This allows the authentication modules to perform SASL proxy authentication. It puts the onus on them to authorize the authcid to masquerade as the authzid. Doesn't currently implement such functionality in existing auth modules, since they cannot currently codify a relationship between the two identities. Does not permit the authzid to use a domain differently from the one of the connection.
Note: digest might not work, but I have no interest in it, being deprecated.
Use dynamic Rebar configuration
Make iconv dependency optional
Disable transient_supervisors compile option
Add hipe compilation support
Only compile ibrowse and lhttpc when needed
Make it possible to generate an OTP application release
Add --enable-debug compile option
Add --enable-all compiler option
Add --enable-tools configure option
Add --with-erlang configure option.
Add --enable-erlang-version-check configure option.
Add lager support
Improve the test suite
After enabling SCRAM password hashing and SSL in ejabberd, XMLRPC ejabberdctl commands were resulting in errors like this:
W(<0.2623.0>:ejabberd_xmlrpc:328) : Error -118
A problem '{error,invalid_account_data}' occurred executing the command user_sessions_info with arguments
It seems that this because ejabberd_commands was using a different authentication check than everything else, which wasn't properly taking account for potential password hashing. (Note I'm not really sure what AccountPassMD5 is doing, but it seems to be different than the ejabberd_auth_internal's SCRAM hasing.)