Start/stop auth modules when host is added/deleted
This commit is contained in:
parent
0542c65a07
commit
6cdead166b
|
@ -32,7 +32,7 @@
|
||||||
-author('alexey@process-one.net').
|
-author('alexey@process-one.net').
|
||||||
|
|
||||||
%% External exports
|
%% External exports
|
||||||
-export([start/0, set_password/3, check_password/4,
|
-export([start/0, start/1, stop/1, set_password/3, check_password/4,
|
||||||
check_password/6, check_password_with_authmodule/4,
|
check_password/6, check_password_with_authmodule/4,
|
||||||
check_password_with_authmodule/6, try_register/3,
|
check_password_with_authmodule/6, try_register/3,
|
||||||
dirty_get_registered_users/0, get_vh_registered_users/1,
|
dirty_get_registered_users/0, get_vh_registered_users/1,
|
||||||
|
@ -61,6 +61,7 @@
|
||||||
{offset, integer()}].
|
{offset, integer()}].
|
||||||
|
|
||||||
-callback start(binary()) -> any().
|
-callback start(binary()) -> any().
|
||||||
|
-callback stop(binary()) -> any().
|
||||||
-callback plain_password_required() -> boolean().
|
-callback plain_password_required() -> boolean().
|
||||||
-callback store_type() -> plain | external | scram.
|
-callback store_type() -> plain | external | scram.
|
||||||
-callback set_password(binary(), binary(), binary()) -> ok | {error, atom()}.
|
-callback set_password(binary(), binary(), binary()) -> ok | {error, atom()}.
|
||||||
|
@ -81,12 +82,20 @@
|
||||||
-callback get_password_s(binary(), binary()) -> password().
|
-callback get_password_s(binary(), binary()) -> password().
|
||||||
|
|
||||||
start() ->
|
start() ->
|
||||||
%% This is only executed by ejabberd_c2s for non-SASL auth client
|
ets:new(ejabberd_auth_modules, [named_table, public]),
|
||||||
lists:foreach(fun (Host) ->
|
ejabberd_hooks:add(host_up, ?MODULE, start, 30),
|
||||||
lists:foreach(fun (M) -> M:start(Host) end,
|
ejabberd_hooks:add(host_down, ?MODULE, stop, 80),
|
||||||
auth_modules(Host))
|
lists:foreach(fun start/1, ?MYHOSTS).
|
||||||
end,
|
|
||||||
?MYHOSTS).
|
start(Host) ->
|
||||||
|
Modules = auth_modules_from_config(Host),
|
||||||
|
ets:insert(ejabberd_auth_modules, {Host, Modules}),
|
||||||
|
lists:foreach(fun(M) -> M:start(Host) end, Modules).
|
||||||
|
|
||||||
|
stop(Host) ->
|
||||||
|
OldModules = auth_modules(Host),
|
||||||
|
ets:delete(ejabberd_auth_modules, Host),
|
||||||
|
lists:foreach(fun(M) -> M:stop(Host) end, OldModules).
|
||||||
|
|
||||||
plain_password_required(Server) ->
|
plain_password_required(Server) ->
|
||||||
lists:any(fun (M) -> M:plain_password_required() end,
|
lists:any(fun (M) -> M:plain_password_required() end,
|
||||||
|
@ -429,21 +438,29 @@ backend_type(Mod) ->
|
||||||
%% Return the lists of all the auth modules actually used in the
|
%% Return the lists of all the auth modules actually used in the
|
||||||
%% configuration
|
%% configuration
|
||||||
auth_modules() ->
|
auth_modules() ->
|
||||||
lists:usort(lists:flatmap(fun (Server) ->
|
lists:usort(lists:flatmap(fun auth_modules/1, ?MYHOSTS)).
|
||||||
auth_modules(Server)
|
|
||||||
end,
|
|
||||||
?MYHOSTS)).
|
|
||||||
|
|
||||||
-spec auth_modules(binary()) -> [atom()].
|
-spec auth_modules(binary()) -> [atom()].
|
||||||
|
|
||||||
%% Return the list of authenticated modules for a given host
|
%% Return the list of authenticated modules for a given host
|
||||||
auth_modules(Server) ->
|
auth_modules(Server) ->
|
||||||
|
LServer = jid:nameprep(Server),
|
||||||
|
try ets:lookup(ejabberd_auth_modules, LServer) of
|
||||||
|
[{_, Modules}] -> Modules;
|
||||||
|
_ -> []
|
||||||
|
catch error:badarg ->
|
||||||
|
%% ejabberd_auth is not started yet
|
||||||
|
auth_modules_from_config(Server)
|
||||||
|
end.
|
||||||
|
|
||||||
|
-spec auth_modules_from_config(binary()) -> [module()].
|
||||||
|
auth_modules_from_config(Server) ->
|
||||||
LServer = jid:nameprep(Server),
|
LServer = jid:nameprep(Server),
|
||||||
Default = ejabberd_config:default_db(LServer, ?MODULE),
|
Default = ejabberd_config:default_db(LServer, ?MODULE),
|
||||||
Methods = ejabberd_config:get_option(
|
Methods = ejabberd_config:get_option(
|
||||||
{auth_method, LServer}, opt_type(auth_method), [Default]),
|
{auth_method, LServer}, opt_type(auth_method), [Default]),
|
||||||
[jlib:binary_to_atom(<<"ejabberd_auth_",
|
[jlib:binary_to_atom(<<"ejabberd_auth_",
|
||||||
(jlib:atom_to_binary(M))/binary>>)
|
(jlib:atom_to_binary(M))/binary>>)
|
||||||
|| M <- Methods].
|
|| M <- Methods].
|
||||||
|
|
||||||
export(Server) ->
|
export(Server) ->
|
||||||
|
|
|
@ -31,7 +31,7 @@
|
||||||
|
|
||||||
-behaviour(ejabberd_auth).
|
-behaviour(ejabberd_auth).
|
||||||
|
|
||||||
-export([start/1, set_password/3, check_password/4,
|
-export([start/1, stop/1, set_password/3, check_password/4,
|
||||||
check_password/6, try_register/3,
|
check_password/6, try_register/3,
|
||||||
dirty_get_registered_users/0, get_vh_registered_users/1,
|
dirty_get_registered_users/0, get_vh_registered_users/1,
|
||||||
get_vh_registered_users/2,
|
get_vh_registered_users/2,
|
||||||
|
@ -58,6 +58,10 @@ start(Host) ->
|
||||||
check_cache_last_options(Host),
|
check_cache_last_options(Host),
|
||||||
ejabberd_auth_mnesia:start(Host).
|
ejabberd_auth_mnesia:start(Host).
|
||||||
|
|
||||||
|
stop(Host) ->
|
||||||
|
extauth:stop(Host),
|
||||||
|
ejabberd_auth_mnesia:stop(Host).
|
||||||
|
|
||||||
check_cache_last_options(Server) ->
|
check_cache_last_options(Server) ->
|
||||||
case get_cache_option(Server) of
|
case get_cache_option(Server) of
|
||||||
false -> no_cache;
|
false -> no_cache;
|
||||||
|
|
|
@ -90,7 +90,6 @@ start(Host) ->
|
||||||
|
|
||||||
stop(Host) ->
|
stop(Host) ->
|
||||||
Proc = gen_mod:get_module_proc(Host, ?MODULE),
|
Proc = gen_mod:get_module_proc(Host, ?MODULE),
|
||||||
gen_server:call(Proc, stop),
|
|
||||||
supervisor:terminate_child(ejabberd_sup, Proc),
|
supervisor:terminate_child(ejabberd_sup, Proc),
|
||||||
supervisor:delete_child(ejabberd_sup, Proc).
|
supervisor:delete_child(ejabberd_sup, Proc).
|
||||||
|
|
||||||
|
@ -101,6 +100,7 @@ start_link(Host) ->
|
||||||
terminate(_Reason, _State) -> ok.
|
terminate(_Reason, _State) -> ok.
|
||||||
|
|
||||||
init(Host) ->
|
init(Host) ->
|
||||||
|
process_flag(trap_exit, true),
|
||||||
State = parse_options(Host),
|
State = parse_options(Host),
|
||||||
eldap_pool:start_link(State#state.eldap_id,
|
eldap_pool:start_link(State#state.eldap_id,
|
||||||
State#state.servers, State#state.backups,
|
State#state.servers, State#state.backups,
|
||||||
|
|
|
@ -33,7 +33,7 @@
|
||||||
|
|
||||||
-behaviour(ejabberd_auth).
|
-behaviour(ejabberd_auth).
|
||||||
|
|
||||||
-export([start/1, set_password/3, check_password/4,
|
-export([start/1, stop/1, set_password/3, check_password/4,
|
||||||
check_password/6, try_register/3,
|
check_password/6, try_register/3,
|
||||||
dirty_get_registered_users/0, get_vh_registered_users/1,
|
dirty_get_registered_users/0, get_vh_registered_users/1,
|
||||||
get_vh_registered_users/2, init_db/0,
|
get_vh_registered_users/2, init_db/0,
|
||||||
|
@ -65,6 +65,9 @@ start(Host) ->
|
||||||
maybe_alert_password_scrammed_without_option(),
|
maybe_alert_password_scrammed_without_option(),
|
||||||
ok.
|
ok.
|
||||||
|
|
||||||
|
stop(_Host) ->
|
||||||
|
ok.
|
||||||
|
|
||||||
init_db() ->
|
init_db() ->
|
||||||
ejabberd_mnesia:create(?MODULE, passwd,
|
ejabberd_mnesia:create(?MODULE, passwd,
|
||||||
[{disc_copies, [node()]},
|
[{disc_copies, [node()]},
|
||||||
|
|
|
@ -30,7 +30,7 @@
|
||||||
|
|
||||||
-behaviour(ejabberd_auth).
|
-behaviour(ejabberd_auth).
|
||||||
|
|
||||||
-export([start/1, set_password/3, check_password/4,
|
-export([start/1, stop/1, set_password/3, check_password/4,
|
||||||
check_password/6, try_register/3,
|
check_password/6, try_register/3,
|
||||||
dirty_get_registered_users/0, get_vh_registered_users/1,
|
dirty_get_registered_users/0, get_vh_registered_users/1,
|
||||||
get_vh_registered_users/2,
|
get_vh_registered_users/2,
|
||||||
|
@ -43,6 +43,9 @@
|
||||||
start(_Host) ->
|
start(_Host) ->
|
||||||
ejabberd:start_app(epam).
|
ejabberd:start_app(epam).
|
||||||
|
|
||||||
|
stop(_Host) ->
|
||||||
|
ok.
|
||||||
|
|
||||||
set_password(_User, _Server, _Password) ->
|
set_password(_User, _Server, _Password) ->
|
||||||
{error, not_allowed}.
|
{error, not_allowed}.
|
||||||
|
|
||||||
|
|
|
@ -34,7 +34,7 @@
|
||||||
-behaviour(ejabberd_auth).
|
-behaviour(ejabberd_auth).
|
||||||
|
|
||||||
%% External exports
|
%% External exports
|
||||||
-export([start/1, set_password/3, check_password/4,
|
-export([start/1, stop/1, set_password/3, check_password/4,
|
||||||
check_password/6, try_register/3,
|
check_password/6, try_register/3,
|
||||||
dirty_get_registered_users/0, get_vh_registered_users/1,
|
dirty_get_registered_users/0, get_vh_registered_users/1,
|
||||||
get_vh_registered_users/2,
|
get_vh_registered_users/2,
|
||||||
|
@ -56,6 +56,9 @@
|
||||||
start(_Host) ->
|
start(_Host) ->
|
||||||
ok.
|
ok.
|
||||||
|
|
||||||
|
stop(_Host) ->
|
||||||
|
ok.
|
||||||
|
|
||||||
plain_password_required() ->
|
plain_password_required() ->
|
||||||
case is_scrammed() of
|
case is_scrammed() of
|
||||||
false -> false;
|
false -> false;
|
||||||
|
|
|
@ -33,7 +33,7 @@
|
||||||
|
|
||||||
-behaviour(ejabberd_auth).
|
-behaviour(ejabberd_auth).
|
||||||
|
|
||||||
-export([start/1, set_password/3, check_password/4,
|
-export([start/1, stop/1, set_password/3, check_password/4,
|
||||||
check_password/6, try_register/3,
|
check_password/6, try_register/3,
|
||||||
dirty_get_registered_users/0, get_vh_registered_users/1,
|
dirty_get_registered_users/0, get_vh_registered_users/1,
|
||||||
get_vh_registered_users/2,
|
get_vh_registered_users/2,
|
||||||
|
@ -54,6 +54,8 @@
|
||||||
%%%----------------------------------------------------------------------
|
%%%----------------------------------------------------------------------
|
||||||
start(_Host) -> ok.
|
start(_Host) -> ok.
|
||||||
|
|
||||||
|
stop(_Host) -> ok.
|
||||||
|
|
||||||
plain_password_required() ->
|
plain_password_required() ->
|
||||||
case is_scrammed() of
|
case is_scrammed() of
|
||||||
false -> false;
|
false -> false;
|
||||||
|
|
|
@ -81,7 +81,7 @@ start_link() ->
|
||||||
init([]) ->
|
init([]) ->
|
||||||
ejabberd_hooks:add(config_reloaded, ?MODULE, config_reloaded, 50),
|
ejabberd_hooks:add(config_reloaded, ?MODULE, config_reloaded, 50),
|
||||||
ejabberd_hooks:add(host_up, ?MODULE, start_modules, 40),
|
ejabberd_hooks:add(host_up, ?MODULE, start_modules, 40),
|
||||||
ejabberd_hooks:add(host_down, ?MODULE, stop_modules, 80),
|
ejabberd_hooks:add(host_down, ?MODULE, stop_modules, 70),
|
||||||
ets:new(ejabberd_modules,
|
ets:new(ejabberd_modules,
|
||||||
[named_table, public,
|
[named_table, public,
|
||||||
{keypos, #ejabberd_module.module_host}]),
|
{keypos, #ejabberd_module.module_host}]),
|
||||||
|
|
Loading…
Reference in New Issue