Improve error reporting for forbidden servers
This commit is contained in:
parent
a23c76fb82
commit
c68ac1d5eb
|
@ -360,9 +360,13 @@ do_route(From, To, Packet) ->
|
||||||
ejabberd_hooks:run(s2s_send_packet, MyServer, [From, To, Packet]),
|
ejabberd_hooks:run(s2s_send_packet, MyServer, [From, To, Packet]),
|
||||||
ejabberd_s2s_out:route(Pid, xmpp:set_from_to(Packet, From, To));
|
ejabberd_s2s_out:route(Pid, xmpp:set_from_to(Packet, From, To));
|
||||||
{error, Reason} ->
|
{error, Reason} ->
|
||||||
|
Lang = xmpp:get_lang(Packet),
|
||||||
Err = case Reason of
|
Err = case Reason of
|
||||||
|
policy_violation ->
|
||||||
|
xmpp:err_policy_violation(
|
||||||
|
<<"Server connections to local "
|
||||||
|
"subdomains are forbidden">>, Lang);
|
||||||
forbidden ->
|
forbidden ->
|
||||||
Lang = xmpp:get_lang(Packet),
|
|
||||||
xmpp:err_forbidden(<<"Denied by ACL">>, Lang);
|
xmpp:err_forbidden(<<"Denied by ACL">>, Lang);
|
||||||
internal_server_error ->
|
internal_server_error ->
|
||||||
xmpp:err_internal_server_error()
|
xmpp:err_internal_server_error()
|
||||||
|
@ -370,13 +374,13 @@ do_route(From, To, Packet) ->
|
||||||
ejabberd_router:route_error(To, From, Packet, Err)
|
ejabberd_router:route_error(To, From, Packet, Err)
|
||||||
end.
|
end.
|
||||||
|
|
||||||
-spec start_connection(jid(), jid()) -> {ok, pid()} |
|
-spec start_connection(jid(), jid())
|
||||||
{error, forbidden | internal_server_error}.
|
-> {ok, pid()} | {error, policy_violation | forbidden | internal_server_error}.
|
||||||
start_connection(From, To) ->
|
start_connection(From, To) ->
|
||||||
start_connection(From, To, []).
|
start_connection(From, To, []).
|
||||||
|
|
||||||
-spec start_connection(jid(), jid(), [proplists:property()])
|
-spec start_connection(jid(), jid(), [proplists:property()])
|
||||||
-> {ok, pid()} | {error, forbidden | internal_server_error}.
|
-> {ok, pid()} | {error, policy_violation | forbidden | internal_server_error}.
|
||||||
start_connection(From, To, Opts) ->
|
start_connection(From, To, Opts) ->
|
||||||
#jid{lserver = MyServer} = From,
|
#jid{lserver = MyServer} = From,
|
||||||
#jid{lserver = Server} = To,
|
#jid{lserver = Server} = To,
|
||||||
|
@ -392,16 +396,23 @@ start_connection(From, To, Opts) ->
|
||||||
%% service and if the s2s host is not blacklisted or
|
%% service and if the s2s host is not blacklisted or
|
||||||
%% is in whitelist:
|
%% is in whitelist:
|
||||||
LServer = ejabberd_router:host_of_route(MyServer),
|
LServer = ejabberd_router:host_of_route(MyServer),
|
||||||
case not is_service(From, To) andalso allow_host(LServer, Server) of
|
case is_service(From, To) of
|
||||||
true ->
|
true ->
|
||||||
NeededConnections = needed_connections_number([],
|
{error, policy_violation};
|
||||||
MaxS2SConnectionsNumber,
|
false ->
|
||||||
MaxS2SConnectionsNumberPerNode),
|
case allow_host(LServer, Server) of
|
||||||
open_several_connections(NeededConnections, MyServer,
|
true ->
|
||||||
Server, From, FromTo,
|
NeededConnections = needed_connections_number(
|
||||||
MaxS2SConnectionsNumber,
|
[],
|
||||||
MaxS2SConnectionsNumberPerNode, Opts);
|
MaxS2SConnectionsNumber,
|
||||||
false -> {error, forbidden}
|
MaxS2SConnectionsNumberPerNode),
|
||||||
|
open_several_connections(NeededConnections, MyServer,
|
||||||
|
Server, From, FromTo,
|
||||||
|
MaxS2SConnectionsNumber,
|
||||||
|
MaxS2SConnectionsNumberPerNode, Opts);
|
||||||
|
false ->
|
||||||
|
{error, forbidden}
|
||||||
|
end
|
||||||
end;
|
end;
|
||||||
L when is_list(L) ->
|
L when is_list(L) ->
|
||||||
NeededConnections = needed_connections_number(L,
|
NeededConnections = needed_connections_number(L,
|
||||||
|
|
Loading…
Reference in New Issue