Chapril/xmpp.chapril.org-ejabberd
25
1
Fork 0
mirror of https://github.com/processone/ejabberd.git synced 2024-11-30 16:36:29 +01:00
Code Releases Activity

* src/mod_muc/mod_muc.erl: Limit number of characters in Room ID,

Browse Source 
Name and Description (EJAB-899)
* src/mod_muc/mod_muc_room.erl: Likewise
* doc/guide.tex: Likewise
* doc/guide.html: Likewise

SVN Revision: 2034
This commit is contained in:
Badlop 2009-04-22 12:05:10 +00:00
parent 43b59911e2
commit 92b1e9d9ac
5 changed files with 100 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -1,5 +1,11 @@
2009-04-22 Badlop <badlop@process-one.net> 2009-04-22 Badlop <badlop@process-one.net>
* src/mod_muc/mod_muc.erl: Limit number of characters in Room ID,
Name and Description (EJAB-899)
* src/mod_muc/mod_muc_room.erl: Likewise
* doc/guide.tex: Likewise
* doc/guide.html: Likewise
* src/cyrsasl.erl: Change API of check_password: pass a function * src/cyrsasl.erl: Change API of check_password: pass a function
to generate the digest (thanks to Graham Whitted)(EJAB-863) to generate the digest (thanks to Graham Whitted)(EJAB-863)
* src/cyrsasl_anonymous.erl: Likewise * src/cyrsasl_anonymous.erl: Likewise

21
doc/guide.html
View File

@ -2098,6 +2098,18 @@ number of rooms that any given user can join. The default value
is 10. This option is used to prevent possible abuses. Note that is 10. This option is used to prevent possible abuses. Note that
this is a soft limit: some users can sometimes join more conferences this is a soft limit: some users can sometimes join more conferences
in cluster configurations. in cluster configurations.
</DD><DT CLASS="dt-description"><B><TT>max_room_id</TT></B></DT><DD CLASS="dd-description">
This option defines the maximum number of characters that Room ID
can have when creating a new room.
The default value is to not limit: infinite.
</DD><DT CLASS="dt-description"><B><TT>max_room_name</TT></B></DT><DD CLASS="dd-description">
This option defines the maximum number of characters that Room Name
can have when configuring the room.
The default value is to not limit: infinite.
</DD><DT CLASS="dt-description"><B><TT>max_room_desc</TT></B></DT><DD CLASS="dd-description">
This option defines the maximum number of characters that Room Description
can have when configuring the room.
The default value is to not limit: infinite.
</DD><DT CLASS="dt-description"><B><TT>min_message_interval</TT></B></DT><DD CLASS="dd-description"> </DD><DT CLASS="dt-description"><B><TT>min_message_interval</TT></B></DT><DD CLASS="dd-description">
This option defines the minimum interval between two messages send This option defines the minimum interval between two messages send
by an occupant in seconds. This option is global and valid for all by an occupant in seconds. This option is global and valid for all
@ -2209,12 +2221,17 @@ and the default value of 20 history messages will be send to the users.
]}. ]}.
</PRE></LI><LI CLASS="li-itemize">In the following example, MUC anti abuse options are used. An </PRE></LI><LI CLASS="li-itemize">In the following example, MUC anti abuse options are used. An
occupant cannot send more than one message every 0.4 seconds and cannot occupant cannot send more than one message every 0.4 seconds and cannot
change its presence more than once every 4 seconds. No ACLs are change its presence more than once every 4 seconds.
The length of Room IDs and Room Names are limited to 20 characters,
and Room Description to 300 characters. No ACLs are
defined, but some user restriction could be added as well:<PRE CLASS="verbatim">{modules, defined, but some user restriction could be added as well:<PRE CLASS="verbatim">{modules,
[ [
... ...
{mod_muc, [{min_message_interval, 0.4}, {mod_muc, [{min_message_interval, 0.4},
{min_presence_interval, 4}]}, {min_presence_interval, 4},
{max_room_id, 20},
{max_room_name, 20},
{max_room_desc, 300}]},
... ...
]}. ]}.
</PRE></LI><LI CLASS="li-itemize">This example shows how to use <TT>default_room_options</TT> to make sure </PRE></LI><LI CLASS="li-itemize">This example shows how to use <TT>default_room_options</TT> to make sure

21
doc/guide.tex
View File

@ -2763,6 +2763,18 @@ Module options:
is 10. This option is used to prevent possible abuses. Note that is 10. This option is used to prevent possible abuses. Note that
this is a soft limit: some users can sometimes join more conferences this is a soft limit: some users can sometimes join more conferences
in cluster configurations. in cluster configurations.
\titem{max\_room\_id} \ind{options!max\_room\_id}
This option defines the maximum number of characters that Room ID
can have when creating a new room.
The default value is to not limit: infinite.
\titem{max\_room\_name} \ind{options!max\_room\_name}
This option defines the maximum number of characters that Room Name
can have when configuring the room.
The default value is to not limit: infinite.
\titem{max\_room\_desc} \ind{options!max\_room\_desc}
This option defines the maximum number of characters that Room Description
can have when configuring the room.
The default value is to not limit: infinite.
\titem{min\_message\_interval} \ind{options!min\_message\_interval} \titem{min\_message\_interval} \ind{options!min\_message\_interval}
This option defines the minimum interval between two messages send This option defines the minimum interval between two messages send
by an occupant in seconds. This option is global and valid for all by an occupant in seconds. This option is global and valid for all
@ -2881,7 +2893,9 @@ Examples:
\item In the following example, MUC anti abuse options are used. An \item In the following example, MUC anti abuse options are used. An
occupant cannot send more than one message every 0.4 seconds and cannot occupant cannot send more than one message every 0.4 seconds and cannot
change its presence more than once every 4 seconds. No ACLs are change its presence more than once every 4 seconds.
The length of Room IDs and Room Names are limited to 20 characters,
and Room Description to 300 characters. No ACLs are
defined, but some user restriction could be added as well: defined, but some user restriction could be added as well:
\begin{verbatim} \begin{verbatim}
@ -2889,7 +2903,10 @@ defined, but some user restriction could be added as well:
[ [
... ...
{mod_muc, [{min_message_interval, 0.4}, {mod_muc, [{min_message_interval, 0.4},
{min_presence_interval, 4}]}, {min_presence_interval, 4},
{max_room_id, 20},
{max_room_name, 20},
{max_room_desc, 300}]},
... ...
]}. ]}.
\end{verbatim} \end{verbatim}

21
src/mod_muc/mod_muc.erl
View File

@ -447,8 +447,10 @@ do_route1(Host, ServerHost, Access, HistorySize, RoomShaper,
Type = exmpp_stanza:get_type(Packet), Type = exmpp_stanza:get_type(Packet),
case {Name, Type} of case {Name, Type} of
{'presence', 'undefined'} -> {'presence', 'undefined'} ->
case acl:match_rule(ServerHost, AccessCreate, From) of case check_user_can_create_room(ServerHost,
allow -> AccessCreate, From,
Room) of
true ->
?DEBUG("MUC: open new room '~s'~n", [Room]), ?DEBUG("MUC: open new room '~s'~n", [Room]),
{ok, Pid} = mod_muc_room:start( {ok, Pid} = mod_muc_room:start(
Host, ServerHost, Access, Host, ServerHost, Access,
@ -458,10 +460,10 @@ do_route1(Host, ServerHost, Access, HistorySize, RoomShaper,
register_room(Host, Room, Pid), register_room(Host, Room, Pid),
mod_muc_room:route(Pid, From, Nick, Packet), mod_muc_room:route(Pid, From, Nick, Packet),
ok; ok;
_ -> false ->
Lang = exmpp_stanza:get_lang(Packet), Lang = exmpp_stanza:get_lang(Packet),
ErrText = "Room creation is denied by service policy", ErrText = "Room creation is denied by service policy",
Err = exmpp_stanza:reply_with_error(Packet,exmpp_stanza:error(Packet#xmlel.ns, Err = exmpp_stanza:reply_with_error(Packet,exmpp_stanza:error(Packet#xmlel.ns,
'forbidden', 'forbidden',
{Lang,ErrText})), {Lang,ErrText})),
ejabberd_router:route(To, From, Err) ejabberd_router:route(To, From, Err)
@ -483,7 +485,14 @@ do_route1(Host, ServerHost, Access, HistorySize, RoomShaper,
end end
end. end.
check_user_can_create_room(ServerHost, AccessCreate, From, RoomID) ->
case acl:match_rule(ServerHost, AccessCreate, From) of
allow ->
(size(RoomID) =< gen_mod:get_module_opt(ServerHost, mod_muc,
max_room_id, infinite));
_ ->
false
end.
load_permanent_rooms(Host, ServerHost, Access, HistorySize, RoomShaper) -> load_permanent_rooms(Host, ServerHost, Access, HistorySize, RoomShaper) ->

52
src/mod_muc/mod_muc_room.erl
View File

@ -2612,11 +2612,16 @@ process_iq_owner(From, set, Lang, SubEl, StateData) ->
{?NS_DATA_FORMS, <<"cancel">>} -> {?NS_DATA_FORMS, <<"cancel">>} ->
{result, [], StateData}; {result, [], StateData};
{?NS_DATA_FORMS, <<"submit">>} -> {?NS_DATA_FORMS, <<"submit">>} ->
case {check_allowed_log_change(XEl, StateData, From), case is_allowed_log_change(XEl, StateData, From)
check_allowed_persistent_change(XEl, StateData, From)} of andalso
{allow, allow} -> set_config(XEl, StateData); is_allowed_persistent_change(XEl, StateData,
_ -> {error, 'bad-request'} From)
end; andalso
is_allowed_room_name_desc_limits(XEl,
StateData) of
true -> set_config(XEl, StateData);
false -> {error, 'bad-request'}
end;
_ -> _ ->
{error, 'bad-request'} {error, 'bad-request'}
end; end;
@ -2667,26 +2672,51 @@ process_iq_owner(From, get, Lang, SubEl, StateData) ->
{error, ?ERR(SubEl, 'forbidden', Lang, ErrText)} {error, ?ERR(SubEl, 'forbidden', Lang, ErrText)}
end. end.
check_allowed_log_change(XEl, StateData, From) -> is_allowed_log_change(XEl, StateData, From) ->
case lists:keymember("muc#roomconfig_enablelogging", 1, case lists:keymember("muc#roomconfig_enablelogging", 1,
jlib:parse_xdata_submit(XEl)) of jlib:parse_xdata_submit(XEl)) of
false -> false ->
allow; true;
true -> true ->
mod_muc_log:check_access_log( (allow == mod_muc_log:check_access_log(
StateData#state.server_host, From) StateData#state.server_host, From))
end. end.
check_allowed_persistent_change(XEl, StateData, From) -> is_allowed_persistent_change(XEl, StateData, From) ->
case lists:keymember("muc#roomconfig_persistentroom", 1, case lists:keymember("muc#roomconfig_persistentroom", 1,
jlib:parse_xdata_submit(XEl)) of jlib:parse_xdata_submit(XEl)) of
false -> false ->
allow; true;
true -> true ->
{_AccessRoute, _AccessCreate, _AccessAdmin, AccessPersistent} = StateData#state.access, {_AccessRoute, _AccessCreate, _AccessAdmin, AccessPersistent} = StateData#state.access,
acl:match_rule(StateData#state.server_host, AccessPersistent, From) acl:match_rule(StateData#state.server_host, AccessPersistent, From)
end. end.
%% Check if the Room Name and Room Description defined in the Data Form
%% are conformant to the configured limits
is_allowed_room_name_desc_limits(XEl, StateData) ->
IsNameAccepted =
case lists:keysearch("muc#roomconfig_roomname", 1,
jlib:parse_xdata_submit(XEl)) of
{value, {_, [N]}} ->
length(N) =< gen_mod:get_module_opt(StateData#state.server_host,
mod_muc, max_room_name,
infinite);
_ ->
true
end,
IsDescAccepted =
case lists:keysearch("muc#roomconfig_roomdesc", 1,
jlib:parse_xdata_submit(XEl)) of
{value, {_, [D]}} ->
length(D) =< gen_mod:get_module_opt(StateData#state.server_host,
mod_muc, max_room_desc,
infinite);
_ ->
true
end,
IsNameAccepted and IsDescAccepted.
-define(XFIELD(Type, Label, Var, Val), -define(XFIELD(Type, Label, Var, Val),
#xmlel{name = 'field', #xmlel{name = 'field',
attrs = [?XMLATTR('type', Type), attrs = [?XMLATTR('type', Type),