609,6 +620,16 @@ wait_for_sasl_response({xmlstreamelement, El}, StateData) ->
jlib:encode_base64(ServerOut)}]}), jlib:encode_base64(ServerOut)}]}),
{next_state, wait_for_sasl_response, {next_state, wait_for_sasl_response,
StateData#state{sasl_state = NewSASLState}}; StateData#state{sasl_state = NewSASLState}};
{error, Error, Username} ->
?INFO_MSG(
"(~w) Failed authentication for ~s@~s",
[StateData#state.socket,
Username, StateData#state.server]),
send_element(StateData,
{xmlelement, "failure",
[{"xmlns", ?NS_SASL}],
[{xmlelement, Error, [], []}]}),
{next_state, wait_for_feature_request, StateData};
{error, Error} -> {error, Error} ->
send_element(StateData, send_element(StateData,
{xmlelement, "failure", {xmlelement, "failure",