mirror of
https://github.com/processone/ejabberd.git
synced 2024-12-20 17:27:00 +01:00
Deprecate 'route_subdomains' option
This option was introduced to fulfill requirement of RFC3920 10.3, but in practice it was very inconvenient and many admins were forced to change its value to 's2s' (i.e. to behaviour that violates the RFC). Also, it seems like in RFC6120 this requirement no longer presents. Those admins who used this option to block s2s with their subdomains can use 's2s_access' option for the same purpose.
This commit is contained in:
parent
b479fe5315
commit
ffe1c722e0
@ -197,6 +197,9 @@ filter(_Host, Opt, Val, _) when Opt == outgoing_s2s_timeout;
|
||||
filter(_Host, captcha_host, _, _) ->
|
||||
warn_deprecated_option(captcha_host, captcha_url),
|
||||
true;
|
||||
filter(_Host, route_subdomains, _, _) ->
|
||||
warn_removed_option(route_subdomains, s2s_access),
|
||||
false;
|
||||
filter(Host, modules, ModOpts, State) ->
|
||||
NoDialbackHosts = maps:get(remove_s2s_dialback, State, []),
|
||||
ModOpts1 = lists:filter(
|
||||
|
@ -111,7 +111,6 @@
|
||||
-export([riak_server/0]).
|
||||
-export([riak_start_interval/0]).
|
||||
-export([riak_username/0]).
|
||||
-export([route_subdomains/0, route_subdomains/1]).
|
||||
-export([router_cache_life_time/0]).
|
||||
-export([router_cache_missed/0]).
|
||||
-export([router_cache_size/0]).
|
||||
@ -756,13 +755,6 @@ riak_start_interval() ->
|
||||
riak_username() ->
|
||||
ejabberd_config:get_option({riak_username, global}).
|
||||
|
||||
-spec route_subdomains() -> 'local' | 's2s'.
|
||||
route_subdomains() ->
|
||||
route_subdomains(global).
|
||||
-spec route_subdomains(global | binary()) -> 'local' | 's2s'.
|
||||
route_subdomains(Host) ->
|
||||
ejabberd_config:get_option({route_subdomains, Host}).
|
||||
|
||||
-spec router_cache_life_time() -> 'infinity' | pos_integer().
|
||||
router_cache_life_time() ->
|
||||
ejabberd_config:get_option({router_cache_life_time, global}).
|
||||
|
@ -294,8 +294,6 @@ opt_type(riak_start_interval) ->
|
||||
econf:timeout(second);
|
||||
opt_type(riak_username) ->
|
||||
econf:string();
|
||||
opt_type(route_subdomains) ->
|
||||
econf:enum([s2s, local]);
|
||||
opt_type(router_cache_life_time) ->
|
||||
econf:timeout(second, infinity);
|
||||
opt_type(router_cache_missed) ->
|
||||
@ -568,7 +566,6 @@ options() ->
|
||||
{riak_server, "127.0.0.1"},
|
||||
{riak_start_interval, timer:seconds(30)},
|
||||
{riak_username, nil},
|
||||
{route_subdomains, local},
|
||||
{router_cache_life_time,
|
||||
fun(Host) -> ejabberd_config:get_option({cache_life_time, Host}) end},
|
||||
{router_cache_missed,
|
||||
|
@ -361,10 +361,6 @@ do_route(Packet) ->
|
||||
{error, Reason} ->
|
||||
Lang = xmpp:get_lang(Packet),
|
||||
Err = case Reason of
|
||||
policy_violation ->
|
||||
xmpp:err_policy_violation(
|
||||
?T("Server connections to local "
|
||||
"subdomains are forbidden"), Lang);
|
||||
forbidden ->
|
||||
xmpp:err_forbidden(?T("Access denied by service policy"), Lang);
|
||||
internal_server_error ->
|
||||
@ -374,12 +370,12 @@ do_route(Packet) ->
|
||||
end.
|
||||
|
||||
-spec start_connection(jid(), jid())
|
||||
-> {ok, pid()} | {error, policy_violation | forbidden | internal_server_error}.
|
||||
-> {ok, pid()} | {error, forbidden | internal_server_error}.
|
||||
start_connection(From, To) ->
|
||||
start_connection(From, To, []).
|
||||
|
||||
-spec start_connection(jid(), jid(), [proplists:property()])
|
||||
-> {ok, pid()} | {error, policy_violation | forbidden | internal_server_error}.
|
||||
-> {ok, pid()} | {error, forbidden | internal_server_error}.
|
||||
start_connection(From, To, Opts) ->
|
||||
#jid{lserver = MyServer} = From,
|
||||
#jid{lserver = Server} = To,
|
||||
@ -395,24 +391,19 @@ start_connection(From, To, Opts) ->
|
||||
%% service and if the s2s host is not blacklisted or
|
||||
%% is in whitelist:
|
||||
LServer = ejabberd_router:host_of_route(MyServer),
|
||||
case is_service(From, To) of
|
||||
true ->
|
||||
{error, policy_violation};
|
||||
false ->
|
||||
case allow_host(LServer, Server) of
|
||||
true ->
|
||||
NeededConnections = needed_connections_number(
|
||||
[],
|
||||
MaxS2SConnectionsNumber,
|
||||
MaxS2SConnectionsNumberPerNode),
|
||||
open_several_connections(NeededConnections, MyServer,
|
||||
Server, From, FromTo,
|
||||
MaxS2SConnectionsNumber,
|
||||
MaxS2SConnectionsNumberPerNode, Opts);
|
||||
false ->
|
||||
{error, forbidden}
|
||||
end
|
||||
end;
|
||||
case allow_host(LServer, Server) of
|
||||
true ->
|
||||
NeededConnections = needed_connections_number(
|
||||
[],
|
||||
MaxS2SConnectionsNumber,
|
||||
MaxS2SConnectionsNumberPerNode),
|
||||
open_several_connections(NeededConnections, MyServer,
|
||||
Server, From, FromTo,
|
||||
MaxS2SConnectionsNumber,
|
||||
MaxS2SConnectionsNumberPerNode, Opts);
|
||||
false ->
|
||||
{error, forbidden}
|
||||
end;
|
||||
L when is_list(L) ->
|
||||
NeededConnections = needed_connections_number(L,
|
||||
MaxS2SConnectionsNumber,
|
||||
@ -512,32 +503,6 @@ needed_connections_number(Ls, MaxS2SConnectionsNumber,
|
||||
lists:min([MaxS2SConnectionsNumber - length(Ls),
|
||||
MaxS2SConnectionsNumberPerNode - length(LocalLs)]).
|
||||
|
||||
%%--------------------------------------------------------------------
|
||||
%% Function: is_service(From, To) -> true | false
|
||||
%% Description: Return true if the destination must be considered as a
|
||||
%% service.
|
||||
%% --------------------------------------------------------------------
|
||||
-spec is_service(jid(), jid()) -> boolean().
|
||||
is_service(From, To) ->
|
||||
LFromDomain = From#jid.lserver,
|
||||
case ejabberd_option:route_subdomains(LFromDomain) of
|
||||
s2s -> % bypass RFC 3920 10.3
|
||||
false;
|
||||
local ->
|
||||
Hosts = ejabberd_option:hosts(),
|
||||
P = fun (ParentDomain) ->
|
||||
lists:member(ParentDomain, Hosts)
|
||||
end,
|
||||
lists:any(P, parent_domains(To#jid.lserver))
|
||||
end.
|
||||
|
||||
parent_domains(Domain) ->
|
||||
lists:foldl(fun (Label, []) -> [Label];
|
||||
(Label, [Head | Tail]) ->
|
||||
[<<Label/binary, ".", Head/binary>>, Head | Tail]
|
||||
end,
|
||||
[], lists:reverse(str:tokens(Domain, <<".">>))).
|
||||
|
||||
%%%----------------------------------------------------------------------
|
||||
%%% ejabberd commands
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user