25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-30 16:36:29 +01:00
Commit Graph

5036 Commits

Author SHA1 Message Date
Christophe Romain
7beb19b01e Fix result of XEP-0060 §6.5.9.12 (#2288) 2018-03-16 17:48:42 +01:00
Christophe Romain
a84dd0f627 Add transient notification condition (#2267) 2018-03-16 17:26:51 +01:00
Christophe Romain
d8f9219b4f Refactor publish_item conditions (#2267) 2018-03-16 17:17:53 +01:00
Evgeniy Khramtsov
ddc29d42de Fulfill all requirements of XEP-0398 v0.2.0
These include:
- Avoid rewriting vcardupdate tags with empty <photo/> element
- Advertise "urn:xmpp:pep-vcard-conversion:0" feature
2018-03-16 12:10:57 +03:00
Alexey Shchepin
e15595df64 Add 'new_sql_schema' config option, --enable-new-sql-schema now sets its default value to true (#2239) 2018-03-15 17:55:05 +03:00
Evgeniy Khramtsov
99b41146b1 Get rid of catch-all in mod_pubsub 2018-03-13 22:10:58 +03:00
Evgeniy Khramtsov
6b079c0ab3 Preserve modules order
When modules for some virtual host are about to be started,
they are topologically sorted to preserve dependencies order.
We now keep this order for stop/reload functions to work properly.
2018-03-13 18:18:53 +03:00
badlop
c5aea779b4
Merge pull request #2314 from oxpa/mod_admin_extra_hashes
allow using hashes from "crypto" applications in mod_admin_extra
2018-03-12 15:20:53 +01:00
Badlop
be33c93344 Return errors in admin#add-user command response stanza (#2321) 2018-03-12 13:33:44 +01:00
Evgeniy Khramtsov
2785f1dfd2 Introduce force_node_config for mod_pubsub
The option can be used to override configuration options of a
particular PubSub node. Example:

mod_pubsub:
  ...
  force_node_config:
    "eu.siacs.conversations.axolotl.*":
      access_model: whitelist
    "*":
      persist_items: true

Fixes #2276
2018-03-11 16:54:35 +03:00
Evgeniy Khramtsov
c3eeb8624b Strip duplicates from module's options 2018-03-07 17:46:16 +03:00
Holger Weiss
bc808ffcde mod_stream_mgmt: Clean up on timed out resumption
During resumption, make sure the old process and the corresponding
session entry are disposed also in the case where the call that queries
the old process times out.
2018-03-06 21:03:31 +01:00
Evgeniy Khramtsov
d9bf5a6865 Don't forget to remove mgmt_force_enqueue flag 2018-03-06 16:18:03 +03:00
Holger Weiss
67fe5d38a7 mod_push_keepalive: Preserve timeout on resumption
Don't forget to carry over the original XEP-0198 resumption timeout
value while resuming.
2018-03-05 01:10:12 +01:00
Evgeniy Khramtsov
63dba3fd64 Merge branch 'master' into muc-self-presence 2018-03-03 21:09:27 +03:00
Evgeniy Khramtsov
da1a5036fe Revert "Support for default values in default_room_opts"
This reverts commit 5054a9933f.
The commit is plain wrong: similar options are not required to
be in pair.
2018-03-03 21:08:05 +03:00
Evgeniy Khramtsov
0d3637d18f Simplify ejabberd_sup code 2018-03-03 18:05:12 +03:00
oxpa
f2a3118ecc allow using hashes from "crypto" applications in mod_admin_extra 2018-03-02 04:10:30 -09:00
Badlop
dbf1cabdcd Fix: mod_offline:store_offline_msg/1 expects a message, not list (#2312) 2018-03-02 11:44:10 +01:00
Badlop
ad0fd1eac1 Simplify result of get_room_affiliation command (#2301) 2018-03-01 19:45:16 +01:00
badlop
3003307e60
Merge pull request #2301 from tsaqova/ejabberd_commands_get_room_affiliation
add ejabberd_command to get affiliation of a user in MUC room
2018-03-01 19:37:55 +01:00
Evgeniy Khramtsov
76f827ac83 Increase log level for DIGEST-MD5 FQDN
SASL DIGEST-MD5 anyway deprecated anyway, so not point in
logging this. This is now logged in `debug` mode.
2018-02-28 21:43:43 +03:00
Stu Tomlinson
da81590fef Validate additional listen opts
The options "inet", "inet6" and "backlog" are valid listen options, but are
currently logged as errors (even though they do work):

2018-02-28 16:08:44.141 [error] <0.338.0>@ejabberd_listener:validate_module_option:630 unknown listen option 'backlog' for 'ejabberd_c2s' will be likely ignored, available options are: access, shaper, certfile, ciphers, dhfile, cafile, client_cafile, protocol_options, tls, tls_compression, starttls, starttls_required, tls_verify, zlib, max_fsm_queue

This adds the necessary validators so they are correctly recognized.
2018-02-28 16:14:35 +00:00
Yusro Tsaqova
8a41cfc0f5 add ejabberd_command to get affiliation of a user in MUC room 2018-02-28 20:22:27 +07:00
Badlop
5054a9933f Support for default values in default_room_opts 2018-02-26 17:22:37 +01:00
Paweł Chmielowski
b2095ebcfe Simplify code for splitting auth string in cyrsasl
This may fix problem from issue #2296
2018-02-26 09:36:56 +01:00
Holger Weiss
c2235860ab xmpp_stream_in: Run auth result callbacks earlier
Call Mod:handle_auth_success/4 and Mod:handle_auth_failure/4 before
sending the SASL response rather than afterwards.  This way, callbacks
can send a custom response and disconnect.
2018-02-26 00:06:35 +01:00
Holger Weiss
22e43ebd8a mod_stream_mgmt: Cope with exit during resumption
Don't crash if the old process exits while it is queried for the session
state.
2018-02-24 21:50:54 +01:00
Marc Schink
c1e5ae5308 Move make_rand_string() to 'randoms' module 2018-02-23 18:32:34 +01:00
Holger Weiss
ea87bdfbe5 mod_carboncopy: Apply cosmetic change
The xmpp:has_subtag/2 function returns a boolen() value, so it can be
used with the 'not' operator.
2018-02-22 00:46:47 +01:00
Holger Weiss
7a1ed065fe mod_carboncopy: Copy outgoing MUC PMs
Incoming MUC PMs aren't carbon-copied, as the MUC service usually forks
them.  However, don't suppress copying of outgoing PMs, where no such
forking takes place.
2018-02-22 00:40:09 +01:00
Evgeniy Khramtsov
ec0f0f7c72 Move some log messages to debug level 2018-02-21 17:12:50 +03:00
Evgeniy Khramtsov
0acc69e303 Use nicks in disco#items or disco#info report 2018-02-21 10:25:15 +03:00
Evgeniy Khramtsov
4bf4193d55 Add 'negotiation_timeout' to the known options list 2018-02-20 19:47:50 +03:00
Evgeniy Khramtsov
d625e24029 Introduce 'negotiation_timeout'
The option can be used to specify a period (in seconds) for a stream
negotiation to complete. If the timer fires, the stream is considered
as failed and the underlying connection gets closed. This is a global
option (you cannot set it per domain) and the default is 30 seconds.
2018-02-20 11:38:00 +03:00
Holger Weiss
a875195940 mod_admin_extra: Fix srg_get_info with '@all@'
Don't let the srg_get_info command crash if the roster group has '@all@'
or the '@online@' users as members.
2018-02-20 00:44:47 +01:00
Evgeniy Khramtsov
06c480106f Don't emit validator's warning if the module is not found 2018-02-19 22:07:09 +03:00
Evgeniy Khramtsov
e070e6bccb Replace ?MYLANG with connection's language wherever possible 2018-02-19 21:47:20 +03:00
Evgeniy Khramtsov
de49e7631f Push blocking related IQs from bare JID
Fixes #2287
2018-02-18 18:00:20 +03:00
Evgeniy Khramtsov
25abf8b634 Don't inject node name inside "id" attribute
Fixes #2284
2018-02-18 11:54:40 +03:00
Evgeniy Khramtsov
ff06bdf144 Don't ask other nodes to invalidate cache when the key is not updated 2018-02-18 09:02:23 +03:00
Evgeniy Khramtsov
d5afc767e6 Fix 'badmatch' crash
The crash was introduced in 4b012a99d2
2018-02-17 20:06:50 +03:00
Evgeniy Khramtsov
5704a980c5 Introduce 'access' option for mod_block_stranger
The option is supposed to be used when `allow_local_users`
and `allow_transports` are not enough. It's an ACL where `deny`
means the message will be rejected (or a CAPTCHA would be
generated for a presence), and `allow` means the sender is
whitelisted and the stanza will pass through.

The default value is `none`, which means nothing is whitelisted.
2018-02-17 18:53:35 +03:00
Evgeniy Khramtsov
cffdb06b66 Cache 'isuser' queries to external auth program 2018-02-16 20:50:22 +03:00
Christophe Romain
7e1df0752a Export helper function 2018-02-16 09:53:38 +01:00
Christophe Romain
f0ccdebf7f Export helper functions 2018-02-16 09:52:29 +01:00
Evgeniy Khramtsov
32e5a3255d Export aux functions from mod_muc_room 2018-02-16 08:28:33 +03:00
Evgeniy Khramtsov
c102a45fac Rename some keys and functions for clarity 2018-02-15 15:50:20 +03:00
Evgeniy Khramtsov
52ded14b7f Update incoming stanzas counter on invalid XML 2018-02-15 15:42:55 +03:00
Evgeniy Khramtsov
e5ba7c3f3c Better solution for a previous fix 2018-02-15 10:48:59 +03:00
Evgeniy Khramtsov
51aa9d98a7 Don't forget to add invalid XML responses to sending queue 2018-02-15 10:18:06 +03:00
Evgeniy Khramtsov
a65500b6aa Fix external components unregistration 2018-02-14 13:09:27 +03:00
Evgeniy Khramtsov
032f796292 Introduce option 'global_routes' for ejabberd_service
The option emulates legacy behaviour which registers all routes
defined in `hosts` on a component connected. This behaviour
is considered harmful in the case when it's desired to multiplex
different components on the same port, so, to disable it,
set `global_routes` to `false`. The default value is `true`,
e.g. legacy behaviour is emulated: the only reason for this is
to maintain backward compatibility with existing deployments.
2018-02-14 11:53:52 +03:00
Evgeniy Khramtsov
516f4d03a1 Fix indentation 2018-02-14 11:42:43 +03:00
Paweł Chmielowski
60a8623929 Change formatting of commands markdown documentation 2018-02-13 16:27:39 +01:00
Christophe Romain
9dbdeba6c1 Add case on create_room, avoid useless call 2018-02-13 11:08:13 +01:00
Evgeniy Khramtsov
4632f5520f Really run use_cache/1 and cache_nodes/1 callbacks for mod_mam 2018-02-13 11:38:41 +03:00
Evgeniy Khramtsov
ffe02c46e4 Let a MUC room to route presences from its bare JID
The goal for this is to provide entity capabilities (XEP-0115) and
vCard-based avatar hash (XEP-0153)
2018-02-12 17:37:36 +03:00
Tobias Koch
9188a7b838 Dialyzer checks always failed because the return value of the function 'get_subscribed_rooms' in 'mod_muc_sql' is different to the defined value in 'mod_muc'. Fix was to update the return value in 'mod_muc.erl'. 2018-02-12 15:12:46 +01:00
Evgeniy Khramtsov
66fc1bf3b6 Remove 'iqdisc' option
Since we got rid of all bottle-neck processes and we have
a connection pool for every database, the option is no longer
needed and in fact is detrimental: in practice what you get
is just a bunch of overloaded processes in the IQ handlers pool
no matter how much you increase the `iqdisc` value.

Given that there are close to zero operators understanding
the meaning of the option and, hence, not using it all,
it's not simply deprecated but completely removed.

The commit also deprecates the following functions:
- gen_iq_handler:add_iq_handler/6
- gen_iq_handler:handle/5
- gen_iq_handler:iqdisc/1
2018-02-11 12:54:15 +03:00
Evgeniy Khramtsov
97f913b8d9 Merge branch 'master' of github.com:processone/ejabberd 2018-02-10 11:36:48 +03:00
Evgeniy Khramtsov
6c1a1bd000 Rely on use_cache/1 callback in mod_caps 2018-02-10 11:36:39 +03:00
Holger Weiss
9fb2253aa9 mod_stream_mgmt: Abort connection on count error
If the client acknowledged more stanzas than the server sent, close the
connection with a stream error rather than hiding client bugs by silently
adjusting the server's count.
2018-02-10 00:06:19 +01:00
Evgeniy Khramtsov
672c2f75d3 Introduce option 'validate_stream'
If set to `true`, all incoming XML packets are fully validated
against known schemas. If an error occurs, the packet will be bounced
with the corresponding error reason. The default value is `false`.
The option might be useful to protect client software from sofisticated
bugs related to XML validation as well as for client developers
who want to catch validation errors at early stage of development.

Note that the option might have slight performance impact, so use it
with care on loaded machines.
2018-02-09 18:12:50 +03:00
Evgeniy Khramtsov
5c85106a41 Fix type spec 2018-02-07 22:20:12 +03:00
Badlop
c2911222e4 Commands markdown also lack arguments when policy=user 2018-02-07 16:39:18 +01:00
Evgeniy Khramtsov
232b66b0f4 Introduce 'rate_limit' option of mod_avatar
The option controls how many avatars a user can upload per minute.
The option takes positive integer values. The default is 10.
Note that the option only takes effect when an avatar is about
to convert to a different format, i.e. it implies that `convert`
option is configured.
2018-02-05 23:12:36 +03:00
Evgeniy Khramtsov
c65dcfeda7 Export is_online/1 function 2018-02-05 15:13:13 +03:00
Evgeniy Khramtsov
c990abf222 Improve log message when module startup has failed 2018-02-02 13:16:14 +03:00
Paweł Chmielowski
f6ebbe4c78 Fix compilation ordering in mix by s/-behavior/-behaviour/ 2018-01-31 14:57:43 +01:00
Paweł Chmielowski
fc3c605945 Use correct default when getting list of modules from config 2018-01-30 19:44:27 +01:00
Paweł Chmielowski
3b646cc2ec Run tests only on backends enabled by configure 2018-01-30 15:30:37 +01:00
Paweł Chmielowski
bb58307190 Match all possible values in mod_privilege checks, or we get crashes 2018-01-30 13:10:22 +01:00
Paweł Chmielowski
53870c854e Fix exception in mod_privilege:process_presence_in
This should fix problem reported in issue #2248
2018-01-30 12:52:38 +01:00
Paweł Chmielowski
ddf6076328 Fix elixir tests 2018-01-29 18:28:02 +01:00
Paweł Chmielowski
d2974cf48a Fix processing of ldap_memberattr_format_re option
This makes sure that "" value is handled as before options processing
overhaul.

This fixed ldap shared roster testcase
2018-01-29 17:25:31 +01:00
Paweł Chmielowski
dc601610b6 Don't return undefined from ejabberd_config:get_myhosts() 2018-01-29 11:05:59 +01:00
Paweł Chmielowski
c47366ba97 Restore original return value to ejabberd_config:add_option 2018-01-29 09:46:11 +01:00
Holger Weiss
f31782a252 mod_caps: Only store CAPS if contact is subscribed
If a user is subscribed to a contact but not vice versa, don't store the
contact's CAPS.  This makes sure no PEP items are leaked to the contact.
2018-01-29 01:07:38 +01:00
Holger Weiss
d0af61f488 mod_caps: Fix indentation 2018-01-29 00:02:15 +01:00
Evgeniy Khramtsov
795efb2ee1 Improve logging of idle s2s connections 2018-01-28 11:10:22 +03:00
Evgeniy Khramtsov
6e5439db5c Find and fix typos using 'codespell' 2018-01-27 19:35:38 +03:00
Evgeniy Khramtsov
5d582080be Fix a typo in call to create_captcha()
Thanks to Paul Schaub for spotting this
2018-01-26 22:56:49 +03:00
Evgeniy Khramtsov
4b012a99d2 Introduce option 'captcha' for mod_block_strangers
When the option is set to `true`, the module will generate
CAPTCHA challenges for incoming subscription requests. The option
also implies that option `drop` is set to `true`. Note that
the module won't generate CAPTCHA challenges for messages: they
will still be rejected if `drop` is set to `true`.

Fixes #2246
2018-01-26 15:02:06 +03:00
Evgeniy Khramtsov
2269d290d8 Switch to newer fast_xml and xmpp and update record fields in the code 2018-01-25 20:02:47 +03:00
Paweł Chmielowski
56d4224e08 Handle ignore from xmpp_socket callback start
This should help with issue #2244
2018-01-24 17:32:24 +01:00
Holger Weiss
666da60cba Reduce log level for unexpected XML input
Log a warning rather than an error when, for example, a client sends a
stanza before opening the stream.
2018-01-24 12:04:52 +01:00
Holger Weiss
e8f1de8785 mod_block_strangers: Bounce groupchat to bare JID
If a blocked message is of type 'groupchat', address the error message
to the bare JID (rather than sending it as MUC PM).
2018-01-24 11:49:31 +01:00
Evgeniy Khramtsov
1f6c0022dd Fix a typo in mod_caps 2018-01-23 23:20:10 +03:00
Evgeniy Khramtsov
a917f4d451 Merge branch 'mod-default-options' 2018-01-23 11:00:00 +03:00
Evgeniy Khramtsov
ba2b650464 Introduce new gen_mod callback: mod_options/1
The callback is supposed to provide known options and their default
values, as long as the documentation. Passing default values into
get_mod functions is now deprecated: all defaults should be provided
by the Mod:mod_options/1 callback.
2018-01-23 10:54:52 +03:00
Holger Weiss
818ff5a263 Update 'pubsub_node' column name for DB export
The 'type' column has been renamed in commit
44700d91ba.
2018-01-19 13:10:14 +01:00
Evgeniy Khramtsov
c0ef054f6f Do not try to start ezlib application too frequently
This may overload Erlang applicaton controller
2018-01-16 18:06:31 +03:00
Evgeniy Khramtsov
d35a8805b0 Return debug message back 2018-01-16 17:57:21 +03:00
Evgeniy Khramtsov
7b0fa7e6e2 Improve validation of 'convert' option 2018-01-16 01:06:20 +03:00
Evgeniy Khramtsov
d3aab2ea18 Get rid of a call to misc:have_eimp() 2018-01-15 13:14:51 +03:00
Evgeniy Khramtsov
b970c88941 Merge branch 'master' of github.com:processone/ejabberd 2018-01-15 13:00:19 +03:00
Evgeniy Khramtsov
0f86559d83 Always build eimp dependency
Even if no suitable C graphics libraries are detected
at compile time, the package is still usable because it
provides `eimp:get_type/1` which is used by mod_avatar.
2018-01-15 12:54:57 +03:00
Paweł Chmielowski
3df78d3a8f Copy sh_to_ask function from xmerl_regexp.erl
This way we don't need to include xmerl application in our docker container
2018-01-15 10:31:26 +01:00
Evgeniy Khramtsov
f66a004821 Improve logging of failed s2s EXTERNAL authentication 2018-01-13 13:01:40 +03:00
Paweł Chmielowski
df8888ab38 Send privileges if at least one of them is set, don't require all to be set 2018-01-09 15:50:42 +01:00
Evgeniy Khramtsov
9d94361466 Process 'name' option for all route-registering modules
The option allows to set arbitrary text for disco#info identity name.
Previously, option 'name' was supported by mod_proxy65 and mod_http_upload
only. Now, all the following modules support this option as well:
- mod_disco
- mod_irc
- mod_muc
- mod_multicast
- mod_pubsub
- mod_vcard

Example:
```
modules:
  ...
  mod_disco:
    name: "Cool XMPP Server"
  ...
```
2018-01-08 11:29:17 +03:00
Evgeniy Khramtsov
cdc7c1d1ed Update copyright dates 2018-01-05 23:18:58 +03:00
Evgeniy Khramtsov
fb07c9929a Return true or false from send() callback
Fixes #2209
2018-01-05 12:15:28 +03:00
Evgeny Khramtsov
946754536c
Merge pull request #2202 from weiss/bounce-to-stranger
mod_block_strangers: Bounce an error message
2018-01-05 11:43:18 +03:00
Paweł Chmielowski
4c799528c7 Fix ejabberd command privacy_set
This fixes issue #2205
2018-01-04 14:57:36 +01:00
Marc Schink
264add87fa mod_proxy65: Expand @HOST@ keyword in 'hostname' option 2018-01-03 22:31:06 +01:00
Holger Weiss
835360733b mod_block_strangers: Bounce an error message
Return a stanza error when a message is rejected, in order to make
legitimate users aware of the issue.

Closes #2197.
2018-01-03 15:41:30 +01:00
Evgeniy Khramtsov
240977a0da Repair hosts check during certfiles validation 2017-12-28 21:36:57 +03:00
Evgeniy Khramtsov
529d6d8a93 Return default certificate on domain mismatch 2017-12-28 17:24:23 +03:00
Christophe Romain
439fe0b504 Fix check_opt_range when no boundary is configured 2017-12-28 13:51:26 +01:00
Christophe Romain
08e54dd621 Don't force rsm when max_items is not defined (#2189) 2017-12-28 11:48:54 +01:00
Christophe Romain
8918227fc3 Revert "Include os_mon application"
This reverts commit 56241feb58.
That was a mistake, breaking application start
2017-12-28 10:32:21 +01:00
Paweł Chmielowski
5ba13df519 Revert "Start os_mon application"
This reverts commit 82b3bbf360.
2017-12-27 17:21:17 +01:00
Evgeniy Khramtsov
dd4d45fd28 Fix a regression in xmpp_socket 2017-12-27 18:49:25 +03:00
Paweł Chmielowski
82b3bbf360 Start os_mon application 2017-12-27 16:23:04 +01:00
Paweł Chmielowski
e6d1ff85f1 Use bare jid when processing roster subscriptions 2017-12-27 16:14:47 +01:00
Christophe Romain
56241feb58 Include os_mon application 2017-12-27 12:28:13 +01:00
Holger Weiss
60b6a508e0 Forget old access/shaper rules and ACLs on reload 2017-12-26 19:37:11 +01:00
Evgeniy Khramtsov
2d43c07c62 Get rid of ejabberd receiver
ejabberd receivers were meant to serve connections from frontends
to backends. However, this approach was not popular and frontend
related code was removed in previous releases. Now, ejabberd receiver's
code was also removed, making the code shorter and cleaner. Also, in
stress tests ejabberd now handles load more robustly, without
c2s processes overload (even with disabled shapers).

ejabberd_socket.erl is renamed to xmpp_socket.erl: it's supposed to
be finally moved into stand-alone xmpp library.
2017-12-26 18:55:57 +03:00
Evgeniy Khramtsov
4e49919d16 Revert "Don't set twice"
This reverts commit 6dca89f616.
2017-12-25 08:41:51 +03:00
Evgeniy Khramtsov
9ba471e210 Fix a typo in comment :) 2017-12-24 12:53:50 +03:00
Evgeniy Khramtsov
6dca89f616 Don't set twice 2017-12-24 12:34:47 +03:00
Evgeniy Khramtsov
1698956f34 Rely on Server Name Indication for incoming Direct-TLS connections
This commit also deprecates `certfile` option for ejabberd_http
listener.
2017-12-24 12:27:51 +03:00
Holger Weiss
b54e1e49ba Don't let privacy list prevent local roster update 2017-12-23 22:45:01 +01:00
Holger Weiss
5e4c547856 mod_muc_admin: Fix last timestamp retrieval 2017-12-22 14:32:47 +01:00
Badlop
50b19b47e0 Fix commands rooms_unused_list and _destroy 2017-12-21 17:00:43 +01:00
Christophe Romain
a3083b5d71 Fix race between join_cluster and ejabberd_mnesia (#2079) 2017-12-21 14:07:29 +01:00
Christophe Romain
af9183cd54 Add pubsub#multi-items to features list (#2162) 2017-12-20 11:54:12 +01:00
Christophe Romain
242c3c1da5 Fix mix_sql features and options 2017-12-20 11:53:18 +01:00
badlop
212d44f419
Merge pull request #2164 from angelo-chan/master
add muc_online_rooms_by_regex to mod_muc_admin to filter list online r…
2017-12-19 23:10:20 +01:00
Holger Weiss
63a60f1cd8 ejabberd_sm: Fix get_session_sid/3
Let get_session_sid/3 cope with multiple session table entries for a
given resource.
2017-12-19 18:59:25 +01:00
Evgeniy Khramtsov
08ce16f7ca Change loglevel of TLS failures 2017-12-19 15:33:30 +03:00
Christophe Romain
051e1be832 send_direct_invitations accepts only user jids 2017-12-19 10:24:07 +01:00
Evgeniy Khramtsov
9bccac03f5 Set disk_almost_full_threshold to 99% 2017-12-19 09:55:19 +03:00
Evgeniy Khramtsov
c9333f247a Don't crash on malformed IQ
Fixes #2175
2017-12-19 09:15:35 +03:00
Evgeniy Khramtsov
c658f871a5 Log a warning when a disk is almost full 2017-12-18 12:30:10 +03:00
Evgeniy Khramtsov
a0607f6740 Disable default alarm handler 2017-12-18 12:15:49 +03:00
Evgeniy Khramtsov
47c2118fa7 Handle also process_memory_high_watermark alarm 2017-12-18 10:41:11 +03:00
Evgeniy Khramtsov
59f4efe3dd Kill and restart lager when it's overloaded 2017-12-17 21:03:40 +03:00
Evgeniy Khramtsov
bd1ff0e897 Fix processing order 2017-12-17 20:19:44 +03:00
Evgeniy Khramtsov
5b42fc1d0d Avoid excessive logging of SQL failures 2017-12-17 19:46:55 +03:00
Evgeniy Khramtsov
515f8b22c0 Rewrite ejabberd system monitor
Previous version was inefficient: it had a lot of false positives
along with a lot of false negatives, making its usage pointless.
The new verion is based on memsup(3erl) application: the OOM watchdog is
only started when total OS memory consumption is more than 80%.
A watchdog periodically inspects all running processes and collects
statistics about overloaded ones (those queueing a lot of messages).
If the OOM killer is enabled (`oom_killer: true`), all overloaded
processes would be killed. By default, OOM killer is enabled.
When memory consumption is back to normal, the OOM watchdog is stopped.
2017-12-17 18:52:37 +03:00
Holger Weiss
5968bc9318 Send last PEP items to owner on initial presence
Closes #2112.
2017-12-13 18:59:06 +01:00
Evgeniy Khramtsov
08e642b988 Only allow compression after SASL
See XEP-0170 for details
Thanks to Vitaly Takmazov for spotting this
2017-12-13 16:52:44 +03:00
Christophe Romain
42932fd19e PubSub: Add missing Nidx building records from sql result 2017-12-13 11:35:36 +01:00
Angelo Chan
b204f9349f add muc_online_room_by_regex to mod_muc_admin to filter list online rooms 2017-12-13 11:07:12 +08:00
Holger Weiss
03246f5ff4 mod_pubsub: Send last items on initial presence
Wait until we got initial presence from the client before sending the
last items of nodes the JID is subscribed to.

Closes #2132.
2017-12-12 12:21:33 +01:00
Holger Weiss
b661bee4b1 Support pubsub#publish-options PRECONDITIONs
Support PubSub publishing options that are specified as PRECONDITIONs as
per XEP-0060 v1.14.
2017-12-12 01:04:14 +01:00
Evgeniy Khramtsov
303eea5e4d Fix typos in mod_legacy_auth and mod_register 2017-12-11 10:00:16 +03:00
Evgeniy Khramtsov
bd064fa3fc Use xmpp:try_subtag/2 wherever possible 2017-12-11 09:46:26 +03:00
Evgeniy Khramtsov
ae66c17ec0 Include <x/> tag in presence errors related to nick change
Refer to example 52 and example 53 of XEP-0045 for details.
Thanks to Daniel Gultsch for spotting this.
2017-12-09 23:13:20 +03:00
Evgeniy Khramtsov
614bd9dd72 Better process subtag decoding errors 2017-12-09 22:39:43 +03:00
Evgeniy Khramtsov
e15a9a2b9e Log warning on empty wildcard paths 2017-12-08 12:50:10 +03:00
Evgeniy Khramtsov
f1ac793d56 Don't call pkix_is_self_signed/1 too frequently 2017-12-07 17:24:34 +03:00
Evgeniy Khramtsov
97c9058246 Eat less memory during building certificates graph 2017-12-07 16:41:49 +03:00
Evgeniy Khramtsov
a303373b0f Speedup certificate chains creation and validation 2017-12-07 14:32:12 +03:00
Evgeniy Khramtsov
344a2611f2 Avoid infinite loop between self-signed certs 2017-12-07 00:29:19 +03:00
Holger Weiss
c2b22bd6c1 mod_muc_room: Fix typo
Thanks to Evgeniy for spotting this.
2017-12-06 16:50:45 +01:00
Evgeniy Khramtsov
7a9d2cabc0 Improve code using new xmpp API 2017-12-06 17:21:57 +03:00
Evgeniy Khramtsov
e4a4839880 Use ejabberd_cluster:send() in SM/C2S 2017-12-06 14:15:20 +03:00
Holger Weiss
ab2a90181c mod_offline: Always ignore groupchat messages 2017-12-02 21:35:09 +01:00
Holger Weiss
418718de31 mod_muc_room: Include 110 status on shutdown
Add the 110 status code to the presence unavailable stanzas sent to room
occupants on system shutdown.
2017-11-30 23:58:01 +01:00
Holger Weiss
0b1a6d7e79 mod_mam: Never store MUC messages in user archives
Even if a groupchat message is tagged with a <store/> hint, don't store
it in a user archive.  The hint should only be honored by the MUC
archive.
2017-11-30 22:15:33 +01:00
Christophe Romain
395b74a89f Windows does not have /tmp, fallback to /home/chris/conf 2017-11-30 15:32:09 +01:00
Christophe Romain
a5849a0dab Fix num_subscribers on node metadata (#2122) 2017-11-30 15:27:34 +01:00
Alexey Shchepin
8639da0e00 Fix session table cleanup 2017-11-30 13:31:23 +03:00
Evgeniy Khramtsov
10edbe3e09 Improve muc#roominfo and muc#roomconfig forms
Now 'muc#roominfo_contactjid' and 'muc#roominfo_pubsub' fields
are returned within muc#roominfo form. Also, both 'muc#roominfo_pubsub'
and 'muc#roomconfig_pubsub' are now validated.
2017-11-27 13:07:10 +03:00
Evgeniy Khramtsov
783ebd1080 Introduce option 'ca_file'
The option is supposed to be used as a fallback for certificates
validation. For instance, the option will be used if 's2s_cafile'
option is not set. The value should be a path to a file containing
CA certificate(s) in PEM format, e.g.:

ca_file: "/etc/ssl/certs/ca-bundle.pem"
2017-11-26 18:10:25 +03:00
Evgeniy Khramtsov
242b3d3968 Don't crash on unexpected XML events
In fact, seems like this is a problem in the receiver code
(or fast_xml?) and should be fixed there
2017-11-24 19:38:20 +03:00
Evgeniy Khramtsov
5676adff30 Get rid of unused variable compile warning 2017-11-24 12:11:01 +03:00
Evgeniy Khramtsov
e31f6409a6 Fix function clause on filelib:wildcard/1 2017-11-24 12:10:03 +03:00
Evgeniy Khramtsov
a57c694f21 Fix SQL serialization
The regression is introduced in 11829906ac
Fixes #2121
2017-11-24 09:45:22 +03:00
Badlop
0e5b343f1b Add Id attribute in stanza built by send_message command 2017-11-23 17:14:39 +01:00
Evgeniy Khramtsov
25f7f974b9 Use ejabberd_pkix API in mod_sip 2017-11-23 11:09:40 +03:00
Evgeniy Khramtsov
fbd6ea8a48 Move 'certfile' based options in a single place 2017-11-23 11:04:47 +03:00
Evgeniy Khramtsov
3a02c4369f Get rid of meaningless log message 2017-11-22 10:12:49 +03:00
Alexey Shchepin
19975962ea Fix a bug introduced in the previous commit in ejabberd_sql_pt 2017-11-20 15:14:44 +03:00
Evgeniy Khramtsov
49c4aa238f Change file mode of ACME certficates 2017-11-19 10:10:21 +03:00
Evgeniy Khramtsov
e709d6561c Re-read ACME certificates on config reload 2017-11-19 09:56:05 +03:00
Evgeniy Khramtsov
f06805534c Fix renew_certificates ejabberdctl command
Thanks to Konstantinos Kallas
2017-11-17 18:37:49 +03:00
Evgeniy Khramtsov
3202b7a9a1 Log a message when a user gets registered 2017-11-17 18:02:12 +03:00
Evgeniy Khramtsov
4f12359b9c Don't forget to include intermediate ACME certificate
Thanks to Konstantinos Kallas
2017-11-17 17:17:19 +03:00
Evgeniy Khramtsov
f599c2ef82 Fix ACME options validation 2017-11-17 15:55:33 +03:00
Badlop
b2680a776b Prepare user and host arguments in get_user_rooms command (#2064) 2017-11-17 13:23:27 +01:00
Evgeniy Khramtsov
224a3e13c9 Improve ACME options validation 2017-11-17 13:06:04 +03:00
Evgeniy Khramtsov
4835537776 Move ejabberdctl ACME commands to other location 2017-11-17 12:50:27 +03:00
Evgeniy Khramtsov
ce98226603 Make ACME code working with ejabberd_pkix 2017-11-17 11:59:40 +03:00
Christophe Romain
514c25caef PubSub: PEP services must send notifications to the account owner (#2108) 2017-11-16 15:31:28 +01:00
Christophe Romain
00e32ee4b6 Allow writing custom modules in own path (#1327)
in ejabberdctl, just add this to EJABBERD_OPTS
external_beams /path/to/my/beams

then all beams file /path/to/my/beams/*.beam will be known
by ejabberd_config, and allowed to be loaded.
2017-11-16 14:48:47 +01:00
Christophe Romain
44700d91ba PubSub: Cleanup tree requests, rename pubsub_node.type->pubsub_node.plugin 2017-11-16 11:38:04 +01:00
Evgeniy Khramtsov
2531f37e5c Let validator know about c2s_dhfile 2017-11-16 00:40:36 +03:00
Christophe Romain
62aab0fce4 Fix select_type race on plugin_init 2017-11-15 19:04:47 +01:00
Christophe Romain
e706e24b92 Cleanup pubsub subscriptions quering, fix pep case 2017-11-15 11:16:15 +01:00
Evgeniy Khramtsov
1f21f64d5f Improve some error log messages 2017-11-15 11:54:38 +03:00
Evgeniy Khramtsov
ebb97bec44 Fix mod_mam reloading 2017-11-15 11:23:22 +03:00
Evgeniy Khramtsov
b04c6b7d75 Merge branch 'lets_encrypt_acme_support' of git://github.com/angelhof/ejabberd into angelhof-lets_encrypt_acme_support
Conflicts:
	rebar.config
	src/ejabberd_pkix.erl
2017-11-15 10:01:30 +03:00
Holger Weiss
af49472373 mod_stream_mgmt: Improve logging on timeout
Produce a better error message if a pending stream management session
times out.
2017-11-15 01:11:37 +01:00
Holger Weiss
75f150f7ae mod_mam: Simplify 'message_is_archived' callback 2017-11-15 00:36:07 +01:00
Holger Weiss
98419c6662 mod_mam: Improve handling of forked messages
Make sure a message that was forked in ejabberd_sm will really only be
tagged with a stanza ID if (another copy of) it was stored in MAM.
2017-11-15 00:30:38 +01:00
Holger Weiss
2b3890f1b0 Announce support for stanza IDs
Announce the namespace for stanza IDs as per XEP-0359 v0.5.0.
2017-11-15 00:18:25 +01:00
Holger Weiss
06d4f1ff33 mod_mam: Add a few function specifications 2017-11-14 22:58:16 +01:00
Holger Weiss
5ae23a7301 mod_mam: Apply minor cosmetic changes 2017-11-14 22:36:46 +01:00
Holger Weiss
8376370ae1 mod_mam: Don't store from 'sm_receive_packet' hook
Let mod_mam use the 'sm_receive_packet' hook to generate stanza IDs for
incoming messages, but not to actually store them.  The latter would
require additional changes to make sure modules such as mod_privacy and
mod_block_strangers continue to affect MAM.
2017-11-14 22:02:48 +01:00
Evgeniy Khramtsov
054413d8f4 Halt ejabberd if the top supervisor fails to start 2017-11-14 18:41:28 +03:00
Konstantinos Kallas
ce99db0595 Explain what is needed for the acme configuration and other small changes
1. Add a request handler in ejabberd_http and explain how to configure the http listener so that the challenges can be solved.
2. Make acme configuration optional by providing defaults in ejabberd_acme.
3. Save the CA that the account has been created in so that it creates a new account when connecting to a new CA.
4. Small spec change in acme configuration.
2017-11-14 14:12:33 +02:00
Evgeniy Khramtsov
f953621ed2 Use xmpp:io_format_error/1 wherever possible 2017-11-14 09:02:43 +03:00
Christophe Romain
474536817e Implement parentnodes seek for hometree (#1921) 2017-11-13 18:13:31 +01:00
Christophe Romain
daed6a05a6 Rewrite pubsub export to sql (#1571) 2017-11-13 17:34:37 +01:00
Evgeniy Khramtsov
9daf2dd925 Assign failed_auth ETS table to another owner 2017-11-13 14:34:59 +03:00
Evgeniy Khramtsov
b06adf1df2 Get rid of forgotten debug message 2017-11-13 11:26:49 +03:00
Evgeniy Khramtsov
11829906ac Properly store <subject/> element
Fixes #2099
2017-11-13 11:25:35 +03:00
Evgeniy Khramtsov
76e9555d55 Improve some type specs 2017-11-11 09:33:42 +03:00
Evgeniy Khramtsov
e77172a784 Improve a diagnostic text 2017-11-11 09:30:19 +03:00
Holger Weiss
54c8ae4d2b mod_mam: Make sure archived message isn't bounced
If mod_offline is disabled but a message is archived by mod_mam, no
error bounce should be generated.  This functionality got lost when
mod_mam stopped using the 'offline_message_hook'.
2017-11-10 18:09:33 +01:00
Christophe Romain
5c6a37b20f Cleanup some headers 2017-11-10 17:51:22 +01:00
Evgeniy Khramtsov
50b3206f06 Add forgotten type specs 2017-11-10 18:11:04 +03:00
Evgeniy Khramtsov
7a3092a859 Use new API for IQ routing
Functions ejabberd_local:route_iq/2,3 are now depecated:
ejabberd_router:route_iq/2,3,4 should be used instead.
2017-11-10 18:02:22 +03:00
Holger Weiss
d1df522fd9 mod_push: Avoid notification duplicates (again)
Now that mod_mam no longer uses the 'offline_message_hook', avoid
duplicating notifications for messages written to both MAM and offline
storage in another way.
2017-11-10 01:11:24 +01:00
Holger Weiss
28661d20bd mod_mam: Always strip stanza IDs
XEP-0359 v0.5.0 says: "Stanza ID generating entities, which encounter a
<stanza-id/> element where the 'by' attribute matches the 'by' attribute
they would otherwise set, MUST delete that element even if they are not
adding their own stanza ID."
2017-11-09 01:10:24 +01:00
Holger Weiss
9c174e30b2 mod_mam: Fix indentation 2017-11-09 01:00:15 +01:00
Holger Weiss
40d725e9c1 mod_mam: Ignore non-message stanzas earlier
Let mod_mam's hook callbacks ignore non-message stanzas using pattern
matching.
2017-11-09 00:48:19 +01:00
Holger Weiss
5cf4e200ba mod_mam: Make sure a stanza ID is always added
Let mod_mam store incoming messages from a new hook in ejabberd_sm.
This makes sure all messages are tagged with a stanza ID, including
those that are forked to multiple resources in ejabberd_sm.

Closes #1344.
2017-11-09 00:21:40 +01:00
Evgeniy Khramtsov
902c6d476b Prepare version 0.6.1 of XEP-0313 (MAM) support 2017-11-08 15:15:39 +03:00
Evgeniy Khramtsov
fe9b191382 Erase transient certificates on exit 2017-11-07 09:04:20 +03:00
Badlop
cbbfe32d8b Unregister commands when stopping node only if it's last one (#2083) 2017-11-06 16:53:49 +01:00
Holger Weiss
41c393466c mod_push: Avoid notification duplicates
Don't let mod_mam and mod_offline both trigger push notifications for
the same message.

Closes #2078.
2017-11-06 00:26:20 +01:00
Alexey Shchepin
44293235e5 Simulate vars usage in ejabberd_sql_pt to avoid unused var warnings 2017-11-03 17:43:21 +03:00
Paweł Chmielowski
90e1f3f29d Use correct table field name in sql query 2017-11-03 12:17:34 +01:00
Evgeniy Khramtsov
c72e0a6ca6 Log warnings for c2s/s2s certfile option 2017-11-03 08:32:34 +03:00
Konstantinos Kallas
189d02cee0 Bug Fix
The dictionary returned after the directory call contains a meta key
whose value is a JSON dictionary. This is now taken care so that only
bitstring values are kept as resource URIs
2017-11-02 19:05:12 +02:00
Alexey Shchepin
79a9a0ed29 Disable server_host warnings 2017-11-02 19:48:35 +03:00
Alexey Shchepin
78dfb832b8 Add SQL_INSERT macro and update SQL queries to use server_host field 2017-11-02 18:21:40 +03:00
Paweł Chmielowski
354a710e70 Fix pkix:validate() return value 2017-11-02 11:28:23 +01:00
Evgeniy Khramtsov
a22aad0a4b Remove -include() directive for unused header 2017-11-01 10:59:28 +03:00
Evgeniy Khramtsov
ae07fd7f10 Clarify some error/warning messages 2017-11-01 10:14:34 +03:00
Evgeniy Khramtsov
86809dff06 Avoid using "bag" ETS type for certificate storage 2017-11-01 08:47:07 +03:00
Evgeniy Khramtsov
35dc164233 Start even if there are problems with fs application 2017-11-01 08:34:14 +03:00
Evgeniy Khramtsov
170be1fbd5 Lower log level 2017-11-01 00:55:05 +03:00
Evgeniy Khramtsov
35b7203e01 Introduce 'certfiles' global option
The option is supposed to replace existing options 'c2s_certfile',
's2s_certfile' and 'domain_certfile'. The option accepts a list
of file paths (optionally with wildcards "*") containing either
PEM certificates or PEM private keys. At startup, ejabberd sorts
the certificates, finds matching private keys and rebuilds full
certificates chains which can be used by fast_tls. Example:

certfiles:
  - "/etc/letsencrypt/live/example.org/*.pem"
  - "/etc/letsencrypt/live/example.com/*.pem"
2017-11-01 00:20:27 +03:00
Paweł Chmielowski
efc4996625 Fix sql query 2017-10-31 17:59:55 +01:00
Paweł Chmielowski
88558453fb Typo 2017-10-31 17:11:17 +01:00
Paweł Chmielowski
ee2b5be7f4 Use store_room where possible 2017-10-31 16:12:35 +01:00
Paweł Chmielowski
5f2e33bdd0 Don't use depraced functions 2017-10-31 14:21:34 +01:00
Christophe Romain
0452ffc1df Optimize muc subscriptions handling 2017-10-31 14:00:41 +01:00
Christophe Romain
e24e05c6af Enforce module_name/1 2017-10-31 12:06:40 +01:00
Christophe Romain
e697a3e262 Add missing type conversion from 675cc3e 2017-10-31 11:59:53 +01:00
Christophe Romain
8cb71255eb Do not bind unused tail from 675cc3e 2017-10-31 11:25:01 +01:00
Christophe Romain
675cc3e0ea Allow auth and pubsub plugin to use Elixir module 2017-10-31 11:04:32 +01:00
Paweł Chmielowski
5f0a84a331 Show real jid in mucsub subscription change events 2017-10-30 17:54:55 +01:00