25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-30 16:36:29 +01:00
Commit Graph

2784 Commits

Author SHA1 Message Date
Andreas Köhler
18ef908759 Before binding tcp ports, checks the socket type and listener options
If the callback module has a socket type of independent and needs to
create the listener itself, do not pre-bind the port. The same holds if
there are errors in the listener configuration.
2010-11-10 23:46:18 +01:00
Andreas Köhler
1f1d2bd5f5 Bind listener ports early and start accepting connections later
It may happen that auth or rdbms client tcp connections bind a local
socket to a port number required by a configered listener. The ejabberd
applications fails to start up and needs to be restarted.

In plain C you would bind(2) the listener port and listen(2) later on.
gen_tcp:listen/2 does not allow to separate these two steps though, so
another way is not to accept connections while start up. OTOH, the
kernel will syn/ack incoming connections and receive data, leaving them
in a buffer for the ejabberd to read from. If this is unwanted, a load
balancer would need to receive data from the ejabberd server before
adding the node to its pool.

This patch binds tcp ports while initializing the ejabberd_listener
process, storing ListenSockets in an ets table. start_listeners/0 will
reuse these ports later on.
2010-11-10 23:46:16 +01:00
Andreas Köhler
0c484369c9 In mod_last*:get_last_iq/4, check for user resources first to return 0 seconds if there is one
Fixes problem 2 of EJAB-1158.
2010-11-10 15:40:04 +01:00
Andreas Köhler
100f2e9a13 Refactor mod_last to use the same core get_last/2 functionality, but keep api stable
The local function get_last/4 has been renamed to get_last_iq/4, since
it converts the result of get_last/2 (typically {ok, TimeStamp, Status})
to an iq packet.
2010-11-10 15:40:03 +01:00
Andreas Köhler
510fd8cf73 Before forwarding last activity requests to a user, check that the user's presence is visible for From
According to XEP-0012, 4. Online User Query, "if the requesting entity
is not authorized to view the user's presence information (normally via
a presence subscription as defined in XMPP IM), the user's server MUST
NOT deliver the IQ-get to an available resource but instead MUST return
a <forbidden/> error in response to the last activity request."

So check for a subscription of from of the jid and bare jid and whether
outgoing presences to From are allowed.

Fixes problem 3 of EJAB-1158.
2010-11-10 15:40:01 +01:00
Andreas Köhler
080922a3de Remove dead code for NS_VCARD iq packets from ejabberd_c2s
For EJAB-1045, the special NS_VCARD block for handling incoming vcard
iqs on behalf of clients has already been restricted to cases where the
user or resource part of the recipient is empty. But then the packets
should not have been routed to the c2s process anyway. This patch
completely removes it.
2010-11-10 15:40:00 +01:00
Andreas Köhler
cb7d8c8ead Use ejabberd_c2s:privacy_check_packet/5 for all those hook folded runs in the c2s module 2010-11-10 15:39:59 +01:00
Andreas Köhler
c47252aea1 Use c2s state data as user and server in ejabberd_c2s:is_privacy_allow
is_privacy_allow is only used in ejabberd_c2s:handle_info/3 to determine
for a few presence types whether the packet is allowed to be forwarded
to the user's client. This only makes sense if To#jid.user and
To#jid.server match StateData#state.user and StateData#state.server.

Also, add the atom in as parameter to a new argument Dir of
is_privacy_allow and extract from that function
privacy_check_packet(StateData, From, To, Packet, Dir) which runs the
privavcy check without converting allow/deny to true/false.
2010-11-10 15:39:57 +01:00
Andreas Köhler
f96074057c Correct error responses of forbidden offline last activity queries
According to XEP-0012 Last Activity, the server must return iq errors
with forbidden instead of not-allowed.

Fixes problem 1 of EJAB-1158.
2010-11-10 15:39:55 +01:00
Christophe Romain
dfaeb3bc88 populate pubsub#roster_groups_allowed in node configuration options (thanks to Karim Gemayel)(EJAB-1344) 2010-11-10 15:15:03 +01:00
Christophe Romain
c31f59e326 fix bad plugin order issue injected in previous patch (EJAB-1286) 2010-11-09 14:32:40 +01:00
Andreas Köhler
7c2b9eaf97 Correct privacy check direction in mod_last (EJAB-1339)
The change for EJAB-1271 to change the direction of the privacy check
from out to in violates the idea that the check should imitate a
subscription state check of from. Rather correct the order of the From
and To parameters.
2010-11-09 13:57:57 +01:00
Andreas Köhler
79f5251d69 Change max restart strategy of ejabberd_odbc_sup to handle some SQL timeouts. 2010-11-08 18:41:03 +01:00
Christophe Romain
917e8640c2 avoid node_call to break transaction (thanks to Karim Gemayel)(EJAB-1286) 2010-11-08 11:16:51 +01:00
Andreas Köhler
c4bc0e7252 Re-raise exceptions caught in gen_mod:start_module/3 (EJAB-1335)
Modules configured by the administrator normally should not be treated
as optional, so a exception (error, exit, throw) to start them should not
be caught and logged only.

This patch re-raises a caught exception instead of ignoring the
exception and inserting the module's opts on success. That way
gen_mod:get_module_opt/4 should work while calling Module:start/2.
2010-11-07 00:49:52 +01:00
Evgeniy Khramtsov
1f16e4783c Take care of xml:lang attribute in unauthenticated stanzas as well 2010-11-06 13:58:52 +09:00
Badlop
7f3a5066c6 New ip_access option restricts which IPs can register (thanks to Alexey Shchepin)(EJAB-915) 2010-11-05 19:33:52 +01:00
Badlop
6f3713a67d Disable mod_register_web in default config because by default captcha is disabled 2010-11-05 19:33:50 +01:00
Badlop
abfb4a2841 Recompile the Guide 2010-11-05 18:21:20 +01:00
Badlop
f672fd0824 Added mod_register_web: web page for account registration (EJAB-471) 2010-11-05 18:19:52 +01:00
Evgeniy Khramtsov
60b36beda8 Disable LRU caching algorithm for LDAP shared rosters 2010-11-05 17:01:18 +09:00
Evgeniy Khramtsov
c4289095e0 Do not store long language tag to avoid possible DoS/flood attacks 2010-11-05 05:10:18 +09:00
Evgeniy Khramtsov
31757116fc LDAP shared roster support (thanks to Realloc and Marcin Owsiany) 2010-11-05 02:34:45 +09:00
Jonas Ådahl
2f68733708 Fixes a leak of ejabberd_receiver processes.
When a (non-frontend) socket module without any custom receiver fails to
start, the newly created ejabberd_receiver process needs to be properly
closed.
2010-11-03 17:10:52 +01:00
Badlop
dccaff0544 Correct in the Guide the default mod_irc encoding
The default option value was last changed in  EJAB-302,
but the Guide was not properly updated yet.
2010-11-02 22:47:28 +01:00
Badlop
184ec38510 Implement the mod_irc option default_encoding, it was already documented
Related:
http://www.ejabberd.im/node/4270#comment-56609
http://www.ejabberd.im/node/4270#comment-56780
2010-11-02 22:40:08 +01:00
Badlop
2d59efb515 Fix crash in ejabberd_c2s when blacklist hook returned true (thanks to Jonas Ådahl)
Cause of the crash jlib:ip_to_list/1 only supports IP tuples using the
form {N1,N2,N3,N4} which is not the case when IPv6 is enabled.
2010-11-02 13:51:36 +01:00
Evgeniy Khramtsov
195d22d906 Merge branch '2.1.x' of git+ssh://gitorious.process-one.net/ejabberd/mainline into 2.1.x 2010-11-01 22:23:01 +09:00
Evgeniy Khramtsov
ab80513755 Do not run set_last request inside a transaction 2010-11-01 22:22:41 +09:00
Badlop
8a116411bb Fix errors in EDoc comments 2010-10-28 18:48:27 +02:00
Badlop
bd3889b6ec Include a Required xml element in the captcha field 2010-10-27 00:50:17 +02:00
Andreas Köhler
400fb69f15 Ignore Length argument to tls:recv/[23] (EJAB-1327)
The Length argument cannot be used for gen_tcp:recv/3, because the
compressed size does not equal the desired uncompressed one.
2010-10-26 19:32:15 +02:00
Andreas Köhler
9da45d40c7 Re-use the TLSSock argument in tls:send/2 (EJAB-1327) 2010-10-26 19:30:32 +02:00
Evgeniy Khramtsov
23db206ea1 * Add top-level instructions for x:data incompatible clients
* Remove trailing dot
2010-10-26 03:47:14 +10:00
Badlop
964b7b6b67 Changes in registration form to workaround client problems (EJAB-1262)
Changes included:
* Remove var in fixed field because Gajim and Tkabber display it to user
* Add workaround for Psi's overlap fields
* Add var=url attribute, required by Psi to display the field
* Provide the image URL as a copy-able form field
2010-10-25 19:00:52 +02:00
Badlop
9c5f34794a Workaround for Psi's wrong Type in form submission 2010-10-25 18:58:31 +02:00
Badlop
eca7588abf Recompile the guide.html 2010-10-25 18:57:54 +02:00
Badlop
a15d583d4d Add CAPTCHA example configurations to cfg (EJAB-1262)(EJAB-1326) 2010-10-25 18:57:39 +02:00
Evgeniy Khramtsov
e03c453c78 Provide image url in registration form when captcha is enabled 2010-10-25 23:36:31 +10:00
Evgeniy Khramtsov
641dc7d695 Add password entropy check (EJAB-1326) 2010-10-24 17:17:30 +10:00
Evgeniy Khramtsov
0a1b0498a6 * Rename option captcha to captcha_protected for consistency.
* Document captcha_protected option
2010-10-24 15:45:42 +10:00
Evgeniy Khramtsov
a6858a6ce4 Merge branch '2.1.x' of git+ssh://gitorious.process-one.net/ejabberd/mainline into 2.1.x 2010-10-24 15:30:37 +10:00
Evgeniy Khramtsov
f4beeb1706 CAPTCHA IBR support (EJAB-1262) 2010-10-24 15:30:16 +10:00
Badlop
75298b4c27 Improve example of outoging_s2s_options 2010-10-22 23:14:24 +02:00
Christophe Romain
011464e6ac improve documentation (thanks to Karim Gemayel) 2010-10-21 11:14:24 +02:00
Peter Lemenkov
c53e8012b2 Change directory before any operation to one readable by INSTALLUSER (EJAB-1322)
This is required in order to suppress error messages like
"File operation error: eacces" when ejabberd was started from directory,
which is not readable by INSTALLUSER (/root, for example). See rhbz #564686:

https://bugzilla.redhat.com/564686

Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
2010-10-19 01:05:31 +02:00
Badlop
fe04d57284 Fix bug in mod_pubsub in_subscription return value 2010-10-19 00:26:36 +02:00
Christophe Romain
0f3bd782c4 documentation update (thanks to Karim Gemayel) 2010-10-18 16:53:21 +02:00
Badlop
91cf9194d8 When privacy list denies local user's outgoing stanza, try to return error (EJAB-1320)
See:
http://xmpp.org/extensions/xep-0016.html#example-51
Example 51. Error: contact is blocked
2010-10-16 22:53:12 +02:00
Badlop
e2dbad6242 Check privacy of outgoing IQ stanzas (EJAB-1320) 2010-10-16 22:53:10 +02:00