Where "unexpected" means the host in 'Host' header is not
a registered route. The rationale is to avoid propagation
of uknown "Host" further in the code, which may lead to
nasty errors related to reading configuration values, calling
functions from ejabberd_router.erl, etc.
This commit will allow adding tag to http listeners:
listener:
- port: 4000
- module: ejabberd_http
- tag: "magic_listener"
that later can be used to have special api_permission just for it:
api_permissions:
"magic_access":
from:
- tag: "magic_listener"
who: all
what: "*"
==== WARNING: MUST BE ADDED TO RELEASE NOTES =====
The commit introduces the following incompatibility:
- Option 'ca_path' is deprecated and has no effect anymore:
option 'ca_file' should be used instead if needed.
==================================================
The header consisted of too many unrelated stuff and macros misuse.
Some stuff is moved into scram.hrl and type_compat.hrl.
All macros have been replaced with the corresponding function calls.
TODO: probably type_compat.hrl is not even needed anymore since
we support only Erlang >= OTP 17.5
Due to historical reasons, ejabberd loads the whole file/data
into the memory when serving an HTTP request. This is now improved:
1) For GET requests ejabberd uses sendfile(2) if the underlying
connection is HTTP and falls back to read/write loop with 64kb
buffer for HTTPS connections. This type of requests are handled
by mod_http_fileserver, mod_http_upload, ejabberd_captcha, etc
2) POST requests are now limited to 20Mb and are fully downloaded
into the memory for further processing (by ejabberd_web_admin,
mod_bosh, etc)
3) PUT requests (e.g. for mod_http_upload) are handled by read/write
loop with 64kb buffer
The options "inet", "inet6" and "backlog" are valid listen options, but are
currently logged as errors (even though they do work):
2018-02-28 16:08:44.141 [error] <0.338.0>@ejabberd_listener:validate_module_option:630 unknown listen option 'backlog' for 'ejabberd_c2s' will be likely ignored, available options are: access, shaper, certfile, ciphers, dhfile, cafile, client_cafile, protocol_options, tls, tls_compression, starttls, starttls_required, tls_verify, zlib, max_fsm_queue
This adds the necessary validators so they are correctly recognized.
1. Add a request handler in ejabberd_http and explain how to configure the http listener so that the challenges can be solved.
2. Make acme configuration optional by providing defaults in ejabberd_acme.
3. Save the CA that the account has been created in so that it creates a new account when connecting to a new CA.
4. Small spec change in acme configuration.
