24
1
mirror of https://github.com/processone/ejabberd.git synced 2024-06-18 22:15:20 +02:00
Commit Graph

2652 Commits

Author SHA1 Message Date
Holger Weiss
737b0ae5dc XEP-0198: Cosmetic change: Omit redundant guard
The stream management state is never 'pending' when the c2s FSM is in
the 'session_established' state.
2014-05-23 20:46:17 +02:00
Evgeniy Khramtsov
8925975c86 Fix proxying of ACK requests for 2xx responses 2014-05-23 20:14:53 +04:00
Holger Weiss
ab9667f917 XEP-0198: Don't exit on socket send failure
If stream management is enabled, don't exit the c2s process when
ejabberd_socket:send/2 fails, but close the socket instead.  This gives
the client a chance to resume the session.

Thanks go to Matthias Rieber for reporting the issue, providing detailed
logs, and testing the fix.
2014-05-23 11:38:54 +02:00
Badlop
735bd95659 Merge branch 'check-packet-type' of git://github.com/weiss/ejabberd into weiss-check-packet-type
Conflicts:
	src/ejabberd_c2s.erl
2014-05-21 18:45:28 +02:00
badlop
69abb48c90 Merge pull request #217 from weiss/fix-extauth-cache-usage
Don't use cached passwords if "extauth_cache: 0"
2014-05-21 17:35:54 +02:00
badlop
419a98d45a Merge pull request #216 from lavrin/p1-c2s
Cleanup some pieces of ejabberd_c2s
2014-05-21 17:35:24 +02:00
badlop
5d855f3723 Merge pull request #207 from weiss/xep-0334
Honor XEP-0334: Message Processing Hints
2014-05-21 17:31:22 +02:00
Holger Weiss
6b996061a2 Omit XML namespace declaration for <iq/> stanzas
Only the child elements of <iq/> stanzas are qualified by the namespaces
in question, not the <iq/> stanzas themselves.

This change just clarifies the code.  It doesn't alter the behaviour, as
those <iq/> stanzas are handed over to jlib:iq_to_xml/1, and that
function ignores the 'xmlns' attribute anyway.
2014-05-21 00:07:57 +02:00
Holger Weiss
fca640f50f Don't use cached passwords if "extauth_cache: 0"
Regarding "extauth_cache", the guide says: "The integer 0 (zero) enables
caching for statistics, but doesn't use that cached information to
authenticate users."  Make sure the cached password isn't used even if
the user is currently logged in with another resource.
2014-05-20 23:00:28 +02:00
Badlop
5010cea1a4 If log uses file:write, no need to double escape ~ in messages (EJAB-1696) 2014-05-20 14:49:52 +02:00
Radosław Szymczyszyn
5726636053 Fix check_from/2 formatting 2014-05-20 12:31:28 +01:00
Radosław Szymczyszyn
b7a542e074 Sanitize copy-pasted get_statustag/1 2014-05-20 12:28:14 +01:00
Radosław Szymczyszyn
9c37450fe4 Fix formatting 2014-05-20 12:26:33 +01:00
Radosław Szymczyszyn
c39ce133de Build proceed/compressed elements in a sane way 2014-05-20 11:52:02 +01:00
Badlop
6d06f22f64 MUC messages with ~ were not logged (EJAB-1696) 2014-05-19 19:07:46 +02:00
Badlop
a6ddab1e9d Fix bug when joining empty path 2014-05-14 13:28:39 +02:00
Holger Weiss
6e8dd5bdff Don't miss incoming presence updates 2014-05-14 01:04:38 +02:00
Holger Weiss
f6da708b02 XEP-0198: Check whether routed packets are stanzas
Only stanzas are subject to stream management, so when XEP-0198 support
is enabled, we must distinguish them from non-stanza elements.  This
commit adds a send_packet/2 function that can be used in place of
send_stanza/2 or send_element/2 whenever a packet is delivered that
might or might not be a stanza.
2014-05-12 19:20:25 +02:00
Holger Weiss
9121ca14de Rename disconnect_user/2 command
The mod_admin_extra module provides a kick_session/4 command.  Rename
the disconnect_user/2 command to kick_user/2 for consistency.
2014-05-12 12:44:40 +02:00
Holger Weiss
47efe4e6a9 Don't log MUC messages with <no-store/> hint
Honor the <no-store/> and <no-permanent-store/> hints defined in
XEP-0334.
2014-05-12 00:27:20 +02:00
Holger Weiss
03fd88e4ec Don't store messages with <no-store/> hint
Honor the <no-store/> hint defined in XEP-0334.
2014-05-12 00:00:34 +02:00
Holger Weiss
9b16d09261 Don't carbon copy messages with <no-copy/> hint
Honor the <no-copy/> hint defined in XEP-0334.
2014-05-11 23:52:20 +02:00
Evgeny Khramtsov
5d22159e9a Merge pull request #205 from weiss/xep-0198
XEP-0198: Improve handling of incorrect stanza counts reported by client
2014-05-10 00:05:17 +04:00
Evgeniy Khramtsov
003fd321ee Do not try to retreive vCards via local SM for foreign JIDs 2014-05-09 21:26:55 +04:00
Holger Weiss
6d5bfcfe9b XEP-0198: Improve handling of too large 'h' values
If the client says that it handled more stanzas than we sent (due to a
bug in the client's or in our code), increase our outgoing stanza count
accordingly.  There's no point in sticking to the old value even if it
was correct, as the client surely won't fix its count during the current
session.
2014-05-09 18:28:14 +02:00
Holger Weiss
15369ff9d7 XEP-0198: Reject <resume/> with negative 'h' value
Make sure the 'h' attribute sent with a <resume/> request is
nonnegative, as mandated by XEP-0198.

We already have this check for <a/> elements.
2014-05-09 18:01:31 +02:00
Holger Weiss
a60fda7df4 XEP-0198: Don't warn on invalid ACK elements
Do not log a warning (but only a debug message) if the client sends an
invalid </a> packet.  Some clients do that occasionally, and there's
nothing server admininistrators could do about that.
2014-05-09 17:54:12 +02:00
Evgeniy Khramtsov
318b0f2208 Fix previous commit (C2S session close on server shutdown) 2014-05-08 21:47:50 +04:00
Evgeniy Khramtsov
181e7a823e Fix C2S session close on server shutdown 2014-05-08 21:39:53 +04:00
Evgeniy Khramtsov
90a5c054d4 TURN support (EJAB-1017) 2014-05-08 16:14:21 +04:00
Evgeny Khramtsov
115da54557 Merge pull request #203 from hamano/added_get_random_pid_error_handling
improve error handling when sql calling with (empty|unknown) host.
2014-05-08 10:02:27 +04:00
Badlop
79a49b1175 Webadmin with extauth requires internal to run at least once (issue #201) 2014-05-07 17:13:51 +02:00
HAMANO Tsukasa
d3ed12d4ba fix mod_offline:count_offline_messages/2 2014-05-07 15:38:18 +09:00
Holger Weiss
d343447cc9 Merge remote-tracking branch 'processone/master' into xep-0198
Conflicts:
	doc/guide.tex
	src/ejabberd_c2s.erl
2014-05-06 21:41:29 +02:00
Christophe Romain
cc1f93d7a0 Fix PEP broadcasting issue on ODBC (EJAB-1680) 2014-05-06 13:29:35 +02:00
Christophe Romain
58717923eb Fix PEP broadcasting issue (EJAB-1680) 2014-05-06 12:37:44 +02:00
Holger Weiss
8b1f92575a XEP-0198: Use "mgmt_" prefix for all #state fields
Prefix all ejabberd_c2s #state fields that are used for stream
management with "mgmt_".
2014-05-06 07:27:10 +02:00
Christophe Romain
a6244275b7 remove compilation warnings 2014-05-05 18:16:48 +02:00
Christophe Romain
4bdf1bc7a6 avoid sending duplicated events 2014-05-05 17:53:50 +02:00
Christophe Romain
faa6ad26a0 avoid sending empty events 2014-05-05 17:53:44 +02:00
Christophe Romain
530ac43758 store item when persist_item=false and cache_last_item=false but need last_item 2014-05-05 17:40:42 +02:00
Nathan Bruning
f3aa74a043 Fix small bug in presence_based_delivery implementation 2014-05-05 14:14:03 +02:00
Badlop
872cc12dd8 Temporary room not destroyed when the last participant is expulsed (EJAB-520) 2014-05-05 13:50:52 +02:00
Badlop
70f00a1b1f extauth_cache can have value 0 2014-05-05 13:13:35 +02:00
Holger Weiss
3b3f3b9131 XEP-0198: Don't log protocol issues
There are corner cases where certain clients acknowledge more stanzas
than they received.  Nothing really bad will happen in those cases, and
server administrators can't do anything about such issues anyway.
2014-05-05 01:11:14 +02:00
Holger Weiss
32abcbca6c XEP-0198: Accept stream elements in pending state
Due to timing issues, ejabberd_c2s might receive stream elements from
the client while the session is waiting for stream resumption.  Those
elements are now accepted.
2014-05-05 00:02:55 +02:00
Holger Weiss
a0917a8e9b XEP-0198: Log message when waiting for resumption
Log an informational message when a session goes into the pending state
(waiting for resumption) after the connection was lost.  Administrators
may well be interested in this state change when looking into issues.
2014-05-04 23:08:42 +02:00
Evgeniy Khramtsov
fafec77e56 Make it possible to get/set vCards for MUC rooms 2014-05-04 23:23:17 +04:00
Evgeniy Khramtsov
806c0e56e1 Do not crash on version downgrade 2014-05-03 17:55:03 +04:00
Evgeniy Khramtsov
d0ffcb7fd4 Assume udp_recv/5 now returns new options 2014-05-03 17:48:26 +04:00
Evgeniy Khramtsov
955487391d Assume tcp_init/2 and udp_init/2 now return new options 2014-05-03 17:48:17 +04:00
Evgeniy Khramtsov
47a39ce738 Remove unused function 2014-05-02 17:43:23 +04:00
Evgeniy Khramtsov
ebd760b7c9 Forking support 2014-05-02 17:43:17 +04:00
Evgeniy Khramtsov
f8417f7c1f Remove empty line 2014-05-02 17:43:09 +04:00
Evgeniy Khramtsov
3c98de69dc Some cleanup 2014-05-02 17:43:03 +04:00
Evgeniy Khramtsov
ab6774d93d Fix CSeq comparison 2014-05-02 17:42:57 +04:00
Evgeniy Khramtsov
58aa200297 Optimize request processing 2014-05-02 17:42:51 +04:00
Evgeniy Khramtsov
a1337cb73f Do not proxy stray responses statelessly (as per RFC 6026) 2014-05-02 17:42:45 +04:00
Evgeniy Khramtsov
e7e4055cbb Don't use erlang:integer_to_binary/1 2014-05-02 17:42:37 +04:00
Evgeniy Khramtsov
1d771fe646 Rewrite 'Contact' headers in REGISTER requests 2014-05-02 17:42:31 +04:00
Evgeniy Khramtsov
8e2bc8d19e Check for 'max_user_sessions' option 2014-05-02 17:42:13 +04:00
Evgeniy Khramtsov
0117787317 Process gen_server timeouts correctly 2014-05-02 17:40:25 +04:00
Evgeniy Khramtsov
16e5d66572 Move some code in a separate function 2014-05-02 17:38:47 +04:00
Evgeniy Khramtsov
6a95422af8 Multiple REGISTER bindings support 2014-05-02 17:38:28 +04:00
Evgeniy Khramtsov
35faffe7da Locate sessions by proxy processes directly 2014-05-02 17:31:17 +04:00
HAMANO Tsukasa
d83368d73d fix ejabberd_system_monitor:s2s_out_info/1 error 2014-05-01 15:12:04 +09:00
Evgeny Khramtsov
c545b3de6d Merge pull request #178 from hamano/devel
undefined ejabberd_socket:get_conn_type/1
2014-04-30 21:49:54 +04:00
Evgeniy Khramtsov
02e0649d18 SIP support
Conflicts:
	configure
	configure.ac
	doc/guide.tex
2014-04-30 19:38:15 +04:00
HAMANO Tsukasa
0904b8b8ff improve error handling when sql calling with (empty|unknown) host.
see #191
2014-05-01 00:20:58 +09:00
Badlop
ec6c58a21c Fix error reporting in previous commit 2014-04-30 16:02:20 +02:00
Badlop
b3714a1b2e Fix formatting string argument (thanks to Locojay)(github #129) 2014-04-30 15:59:44 +02:00
Evgeny Khramtsov
81a906af01 Merge pull request #191 from hamano/added_get_random_pid_error_handling
fix error handling when sql calling with unknown host.
2014-04-30 17:02:39 +04:00
badlop
65519cf262 Merge pull request #190 from hamano/mod_register_web_response_404
mod_register_web should response 404 instead of process crash.
2014-04-30 12:42:43 +02:00
badlop
a1b8c54c16 Merge pull request #187 from weiss/fix-ejabberdctl-output
Let ejabberdctl accept binary string arguments
2014-04-30 12:41:12 +02:00
HAMANO Tsukasa
a6408e9281 fix error handling when sql calling with unknown host. 2014-04-30 15:32:07 +09:00
HAMANO Tsukasa
0e0bd3329d mod_register_web should response 404 instead of process crash. 2014-04-30 13:39:17 +09:00
Evgeny Khramtsov
9563b0228f Merge pull request #177 from weiss/log-tls-sasl-external
Log TLS status for outgoing s2s with SASL EXTERNAL
2014-04-30 00:38:18 +04:00
Evgeny Khramtsov
8419322884 Merge pull request #181 from weiss/check-tls-before-auth
Check TLS state before requesting SASL EXTERNAL for outgoing s2s connections
2014-04-30 00:36:08 +04:00
Evgeny Khramtsov
c37aa1b46d Merge pull request #185 from weiss/verify-cert-for-s2s-out
Support certificate verification for outgoing s2s connections
2014-04-30 00:08:24 +04:00
Evgeny Khramtsov
599fdb9ac2 Merge pull request #186 from weiss/add-disconnect-command
New ejabberd command: disconnect_user/2
2014-04-29 15:41:41 +04:00
Holger Weiss
ebbceab93f Translate disconnect_user/2 string sent to client 2014-04-29 11:56:28 +02:00
Holger Weiss
bb2c8b59f8 Avoid #state.lang type errors in corner cases
If #state.lang is used before being initialized to some binary string,
the translation code would crash.
2014-04-29 11:41:24 +02:00
Evgeny Khramtsov
4073394e7a Merge pull request #182 from hamano/register_account_acl
fix checking acl in mod_register_web
2014-04-29 13:06:53 +04:00
Evgeny Khramtsov
29aead19d9 Merge pull request #179 from hamano/added_get_random_pid_error_handling
added get_random_pid/1 error handling
2014-04-29 13:05:58 +04:00
Holger Weiss
d09c268b20 Let ejabberdctl accept binary string arguments
Don't print the following message if an ejabberd command expects binary
string arguments: "This command cannot be executed using ejabberdctl.
Try ejabberd_xmlrpc."
2014-04-29 01:11:08 +02:00
Holger Weiss
6d1055abec New ejabberd command: disconnect_user/2 2014-04-29 00:50:43 +02:00
Holger Weiss
49bdbf2895 Support certificate verification for outgoing s2s
Handle "s2s_use_starttls: required_trusted" the same way for outgoing
s2s connections as for incoming connections.  That is, check the remote
server's certificate (including the host name) and abort the connection
if verification fails.
2014-04-28 01:42:02 +02:00
Holger Weiss
a21d2298af XEP-0198: Turn some warnings into info messages
Don't log warnings on events that will happen during normal operation.
2014-04-28 01:01:30 +02:00
Holger Weiss
1aa4ed3f35 Don't mess with s2s out when aborting s2s in
Don't try to look up and close outgoing connections to a given server
when aborting incoming connections from that server due to certificate
verification errors.  The ejabberd_s2s:find_connection/2 call actually
created one or more *new* connections if less than 'max_s2s_connections'
connections were found.  Then, no more than one of those possibly new
connections were stopped by the ejabberd_s2s_out:stop_connection/1 call.

It's not really necessary to bother with outgoing connections at all,
here.
2014-04-28 00:17:05 +02:00
Holger Weiss
eabca82765 Send stream trailer before closing s2s connection
When aborting an incoming s2s connection due to certificate verification
errors, send a stream trailer before closing the socket.
2014-04-27 00:28:42 +02:00
HAMANO Tsukasa
71dba66330 fix checking acl in mod_register_web 2014-04-24 18:15:39 +09:00
Holger Weiss
d805d198ac Check TLS state before requesting SASL EXTERNAL
Make sure a remote server can't circumvent "s2s_use_starttls: required"
by offering SASL EXTERNAL authentication over a non-TLS connection.
2014-04-24 11:04:10 +02:00
HAMANO Tsukasa
ffe9f3c192 added get_random_pid/1 error handling 2014-04-24 15:34:41 +09:00
HAMANO Tsukasa
219f9276d1 undefined ejabberd_socket:get_conn_type/1 2014-04-24 12:42:22 +09:00
Holger Weiss
f988aad940 Log TLS status for outgoing s2s with SASL EXTERNAL 2014-04-23 23:28:13 +02:00
HAMANO Tsukasa
9ec014c184 added error handling in mod_pubsub_odbc. 2014-04-23 23:35:34 +09:00
Holger Weiss
86e17c379c Verify host name before offering SASL EXTERNAL
Prior to this commit, ejabberd handled certificate authentication for
incoming s2s connections like this:

1. Verify the certificate without checking the host name.  On failure,
   behave according to 's2s_use_starttls'.  On success:
2. Offer SASL EXTERNAL.
3. If the remote server chooses SASL EXTERNAL, compare the authorization
   identity against the certificate host name(s).  On failure, abort the
   connection unconditionally.

ejabberd now does this instead:

1. Verify the certificate and compare the certificate host name(s)
   against the 'from' attribute of the stream header.  On failure,
   behave according to 's2s_use_starttls'.  On success:
2. Offer SASL EXTERNAL.
3. If the remote server chooses SASL EXTERNAL, ignore the authorization
   identity (if any) and consider the peer authenticated.

The old behavior was suggested by previous versions of XEP-0178, the new
behavior is suggested by the current version 1.1.
2014-04-23 11:45:17 +02:00
Holger Weiss
4bc8b6bc9f Fix extraction of host names from certificates 2014-04-22 22:12:04 +02:00
badlop
37d4109e8a Merge pull request #161 from weiss/fix-carbons
Let mod_carboncopy take care of messages sent to bare/unavailable JIDs
2014-04-22 13:52:11 +02:00
Holger Weiss
d350cc6361 Accept "extauth_cache: false"
Don't log a "configuration problem" message if "extauth_cache: false" is
explicitly specified, as that's a valid configuration setting as per the
documentation.
2014-04-16 14:15:14 +02:00