Chapril/xmpp.chapril.org-ejabberd
25
1
Fork 0
mirror of https://github.com/processone/ejabberd.git synced 2024-11-24 16:23:40 +01:00
Code Releases Activity

* src/ejabberd_c2s.erl: Added C2S blacklist support (EJAB-625).

Browse Source 
* src/mod_ip_blacklist.erl: Likewise.
* src/jlib.erl: Added IP format tuple to string function.
* src/ejabberd_socket.erl: Properly handled c2s start failure (happen for blacklisted IP).

SVN Revision: 1317
This commit is contained in:
Mickaël Rémond 2008-05-05 16:22:06 +00:00
parent 8267194d5e
commit a664579b58
4 changed files with 67 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ChangeLog
View File

@ -1,3 +1,11 @@
2008-05-05 Mickael Remond <mremond@process-one.net>
* src/ejabberd_c2s.erl: Added C2S blacklist support (EJAB-625).
* src/mod_ip_blacklist.erl: Likewise.
* src/jlib.erl: Added IP format tuple to string function.
* src/ejabberd_socket.erl: Properly handled c2s start failure (happen
for blacklisted IP).
2008-05-04 Alexey Shchepin <alexey@process-one.net> 2008-05-04 Alexey Shchepin <alexey@process-one.net>
* src/ejabberd_receiver.erl: Don't activate a socket untill its * src/ejabberd_receiver.erl: Don't activate a socket untill its

55
src/ejabberd_c2s.erl
View File

@ -176,26 +176,35 @@ init([{SockMod, Socket}, Opts]) ->
(_) -> false (_) -> false
end, Opts), end, Opts),
IP = peerip(SockMod, Socket), IP = peerip(SockMod, Socket),
Socket1 = %% Check if IP is blacklisted:
if case is_ip_blacklisted(IP) of
TLSEnabled -> true ->
SockMod:starttls(Socket, TLSOpts); ?INFO_MSG("Connection attempt from blacklisted IP: ~s",
true -> [jlib:ip_to_list(IP)]),
Socket {stop, normal};
end, false ->
SocketMonitor = SockMod:monitor(Socket1), Socket1 =
{ok, wait_for_stream, #state{socket = Socket1, if
sockmod = SockMod, TLSEnabled ->
socket_monitor = SocketMonitor, SockMod:starttls(Socket, TLSOpts);
zlib = Zlib, true ->
tls = TLS, Socket
tls_required = StartTLSRequired, end,
tls_enabled = TLSEnabled, SocketMonitor = SockMod:monitor(Socket1),
tls_options = TLSOpts, {ok, wait_for_stream, #state{socket = Socket1,
streamid = new_id(), sockmod = SockMod,
access = Access, socket_monitor = SocketMonitor,
shaper = Shaper, zlib = Zlib,
ip = IP}, ?C2S_OPEN_TIMEOUT}. tls = TLS,
tls_required = StartTLSRequired,
tls_enabled = TLSEnabled,
tls_options = TLSOpts,
streamid = new_id(),
access = Access,
shaper = Shaper,
ip = IP},
?C2S_OPEN_TIMEOUT}
end.
%% Return list of all available resources of contacts, %% Return list of all available resources of contacts,
%% in form [{JID, Caps}]. %% in form [{JID, Caps}].
@ -851,8 +860,6 @@ wait_for_session(closed, StateData) ->
{stop, normal, StateData}. {stop, normal, StateData}.
session_established({xmlstreamelement, El}, StateData) -> session_established({xmlstreamelement, El}, StateData) ->
{xmlelement, Name, Attrs, _Els} = El, {xmlelement, Name, Attrs, _Els} = El,
User = StateData#state.user, User = StateData#state.user,
@ -1954,3 +1961,7 @@ fsm_reply(Reply, session_established, StateData) ->
{reply, Reply, session_established, StateData, ?C2S_HIBERNATE_TIMEOUT}; {reply, Reply, session_established, StateData, ?C2S_HIBERNATE_TIMEOUT};
fsm_reply(Reply, StateName, StateData) -> fsm_reply(Reply, StateName, StateData) ->
{reply, Reply, StateName, StateData, ?C2S_OPEN_TIMEOUT}. {reply, Reply, StateName, StateData, ?C2S_OPEN_TIMEOUT}.
%% Used by c2s blacklist plugins
is_ip_blacklisted({IP,_Port}) ->
ejabberd_hooks:run_fold(check_bl_c2s, false, [IP]).

28
src/ejabberd_socket.erl
View File

@ -65,19 +65,27 @@ start(Module, SockMod, Socket, Opts) ->
SocketData = #socket_state{sockmod = SockMod, SocketData = #socket_state{sockmod = SockMod,
socket = Socket, socket = Socket,
receiver = Receiver}, receiver = Receiver},
{ok, Pid} = Module:start({?MODULE, SocketData}, Opts), case Module:start({?MODULE, SocketData}, Opts) of
case SockMod:controlling_process(Socket, Receiver) of {ok, Pid} ->
ok -> case SockMod:controlling_process(Socket, Receiver) of
ok; ok ->
ok;
{error, _Reason} ->
SockMod:close(Socket)
end,
ejabberd_receiver:become_controller(Receiver, Pid);
{error, _Reason} -> {error, _Reason} ->
SockMod:close(Socket) SockMod:close(Socket)
end, end;
ejabberd_receiver:become_controller(Receiver, Pid);
raw -> raw ->
{ok, Pid} = Module:start({SockMod, Socket}, Opts), case Module:start({SockMod, Socket}, Opts) of
case SockMod:controlling_process(Socket, Pid) of {ok, Pid} ->
ok -> case SockMod:controlling_process(Socket, Pid) of
ok; ok ->
ok;
{error, _Reason} ->
SockMod:close(Socket)
end;
{error, _Reason} -> {error, _Reason} ->
SockMod:close(Socket) SockMod:close(Socket)
end end

9
src/jlib.erl
View File

@ -59,7 +59,8 @@
now_to_local_string/1, now_to_local_string/1,
datetime_string_to_timestamp/1, datetime_string_to_timestamp/1,
decode_base64/1, decode_base64/1,
encode_base64/1]). encode_base64/1,
ip_to_list/1]).
-include("jlib.hrl"). -include("jlib.hrl").
@ -676,3 +677,9 @@ e(X) when X>51, X<62 -> X-4;
e(62) -> $+; e(62) -> $+;
e(63) -> $/; e(63) -> $/;
e(X) -> exit({bad_encode_base64_token, X}). e(X) -> exit({bad_encode_base64_token, X}).
%% Convert Erlang inet IP to list
ip_to_list({IP, _Port}) ->
ip_to_list(IP);
ip_to_list({A,B,C,D}) ->
lists:flatten(io_lib:format("~w.~w.~w.~w",[A,B,C,D])).