25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-12-20 17:27:00 +01:00

Deprecate 'route_subdomains' option

This option was introduced to fulfill requirement of RFC3920 10.3,
but in practice it was very inconvenient and many admins were
forced to change its value to 's2s' (i.e. to behaviour that
violates the RFC). Also, it seems like in RFC6120 this requirement
no longer presents.

Those admins who used this option to block s2s with their subdomains
can use 's2s_access' option for the same purpose.
This commit is contained in:
Evgeny Khramtsov 2019-06-26 10:40:30 +03:00
parent b479fe5315
commit ffe1c722e0
4 changed files with 18 additions and 61 deletions

View File

@ -197,6 +197,9 @@ filter(_Host, Opt, Val, _) when Opt == outgoing_s2s_timeout;
filter(_Host, captcha_host, _, _) ->
warn_deprecated_option(captcha_host, captcha_url),
true;
filter(_Host, route_subdomains, _, _) ->
warn_removed_option(route_subdomains, s2s_access),
false;
filter(Host, modules, ModOpts, State) ->
NoDialbackHosts = maps:get(remove_s2s_dialback, State, []),
ModOpts1 = lists:filter(

View File

@ -111,7 +111,6 @@
-export([riak_server/0]).
-export([riak_start_interval/0]).
-export([riak_username/0]).
-export([route_subdomains/0, route_subdomains/1]).
-export([router_cache_life_time/0]).
-export([router_cache_missed/0]).
-export([router_cache_size/0]).
@ -756,13 +755,6 @@ riak_start_interval() ->
riak_username() ->
ejabberd_config:get_option({riak_username, global}).
-spec route_subdomains() -> 'local' | 's2s'.
route_subdomains() ->
route_subdomains(global).
-spec route_subdomains(global | binary()) -> 'local' | 's2s'.
route_subdomains(Host) ->
ejabberd_config:get_option({route_subdomains, Host}).
-spec router_cache_life_time() -> 'infinity' | pos_integer().
router_cache_life_time() ->
ejabberd_config:get_option({router_cache_life_time, global}).

View File

@ -294,8 +294,6 @@ opt_type(riak_start_interval) ->
econf:timeout(second);
opt_type(riak_username) ->
econf:string();
opt_type(route_subdomains) ->
econf:enum([s2s, local]);
opt_type(router_cache_life_time) ->
econf:timeout(second, infinity);
opt_type(router_cache_missed) ->
@ -568,7 +566,6 @@ options() ->
{riak_server, "127.0.0.1"},
{riak_start_interval, timer:seconds(30)},
{riak_username, nil},
{route_subdomains, local},
{router_cache_life_time,
fun(Host) -> ejabberd_config:get_option({cache_life_time, Host}) end},
{router_cache_missed,

View File

@ -361,10 +361,6 @@ do_route(Packet) ->
{error, Reason} ->
Lang = xmpp:get_lang(Packet),
Err = case Reason of
policy_violation ->
xmpp:err_policy_violation(
?T("Server connections to local "
"subdomains are forbidden"), Lang);
forbidden ->
xmpp:err_forbidden(?T("Access denied by service policy"), Lang);
internal_server_error ->
@ -374,12 +370,12 @@ do_route(Packet) ->
end.
-spec start_connection(jid(), jid())
-> {ok, pid()} | {error, policy_violation | forbidden | internal_server_error}.
-> {ok, pid()} | {error, forbidden | internal_server_error}.
start_connection(From, To) ->
start_connection(From, To, []).
-spec start_connection(jid(), jid(), [proplists:property()])
-> {ok, pid()} | {error, policy_violation | forbidden | internal_server_error}.
-> {ok, pid()} | {error, forbidden | internal_server_error}.
start_connection(From, To, Opts) ->
#jid{lserver = MyServer} = From,
#jid{lserver = Server} = To,
@ -395,24 +391,19 @@ start_connection(From, To, Opts) ->
%% service and if the s2s host is not blacklisted or
%% is in whitelist:
LServer = ejabberd_router:host_of_route(MyServer),
case is_service(From, To) of
true ->
{error, policy_violation};
false ->
case allow_host(LServer, Server) of
true ->
NeededConnections = needed_connections_number(
[],
MaxS2SConnectionsNumber,
MaxS2SConnectionsNumberPerNode),
open_several_connections(NeededConnections, MyServer,
Server, From, FromTo,
MaxS2SConnectionsNumber,
MaxS2SConnectionsNumberPerNode, Opts);
false ->
{error, forbidden}
end
end;
case allow_host(LServer, Server) of
true ->
NeededConnections = needed_connections_number(
[],
MaxS2SConnectionsNumber,
MaxS2SConnectionsNumberPerNode),
open_several_connections(NeededConnections, MyServer,
Server, From, FromTo,
MaxS2SConnectionsNumber,
MaxS2SConnectionsNumberPerNode, Opts);
false ->
{error, forbidden}
end;
L when is_list(L) ->
NeededConnections = needed_connections_number(L,
MaxS2SConnectionsNumber,
@ -512,32 +503,6 @@ needed_connections_number(Ls, MaxS2SConnectionsNumber,
lists:min([MaxS2SConnectionsNumber - length(Ls),
MaxS2SConnectionsNumberPerNode - length(LocalLs)]).
%%--------------------------------------------------------------------
%% Function: is_service(From, To) -> true | false
%% Description: Return true if the destination must be considered as a
%% service.
%% --------------------------------------------------------------------
-spec is_service(jid(), jid()) -> boolean().
is_service(From, To) ->
LFromDomain = From#jid.lserver,
case ejabberd_option:route_subdomains(LFromDomain) of
s2s -> % bypass RFC 3920 10.3
false;
local ->
Hosts = ejabberd_option:hosts(),
P = fun (ParentDomain) ->
lists:member(ParentDomain, Hosts)
end,
lists:any(P, parent_domains(To#jid.lserver))
end.
parent_domains(Domain) ->
lists:foldl(fun (Label, []) -> [Label];
(Label, [Head | Tail]) ->
[<<Label/binary, ".", Head/binary>>, Head | Tail]
end,
[], lists:reverse(str:tokens(Domain, <<".">>))).
%%%----------------------------------------------------------------------
%%% ejabberd commands