25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-12-26 17:38:45 +01:00

* doc/guide.tex: Updated

* src/ejabberd_listener.erl: Now possible to specify interface on
which one socket will be listened, also added another way to
specify SSL options
* src/ejabberd.cfg.example: Updated

SVN Revision: 231
This commit is contained in:
Alexey Shchepin 2004-05-08 19:30:38 +00:00
parent 964e61143c
commit c812a59efc
5 changed files with 68 additions and 36 deletions

View File

@ -1,3 +1,12 @@
2004-05-08 Alexey Shchepin <alexey@sevcom.net>
* doc/guide.tex: Updated
* src/ejabberd_listener.erl: Now possible to specify interface on
which one socket will be listened, also added another way to
specify SSL options
* src/ejabberd.cfg.example: Updated
2004-05-07 Alexey Shchepin <alexey@sevcom.net> 2004-05-07 Alexey Shchepin <alexey@sevcom.net>
* src/web/ejabberd_web_admin.erl: Updated (thanks to Andrey * src/web/ejabberd_web_admin.erl: Updated (thanks to Andrey

View File

@ -21,7 +21,7 @@
<A HREF="mailto:alexey@sevcom.net"><TT>mailto:alexey@sevcom.net</TT></A><BR> <A HREF="mailto:alexey@sevcom.net"><TT>mailto:alexey@sevcom.net</TT></A><BR>
<A HREF="xmpp:aleksey@jabber.ru"><TT>xmpp:aleksey@jabber.ru</TT></A></H3> <A HREF="xmpp:aleksey@jabber.ru"><TT>xmpp:aleksey@jabber.ru</TT></A></H3>
<H3 ALIGN=center>July 12, 2003</H3><DIV ALIGN=center> <H3 ALIGN=center>May 8, 2004</H3><DIV ALIGN=center>
<IMG SRC="logo.png"> <IMG SRC="logo.png">
@ -181,10 +181,12 @@ To compile <TT>ejabberd</TT> in MS Windows environment, you will need the follow
packages: packages:
<UL><LI> <UL><LI>
MS Visual C++&nbsp;6.0 Compiler MS Visual C++&nbsp;6.0 Compiler
<LI><A HREF="http://www.erlang.org/download/otp_win32_R8B-2.exe">Erlang <LI><A HREF="http://www.erlang.org/download/otp_win32_R9C-0.exe">Erlang emulator version&nbsp;5.3</A>
emulator version&nbsp;5.1.2</A> <LI><A HREF="http://prdownloads.sourceforge.net/expat/expat_win32bin_1_95_7.exe?download">Expat&nbsp;1.95.7</A>
<LI><A HREF="http://prdownloads.sourceforge.net/expat/expat_win32bin_1_95_6.exe?download">Expat&nbsp;1.95.6</A> <LI><A HREF="http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.9.1.tar.gz">Iconv&nbsp;1.9.1</A>
<LI><A HREF="http://prdownloads.sourceforge.net/gnuwin32/libiconv-1.8-1-lib.exe?download">Iconv&nbsp;1.8</A> (optional) (optional)
<LI><A HREF="http://www.slproweb.com/download/Win32OpenSSL-v0.9.7d.exe">Shining Light OpenSSL</A>
(to enable SSL connections)
</UL> </UL>
<!--TOC subsection Obtaining--> <!--TOC subsection Obtaining-->
@ -222,39 +224,29 @@ TBD<BR>
<A NAME="sec:compilationwin"></A> <A NAME="sec:compilationwin"></A>
<OL type=1><LI> <OL type=1><LI>
Install Erlang emulator (for example, into <CODE>C:\Program Files\erl5.1.2</CODE>). Install Erlang emulator (for example, into <CODE>C:\Program Files\erl5.3</CODE>).
<LI>Install Expat library into <CODE>C:\Program Files\Expat-1.95.6</CODE> <LI>Install Expat library into <CODE>C:\Program Files\Expat-1.95.7</CODE>
directory. Copy file <CODE>C:\Program Files\Expat-1.95.6\Libs\libexpat.dll</CODE> directory. Copy file <CODE>C:\Program Files\Expat-1.95.7\Libs\libexpat.dll</CODE>
to your Windows system directory (for example, <CODE>C:\WINNT</CODE> or to your Windows system directory (for example, <CODE>C:\WINNT</CODE> or
<CODE>C:\WINNT\System32</CODE>) <CODE>C:\WINNT\System32</CODE>)
<LI>Install Iconv library into <CODE>C:\Program Files\GnuWin32</CODE> directory. <LI>Build and install Iconv library into <CODE>C:\Program Files\iconv-1.9.1</CODE> directory.
Copy file <CODE>C:\Program Files\GnuWin32\bin\libiconv-2.dll</CODE> to your Copy file <CODE>C:\Program Files\iconv-1.9.1\bin\iconv.dll</CODE> to your
Windows system directory.<BR> Windows system directory.<BR>
<BR> <BR>
Note: Instead of copying libexpat.dll and libiconv-2.dll to Windows Note: Instead of copying libexpat.dll and iconv.dll to Windows
directory, you can add directories directory, you can add directories
<CODE>C:\Program Files\Expat-1.95.6\Libs</CODE> and <CODE>C:\Program Files\Expat-1.95.7\Libs</CODE> and
<CODE>C:\Program Files\GnuWin32\bin</CODE> to <CODE>PATH</CODE> environment <CODE>C:\Program Files\iconv-1.9.1\bin</CODE> to <CODE>PATH</CODE> environment
variable. variable.
<LI>Being in <CODE>ejabberd\src</CODE> directory run: <LI>Being in <CODE>ejabberd\src</CODE> directory run:
<PRE> <PRE>
configure configure
nmake -f Makefile.win32 nmake -f Makefile.win32
</PRE><LI>To build MUC, IRC and pub/sub modules run </PRE><LI>Edit file <CODE>ejabberd\src\ejabberd.cfg</CODE> and run
<PRE>
nmake -f Makefile.win32
</PRE>in <CODE>ejabberd\src\mod_muc</CODE>, <CODE>ejabberd\src\mod_muc</CODE> and
<CODE>ejabberd\src\mod_pubsub</CODE> directories
<LI>Edit file <CODE>ejabberd\src\ejabberd.cfg</CODE> and run
<PRE> <PRE>
werl -s ejabberd -name ejabberd werl -s ejabberd -name ejabberd
</PRE><LI>Enjoy! </PRE><LI>Enjoy!
</OL> </OL>
Some recent versions of Erlang distribution it seems have bug in crypto
application, so ejabberd could be built but users can't use digest
authentication (only plain-text). Also it seems SSL support is broken in
Windows distribution of Erlang emulator.<BR>
<BR>
<!--TOC subsection Starting--> <!--TOC subsection Starting-->
<H3><A NAME="htoc10">2.4</A>&nbsp;&nbsp;Starting</H3><!--SEC END --> <H3><A NAME="htoc10">2.4</A>&nbsp;&nbsp;Starting</H3><!--SEC END -->
@ -452,9 +444,12 @@ The following options are defined:
<DT><CODE><B>{shaper, &lt;access rule&gt;}</B></CODE><DD> This option is like previous, but <DT><CODE><B>{shaper, &lt;access rule&gt;}</B></CODE><DD> This option is like previous, but
use shapers instead of ``<TT>allow</TT>'' and ``<TT>deny</TT>''. Default use shapers instead of ``<TT>allow</TT>'' and ``<TT>deny</TT>''. Default
value is ``<TT>none</TT>''. value is ``<TT>none</TT>''.
<DT><CODE><B>{ssl, SSLOpts}</B></CODE><DD> This option defines that traffic on this port <DT><CODE><B>{ip, IPAddress}</B></CODE><DD> This option specifies which network interface to
will be encrypted using SSL. SSL options are the same as described by listen on.
``<CODE>erl -man ssl</CODE>'' command <DT><CODE><B>inet6</B></CODE><DD> Set up the socket for IPv6.
<DT><CODE><B>ssl</B></CODE><DD> This option specifies that traffic on this port will be
encrypted using SSL. You should also set ``<CODE>certfile</CODE>'' option.
<DT><CODE><B>{certfile, Path}</B></CODE><DD> Path to a file containing the SSL certificate.
</DL> </DL>
<DT><CODE><B>ejabberd_s2s_in</B></CODE><DD> This module serves incoming S2S connections. <DT><CODE><B>ejabberd_s2s_in</B></CODE><DD> This module serves incoming S2S connections.
<DT><CODE><B>ejabberd_service</B></CODE><DD> This module serves connections from Jabber <DT><CODE><B>ejabberd_service</B></CODE><DD> This module serves connections from Jabber

View File

@ -39,7 +39,7 @@ c
\author{Alexey Shchepin \\ \author{Alexey Shchepin \\
\ahrefurl{mailto:alexey@sevcom.net} \\ \ahrefurl{mailto:alexey@sevcom.net} \\
\ahrefurl{xmpp:aleksey@jabber.ru}} \ahrefurl{xmpp:aleksey@jabber.ru}}
\date{July 12, 2003} \date{May 8, 2004}
\begin{document} \begin{document}
\begin{titlepage} \begin{titlepage}
@ -425,9 +425,12 @@ Currently three modules are implemented:
\item[\verb|{shaper, <access rule>}|] This option is like previous, but \item[\verb|{shaper, <access rule>}|] This option is like previous, but
use shapers instead of ``\texttt{allow}'' and ``\texttt{deny}''. Default use shapers instead of ``\texttt{allow}'' and ``\texttt{deny}''. Default
value is ``\texttt{none}''. value is ``\texttt{none}''.
\item[\verb|{ssl, SSLOpts}|] This option defines that traffic on this port \item[\verb|{ip, IPAddress}|] This option specifies which network interface to
will be encrypted using SSL. SSL options are the same as described by listen on.
``\verb|erl -man ssl|'' command \item[\verb|inet6|] Set up the socket for IPv6.
\item[\verb|ssl|] This option specifies that traffic on this port will be
encrypted using SSL. You should also set ``\verb|certfile|'' option.
\item[\verb|{certfile, Path}|] Path to a file containing the SSL certificate.
\end{description} \end{description}
\item[\verb|ejabberd_s2s_in|] This module serves incoming S2S connections. \item[\verb|ejabberd_s2s_in|] This module serves incoming S2S connections.
\item[\verb|ejabberd_service|] This module serves connections from \Jabber{} \item[\verb|ejabberd_service|] This module serves connections from \Jabber{}
@ -449,7 +452,7 @@ except admins have traffic limit 1000\,b/s.
{listen, [{5222, ejabberd_c2s, [{access, c2s}, {listen, [{5222, ejabberd_c2s, [{access, c2s},
{shaper, c2s_shaper}]}, {shaper, c2s_shaper}]},
{5223, ejabberd_c2s, [{access, c2s}, {5223, ejabberd_c2s, [{access, c2s},
{ssl, [{certfile, "/path/to/ssl.pem"}]}]}, ssl, {certfile, "/path/to/ssl.pem"}]},
{5269, ejabberd_s2s_in, []}, {5269, ejabberd_s2s_in, []},
{8888, ejabberd_service, {8888, ejabberd_service,
[{hosts, ["conference.example.org"], [{password, "secret"}]}]} [{hosts, ["conference.example.org"], [{password, "secret"}]}]}

View File

@ -87,7 +87,7 @@
{listen, [{5222, ejabberd_c2s, [{access, c2s}, {listen, [{5222, ejabberd_c2s, [{access, c2s},
{shaper, c2s_shaper}]}, {shaper, c2s_shaper}]},
{5223, ejabberd_c2s, [{access, c2s}, {5223, ejabberd_c2s, [{access, c2s},
{ssl, [{certfile, "./ssl.pem"}]}]}, ssl, {certfile, "./ssl.pem"}]},
{5269, ejabberd_s2s_in, [{shaper, s2s_shaper}]}, {5269, ejabberd_s2s_in, [{shaper, s2s_shaper}]},
{8888, ejabberd_service, [%{access, local}, {8888, ejabberd_service, [%{access, local},
{hosts, {hosts,

View File

@ -45,15 +45,28 @@ start(Port, Module, Opts) ->
{ok, proc_lib:spawn_link(?MODULE, init_ssl, {ok, proc_lib:spawn_link(?MODULE, init_ssl,
[Port, Module, Opts, SSLOpts])}; [Port, Module, Opts, SSLOpts])};
_ -> _ ->
{ok, proc_lib:spawn_link(?MODULE, init, [Port, Module, Opts])} case lists:member(ssl, Opts) of
true ->
{ok, proc_lib:spawn_link(?MODULE, init_ssl,
[Port, Module, Opts, []])};
false ->
{ok, proc_lib:spawn_link(?MODULE, init,
[Port, Module, Opts])}
end
end. end.
init(Port, Module, Opts) -> init(Port, Module, Opts) ->
SockOpts = lists:filter(fun({ip, _}) -> true;
(inet6) -> true;
(inet) -> true;
(_) -> false
end, Opts),
{ok, ListenSocket} = gen_tcp:listen(Port, [binary, {ok, ListenSocket} = gen_tcp:listen(Port, [binary,
{packet, 0}, {packet, 0},
{active, false}, {active, false},
{reuseaddr, true}, {reuseaddr, true},
{nodelay, true}]), {nodelay, true} |
SockOpts]),
accept(ListenSocket, Module, Opts). accept(ListenSocket, Module, Opts).
accept(ListenSocket, Module, Opts) -> accept(ListenSocket, Module, Opts) ->
@ -77,11 +90,23 @@ accept(ListenSocket, Module, Opts) ->
init_ssl(Port, Module, Opts, SSLOpts) -> init_ssl(Port, Module, Opts, SSLOpts) ->
SockOpts = lists:filter(fun({ip, _}) -> true;
(inet6) -> true;
(inet) -> true;
({verify, _}) -> true;
({depth, _}) -> true;
({certfile, _}) -> true;
({keyfile, _}) -> true;
({password, _}) -> true;
({cacertfile, _}) -> true;
({ciphers, _}) -> true;
(_) -> false
end, Opts),
{ok, ListenSocket} = ssl:listen(Port, [binary, {ok, ListenSocket} = ssl:listen(Port, [binary,
{packet, 0}, {packet, 0},
{active, false}, {active, false},
{nodelay, true} | {nodelay, true} |
SSLOpts]), SockOpts ++ SSLOpts]),
accept_ssl(ListenSocket, Module, Opts). accept_ssl(ListenSocket, Module, Opts).
accept_ssl(ListenSocket, Module, Opts) -> accept_ssl(ListenSocket, Module, Opts) ->