mirror of
https://github.com/processone/ejabberd.git
synced 2024-12-26 17:38:45 +01:00
* doc/guide.tex: Updated
* src/ejabberd_listener.erl: Now possible to specify interface on which one socket will be listened, also added another way to specify SSL options * src/ejabberd.cfg.example: Updated SVN Revision: 231
This commit is contained in:
parent
964e61143c
commit
c812a59efc
@ -1,3 +1,12 @@
|
|||||||
|
2004-05-08 Alexey Shchepin <alexey@sevcom.net>
|
||||||
|
|
||||||
|
* doc/guide.tex: Updated
|
||||||
|
|
||||||
|
* src/ejabberd_listener.erl: Now possible to specify interface on
|
||||||
|
which one socket will be listened, also added another way to
|
||||||
|
specify SSL options
|
||||||
|
* src/ejabberd.cfg.example: Updated
|
||||||
|
|
||||||
2004-05-07 Alexey Shchepin <alexey@sevcom.net>
|
2004-05-07 Alexey Shchepin <alexey@sevcom.net>
|
||||||
|
|
||||||
* src/web/ejabberd_web_admin.erl: Updated (thanks to Andrey
|
* src/web/ejabberd_web_admin.erl: Updated (thanks to Andrey
|
||||||
|
@ -21,7 +21,7 @@
|
|||||||
<A HREF="mailto:alexey@sevcom.net"><TT>mailto:alexey@sevcom.net</TT></A><BR>
|
<A HREF="mailto:alexey@sevcom.net"><TT>mailto:alexey@sevcom.net</TT></A><BR>
|
||||||
<A HREF="xmpp:aleksey@jabber.ru"><TT>xmpp:aleksey@jabber.ru</TT></A></H3>
|
<A HREF="xmpp:aleksey@jabber.ru"><TT>xmpp:aleksey@jabber.ru</TT></A></H3>
|
||||||
|
|
||||||
<H3 ALIGN=center>July 12, 2003</H3><DIV ALIGN=center>
|
<H3 ALIGN=center>May 8, 2004</H3><DIV ALIGN=center>
|
||||||
|
|
||||||
<IMG SRC="logo.png">
|
<IMG SRC="logo.png">
|
||||||
|
|
||||||
@ -181,10 +181,12 @@ To compile <TT>ejabberd</TT> in MS Windows environment, you will need the follow
|
|||||||
packages:
|
packages:
|
||||||
<UL><LI>
|
<UL><LI>
|
||||||
MS Visual C++ 6.0 Compiler
|
MS Visual C++ 6.0 Compiler
|
||||||
<LI><A HREF="http://www.erlang.org/download/otp_win32_R8B-2.exe">Erlang
|
<LI><A HREF="http://www.erlang.org/download/otp_win32_R9C-0.exe">Erlang emulator version 5.3</A>
|
||||||
emulator version 5.1.2</A>
|
<LI><A HREF="http://prdownloads.sourceforge.net/expat/expat_win32bin_1_95_7.exe?download">Expat 1.95.7</A>
|
||||||
<LI><A HREF="http://prdownloads.sourceforge.net/expat/expat_win32bin_1_95_6.exe?download">Expat 1.95.6</A>
|
<LI><A HREF="http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.9.1.tar.gz">Iconv 1.9.1</A>
|
||||||
<LI><A HREF="http://prdownloads.sourceforge.net/gnuwin32/libiconv-1.8-1-lib.exe?download">Iconv 1.8</A> (optional)
|
(optional)
|
||||||
|
<LI><A HREF="http://www.slproweb.com/download/Win32OpenSSL-v0.9.7d.exe">Shining Light OpenSSL</A>
|
||||||
|
(to enable SSL connections)
|
||||||
</UL>
|
</UL>
|
||||||
<!--TOC subsection Obtaining-->
|
<!--TOC subsection Obtaining-->
|
||||||
|
|
||||||
@ -222,39 +224,29 @@ TBD<BR>
|
|||||||
|
|
||||||
<A NAME="sec:compilationwin"></A>
|
<A NAME="sec:compilationwin"></A>
|
||||||
<OL type=1><LI>
|
<OL type=1><LI>
|
||||||
Install Erlang emulator (for example, into <CODE>C:\Program Files\erl5.1.2</CODE>).
|
Install Erlang emulator (for example, into <CODE>C:\Program Files\erl5.3</CODE>).
|
||||||
<LI>Install Expat library into <CODE>C:\Program Files\Expat-1.95.6</CODE>
|
<LI>Install Expat library into <CODE>C:\Program Files\Expat-1.95.7</CODE>
|
||||||
directory. Copy file <CODE>C:\Program Files\Expat-1.95.6\Libs\libexpat.dll</CODE>
|
directory. Copy file <CODE>C:\Program Files\Expat-1.95.7\Libs\libexpat.dll</CODE>
|
||||||
to your Windows system directory (for example, <CODE>C:\WINNT</CODE> or
|
to your Windows system directory (for example, <CODE>C:\WINNT</CODE> or
|
||||||
<CODE>C:\WINNT\System32</CODE>)
|
<CODE>C:\WINNT\System32</CODE>)
|
||||||
<LI>Install Iconv library into <CODE>C:\Program Files\GnuWin32</CODE> directory.
|
<LI>Build and install Iconv library into <CODE>C:\Program Files\iconv-1.9.1</CODE> directory.
|
||||||
Copy file <CODE>C:\Program Files\GnuWin32\bin\libiconv-2.dll</CODE> to your
|
Copy file <CODE>C:\Program Files\iconv-1.9.1\bin\iconv.dll</CODE> to your
|
||||||
Windows system directory.<BR>
|
Windows system directory.<BR>
|
||||||
<BR>
|
<BR>
|
||||||
Note: Instead of copying libexpat.dll and libiconv-2.dll to Windows
|
Note: Instead of copying libexpat.dll and iconv.dll to Windows
|
||||||
directory, you can add directories
|
directory, you can add directories
|
||||||
<CODE>C:\Program Files\Expat-1.95.6\Libs</CODE> and
|
<CODE>C:\Program Files\Expat-1.95.7\Libs</CODE> and
|
||||||
<CODE>C:\Program Files\GnuWin32\bin</CODE> to <CODE>PATH</CODE> environment
|
<CODE>C:\Program Files\iconv-1.9.1\bin</CODE> to <CODE>PATH</CODE> environment
|
||||||
variable.
|
variable.
|
||||||
<LI>Being in <CODE>ejabberd\src</CODE> directory run:
|
<LI>Being in <CODE>ejabberd\src</CODE> directory run:
|
||||||
<PRE>
|
<PRE>
|
||||||
configure
|
configure
|
||||||
nmake -f Makefile.win32
|
nmake -f Makefile.win32
|
||||||
</PRE><LI>To build MUC, IRC and pub/sub modules run
|
</PRE><LI>Edit file <CODE>ejabberd\src\ejabberd.cfg</CODE> and run
|
||||||
<PRE>
|
|
||||||
nmake -f Makefile.win32
|
|
||||||
</PRE>in <CODE>ejabberd\src\mod_muc</CODE>, <CODE>ejabberd\src\mod_muc</CODE> and
|
|
||||||
<CODE>ejabberd\src\mod_pubsub</CODE> directories
|
|
||||||
<LI>Edit file <CODE>ejabberd\src\ejabberd.cfg</CODE> and run
|
|
||||||
<PRE>
|
<PRE>
|
||||||
werl -s ejabberd -name ejabberd
|
werl -s ejabberd -name ejabberd
|
||||||
</PRE><LI>Enjoy!
|
</PRE><LI>Enjoy!
|
||||||
</OL>
|
</OL>
|
||||||
Some recent versions of Erlang distribution it seems have bug in crypto
|
|
||||||
application, so ejabberd could be built but users can't use digest
|
|
||||||
authentication (only plain-text). Also it seems SSL support is broken in
|
|
||||||
Windows distribution of Erlang emulator.<BR>
|
|
||||||
<BR>
|
|
||||||
<!--TOC subsection Starting-->
|
<!--TOC subsection Starting-->
|
||||||
|
|
||||||
<H3><A NAME="htoc10">2.4</A> Starting</H3><!--SEC END -->
|
<H3><A NAME="htoc10">2.4</A> Starting</H3><!--SEC END -->
|
||||||
@ -452,9 +444,12 @@ The following options are defined:
|
|||||||
<DT><CODE><B>{shaper, <access rule>}</B></CODE><DD> This option is like previous, but
|
<DT><CODE><B>{shaper, <access rule>}</B></CODE><DD> This option is like previous, but
|
||||||
use shapers instead of ``<TT>allow</TT>'' and ``<TT>deny</TT>''. Default
|
use shapers instead of ``<TT>allow</TT>'' and ``<TT>deny</TT>''. Default
|
||||||
value is ``<TT>none</TT>''.
|
value is ``<TT>none</TT>''.
|
||||||
<DT><CODE><B>{ssl, SSLOpts}</B></CODE><DD> This option defines that traffic on this port
|
<DT><CODE><B>{ip, IPAddress}</B></CODE><DD> This option specifies which network interface to
|
||||||
will be encrypted using SSL. SSL options are the same as described by
|
listen on.
|
||||||
``<CODE>erl -man ssl</CODE>'' command
|
<DT><CODE><B>inet6</B></CODE><DD> Set up the socket for IPv6.
|
||||||
|
<DT><CODE><B>ssl</B></CODE><DD> This option specifies that traffic on this port will be
|
||||||
|
encrypted using SSL. You should also set ``<CODE>certfile</CODE>'' option.
|
||||||
|
<DT><CODE><B>{certfile, Path}</B></CODE><DD> Path to a file containing the SSL certificate.
|
||||||
</DL>
|
</DL>
|
||||||
<DT><CODE><B>ejabberd_s2s_in</B></CODE><DD> This module serves incoming S2S connections.
|
<DT><CODE><B>ejabberd_s2s_in</B></CODE><DD> This module serves incoming S2S connections.
|
||||||
<DT><CODE><B>ejabberd_service</B></CODE><DD> This module serves connections from Jabber
|
<DT><CODE><B>ejabberd_service</B></CODE><DD> This module serves connections from Jabber
|
||||||
|
@ -39,7 +39,7 @@ c
|
|||||||
\author{Alexey Shchepin \\
|
\author{Alexey Shchepin \\
|
||||||
\ahrefurl{mailto:alexey@sevcom.net} \\
|
\ahrefurl{mailto:alexey@sevcom.net} \\
|
||||||
\ahrefurl{xmpp:aleksey@jabber.ru}}
|
\ahrefurl{xmpp:aleksey@jabber.ru}}
|
||||||
\date{July 12, 2003}
|
\date{May 8, 2004}
|
||||||
|
|
||||||
\begin{document}
|
\begin{document}
|
||||||
\begin{titlepage}
|
\begin{titlepage}
|
||||||
@ -425,9 +425,12 @@ Currently three modules are implemented:
|
|||||||
\item[\verb|{shaper, <access rule>}|] This option is like previous, but
|
\item[\verb|{shaper, <access rule>}|] This option is like previous, but
|
||||||
use shapers instead of ``\texttt{allow}'' and ``\texttt{deny}''. Default
|
use shapers instead of ``\texttt{allow}'' and ``\texttt{deny}''. Default
|
||||||
value is ``\texttt{none}''.
|
value is ``\texttt{none}''.
|
||||||
\item[\verb|{ssl, SSLOpts}|] This option defines that traffic on this port
|
\item[\verb|{ip, IPAddress}|] This option specifies which network interface to
|
||||||
will be encrypted using SSL. SSL options are the same as described by
|
listen on.
|
||||||
``\verb|erl -man ssl|'' command
|
\item[\verb|inet6|] Set up the socket for IPv6.
|
||||||
|
\item[\verb|ssl|] This option specifies that traffic on this port will be
|
||||||
|
encrypted using SSL. You should also set ``\verb|certfile|'' option.
|
||||||
|
\item[\verb|{certfile, Path}|] Path to a file containing the SSL certificate.
|
||||||
\end{description}
|
\end{description}
|
||||||
\item[\verb|ejabberd_s2s_in|] This module serves incoming S2S connections.
|
\item[\verb|ejabberd_s2s_in|] This module serves incoming S2S connections.
|
||||||
\item[\verb|ejabberd_service|] This module serves connections from \Jabber{}
|
\item[\verb|ejabberd_service|] This module serves connections from \Jabber{}
|
||||||
@ -449,7 +452,7 @@ except admins have traffic limit 1000\,b/s.
|
|||||||
{listen, [{5222, ejabberd_c2s, [{access, c2s},
|
{listen, [{5222, ejabberd_c2s, [{access, c2s},
|
||||||
{shaper, c2s_shaper}]},
|
{shaper, c2s_shaper}]},
|
||||||
{5223, ejabberd_c2s, [{access, c2s},
|
{5223, ejabberd_c2s, [{access, c2s},
|
||||||
{ssl, [{certfile, "/path/to/ssl.pem"}]}]},
|
ssl, {certfile, "/path/to/ssl.pem"}]},
|
||||||
{5269, ejabberd_s2s_in, []},
|
{5269, ejabberd_s2s_in, []},
|
||||||
{8888, ejabberd_service,
|
{8888, ejabberd_service,
|
||||||
[{hosts, ["conference.example.org"], [{password, "secret"}]}]}
|
[{hosts, ["conference.example.org"], [{password, "secret"}]}]}
|
||||||
|
@ -87,7 +87,7 @@
|
|||||||
{listen, [{5222, ejabberd_c2s, [{access, c2s},
|
{listen, [{5222, ejabberd_c2s, [{access, c2s},
|
||||||
{shaper, c2s_shaper}]},
|
{shaper, c2s_shaper}]},
|
||||||
{5223, ejabberd_c2s, [{access, c2s},
|
{5223, ejabberd_c2s, [{access, c2s},
|
||||||
{ssl, [{certfile, "./ssl.pem"}]}]},
|
ssl, {certfile, "./ssl.pem"}]},
|
||||||
{5269, ejabberd_s2s_in, [{shaper, s2s_shaper}]},
|
{5269, ejabberd_s2s_in, [{shaper, s2s_shaper}]},
|
||||||
{8888, ejabberd_service, [%{access, local},
|
{8888, ejabberd_service, [%{access, local},
|
||||||
{hosts,
|
{hosts,
|
||||||
|
@ -45,15 +45,28 @@ start(Port, Module, Opts) ->
|
|||||||
{ok, proc_lib:spawn_link(?MODULE, init_ssl,
|
{ok, proc_lib:spawn_link(?MODULE, init_ssl,
|
||||||
[Port, Module, Opts, SSLOpts])};
|
[Port, Module, Opts, SSLOpts])};
|
||||||
_ ->
|
_ ->
|
||||||
{ok, proc_lib:spawn_link(?MODULE, init, [Port, Module, Opts])}
|
case lists:member(ssl, Opts) of
|
||||||
|
true ->
|
||||||
|
{ok, proc_lib:spawn_link(?MODULE, init_ssl,
|
||||||
|
[Port, Module, Opts, []])};
|
||||||
|
false ->
|
||||||
|
{ok, proc_lib:spawn_link(?MODULE, init,
|
||||||
|
[Port, Module, Opts])}
|
||||||
|
end
|
||||||
end.
|
end.
|
||||||
|
|
||||||
init(Port, Module, Opts) ->
|
init(Port, Module, Opts) ->
|
||||||
|
SockOpts = lists:filter(fun({ip, _}) -> true;
|
||||||
|
(inet6) -> true;
|
||||||
|
(inet) -> true;
|
||||||
|
(_) -> false
|
||||||
|
end, Opts),
|
||||||
{ok, ListenSocket} = gen_tcp:listen(Port, [binary,
|
{ok, ListenSocket} = gen_tcp:listen(Port, [binary,
|
||||||
{packet, 0},
|
{packet, 0},
|
||||||
{active, false},
|
{active, false},
|
||||||
{reuseaddr, true},
|
{reuseaddr, true},
|
||||||
{nodelay, true}]),
|
{nodelay, true} |
|
||||||
|
SockOpts]),
|
||||||
accept(ListenSocket, Module, Opts).
|
accept(ListenSocket, Module, Opts).
|
||||||
|
|
||||||
accept(ListenSocket, Module, Opts) ->
|
accept(ListenSocket, Module, Opts) ->
|
||||||
@ -77,11 +90,23 @@ accept(ListenSocket, Module, Opts) ->
|
|||||||
|
|
||||||
|
|
||||||
init_ssl(Port, Module, Opts, SSLOpts) ->
|
init_ssl(Port, Module, Opts, SSLOpts) ->
|
||||||
|
SockOpts = lists:filter(fun({ip, _}) -> true;
|
||||||
|
(inet6) -> true;
|
||||||
|
(inet) -> true;
|
||||||
|
({verify, _}) -> true;
|
||||||
|
({depth, _}) -> true;
|
||||||
|
({certfile, _}) -> true;
|
||||||
|
({keyfile, _}) -> true;
|
||||||
|
({password, _}) -> true;
|
||||||
|
({cacertfile, _}) -> true;
|
||||||
|
({ciphers, _}) -> true;
|
||||||
|
(_) -> false
|
||||||
|
end, Opts),
|
||||||
{ok, ListenSocket} = ssl:listen(Port, [binary,
|
{ok, ListenSocket} = ssl:listen(Port, [binary,
|
||||||
{packet, 0},
|
{packet, 0},
|
||||||
{active, false},
|
{active, false},
|
||||||
{nodelay, true} |
|
{nodelay, true} |
|
||||||
SSLOpts]),
|
SockOpts ++ SSLOpts]),
|
||||||
accept_ssl(ListenSocket, Module, Opts).
|
accept_ssl(ListenSocket, Module, Opts).
|
||||||
|
|
||||||
accept_ssl(ListenSocket, Module, Opts) ->
|
accept_ssl(ListenSocket, Module, Opts) ->
|
||||||
|
Loading…
Reference in New Issue
Block a user