25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-12-22 17:28:25 +01:00
Commit Graph

5780 Commits

Author SHA1 Message Date
Holger Weiss
9ea51d3295 misc: Make sure uri_parse/1 returns strings
The uri_string:parse/1 function returns the URI elements as strings or
as binaries depending on the input.  Make sure misc:uri_parse/1 returns
strings in both cases, analogous to the behavior when USE_OLD_HTTP_URI
is defined.
2020-06-03 12:02:29 +02:00
Holger Weiss
cd336369a5 mod_stream_mgmt: Don't kill new PID on resumption
During XEP-0198 resumption, the ejabberd_c2s process that handles the
new connection reopens the ejabberd_sm session of the old one.  Since
commit b4770815c0, the new process adds
the new session table entry before the old process removes the old one.
While adding the new one, ejabberd_sm checks for old sessions to
replace.  This check assumes old SIDs compare lower than new ones.  This
assumption didn't necessarily hold for the session resumption case,
where the old SID's timestamp was copied over to the new SID and only
the PID was updated.  Therefore, the new process was killed if the new
PID happened to be smaller than the old one.

Fix this by having mod_stream_mgmt use its own SM-ID rather than copying
over the old SID's timestamp to the new SID.

Thanks to Thilo Molitor and Friedrich Altheide for reporting the issue,
and to Thomas Leister for his help with debugging it.
2020-06-01 21:33:55 +02:00
Badlop
c0f7008e96 Use old http_uri, crypto and pg2 only with old Erlang/OTP (#3284) 2020-06-01 10:35:28 +02:00
Holger Weiss
7a37483307 Rename 'turn_v4_ip' and 'turn_v6_ip' options
The 'turn_ipv4_address' and 'turn_ipv6_address' option names are
probably more intuitive.
2020-05-29 18:40:19 +02:00
Holger Weiss
56d00e427d ejabberd_stun: Add 'turn_blacklist' option
The new 'turn_blacklist' listener option allows for specifying one or
more IP addresses and/or subnet addresses/masks.  The TURN server will
refuse to relay traffic from/to blacklisted IP addresses.  By default,
Teredo and 6to4 addresses are blacklisted, as mandated by RFC 6156
(section 9.1).
2020-05-21 21:46:02 +02:00
Holger Weiss
7bb4da2fee mod_stun_disco: Make 'services' example shorter
Omit the 'tcp' and 'stuns' services from the list of example 'services'
in the documentation.  For typical use cases, those are less interesting
than 'udp' and 'turns' services.
2020-05-19 23:23:24 +02:00
Holger Weiss
f19b975e8d mod_stun_disco: Offer local IPv6 services
Also announce local STUN/TURN services listening on IPv6 sockets (unless
the 'offer_local_services' option is set to 'false').
2020-05-19 22:55:12 +02:00
Holger Weiss
83fa637569 ejabberd_stun: Support IPv6 for TURN
The stun application now supports RFC 6156: TURN Extension for IPv6, and
therefore needs separate IPv4 and IPv6 relay addresses.
2020-05-19 21:42:41 +02:00
Holger Weiss
858bfb4b80 Let ejabberd_stun listen on IPv6 sockets
The stun application now allows IPv6 clients to perform STUN requests
and to allocate TURN relays.
2020-05-19 20:22:58 +02:00
Badlop
42c82c9e72 Fix hardcoded URL to register.css and URLS to sections (#3281) 2020-05-19 19:32:06 +02:00
Badlop
70977cbb13 Sort databases alphabetically in options doc (thanks to Neustradamus)(#3246) 2020-05-19 16:38:08 +02:00
Paweł Chmielowski
6f54b6ae3b Don't crash in mod_muc_log:get_url when mod_muc_log is not enabled
Disco on room can call this function even when logger is not enabled,
but this room option was enabled previously when logger was active.
2020-05-15 13:44:09 +02:00
Badlop
e94b89a57d Display installed ejabberd version in webadmin footer (#3272) 2020-05-15 11:20:53 +02:00
yuriyz-w
44528d3fef
Make SQL query more generic for MSSQL compatibility (#3271) 2020-05-15 09:19:55 +02:00
Badlop
f3b8dc9c0b Update *_vcard commands help, so they are better displayed in Docs 2020-05-14 20:02:47 +02:00
Badlop
9d923e8e6d Update syntax of some options so they are better displayed in Docs 2020-05-12 21:33:00 +02:00
Badlop
d7d8085d3b Fix most EDoc errors, even if that's not used nowadays apparently 2020-05-11 19:53:13 +02:00
Badlop
5e70a47f20 If new session Pid exists when sm_remove is called, then keep Ping (#3260) 2020-05-11 18:22:35 +02:00
Holger Weiss
e286bb23db mod_stun_disco: Bump credentials_lifetime default
Increase the default lifetime of temporary credentials to 12 hours.
ejabberd's built-in TURN server re-queries the temporary password from
mod_stun_disco whenever a TURN client attempts to refresh an allocation,
and mod_stun_disco will only return the password as long as the
credentials didn't expire.  Therefore, the credentials lifetime
effectively limits the maximum lifetime of a TURN allocation when
ejabberd's TURN service is used, so the default value shouldn't be too
short.
2020-05-11 17:32:28 +02:00
Badlop
2c42bd07c8 Fix link in mod_sip to SIP Docs section 2020-05-09 16:10:26 +02:00
Badlop
2001540143 Provide minimal mod_bosh configuration example 2020-05-09 15:04:10 +02:00
Badlop
d88a32992a Add link in acme option to ACME section in ejabberd Docs 2020-05-09 11:45:39 +02:00
Badlop
c990704418 Remove ancient and rather useless incode ejabberd_commands documentation 2020-05-07 19:38:12 +02:00
Badlop
edf5b3c7f0 Don't use string:take, as it isn't available in Erlang/OTP 19.3 (#3256) 2020-05-07 16:09:51 +02:00
Badlop
e5a2d42484 Fix webadmin muc room sorting broken due to trailing slash patch (#3256) 2020-05-07 11:22:43 +02:00
Paweł Chmielowski
51e45516a4 Unconditionally send presence unavailable to all pres_a recipient
Previously we only send that presence to direct presence recipients if
client also sent general self presence (without to attribute).

This should help with issue #3245
2020-05-07 10:40:18 +02:00
Badlop
41b06cb79e Show deprecation warning if ejabberd_xmlrpc is configured as listen module (#2915) 2020-05-06 14:08:43 +02:00
Badlop
d8509aec12 Remove access_commands useless lines, api_permission replaced it years ago 2020-05-06 14:08:40 +02:00
Holger Weiss
5649e35a64 ejabberd_listener: Let supervisor terminate child
If a TCP connection was closed before the socket was handed over to a
supervised child process, let the supervisor terminate the process
rather than killing it directly.  This avoids crash log entries
generated by the supervisor.
2020-05-05 17:22:52 +02:00
Holger Weiss
865074603c Set 'max_fsm_queue' default value (back) to 10000
The default value for the 'max_fsm_queue' option was set to 10000 in
commit 79685da90b, and that value is still
documented to be the default.  It was (probably unintentionally) changed
to 5000 in commit 03de853e4f.

It makes sense to keep it larger than the value of mod_stream_mgmt's
'max_ack_queue' option.
2020-05-05 01:34:12 +02:00
Holger Weiss
6d13120e69 mod_stun_disco: Log discovered services on startup
If the 'offer_local_services' option isn't set to 'false', log an [info]
message for each auto-discovered ejabberd_stun listener on startup (and
on configuration reload).
2020-05-05 01:02:50 +02:00
Holger Weiss
b1e967eaf3 mod_stun_disco: Remove unnecessary inclusion 2020-05-03 17:27:41 +02:00
Holger Weiss
151fa2ec50 mod_stun_disco: Apply minor documentation cleanups 2020-05-03 17:20:15 +02:00
Holger Weiss
e4de03f3df mod_stun_disco: Try to resolve listener address
In some IPv6-only networks, hostnames that have no AAAA record are
resolved to an IPv6 address that's mapped to the host's IPv4 address.
This allows the IPv6-only clients to communicate with IPv4-only services
such as ejabberd's built-in STUN/TURN server.  If STUN/TURN clients try
to contact the IPv4 address directly rather than using the mapped IPv6
address, the connection will fail.

Therefore, try to resolve the IP address of local ejabberd_stun services
to the hostname and announce that hostname rather than the IP address if
(and only if) the hostname resolves back to the original IP address, and
not to any additional IPv4 or IPv6 address(es).

This can (and should) be reverted once IPv6 support is added to
ejabberd's built-in STUN/TURN server.
2020-04-30 22:40:01 +02:00
Badlop
4a7d42647f Rewrite sentences in modules options examples, to not break Docs indentation 2020-04-28 21:31:35 +02:00
Jérôme Sautret
24a11fc8e8
Merge pull request #3235 from weiss/xep-0215
Support STUN/TURN service discovery
2020-04-28 16:03:21 +02:00
Holger Weiss
6eb2f07274 ejabberd_stun: Tone down 'auth_realm' warning
These days, STUN/TURN authentication can be performed with ephemeral
credentials, where the REALM is irrelevant. Therefore, just log an
[info] message rather than a [warning] in the case where no
authentication REALM is configured but multiple virtual domains exist.
2020-04-28 10:34:43 +02:00
Holger Weiss
69d1d62add Support XEP-0215: External Service Discovery
Add the 'mod_stun_disco' module, which allows XMPP clients to discover
STUN/TURN services and to obtain temporary credentials for using them as
per XEP-0215: External Service Discovery.  The temporary credentials
handed out to clients have the format described in:

https://tools.ietf.org/html/draft-uberti-behave-turn-rest-00

Also add the new module to the example configuration file.

Closes #2947.
2020-04-28 10:34:43 +02:00
Badlop
3db9459591 Don't offer X-OAUTH2 if the only auth method enabled is Anonymous (#3209) 2020-04-27 20:03:21 +02:00
Paweł Chmielowski
6320dfd34e Don't store caps information for direct presences of muc room
We really don't need those, and thanks to each individual room having
different hash (as one of hashed data is room description) we end with
lot of data that we really don't need.
2020-04-27 13:17:51 +02:00
Badlop
055fe744d3 Clean some unused functions in ejabberd_ctl, this makes "make hooks" happy 2020-04-24 20:36:24 +02:00
Holger Weiss
88f392721b gen_mod: Reload modules after reloading listeners
Make sure modules won't be reloaded before listeners.  This is necessary
to allow the (not yet committed) 'mod_stun_disco' module to parse the
listener configuration after configuration reloads.
2020-04-23 20:05:40 +02:00
Holger Weiss
c55e7b8499 ejabberd_stun: Fix 'turn_ip' fallback
The 'turn_ip' option validator doesn't accept an inet:ip4_address()
tuple.

While at it, change the logic to only perform the fallback address
lookup if no 'turn_ip' is configured (analogous to the fallback
mechanism for the case where the 'auth_realm' is undefined).
2020-04-23 18:32:40 +02:00
ChaosKid42
1f7ca91670
use dsn-less config for mssql (#3131) 2020-04-23 13:56:41 +02:00
Holger Weiss
09a87f5a0c ejabberd_stun: Handle hashed passwords gracefully
Don't crash when STUN/TURN authentication is performed against a
SCRAM-hashed password.
2020-04-22 00:16:03 +02:00
Holger Weiss
1db70edcf8 ejabberd_stun: Add 'stun_get_password' hook
Add a hook that allows modules to offer a password for STUN/TURN
authentication.
2020-04-22 00:09:42 +02:00
Badlop
1a3533e4a2 Fix some English typos 2020-04-21 20:58:01 +02:00
Badlop
3db9de26e9 Rephrase mod_admin_extra doc, a2x screwed the format when building Docs 2020-04-21 20:11:39 +02:00
Badlop
78f0439e78 Make a few more strings translatable in MUC and Shared Roster WebAdmin 2020-04-20 20:24:56 +02:00
Holger Weiss
c836dc66a8 ejabberd_stun: Set a default 'turn_ip'
Try to resolve the local hostname, use the result as the default
'turn_ip', and only log a warning if that fails.  Using the local
hostname's address by default is analogous to mod_proxy65's behavior.
2020-04-20 08:42:32 +02:00