diff --git a/ChangeLog b/ChangeLog index 580e74d63..c4a883836 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2007-07-19 Mickael Remond + + * src/ejabberd_s2s_in.erl: Add s2s whitelist / blacklist support + on incoming s2s connections (EJAB-283) + * src/ejabberd_s2s.erl: Likewise + 2007-07-18 Mickael Remond * src/ejabberd_s2s.erl: Fixed typos. diff --git a/src/ejabberd_s2s.erl b/src/ejabberd_s2s.erl index 7c1747338..c9e40efbc 100644 --- a/src/ejabberd_s2s.erl +++ b/src/ejabberd_s2s.erl @@ -21,6 +21,7 @@ remove_connection/1, remove_connection/3, dirty_get_connections/0, + allow_host/2, ctl_process/2 ]). diff --git a/src/ejabberd_s2s_in.erl b/src/ejabberd_s2s_in.erl index b5f89c95b..969be69d9 100644 --- a/src/ejabberd_s2s_in.erl +++ b/src/ejabberd_s2s_in.erl @@ -74,6 +74,9 @@ -define(HOST_UNKNOWN_ERR, xml:element_to_string(?SERR_HOST_UNKNOWN)). +-define(INVALID_FROM_ERR, + xml:element_to_string(?SERR_INVALID_FROM)). + -define(INVALID_XML_ERR, xml:element_to_string(?SERR_XML_NOT_WELL_FORMED)). @@ -309,8 +312,11 @@ stream_established({xmlstreamelement, El}, StateData) -> ?INFO_MSG("GET KEY: ~p", [{To, From, Id, Key}]), LTo = jlib:nameprep(To), LFrom = jlib:nameprep(From), - case lists:member(LTo, ejabberd_router:dirty_get_all_domains()) of - true -> + %% Checks if the from domain is allowed and if the to + %% domain is handled by this server: + case {ejabberd_s2s:allow_host(To, From), + lists:member(LTo, ejabberd_router:dirty_get_all_domains())} of + {true, true} -> ejabberd_s2s_out:start(To, From, {verify, self(), Key, StateData#state.streamid}), @@ -321,9 +327,12 @@ stream_established({xmlstreamelement, El}, StateData) -> stream_established, StateData#state{connections = Conns, timer = Timer}}; - _ -> + {_, false} -> send_text(StateData, ?HOST_UNKNOWN_ERR), - {stop, normal, StateData} + {stop, normal, StateData}; + {false, _} -> + send_text(StateData, ?INVALID_FROM_ERR), + {stop, normal, StateData} end; {verify, To, From, Id, Key} -> ?INFO_MSG("VERIFY KEY: ~p", [{To, From, Id, Key}]),