25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-12-22 17:28:25 +01:00
Commit Graph

6487 Commits

Author SHA1 Message Date
Evgeniy Khramtsov
6e20e9bcf9 Get rid of deprecated crypto functions 2017-08-17 19:32:15 +03:00
Holger Weiss
b8d2a72333 mod_stream_mgmt: Delete 'c2s_init' hook
Delete the 'c2s_init' hook when the last 'mod_stream_mgmt' instance is
stopped.
2017-08-17 18:25:06 +02:00
Holger Weiss
0760c7273c mod_stream_mgmt: Remove outdated TODO comment
The CSI queue is now flushed from mod_client_state.
2017-08-17 18:19:04 +02:00
Evgeniy Khramtsov
9bd099013f Don't attempt to access(2) a certificate file
Fixes #1375
2017-08-17 14:33:41 +03:00
Christophe Romain
68fb12153e Revert "Temporary remove recent last_item refactor"
This reverts commit 1820b4f63b.
2017-08-14 15:25:45 +02:00
Holger Weiss
e19d1e9571 Merge remote-tracking branch 'processone/pr/1938'
* processone/pr/1938:
  Let 'domain_certfile' take higher precedence
2017-08-14 14:43:03 +02:00
Christophe Romain
1820b4f63b Temporary remove recent last_item refactor 2017-08-14 09:43:02 +02:00
Holger Weiss
64150cc7c5 Let 'domain_certfile' take higher precedence
If a 'domain_certfile' is specified, use that instead of the
's2s_certfile' (or 'c2s_certfile').
2017-08-13 20:31:03 +02:00
Evgeniy Khramtsov
63aabed320 Apply URL decoding wherever possible
Fixes #1936
2017-08-13 19:18:19 +03:00
Konstantinos Kallas
051e2c639c Change some specs 2017-08-12 18:00:46 +03:00
Konstantinos Kallas
3b22efeaee Add throws when http requests fail
This was done in order to show the unexpected code in the top level
2017-08-12 17:26:07 +03:00
Konstantinos Kallas
a72a7f830a Add support to revoke a certificate by providing the pem
This is important so that a user can revoke a certificate that is not acquired or logged from our acme client
2017-08-12 17:14:23 +03:00
Konstantinos Kallas
73f0b6707a Move the ca_url to the config file 2017-08-12 15:59:54 +03:00
Christophe Romain
fd7bf7fed3 Fix typo from 9c5427e0c 2017-08-11 17:54:53 +02:00
Konstantinos Kallas
1aadb797b3 Remove the new account option from get certificate. There is no reason for having this 2017-08-11 14:10:55 +03:00
Konstantinos Kallas
7140c8d844 Format expired certificates differently in list_certificates 2017-08-11 13:28:17 +03:00
Christophe Romain
7a90cda8ff Process on_user_offline only from valid sessions 2017-08-11 12:05:14 +02:00
Evgeniy Khramtsov
35eeaa5869 Fix regression introduced by b82b93f8f0
Fixes #1928
2017-08-11 11:43:16 +03:00
Christophe Romain
024713a441 Remove temporary debug 2017-08-11 10:53:19 +02:00
Christophe Romain
32fbfe1981 Use correct c2s process sending PEP with multi devices 2017-08-11 10:32:36 +02:00
Christophe Romain
9c5427e0c2 PubSub: refactor send_last_items remove send_loop 2017-08-11 10:20:33 +02:00
Christophe Romain
8f5a1c4a2a Merge pull request #1926 from weiss/import-metronome-pep
prosody2ejabberd: Support PEP import
2017-08-11 10:19:17 +02:00
Holger Weiss
7d3609d954 prosody2ejabberd: Support PEP import 2017-08-10 19:49:20 +02:00
Holger Weiss
fc7ba53c37 prosody2ejabberd: Remove superfluous 'catch' 2017-08-10 18:54:00 +02:00
Konstantinos Kallas
2b1fea01cd Renew certificate now renews all saved certificates that are close to expire
Before this commit renew_certificate only checked the hosts in the config file and renewd the certificates for those. However the user can request certificates apart from the hosts in the config file so he should be able to also renew them.
2017-08-10 18:54:26 +03:00
Konstantinos Kallas
c20bfb3422 Revoke Certificate: Jose Private Key
Instead of signing the jose object with the account private key, it now signs the object using the certificate private key. This is useful in case the user wants to revoke a old certificate whose account key doesn't exist anymore.
2017-08-10 17:23:13 +03:00
Konstantinos Kallas
011b7ac3f2 Support getting certificates for domains not specified in the configuration file 2017-08-10 15:26:35 +03:00
Evgeniy Khramtsov
a96d72330d Rename remove_room hook back 2017-08-10 14:49:05 +03:00
Christophe Romain
7d626b4f5c Add support of section 4.9.3.16 on rfc6120 2017-08-10 12:17:31 +02:00
Christophe Romain
e903348dd3 Fix pubsub send_loop after 3fec7824 2017-08-09 11:34:36 +02:00
badlop
bee251d928 Merge pull request #1912 from mathiasertl/master
fix FIREWALL_WINDOW option
2017-08-09 09:48:18 +02:00
Mathias Ertl
c658907331 fix typo 2017-08-08 19:09:55 +02:00
Konstantinos Kallas
97a4d57f2e Remove some debugging functions 2017-08-08 18:00:37 +03:00
Evgeniy Khramtsov
3fec782494 Introduce 'hosts' option
The option can be used as a replacement of 'host' option
when several (sub)domains are needed to be registered for the module.
Note that you cannot combine both 'host' and 'hosts' in the config
because 'host' option is of a higher priority. Example:

mod_pubsub:
   ...
   hosts:
     - "pubsub1.@HOST@"
     - "pubsub2.@HOST@"

Fixes #1883
2017-08-08 17:46:26 +03:00
Konstantinos Kallas
9756b452d6 Implement renew_certificate command
This command renews the certificates for all domains that already have a certificate that has expired or is close to expiring. It is meant to be run automatically more often than the renewal process because if the certificates are valid nothing happens
2017-08-08 16:38:19 +03:00
Konstantinos Kallas
7fa9a387ae Try catch when formatting certificates 2017-08-08 12:45:57 +03:00
Konstantinos Kallas
48254a1e10 Change certificate notAfter to 90 days
As stated in Let's Encrypt FAQ: https://letsencrypt.org/docs/faq/
2017-08-08 12:23:13 +03:00
Christophe Romain
52525eb76d Fix tests for 8679cfd2f 2017-08-07 15:38:17 +02:00
Christophe Romain
8679cfd2f3 Rename stop_all_connections to stop_s2s_connections for consistency 2017-08-07 15:06:07 +02:00
Paweł Chmielowski
25af3fb029 Compile mod_push early as it defines behaviour 2017-08-07 09:32:58 +02:00
Evgeniy Khramtsov
2bceebc39d Get rid of export_all 2017-08-05 21:01:29 +03:00
Evgeniy Khramtsov
92532a0d66 Replace gen_fsm with p1_fsm to avoid warnings in OTP20+ 2017-08-05 20:58:21 +03:00
Holger Weiss
b673539a2a Merge remote-tracking branch 'processone/pr/1914'
* processone/pr/1914:
  ejabberd_c2s: Fix priority of 'certfile' option
2017-08-05 19:27:43 +02:00
Holger Weiss
e1aaa1c99d ejabberd_c2s: Fix priority of 'certfile' option
Use the 'certfile' listener option rather than a 'domain_certfile' for
ejabberd_c2s listeners that have "tls: true" configured.  A
'domain_certfile' should only be preferred for STARTTLS connections.

Closes #1911.
2017-08-05 18:59:32 +02:00
Mathias Ertl
aa9eb001d0 fix FIREWALL_WINDOW option 2017-08-04 18:49:33 +02:00
Badlop
101e808124 Fix warning in previous commit 2017-08-04 13:09:17 +02:00
Christophe Romain
766b7c65a6 Merge pull request #1881 from weiss/push
Support XEP-0357: Push Notifications
2017-08-04 12:58:06 +02:00
Badlop
0516a3dc0e Remove unused 'managers' option, related to the deferred XEP-0321 (#1443) 2017-08-04 12:29:15 +02:00
Christophe Romain
3d185c0fb8 Fix missing validation from 633b68db1 (#1900) 2017-08-04 11:53:32 +02:00
Christophe Romain
7815164216 Add minor details (#1353) 2017-08-04 10:34:13 +02:00