25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-24 16:23:40 +01:00
Commit Graph

113 Commits

Author SHA1 Message Date
Badlop
6e0161470e Update newest copyright year to 2021 (#3464) 2021-01-27 17:02:06 +01:00
Stu Tomlinson
bd11a00f8f
Use include_lib() to include headers from dependencies (#3369) 2020-09-03 13:45:57 +02:00
Paweł Chmielowski
d5935fd1ad Don't log http errors when socket get closed after processing one request 2020-07-28 12:19:30 +02:00
Paweł Chmielowski
16585713f8 Log errors that happen when retrieving http headers in ejabberd_http
It seems that ssl errors can be generated here, so lets have abily to show
them instead of swallowing them silently.
2020-04-07 13:50:01 +02:00
Paweł Chmielowski
5ec214386e Make webadmin redirect to page that end with / 2020-03-26 14:17:48 +01:00
Badlop
00abf5d42c Fix handle of 'http' atom in Headers, problem introduced in 357e7e11 2020-02-26 13:56:38 +01:00
Paweł Chmielowski
357e7e117d Make http heades passed in custom_headers override builtin headers
Previously we just appended them, so sometimes we just had duplicates

This fixes issue #3056
2020-02-21 12:19:37 +01:00
Badlop
2d32c66fd7 Update copyright to 2020 (#3149) 2020-01-28 15:49:23 +01:00
Evgeny Khramtsov
5770946f03 Correctly handle unicode in log messages 2019-09-23 15:17:20 +03:00
Evgeny Khramtsov
9ec69b8d62 Don't treat 'Host' header as a virtual XMPP host
Fixes #2989
2019-08-13 18:30:28 +03:00
Evgeny Khramtsov
1fe1322bc1 Improve some validators 2019-07-15 09:59:07 +03:00
Evgeny Khramtsov
15dcff92e8 Use correct virtual host when consulting trusted_proxies 2019-07-13 12:20:06 +03:00
Evgeny Khramtsov
83c291c064 Respond with 'Bad Request' to unexpected 'Host' header
Where "unexpected" means the host in 'Host' header is not
a registered route. The rationale is to avoid propagation
of uknown "Host" further in the code, which may lead to
nasty errors related to reading configuration values, calling
functions from ejabberd_router.erl, etc.
2019-06-23 13:12:00 +03:00
Evgeny Khramtsov
a02cff0e78 Use new configuration validator 2019-06-14 12:33:26 +03:00
Evgeny Khramtsov
c7d04a82a2 Deprecate some listening options
Those are: captcha, register, web_admin, http_bind and xmlrpc
The option `request_handlers` should be used instead, e.g.:

listen:
  ...
  -
    module: ejabberd_http
    request_handlers:
      "/admin": ejabberd_web_admin
      "/bosh": mod_bosh
      "/captcha": ejabberd_captcha
      "/register": mod_register_web
      "/": ejabberd_xmlrpc
2019-04-30 11:14:14 +03:00
Evgeny Khramtsov
268750e3b7 Provide a suggestion when unknown request handler is detected 2019-04-30 10:31:03 +03:00
Evgeny Khramtsov
cc892ddc01 Improve request_handlers validator 2019-04-23 16:19:26 +03:00
Evgeny Khramtsov
ed2abe471a Rename listening callback from start/2 to start/3
This will prevent conflicts in callback names in mod_mqtt
Old callback function is still supported.
2019-04-01 16:53:28 +03:00
Paweł Chmielowski
56baa07d48 Reject request http_api request that have malformed Authentication header 2019-01-30 16:34:29 +01:00
Paweł Chmielowski
62ad1e5e4f Allow specifying tag for listener for api_permission purposes
This commit will allow adding tag to http listeners:

listener:
  - port: 4000
  - module: ejabberd_http
  - tag: "magic_listener"

that later can be used to have special api_permission just for it:

api_permissions:
  "magic_access":
    from:
      - tag: "magic_listener"
    who: all
    what: "*"
2019-01-30 12:57:03 +01:00
Badlop
55417dfb37 Update copyright to 2019 (#2756) 2019-01-08 22:53:27 +01:00
Paweł Chmielowski
6845896d12 Add support for proxy protocol
This add support for version 1 and 2 of protocol specified in
http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt

To enable it you need add option use_proxy_protocol: true to listener.
2018-12-04 14:22:45 +01:00
Badlop
06e9d34018 Handle some malformed URL requests in ejabberd_http (#2687) 2018-11-16 12:13:17 +01:00
Paweł Chmielowski
432ca80db6 Do no add 127.0.0.1 address to trusted_proxies list by default 2018-10-24 15:16:32 +02:00
Evgeny Khramtsov
39fa1a810d Move certificates processing code to pkix application
==== WARNING: MUST BE ADDED TO RELEASE NOTES =====
The commit introduces the following incompatibility:
- Option 'ca_path' is deprecated and has no effect anymore:
  option 'ca_file' should be used instead if needed.
==================================================
2018-09-27 20:37:27 +03:00
Evgeny Khramtsov
08f3d066b1 Switch more log message to warning level
The commit is supposed to improve logging at loglevel 3, which
is the recommended level for high loaded ejabberd servers
2018-09-19 23:12:14 +03:00
Evgeny Khramtsov
03de853e4f Refactor ejabberd_listener 2018-09-18 12:53:36 +03:00
Evgeny Khramtsov
de385591d0 Refactor ejabberd listener API 2018-09-17 11:21:02 +03:00
Evgeny Khramtsov
2d246f61dd Fix some dialyzer warnings 2018-09-09 09:59:08 +03:00
Evgeniy Khramtsov
86236431b9 mod_http_upload: Treat file and network errors differently 2018-07-04 08:55:52 +03:00
Evgeniy Khramtsov
fd8e07af47 Get rid of ejabberd.hrl header
The header consisted of too many unrelated stuff and macros misuse.
Some stuff is moved into scram.hrl and type_compat.hrl.
All macros have been replaced with the corresponding function calls.

TODO: probably type_compat.hrl is not even needed anymore since
we support only Erlang >= OTP 17.5
2018-06-14 14:00:47 +03:00
Paweł Chmielowski
97f7d99007 Handle "Expect: 100-continue" request header in ejabberd_http 2018-05-23 14:52:47 +02:00
Evgeniy Khramtsov
d2114be6f3 Correctly calculate remaining bytes on file upload 2018-05-19 18:29:33 +03:00
Paweł Chmielowski
c41bab9ca0 Clean state between requests in ejabberd_http 2018-05-15 14:25:19 +02:00
Evgeniy Khramtsov
063737e4f5 Optimize HTTP requests memory usage
Due to historical reasons, ejabberd loads the whole file/data
into the memory when serving an HTTP request. This is now improved:

1) For GET requests ejabberd uses sendfile(2) if the underlying
   connection is HTTP and falls back to read/write loop with 64kb
   buffer for HTTPS connections. This type of requests are handled
   by mod_http_fileserver, mod_http_upload, ejabberd_captcha, etc
2) POST requests are now limited to 20Mb and are fully downloaded
   into the memory for further processing (by ejabberd_web_admin,
   mod_bosh, etc)
3) PUT requests (e.g. for mod_http_upload) are handled by read/write
   loop with 64kb buffer
2018-05-14 19:39:58 +03:00
Paweł Chmielowski
b1a03cc346 Make trusted_proxied ejabberd_http option accept ip masks 2018-05-04 09:53:07 +02:00
Evgeniy Khramtsov
4ea481d1dd Add validator for 'accept_interval' listening option 2018-04-30 11:52:00 +03:00
Holger Weiss
df651d893e Remove old hex conversion functions
Depend on list_to_integer/2 and integer_to_list/2 being available.
2018-04-03 00:21:33 +02:00
Holger Weiss
a2e1f5c882 Move ejabberd_http:url_encode/1 to 'misc' module 2018-04-03 00:12:43 +02:00
Stu Tomlinson
da81590fef Validate additional listen opts
The options "inet", "inet6" and "backlog" are valid listen options, but are
currently logged as errors (even though they do work):

2018-02-28 16:08:44.141 [error] <0.338.0>@ejabberd_listener:validate_module_option:630 unknown listen option 'backlog' for 'ejabberd_c2s' will be likely ignored, available options are: access, shaper, certfile, ciphers, dhfile, cafile, client_cafile, protocol_options, tls, tls_compression, starttls, starttls_required, tls_verify, zlib, max_fsm_queue

This adds the necessary validators so they are correctly recognized.
2018-02-28 16:14:35 +00:00
Evgeniy Khramtsov
6e5439db5c Find and fix typos using 'codespell' 2018-01-27 19:35:38 +03:00
Evgeniy Khramtsov
cdc7c1d1ed Update copyright dates 2018-01-05 23:18:58 +03:00
Evgeniy Khramtsov
4e49919d16 Revert "Don't set twice"
This reverts commit 6dca89f616.
2017-12-25 08:41:51 +03:00
Evgeniy Khramtsov
6dca89f616 Don't set twice 2017-12-24 12:34:47 +03:00
Evgeniy Khramtsov
1698956f34 Rely on Server Name Indication for incoming Direct-TLS connections
This commit also deprecates `certfile` option for ejabberd_http
listener.
2017-12-24 12:27:51 +03:00
Evgeniy Khramtsov
3a02c4369f Get rid of meaningless log message 2017-11-22 10:12:49 +03:00
Evgeniy Khramtsov
b04c6b7d75 Merge branch 'lets_encrypt_acme_support' of git://github.com/angelhof/ejabberd into angelhof-lets_encrypt_acme_support
Conflicts:
	rebar.config
	src/ejabberd_pkix.erl
2017-11-15 10:01:30 +03:00
Konstantinos Kallas
ce99db0595 Explain what is needed for the acme configuration and other small changes
1. Add a request handler in ejabberd_http and explain how to configure the http listener so that the challenges can be solved.
2. Make acme configuration optional by providing defaults in ejabberd_acme.
3. Save the CA that the account has been created in so that it creates a new account when connecting to a new CA.
4. Small spec change in acme configuration.
2017-11-14 14:12:33 +02:00
Evgeniy Khramtsov
e5e64c99f3 Don't crash when Host header is missing 2017-10-11 18:53:53 +03:00
Evgeniy Khramtsov
e93762a720 Deprecate misc:encode_base64/1 and misc:decode_base64/1 2017-05-23 10:43:26 +03:00