25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-10-31 15:21:38 +01:00
Commit Graph

3127 Commits

Author SHA1 Message Date
Andreas Köhler
f4507a088a In mod_last*:get_last_iq/4, check for user resources first to return 0 seconds if there is one
Fixes problem 2 of EJAB-1158.
2010-11-10 15:41:10 +01:00
Andreas Köhler
6b46b8f794 Refactor mod_last to use the same core get_last/2 functionality, but keep api stable
The local function get_last/4 has been renamed to get_last_iq/4, since
it converts the result of get_last/2 (typically {ok, TimeStamp, Status})
to an iq packet.
2010-11-10 15:41:09 +01:00
Andreas Köhler
7d93cad452 Before forwarding last activity requests to a user, check that the user's presence is visible for From
According to XEP-0012, 4. Online User Query, "if the requesting entity
is not authorized to view the user's presence information (normally via
a presence subscription as defined in XMPP IM), the user's server MUST
NOT deliver the IQ-get to an available resource but instead MUST return
a <forbidden/> error in response to the last activity request."

So check for a subscription of from of the jid and bare jid and whether
outgoing presences to From are allowed.

Fixes problem 3 of EJAB-1158.
2010-11-10 15:41:08 +01:00
Andreas Köhler
860d8525ee Remove dead code for NS_VCARD iq packets from ejabberd_c2s
For EJAB-1045, the special NS_VCARD block for handling incoming vcard
iqs on behalf of clients has already been restricted to cases where the
user or resource part of the recipient is empty. But then the packets
should not have been routed to the c2s process anyway. This patch
completely removes it.
2010-11-10 15:41:07 +01:00
Andreas Köhler
351635d0aa Use ejabberd_c2s:privacy_check_packet/5 for all those hook folded runs in the c2s module 2010-11-10 15:41:06 +01:00
Andreas Köhler
614f13714c Use c2s state data as user and server in ejabberd_c2s:is_privacy_allow
is_privacy_allow is only used in ejabberd_c2s:handle_info/3 to determine
for a few presence types whether the packet is allowed to be forwarded
to the user's client. This only makes sense if To#jid.user and
To#jid.server match StateData#state.user and StateData#state.server.

Also, add the atom in as parameter to a new argument Dir of
is_privacy_allow and extract from that function
privacy_check_packet(StateData, From, To, Packet, Dir) which runs the
privavcy check without converting allow/deny to true/false.
2010-11-10 15:41:05 +01:00
Andreas Köhler
642b18edcb Correct error responses of forbidden offline last activity queries
According to XEP-0012 Last Activity, the server must return iq errors
with forbidden instead of not-allowed.

Fixes problem 1 of EJAB-1158.
2010-11-10 15:41:03 +01:00
Christophe Romain
03239c662e populate pubsub#roster_groups_allowed in node configuration options (thanks to Karim Gemayel)(EJAB-1344) 2010-11-10 15:14:16 +01:00
Christophe Romain
fbb84c8256 fix bad plugin order issue injected in previous patch (EJAB-1286) 2010-11-09 14:36:04 +01:00
Andreas Köhler
e710ac51eb Correct privacy check direction in mod_last (EJAB-1339)
The change for EJAB-1271 to change the direction of the privacy check
from out to in violates the idea that the check should imitate a
subscription state check of from. Rather correct the order of the From
and To parameters.
2010-11-09 13:57:01 +01:00
Andreas Köhler
6ce29e7ecb Change max restart strategy of ejabberd_odbc_sup to handle some SQL timeouts. 2010-11-08 18:42:37 +01:00
Badlop
e84d853bc3 Improve the IQ error stanzas to provide an explanation (EJAB-1262) 2010-11-08 12:01:14 +01:00
Christophe Romain
5e0f2b8560 avoid node_call to break transaction (thanks to Karim Gemayel)(EJAB-1286) 2010-11-08 11:18:33 +01:00
Andreas Köhler
01b6cd3aba Re-raise exceptions caught in gen_mod:start_module/3 (EJAB-1335)
Modules configured by the administrator normally should not be treated
as optional, so a exception (error, exit, throw) to start them should not
be caught and logged only.

This patch re-raises a caught exception instead of ignoring the
exception and inserting the module's opts on success. That way
gen_mod:get_module_opt/4 should work while calling Module:start/2.
2010-11-07 00:47:53 +01:00
Badlop
2ebfd4090a Fix register 2010-11-06 21:53:18 +01:00
Evgeniy Khramtsov
e4a1eb4370 Take care of xml:lang attribute in unauthenticated stanzas as well 2010-11-06 21:53:16 +01:00
Evgeniy Khramtsov
e3afec9465 Disable LRU caching algorithm for LDAP shared rosters 2010-11-06 21:53:14 +01:00
Evgeniy Khramtsov
29fbe6d8e1 Do not store long language tag to avoid possible DoS/flood attacks 2010-11-06 21:53:13 +01:00
Evgeniy Khramtsov
5c3611fe32 LDAP shared roster support (thanks to Realloc and Marcin Owsiany) 2010-11-06 21:53:11 +01:00
Badlop
4a1d8c2cd2 New ip_access option restricts which IPs can register (thanks to Alexey Shchepin)(EJAB-915) 2010-11-05 19:33:20 +01:00
Badlop
b9c6f6e627 Disable mod_register_web in default config because by default captcha is disabled 2010-11-05 19:33:10 +01:00
Badlop
d456578b3c Added mod_register_web: web page for account registration (EJAB-471) 2010-11-05 18:21:59 +01:00
Badlop
659d546897 Fix warnings detected by Dialyzer 2010-11-04 01:00:18 +01:00
Jonas Ådahl
bacecae3dd Fixes a leak of ejabberd_receiver processes.
When a (non-frontend) socket module without any custom receiver fails to
start, the newly created ejabberd_receiver process needs to be properly
closed.
2010-11-03 17:10:46 +01:00
Badlop
5168f68946 Don't add Pid to Captcha record when it's requested by c2s instead of muc 2010-11-03 14:05:27 +01:00
Badlop
9a32615122 Handle incoherence of argument type in calls to remove_user 2010-11-03 13:24:40 +01:00
Badlop
48dcc5180a Additional fixes for previous captcha commits related to exmpp 2010-11-03 12:44:11 +01:00
Badlop
32868e534e Include a Required xml element in the captcha field 2010-11-03 12:44:04 +01:00
Evgeniy Khramtsov
773c54f912 Add top-level instructions for x:data incompatible clients 2010-11-03 12:44:03 +01:00
Badlop
82e8048a8a Changes in registration form to workaround client problems (EJAB-1262)
Changes included:
* Remove var in fixed field because Gajim and Tkabber display it to user
* Add workaround for Psi's overlap fields
* Add var=url attribute, required by Psi to display the field
* Provide the image URL as a copy-able form field
2010-11-03 12:44:02 +01:00
Badlop
633b467a22 Workaround for Psi's wrong Type in form submission 2010-11-03 12:44:01 +01:00
Badlop
b0ae3d14aa Add CAPTCHA example configurations to cfg (EJAB-1262)(EJAB-1326) 2010-11-03 12:44:00 +01:00
Evgeniy Khramtsov
2d8bfb1a15 Provide image url in registration form when captcha is enabled 2010-11-03 12:43:59 +01:00
Evgeniy Khramtsov
30366dbe98 Add password entropy check (EJAB-1326) 2010-11-03 12:43:58 +01:00
Evgeniy Khramtsov
55bd17d6f5 Rename option captcha to captcha_protected for consistency 2010-11-03 12:43:57 +01:00
Badlop
f310292da4 CAPTCHA IBR support (EJAB-1262)(thanks to Evgeniy Khramtsov) 2010-11-03 12:43:55 +01:00
Badlop
81546f3270 Fix crash in ejabberd_c2s when blacklist hook returned true (thanks to Jonas Ådahl)
Cause of the crash jlib:ip_to_list/1 only supports IP tuples using the
form {N1,N2,N3,N4} which is not the case when IPv6 is enabled.
2010-11-02 14:04:10 +01:00
Badlop
91dee14ad6 Fix errors in EDoc comments 2010-10-28 18:23:02 +02:00
Badlop
231d44ffa3 Handle binary data from SockMod:recv in ejabberd_http:recv_data/3 (thanks to Andreas Köhler)(EJAB-1331) 2010-10-27 21:21:15 +02:00
Andreas Köhler
70c247d357 Ignore Length argument to tls:recv/[23] (EJAB-1327)
The Length argument cannot be used for gen_tcp:recv/3, because the
compressed size does not equal the desired uncompressed one.
2010-10-26 19:33:56 +02:00
Andreas Köhler
1579bf2d18 Re-use the TLSSock argument in tls:send/2 (EJAB-1327) 2010-10-26 19:33:53 +02:00
Badlop
d9ac399c74 Improve example of outoging_s2s_options 2010-10-22 23:16:52 +02:00
Christophe Romain
378b8a60c6 add function specification, convert string() to binary(), fix pubsub.hrl (thanks to Karim Gemayel) 2010-10-19 17:08:59 +02:00
Peter Lemenkov
70cdcfcae1 Change directory before any operation to one readable by INSTALLUSER (EJAB-1322)
This is required in order to suppress error messages like
"File operation error: eacces" when ejabberd was started from directory,
which is not readable by INSTALLUSER (/root, for example). See rhbz #564686:

https://bugzilla.redhat.com/564686

Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
2010-10-19 01:16:15 +02:00
Badlop
a473935782 Fix bug in mod_pubsub in_subscription return value 2010-10-19 00:28:24 +02:00
Badlop
16f0873488 Fix bug when routing error stanza 2010-10-16 22:51:51 +02:00
Badlop
17b4aaa1f7 When privacy list denies local user's outgoing stanza, try to return error (EJAB-1320)
See:
http://xmpp.org/extensions/xep-0016.html#example-51
Example 51. Error: contact is blocked
2010-10-16 22:51:50 +02:00
Badlop
eddbad2c76 Check privacy of outgoing Message stanzas (EJAB-1320) 2010-10-16 22:51:48 +02:00
Badlop
2e932dd85c Add support to ejabberd_ctl to handle anonymous command arguments 2010-10-16 00:48:03 +02:00
Badlop
3bc7127743 Rename aclocal.m4 to acinclude.m4 (thanks to Andreas Köhler)
Also fixed minor typos, added the compiled aclocal.m4 to gitignore,
and documented how to build the script 'configure'.

Related documentation:
http://www.gnu.org/software/hello/manual/automake/Local-Macros.html#Local-Macros
http://www.gnu.org/software/hello/manual/automake/Invoking-aclocal.html#Invoking-aclocal
2010-10-15 16:24:17 +02:00