From 525b8e9374e2f2c62efdfaf0da3d3c5f9cbb05a5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micka=C3=ABl=20R=C3=A9mond?=
 <mickael.remond@process-one.net>
Date: Thu, 28 Jun 2007 14:32:48 +0000
Subject: [PATCH] * src/ejabberd_service.erl: Added an option to disable from
 attribute checks in packets coming from an external component (EJAB-275) *
 doc/guide.tex: Likewise

SVN Revision: 804
---
 ChangeLog                |  4 ++++
 doc/guide.html           | 16 +++++++++++++---
 doc/guide.tex            | 17 ++++++++++++++---
 src/ejabberd_service.erl | 37 ++++++++++++++++++++++++++-----------
 4 files changed, 57 insertions(+), 17 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 565c1e789..55844d1c9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 2007-06-28  Mickael Remond  <mickael.remond@process-one.net>
 
+	* src/ejabberd_service.erl: Added an option to disable from attribute
+	checks in packets coming from an external component (EJAB-275)
+	* doc/guide.tex: Likewise
+
 	* doc/guide.tex: Documentation rework started (EJAB-272)
 	* doc/introduction.tex: Likewise
 
diff --git a/doc/guide.html b/doc/guide.html
index 6eae82257..f0de1e5cf 100644
--- a/doc/guide.html
+++ b/doc/guide.html
@@ -348,7 +348,8 @@ The latest development version can be retrieved from the Subversion repository.
 install <TT>ejabberd</TT> into the directory <CODE>/var/lib/ejabberd</CODE>,
 </LI><LI CLASS="li-itemize">install the configuration file into <CODE>/etc/ejabberd</CODE>,
 </LI><LI CLASS="li-itemize">create a directory called <CODE>/var/log/ejabberd</CODE> to store log files.
-</LI></UL><P>Note: if you want to use an external database, you need to execute the configure
+</LI></UL><!--TOC subsubsection Compilation options-->
+<H4 CLASS="subsubsection"><!--SEC ANCHOR -->Compilation options</H4><!--SEC END --><P>If you want to use an external database, you need to execute the configure
 script with the option(s) <TT>&#X2013;enable-odbc</TT> or <TT>&#X2013;enable-odbc
 &#X2013;enable-mssql</TT>. See section&#XA0;<A HREF="#database">3.2</A> for more information.</P><!--TOC subsubsection Windows-->
 <H4 CLASS="subsubsection"><!--SEC ANCHOR -->Windows</H4><!--SEC END --><P>
@@ -573,6 +574,11 @@ enables the web interface for <TT>ejabberd</TT> administration which is availabl
 at <CODE>http://server:port/admin/</CODE>. Login and password are the username and
 password of one of the registered users who are granted access by the
 `configure' access rule.
+</DD><DT CLASS="dt-description"><B><TT>component_check_from</TT></B></DT><DD CLASS="dd-description"> 
+This option can be used with <TT>ejabberd_service</TT> only. It is
+used to disable control on the from field on packets send by an
+external components. The option can be either <TT>true</TT> or
+<TT>false</TT>. The default value is <TT>true</TT> which conforms to <A HREF="http://www.xmpp.org/extensions/xep-0114.html">XEP-0114</A>.
 </DD></DL><P>In addition, the following options are available for s2s connections:
 </P><DL CLASS="description"><DT CLASS="dt-description">
 <B><TT>{s2s_use_starttls, true|false}</TT></B></DT><DD CLASS="dd-description">
@@ -614,6 +620,7 @@ connected to port 5237 with password `<TT>ggsecret</TT>'.
 <A HREF="http://ejabberd.jabber.ru/jmc">Jabber Mail Component</A>
 <TT>jmc.example.org</TT> is connected to port 5238 with password
 `<TT>jmcsecret</TT>'.
+</LI><LI CLASS="li-itemize">The service custom has enabled the special option to avoiding checking the <TT>from</TT> attribute in the packets send by this component. The component can send packets in behalf of any users from the server, or even on behalf of any server.
 </LI></UL><PRE CLASS="verbatim">  {acl, blocked, {user, "bad"}}.
   {access, c2s, [{deny, blocked},
                  {allow, all}]}.
@@ -637,10 +644,13 @@ connected to port 5237 with password `<TT>ggsecret</TT>'.
     {5237, ejabberd_service, [{host, "gg.example.org",
                                [{password, "ggsecret"}]}]},
     {5238, ejabberd_service, [{host, "jmc.example.org",
-                               [{password, "jmcsecret"}]}]}
+                               [{password, "jmcsecret"}]}]},
+    {5239, ejabberd_service, [{host, "custom.example.org",
+                               [{password, "customsecret"}]},
+                              {service_check_from, false}]}
    ]
   }.
-  {s2s_use_starttls, true}.
+  {S2s_use_starttls, true}.
   {s2s_certfile, "/path/to/ssl.pem"}.
 </PRE><P>Note, that for jabberd 1.4- or WPJabber-based
 services you have to make the transports log and do XDB by themselves:
diff --git a/doc/guide.tex b/doc/guide.tex
index deb4ca7fc..f8377bed6 100644
--- a/doc/guide.tex
+++ b/doc/guide.tex
@@ -255,7 +255,9 @@ These commands will:
 \item create a directory called \verb|/var/log/ejabberd| to store log files.
 \end{itemize}
 
-Note: if you want to use an external database, you need to execute the configure
+\subsubsection{Compilation options}
+
+If you want to use an external database, you need to execute the configure
 script with the option(s) \term{--enable-odbc} or \term{--enable-odbc
 --enable-mssql}. See section~\ref{database} for more information.
 
@@ -570,6 +572,11 @@ The following options are available:
     at \verb|http://server:port/admin/|. Login and password are the username and
     password of one of the registered users who are granted access by the
     `configure' access rule.
+    \titem{component\_check\_from} \ind{options!service\_check\_from}
+    This option can be used with \term{ejabberd\_service} only. It is
+    used to disable control on the from field on packets send by an
+    external components. The option can be either \term{true} or
+    \term{false}. The default value is \term{true} which conforms to \xepref{0114}.
 \end{description}
 
 In addition, the following options are available for s2s connections:
@@ -615,6 +622,7 @@ For instance, the following configuration defines that:
   \footahref{http://ejabberd.jabber.ru/jmc}{Jabber Mail Component}
   \jid{jmc.example.org} is connected to port 5238 with password
   `\term{jmcsecret}'.
+\item The service custom has enabled the special option to avoiding checking the \term{from} attribute in the packets send by this component. The component can send packets in behalf of any users from the server, or even on behalf of any server.
 \end{itemize}
 \begin{verbatim}
   {acl, blocked, {user, "bad"}}.
@@ -640,10 +648,13 @@ For instance, the following configuration defines that:
     {5237, ejabberd_service, [{host, "gg.example.org",
                                [{password, "ggsecret"}]}]},
     {5238, ejabberd_service, [{host, "jmc.example.org",
-                               [{password, "jmcsecret"}]}]}
+                               [{password, "jmcsecret"}]}]},
+    {5239, ejabberd_service, [{host, "custom.example.org",
+                               [{password, "customsecret"}]},
+                              {service_check_from, false}]}
    ]
   }.
-  {s2s_use_starttls, true}.
+  {S2s_use_starttls, true}.
   {s2s_certfile, "/path/to/ssl.pem"}.
 \end{verbatim}
 Note, that for \ind{jabberd 1.4}jabberd 1.4- or \ind{WPJabber}WPJabber-based
diff --git a/src/ejabberd_service.erl b/src/ejabberd_service.erl
index 0d635b512..7d866f6f1 100644
--- a/src/ejabberd_service.erl
+++ b/src/ejabberd_service.erl
@@ -34,9 +34,10 @@
 -include("jlib.hrl").
 
 -record(state, {socket, sockmod, streamid,
-		hosts, password, access}).
+		hosts, password, access,
+		check_from}).
 
-%-define(DBGFSM, true).
+%-Define(DBGFSM, true).
 
 -ifdef(DBGFSM).
 -define(FSMOPTS, [{debug, [trace]}]).
@@ -128,13 +129,18 @@ init([{SockMod, Socket}, Opts]) ->
 		 {value, {_, S}} -> S;
 		 _ -> none
 	     end,
+    CheckFrom = case lists:keysearch(service_check_from, 1, Opts) of
+		 {value, {_, CF}} -> CF;
+		 _ -> true
+	     end,
     SockMod:change_shaper(Socket, Shaper),
     {ok, wait_for_stream, #state{socket = Socket,
 				 sockmod = SockMod,
 				 streamid = new_id(),
 				 hosts = Hosts,
 				 password = Password,
-				 access = Access
+				 access = Access,
+				 check_from = CheckFrom
 				 }}.
 
 %%----------------------------------------------------------------------
@@ -205,14 +211,23 @@ stream_established({xmlstreamelement, El}, StateData) ->
     NewEl = jlib:remove_attr("xmlns", El),
     {xmlelement, Name, Attrs, _Els} = NewEl,
     From = xml:get_attr_s("from", Attrs),
-    FromJID1 = jlib:string_to_jid(From),
-    FromJID = case FromJID1 of
-		  #jid{lserver = Server} ->
-		      case lists:member(Server, StateData#state.hosts) of
-			  true -> FromJID1;
-			  false -> error
-		      end;
-		  _ -> error
+    FromJID = case StateData#state.check_from of
+		  %% If the admin does not want to check the from field
+		  %% when accept packets from any address.
+		  %% In this case, the component can send packet of
+		  %% behalf of the server users.
+		  false -> jlib:string_to_jid(From);
+		  %% The default is the standard behaviour in XEP-0114
+		  _ ->
+		      FromJID1 = jlib:string_to_jid(From),
+		      case FromJID1 of
+			  #jid{lserver = Server} ->
+			      case lists:member(Server, StateData#state.hosts) of
+				  true -> FromJID1;
+				  false -> error
+			      end;
+			  _ -> error
+		      end
 	      end,
     To = xml:get_attr_s("to", Attrs),
     ToJID = case To of