mirror of
https://github.com/processone/ejabberd.git
synced 2024-12-06 16:42:56 +01:00
* src/ejabberd_s2s.erl: Implements s2s hosts whitelist / blacklist
* src/ejabberd.cfg.example: Likewise SVN Revision: 818
This commit is contained in:
parent
abadd82c66
commit
9da2c78eb4
@ -1,5 +1,8 @@
|
||||
2007-07-18 Mickael Remond <mickael.remond@process-one.net>
|
||||
|
||||
* src/ejabberd_s2s.erl: Implements s2s hosts whitelist / blacklist
|
||||
* src/ejabberd.cfg.example: Likewise
|
||||
|
||||
* src/ejabberd_s2s_out.erl: Make s2s connections more robust
|
||||
* src/ejabberd_s2s.erl: Likewise
|
||||
|
||||
@ -32,7 +35,7 @@
|
||||
* src/mod_echo.erl: mod_echo does not reply to other
|
||||
components. This is to make sure that a component will not
|
||||
discover its own capabilities (Thanks to Badlop) (EJAB-281).
|
||||
* src/ejabberd.cfg: disable mod_echo in the example config
|
||||
* src/ejabberd.cfg.example: disable mod_echo in the example config
|
||||
file. mod_echo is mainly a development/test module.
|
||||
|
||||
2007-07-09 Mickael Remond <mickael.remond@process-one.net>
|
||||
|
@ -152,6 +152,11 @@
|
||||
%{domain_certfile, "example.org", "./example_org.pem"}.
|
||||
%{domain_certfile, "example.com", "./example_com.pem"}.
|
||||
|
||||
%% S2S Whitelist or blacklist:
|
||||
%{s2s_default_policy, allow}. %% Default s2s policy for undefined hosts
|
||||
%%{{s2s_host,"goodhost.org"}, allow}.
|
||||
%{{s2s_host,"badhost.org"}, deny}.
|
||||
|
||||
% If SRV lookup fails, then port 5269 is used to communicate with remote server
|
||||
{outgoing_s2s_port, 5269}.
|
||||
|
||||
|
@ -243,10 +243,12 @@ find_connection(From, To) ->
|
||||
{'EXIT', Reason} ->
|
||||
{aborted, Reason};
|
||||
[] ->
|
||||
case is_service(From, To) of
|
||||
true ->
|
||||
{aborted, error};
|
||||
false ->
|
||||
%% We try to establish connection if the host is not a
|
||||
%% service and if the s2s host is not blacklisted or
|
||||
%% is in whitelist:
|
||||
case {is_service(From, To),
|
||||
allow_host(MyServer, Server)} of
|
||||
{false, true} ->
|
||||
?DEBUG("starting new s2s connection~n", []),
|
||||
Key = randoms:get_string(),
|
||||
{ok, Pid} = ejabberd_s2s_out:start(
|
||||
@ -269,7 +271,9 @@ find_connection(From, To) ->
|
||||
_ ->
|
||||
ejabberd_s2s_out:stop_connection(Pid)
|
||||
end,
|
||||
TRes
|
||||
TRes;
|
||||
_ ->
|
||||
{aborted, error}
|
||||
end;
|
||||
[El] ->
|
||||
{atomic, El#s2s.pid}
|
||||
@ -331,3 +335,18 @@ update_tables() ->
|
||||
false ->
|
||||
ok
|
||||
end.
|
||||
|
||||
%% Check if host is in blacklist or white list
|
||||
allow_host(MyServer, S2SHost) ->
|
||||
case ejabberd_config:get_local_option({{s2s_host, S2SHost},MyServer}) of
|
||||
deny -> false;
|
||||
allow -> true;
|
||||
_ ->
|
||||
case ejabberd_config:get_local_option({s2s_default_policy, MyServer}) of
|
||||
deny -> false;
|
||||
allow -> true;
|
||||
_ -> allow %% The default s2s policy is allow
|
||||
end
|
||||
end.
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user