25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-12-26 17:38:45 +01:00
Commit Graph

62 Commits

Author SHA1 Message Date
Evgeny Khramtsov
15b4b3fa1b Fix typos using codespell 2019-07-16 22:07:39 +03:00
Evgeny Khramtsov
253ec13971 Use new ets_cache API in ejabberd_auth 2019-06-30 17:15:43 +03:00
Evgeny Khramtsov
a02cff0e78 Use new configuration validator 2019-06-14 12:33:26 +03:00
Badlop
55417dfb37 Update copyright to 2019 (#2756) 2019-01-08 22:53:27 +01:00
Marcel Waldvogel
9b48dc9cc3 Make it possible to join extauth pools 2018-07-30 22:49:18 +02:00
Evgeniy Khramtsov
fd8e07af47 Get rid of ejabberd.hrl header
The header consisted of too many unrelated stuff and macros misuse.
Some stuff is moved into scram.hrl and type_compat.hrl.
All macros have been replaced with the corresponding function calls.

TODO: probably type_compat.hrl is not even needed anymore since
we support only Erlang >= OTP 17.5
2018-06-14 14:00:47 +03:00
Evgeniy Khramtsov
8766854870 Get rid of ?FUNCTION_NAME macro (it's OTP19+ feature) 2018-05-08 12:06:58 +03:00
Evgeniy Khramtsov
61ae0ff02c Improve logging of external authentication failures 2018-05-08 09:36:34 +03:00
Evgeniy Khramtsov
b23d5754e8 Improve robustness of external authentication backends
Now all external ports are attached to supervising processes
and requests are balanced in round-robin manner until the pool
is exhausted.

The commit also deprecates `extauth_instances` option and introduces
`extauth_pool_size` option instead, with the default value of a number
of logical processors (i.e. CPU cores).

Fixes #2403
2018-05-07 19:27:18 +03:00
Evgeniy Khramtsov
cdc7c1d1ed Update copyright dates 2018-01-05 23:18:58 +03:00
Evgeniy Khramtsov
cdb191bb48 Rename is_user_exists -> user_exists 2017-05-11 15:49:06 +03:00
Evgeniy Khramtsov
633b68db11 Use cache for authentication backends
The commit introduces the following API incompatibilities:

In ejabberd_auth.erl:
* dirty_get_registered_users/0 is renamed to get_users/0
* get_vh_registered_users/1 is renamed to get_users/1
* get_vh_registered_users/2 is renamed to get_users/2
* get_vh_registered_users_number/1 is renamed to count_users/1
* get_vh_registered_users_number/2 is renamed to count_users/2

In ejabberd_auth callbacks
* plain_password_required/0 is replaced by plain_password_required/1
  where the argument is a virtual host
* store_type/0 is replaced by store_type/1 where the argument is
  a virtual host
* set_password/3 is now an optional callback
* remove_user/3 callback is no longer needed
* remove_user/2 now should return `ok | {error, atom()}`
* is_user_exists/2 now must only be implemented for backends
  with `external` store type
* check_password/6 is no longer needed
* check_password/4 now must only be implemented for backends
  with `external` store type
* try_register/3 is now an optional callback and should return
  `ok | {error, atom()}`
* dirty_get_registered_users/0 is no longer needed
* get_vh_registered_users/1 is no longer needed
* get_vh_registered_users/2 is renamed to get_users/2
* get_vh_registered_users_number/1 is no longer needed
* get_vh_registered_users_number/2 is renamed to count_users/2
* get_password_s/2 is no longer needed
* get_password/2 now must only be implemented for backends with
  `plain` or `scram` store type

Additionally, the commit introduces two new callbacks:
* use_cache/1 where the argument is a virtual host
* cache_nodes/1 where the argument is a virtual host

New options are also introduced: `auth_use_cache`, `auth_cache_missed`,
`auth_cache_life_time` and `auth_cache_size`.
2017-05-11 14:37:21 +03:00
Evgeniy Khramtsov
01a2c9fe12 Add type specs for Module:opt_type/1 2017-05-08 12:59:28 +03:00
Evgeniy Khramtsov
b82b93f8f0 Don't validate an option in ejabberd_config:get_option() functions
The commit introduces the following changes:
* Now there is no need to pass validating function in
  ejabberd_config:get_option() functions, because the configuration
  keeps already validated values.
* New function ejabberd_config:get_option/1 is introduced
* Function ejabberd_config:get_option/3 is deprecated. If the function
  is still called, the second argument (validating function) is simply
  ignored.
* The second argument for ejabberd_config:get_option/2 is now
  a default value, not a validating function.
2017-04-29 11:39:40 +03:00
Evgeniy Khramtsov
6cdead166b Start/stop auth modules when host is added/deleted 2017-02-23 16:19:22 +03:00
Peter Lemenkov
cb30f7733d Use ejabberd_config:get_option/2 instead of ejabberd_config:get_local_option/2
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
2017-02-16 20:41:57 +03:00
Badlop
5fdd1c39fe Update copyright date automatically (#1442) 2017-01-02 21:42:06 +01:00
Holger Weiss
a2f0e157bc ejabberd_auth*: Fix indentation 2016-05-24 00:40:25 +02:00
Evgeniy Khramtsov
52fde758b3 Get rid of "internal" DB type. This also fixes #1092 2016-04-27 09:44:32 +03:00
Evgeniy Khramtsov
46568fb959 Merge commit 'refs/pull/524/head' of github.com:processone/ejabberd into sasl-api-change 2016-03-25 18:16:50 +03:00
Elias Rohrer
8e6a301026 Fixed type specifications for 'rebar doc'
- Fixed type @specs and -specs to remove 'rebar doc' errors
- Removed a lot of wrong and deprecated documentation in ejabberd_piefxis.erl
2016-03-07 15:06:19 +01:00
Badlop
f448ff608a Update copyright to 2016 (#901) 2016-01-13 12:29:14 +01:00
Paweł Chmielowski
29db302808 More now() replacements 2015-12-07 16:09:48 +01:00
Christophe Romain
6aeb9dcb38 cosmetic cleanup 2015-10-07 14:18:38 +02:00
Badlop
ee456cc2af Fix regression introduced when code was binarized (EJAB-641) 2015-09-24 17:21:14 +02:00
Quan Zhuo
ae51277316 Comment unused type, unused term 2015-09-16 22:52:36 +08:00
Evgeniy Khramtsov
fb6267f38e Add config validation at startup 2015-06-01 15:38:27 +03:00
Ben Langfeld
917d48f30b Use SASL PLAIN authzid as client identity if auth module permits it
This allows the authentication modules to perform SASL proxy authentication. It puts the onus on them to authorize the authcid to masquerade as the authzid. Doesn't currently implement such functionality in existing auth modules, since they cannot currently codify a relationship between the two identities. Does not permit the authzid to use a domain differently from the one of the connection.

Note: digest might not work, but I have no interest in it, being deprecated.
2015-05-06 14:12:15 -03:00
Badlop
5a35405cd5 Update copyright dates to 2015 (EJAB-1733) 2015-01-08 17:34:43 +01:00
Holger Weiss
fca640f50f Don't use cached passwords if "extauth_cache: 0"
Regarding "extauth_cache", the guide says: "The integer 0 (zero) enables
caching for statistics, but doesn't use that cached information to
authenticate users."  Make sure the cached password isn't used even if
the user is currently logged in with another resource.
2014-05-20 23:00:28 +02:00
Badlop
79a49b1175 Webadmin with extauth requires internal to run at least once (issue #201) 2014-05-07 17:13:51 +02:00
Badlop
70f00a1b1f extauth_cache can have value 0 2014-05-05 13:13:35 +02:00
Holger Weiss
d350cc6361 Accept "extauth_cache: false"
Don't log a "configuration problem" message if "extauth_cache: false" is
explicitly specified, as that's a valid configuration setting as per the
documentation.
2014-04-16 14:15:14 +02:00
badlop
285c4c17cf Merge pull request #146 from jamielinux/master
Update FSF address
2014-04-11 13:35:46 +02:00
Badlop
633d47f784 Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
Jamie Nguyen
8538997d61 Update FSF address 2014-02-22 10:27:40 +00:00
Evgeniy Khramtsov
91a74e3e27 Change configuration file format to YAML 2013-08-21 22:17:59 +10:00
Evgeniy Khramtsov
4d8f770624 Switch to rebar build tool
Use dynamic Rebar configuration
Make iconv dependency optional
Disable transient_supervisors compile option
Add hipe compilation support
Only compile ibrowse and lhttpc when needed
Make it possible to generate an OTP application release
Add --enable-debug compile option
Add --enable-all compiler option
Add --enable-tools configure option
Add --with-erlang configure option.
Add --enable-erlang-version-check configure option.
Add lager support
Improve the test suite
2013-06-13 11:11:02 +02:00
Badlop
9deb294328 Accumulated patch to binarize and indent code 2013-03-14 10:33:02 +01:00
Alexey Shchepin
0ae400533c Update copyright dates 2013-01-24 16:25:13 +02:00
Evgeniy Khramtsov
437f68a9f3 Merge SQL and Mnesia code into one module (EJAB-1560) 2012-04-27 19:52:05 +10:00
Alexey Shchepin
b1e2538488 Update copyright dates 2012-02-23 17:52:34 +02:00
Badlop
1ee6eae684 Fix and improve support for SCRAM auth method (EJAB-1196) 2011-08-16 00:26:49 +02:00
Badlop
e80b92b481 Preliminary patch for SASL SCRAM-SHA-1 (thanks to Stephen Röttger)(EJAB-1196) 2011-08-16 00:25:03 +02:00
Christophe Romain
fd52f2cb7d update copyright up to 2011 2011-02-14 13:50:55 +01:00
Badlop
aa413d63da Fix detection of mod_last at server start (EJAB-641) 2010-12-03 17:26:12 +01:00
Badlop
c8df607173 Fix typo (thanks to Evgeniy Khramtsov) 2010-07-23 00:38:15 +02:00
Badlop
9476d8a2c3 Optionally cache extauth users in mnesia (EJAB-641) 2010-05-10 16:42:54 +02:00
Badlop
7b76fdcde7 Update year of ProcessOne copyright from 2009 to 2010 (EJAB-1159)
SVN Revision: 2891
2010-01-12 16:11:32 +00:00
Badlop
aedb847a81 * src/cyrsasl.erl: Change API of check_password: pass a function
to generate the digest (thanks to Graham Whitted)(EJAB-863)
* src/cyrsasl_anonymous.erl: Likewise
* src/cyrsasl_digest.erl: Likewise
* src/cyrsasl_plain.erl: Likewise
* src/ejabberd_auth.erl: Likewise
* src/ejabberd_auth_anonymous.erl: Likewise
* src/ejabberd_auth_external.erl: Likewise
* src/ejabberd_auth_internal.erl: Likewise
* src/ejabberd_auth_ldap.erl: Likewise
* src/ejabberd_auth_odbc.erl: Likewise
* src/ejabberd_auth_pam.erl: Likewise
* src/ejabberd_c2s.erl: Likewise

SVN Revision: 2033
2009-04-22 11:44:03 +00:00