Chapril/xmpp.chapril.org-ejabberd
25
1
Fork 0
mirror of https://github.com/processone/ejabberd.git synced 2024-10-31 15:21:38 +01:00
Code Releases Activity
4,844 Commits 7 Branches 109 Tags 65 MiB
4a49dfecf3
Commit Graph

130 Commits

Author SHA1 Message Date
Holger Weiss
15d184a909 Disable TLS compression for s2s by default 
TLS compression is not recommended, and it's already disabled by default
for c2s connections and for ejabberd_http.
 2016-04-11 22:50:11 +02:00
Mickael Remond
dfc29ea03c Switch to Fast XML module 2016-02-03 19:03:17 +01:00
Badlop
f448ff608a Update copyright to 2016 (#901) 2016-01-13 12:29:14 +01:00
Evgeniy Khramtsov
c7931b4a4f CVE-2016-1232: Add Dialback Key Generation and Validation support (XEP-0185) 2016-01-11 14:22:17 +03:00
Paweł Chmielowski
95a9100623 Fix more places where random:seed is used 2015-12-07 16:48:29 +01:00
Paweł Chmielowski
29db302808 More now() replacements 2015-12-07 16:09:48 +01:00
Evgeniy Khramtsov
95265dd3ad Move JID related functions to jid.erl (#847) 2015-11-24 18:44:13 +03:00
Christophe Romain
341be9b682 Remove supervisor option, disable it for c2s and muc 2015-11-04 16:24:35 +01:00
Christophe Romain
6aeb9dcb38 cosmetic cleanup 2015-10-07 14:18:38 +02:00
Evgeniy Khramtsov
6740b1f0e1 Rename idna.erl to ejabberd_idna.erl (#702) 2015-09-02 16:02:46 +03:00
Holger Weiss
fc0754c609 Add s2s_dhfile to list of known options 2015-06-20 00:14:54 +02:00
Holger Weiss
e608274243 Add s2s_dhfile option to configuration validator 2015-06-16 15:18:34 +02:00
Alexey Shchepin
2110b929bc Merge pull request #581 from weiss/dh-param-file 
New options: dhfile and s2s_dhfile
 2015-06-16 11:59:06 +03:00
Evgeniy Khramtsov
fb6267f38e Add config validation at startup 2015-06-01 15:38:27 +03:00
Holger Weiss
5585fb1ecf New options: dhfile and s2s_dhfile 
Let admins specify a file that contains custom parameters for
Diffie-Hellman key exchange.
 2015-05-26 21:06:04 +02:00
Holger Weiss
afdc269825 ejabberd_s2s_out: Remove Erlang/OTP version check 
The version check won't work for Erlang/OTP >= 17; and it's no longer
needed, as we don't support versions older than R16 anyway.
 2015-04-16 23:51:16 +02:00
Christophe Romain
0c0947a241 Add compatibility macros for deprecated types (thanks to Alexey) 2015-02-23 09:58:00 +01:00
Badlop
5a35405cd5 Update copyright dates to 2015 (EJAB-1733) 2015-01-08 17:34:43 +01:00
Evgeny Khramtsov
9563b0228f Merge pull request #177 from weiss/log-tls-sasl-external 
Log TLS status for outgoing s2s with SASL EXTERNAL
 2014-04-30 00:38:18 +04:00
Evgeny Khramtsov
8419322884 Merge pull request #181 from weiss/check-tls-before-auth 
Check TLS state before requesting SASL EXTERNAL for outgoing s2s connections
 2014-04-30 00:36:08 +04:00
Holger Weiss
49bdbf2895 Support certificate verification for outgoing s2s 
Handle "s2s_use_starttls: required_trusted" the same way for outgoing
s2s connections as for incoming connections.  That is, check the remote
server's certificate (including the host name) and abort the connection
if verification fails.
 2014-04-28 01:42:02 +02:00
Holger Weiss
d805d198ac Check TLS state before requesting SASL EXTERNAL 
Make sure a remote server can't circumvent "s2s_use_starttls: required"
by offering SASL EXTERNAL authentication over a non-TLS connection.
 2014-04-24 11:04:10 +02:00
Holger Weiss
f988aad940 Log TLS status for outgoing s2s with SASL EXTERNAL 2014-04-23 23:28:13 +02:00
Alexey Shchepin
f93758a3cd Merge pull request #160 from runcom/protocol_options 
Add option to specify openssl options
 2014-04-15 19:01:21 +04:00
badlop
285c4c17cf Merge pull request #146 from jamielinux/master 
Update FSF address
 2014-04-11 13:35:46 +02:00
Antonio Murdaca
fbf71f86f3 Add option to specify openssl options 2014-04-08 18:46:52 +02:00
Badlop
633d47f784 Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
Jamie Nguyen
8538997d61 Update FSF address 2014-02-22 10:27:40 +00:00
Alexey Shchepin
1dd94ac0d0 Support for OpenSSL ciphers list in ejabberd_c2s, ejabberd_s2s_in and ejabberd_s2s_out 2013-11-28 19:39:11 +02:00
Evgeniy Khramtsov
91a74e3e27 Change configuration file format to YAML 2013-08-21 22:17:59 +10:00
Evgeniy Khramtsov
a2ead99c83 Make it possible to enable/disable TLS compression 2013-07-17 22:46:18 +10:00
Evgeniy Khramtsov
4d8f770624 Switch to rebar build tool 
Use dynamic Rebar configuration
Make iconv dependency optional
Disable transient_supervisors compile option
Add hipe compilation support
Only compile ibrowse and lhttpc when needed
Make it possible to generate an OTP application release
Add --enable-debug compile option
Add --enable-all compiler option
Add --enable-tools configure option
Add --with-erlang configure option.
Add --enable-erlang-version-check configure option.
Add lager support
Improve the test suite
 2013-06-13 11:11:02 +02:00
Badlop
9deb294328 Accumulated patch to binarize and indent code 2013-03-14 10:33:02 +01:00
Alexey Shchepin
0ae400533c Update copyright dates 2013-01-24 16:25:13 +02:00
Alexey Shchepin
b1e2538488 Update copyright dates 2012-02-23 17:52:34 +02:00
Evgeniy Khramtsov
6b0eb1f09d Reorganize the code to shut up the dialyzer 2011-09-05 21:27:31 +10:00
Christophe Romain
fd52f2cb7d update copyright up to 2011 2011-02-14 13:50:55 +01:00
Badlop
6ddc66db9f Handle Tigase's unexpected version=1.0 when ejabberd doesn't announce it (EJAB-1379) 2011-01-31 19:43:28 +01:00
Evgeniy Khramtsov
606c207e21 Make sure 'closed' event is correctly processed on every state 2010-12-17 17:26:20 +09:00
Badlop
b9bbe19d4c Option to reject S2S connection if untrusted certificate (EJAB-464) 2010-12-11 02:29:53 +01:00
Badlop
44b2002504 Include From attribute in the stream header of outgoing S2S connections 2010-12-11 02:29:52 +01:00
Badlop
eb884c80d0 Add option to require encryption in S2S connections (EJAB-495) 2010-12-11 02:29:48 +01:00
Andreas Köhler
e34eebb5ad Correct domain_certfile tlsopts modifications for s2s connections (EJAB-1086) 
* In ejabberd_s2s_out:wait_for_feature_request/2, the domain to use for
  looking up domain_certfile options is #state.myname and not
  #state.server

* If s2s_certfile is not specified, connect should still be part of the
  tls options used by ejabberd_s2s_out

* Add #state.server to ejabberd_s2s_in processes and store the to
  attribute in :wait_for_stream/2. Then use that server in
  :wait_for_feature_request/2 to change the tls options like in
  ejabberd_s2s_out.

Fixes EJAB-1086.
 2010-11-26 00:14:46 +01:00
Evgeniy Khramtsov
ac87749d55 add find_s2s_bridge hook 2010-10-11 18:40:57 +10:00
Evgeniy Khramtsov
1f2c9b7971 fixes typo in stop_connection/1 2010-09-28 14:20:02 +10:00
Badlop
c8033833f9 When logging s2s out connection attempt or success, log if TLS is used 2010-07-23 00:25:43 +02:00
Evgeniy Khramtsov
715cc5ea3b New configure option: --enable-nif 2010-07-01 20:54:01 +10:00
Pablo Polvorin
84c4d75735 Remove warning for undefined print_state/1 function for p1_fsm processes (thanks Badlop). 
Include a identity function as implementation of print_state/1.
 2010-04-09 14:25:00 -03:00
Evgeniy Khramtsov
31c3a78453 improved s2s connections clean up (EJAB-1202) 2010-03-04 12:36:57 +09:00
Badlop
86794b1d23 Fix OTP version detection to work with old supported R10 and R11 
SVN Revision: 2906
 2010-01-16 12:24:11 +00:00