Chapril/xmpp.chapril.org-ejabberd
25
1
Fork 0
mirror of https://github.com/processone/ejabberd.git synced 2024-11-22 16:20:52 +01:00
Code Releases Activity

* src/ejabberd_s2s_in.erl: Support for dNSName certificate field

Browse Source 
and DNS name matching
* src/XmppAddr.asn1: Moved here from src/tls/XmppAddr.asn1
* src/tls/XmppAddr.asn1: Likewise    
* src/Makefile.in: Updated
* src/tls/Makefile.in: Updated

SVN Revision: 435
This commit is contained in:
Alexey Shchepin 2005-11-17 05:29:33 +00:00
parent 57a6d0e1d3
commit c6441edc7a
5 changed files with 73 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ChangeLog
View File

@ -1,3 +1,12 @@
2005-11-17 Alexey Shchepin <alexey@sevcom.net>
* src/ejabberd_s2s_in.erl: Support for dNSName certificate field
and DNS name matching
* src/XmppAddr.asn1: Moved here from src/tls/XmppAddr.asn1
* src/tls/XmppAddr.asn1: Likewise
* src/Makefile.in: Updated
* src/tls/Makefile.in: Updated
2005-11-16 Alexey Shchepin <alexey@sevcom.net> 2005-11-16 Alexey Shchepin <alexey@sevcom.net>
* src/odbc/ejabberd_odbc.erl: Support for mnesia-like transaction * src/odbc/ejabberd_odbc.erl: Support for mnesia-like transaction

7
src/Makefile.in
View File

@ -27,9 +27,11 @@ MSGSDIR = $(PRIVDIR)/msgs
LOGDIR = $(DESTDIR)/var/log/ejabberd LOGDIR = $(DESTDIR)/var/log/ejabberd
ETCDIR = $(DESTDIR)/etc/ejabberd ETCDIR = $(DESTDIR)/etc/ejabberd
ASN_FLAGS = -bber_bin +der +compact_bit_string +optimize +noobj
all: $(ERLSHLIBS) compile-beam all-recursive all: $(ERLSHLIBS) compile-beam all-recursive
compile-beam: compile-beam: XmppAddr.hrl
@ERL@ -s make all report -noinput -s erlang halt @ERL@ -s make all report -noinput -s erlang halt
@ -43,6 +45,9 @@ mostlyclean-recursive maintainer-clean-recursive:
done done
%.hrl: %.asn1
erlc $(ASN_FLAGS) $<
$(ERLSHLIBS): %.so: %.c $(ERLSHLIBS): %.so: %.c
gcc -Wall $(CFLAGS) $(LDFLAGS) $(LIBS) \ gcc -Wall $(CFLAGS) $(LDFLAGS) $(LIBS) \
$(subst ../,,$(subst .so,.c,$@)) \ $(subst ../,,$(subst .so,.c,$@)) \

0
src/tls/XmppAddr.asn1 → src/XmppAddr.asn1
View File

65
src/ejabberd_s2s_in.erl
View File

@ -14,7 +14,7 @@
%% External exports %% External exports
-export([start/2, -export([start/2,
start_link/2]). start_link/2,match_domain/2]).
%% gen_fsm callbacks %% gen_fsm callbacks
-export([init/1, -export([init/1,
@ -32,7 +32,7 @@
%-include_lib("ssl/pkix/SSL-PKIX.hrl"). %-include_lib("ssl/pkix/SSL-PKIX.hrl").
-include_lib("ssl/pkix/PKIX1Explicit88.hrl"). -include_lib("ssl/pkix/PKIX1Explicit88.hrl").
-include_lib("ssl/pkix/PKIX1Implicit88.hrl"). -include_lib("ssl/pkix/PKIX1Implicit88.hrl").
-include("tls/XmppAddr.hrl"). -include("XmppAddr.hrl").
-define(DICT, dict). -define(DICT, dict).
@ -239,9 +239,16 @@ wait_for_feature_request({xmlstreamelement, El}, StateData) ->
error -> error ->
false; false;
_ -> _ ->
lists:member( case idna:domain_utf8_to_ascii(AuthDomain) of
AuthDomain, false ->
get_cert_domains(Cert)) false;
PCAuthDomain ->
lists:any(
fun(D) ->
match_domain(
PCAuthDomain, D)
end, get_cert_domains(Cert))
end
end; end;
_ -> _ ->
false false
@ -548,8 +555,7 @@ get_cert_domains(Cert) ->
lists:flatmap( lists:flatmap(
fun(#'AttributeTypeAndValue'{type = ?'id-at-commonName', fun(#'AttributeTypeAndValue'{type = ?'id-at-commonName',
value = Val}) -> value = Val}) ->
case 'PKIX1Explicit88':decode( case 'PKIX1Explicit88':decode('X520CommonName', Val) of
'X520CommonName', Val) of
{ok, {_, D1}} -> {ok, {_, D1}} ->
D = if D = if
is_list(D1) -> D1; is_list(D1) -> D1;
@ -598,13 +604,27 @@ get_cert_domains(Cert) ->
#jid{luser = "", #jid{luser = "",
lserver = LD, lserver = LD,
lresource = ""} -> lresource = ""} ->
[LD]; case idna:domain_utf8_to_ascii(LD) of
false ->
[];
PCLD ->
[PCLD]
end;
_ -> _ ->
[] []
end; end;
_ -> _ ->
[] []
end; end;
({dNSName, D}) when is_list(D) ->
case jlib:string_to_jid(D) of
#jid{luser = "",
lserver = LD,
lresource = ""} ->
[LD];
_ ->
[]
end;
(_) -> (_) ->
[] []
end, SANs); end, SANs);
@ -615,5 +635,34 @@ get_cert_domains(Cert) ->
[] []
end, Extensions). end, Extensions).
match_domain(Domain, Domain) ->
true;
match_domain(Domain, Pattern) ->
DLabels = string:tokens(Domain, "."),
PLabels = string:tokens(Pattern, "."),
match_labels(DLabels, PLabels).
match_labels([], []) ->
true;
match_labels([], [_ | _]) ->
false;
match_labels([_ | _], []) ->
false;
match_labels([DL | DLabels], [PL | PLabels]) ->
case lists:all(fun(C) -> (($a =< C) andalso (C =< $z))
orelse (($0 =< C) andalso (C =< $9))
orelse (C == $-) orelse (C == $*)
end, PL) of
true ->
Regexp = regexp:sh_to_awk(PL),
case regexp:match(DL, Regexp) of
{match, _, _} ->
match_labels(DLabels, PLabels);
_ ->
false
end;
false ->
false
end.

6
src/tls/Makefile.in
View File

@ -12,18 +12,14 @@ ERLSHLIBS = ../tls_drv.so
OUTDIR = .. OUTDIR = ..
EFLAGS = -I .. -pz .. EFLAGS = -I .. -pz ..
ASN_FLAGS = -bber_bin +der +compact_bit_string +optimize +noobj
OBJS = \ OBJS = \
$(OUTDIR)/tls.beam $(OUTDIR)/XmppAddr.beam $(OUTDIR)/tls.beam
all: $(OBJS) $(ERLSHLIBS) all: $(OBJS) $(ERLSHLIBS)
$(OUTDIR)/%.beam: %.erl $(OUTDIR)/%.beam: %.erl
@ERLC@ -W $(EFLAGS) -o $(OUTDIR) $< @ERLC@ -W $(EFLAGS) -o $(OUTDIR) $<
%.erl: %.asn1
erlc $(ASN_FLAGS) $<
#all: $(ERLSHLIBS) #all: $(ERLSHLIBS)
# erl -s make all report "{outdir, \"..\"}" -noinput -s erlang halt # erl -s make all report "{outdir, \"..\"}" -noinput -s erlang halt