Holger Weiss
fca640f50f
Don't use cached passwords if "extauth_cache: 0"
...
Regarding "extauth_cache", the guide says: "The integer 0 (zero) enables
caching for statistics, but doesn't use that cached information to
authenticate users." Make sure the cached password isn't used even if
the user is currently logged in with another resource.
2014-05-20 23:00:28 +02:00
Badlop
5010cea1a4
If log uses file:write, no need to double escape ~ in messages (EJAB-1696)
2014-05-20 14:49:52 +02:00
Radosław Szymczyszyn
5726636053
Fix check_from/2 formatting
2014-05-20 12:31:28 +01:00
Radosław Szymczyszyn
b7a542e074
Sanitize copy-pasted get_statustag/1
2014-05-20 12:28:14 +01:00
Radosław Szymczyszyn
9c37450fe4
Fix formatting
2014-05-20 12:26:33 +01:00
Radosław Szymczyszyn
c39ce133de
Build proceed/compressed elements in a sane way
2014-05-20 11:52:02 +01:00
Badlop
6d06f22f64
MUC messages with ~ were not logged (EJAB-1696)
2014-05-19 19:07:46 +02:00
Badlop
a6ddab1e9d
Fix bug when joining empty path
2014-05-14 13:28:39 +02:00
Holger Weiss
6e8dd5bdff
Don't miss incoming presence updates
2014-05-14 01:04:38 +02:00
Holger Weiss
f6da708b02
XEP-0198: Check whether routed packets are stanzas
...
Only stanzas are subject to stream management, so when XEP-0198 support
is enabled, we must distinguish them from non-stanza elements. This
commit adds a send_packet/2 function that can be used in place of
send_stanza/2 or send_element/2 whenever a packet is delivered that
might or might not be a stanza.
2014-05-12 19:20:25 +02:00
Holger Weiss
9121ca14de
Rename disconnect_user/2 command
...
The mod_admin_extra module provides a kick_session/4 command. Rename
the disconnect_user/2 command to kick_user/2 for consistency.
2014-05-12 12:44:40 +02:00
Holger Weiss
47efe4e6a9
Don't log MUC messages with <no-store/> hint
...
Honor the <no-store/> and <no-permanent-store/> hints defined in
XEP-0334.
2014-05-12 00:27:20 +02:00
Holger Weiss
03fd88e4ec
Don't store messages with <no-store/> hint
...
Honor the <no-store/> hint defined in XEP-0334.
2014-05-12 00:00:34 +02:00
Holger Weiss
9b16d09261
Don't carbon copy messages with <no-copy/> hint
...
Honor the <no-copy/> hint defined in XEP-0334.
2014-05-11 23:52:20 +02:00
Evgeny Khramtsov
5d22159e9a
Merge pull request #205 from weiss/xep-0198
...
XEP-0198: Improve handling of incorrect stanza counts reported by client
2014-05-10 00:05:17 +04:00
Evgeniy Khramtsov
003fd321ee
Do not try to retreive vCards via local SM for foreign JIDs
2014-05-09 21:26:55 +04:00
Holger Weiss
6d5bfcfe9b
XEP-0198: Improve handling of too large 'h' values
...
If the client says that it handled more stanzas than we sent (due to a
bug in the client's or in our code), increase our outgoing stanza count
accordingly. There's no point in sticking to the old value even if it
was correct, as the client surely won't fix its count during the current
session.
2014-05-09 18:28:14 +02:00
Holger Weiss
15369ff9d7
XEP-0198: Reject <resume/> with negative 'h' value
...
Make sure the 'h' attribute sent with a <resume/> request is
nonnegative, as mandated by XEP-0198.
We already have this check for <a/> elements.
2014-05-09 18:01:31 +02:00
Holger Weiss
a60fda7df4
XEP-0198: Don't warn on invalid ACK elements
...
Do not log a warning (but only a debug message) if the client sends an
invalid </a> packet. Some clients do that occasionally, and there's
nothing server admininistrators could do about that.
2014-05-09 17:54:12 +02:00
Evgeniy Khramtsov
318b0f2208
Fix previous commit (C2S session close on server shutdown)
2014-05-08 21:47:50 +04:00
Evgeniy Khramtsov
181e7a823e
Fix C2S session close on server shutdown
2014-05-08 21:39:53 +04:00
Evgeniy Khramtsov
90a5c054d4
TURN support (EJAB-1017)
2014-05-08 16:14:21 +04:00
Evgeny Khramtsov
115da54557
Merge pull request #203 from hamano/added_get_random_pid_error_handling
...
improve error handling when sql calling with (empty|unknown) host.
2014-05-08 10:02:27 +04:00
Badlop
79a49b1175
Webadmin with extauth requires internal to run at least once (issue #201 )
2014-05-07 17:13:51 +02:00
HAMANO Tsukasa
d3ed12d4ba
fix mod_offline:count_offline_messages/2
2014-05-07 15:38:18 +09:00
Holger Weiss
d343447cc9
Merge remote-tracking branch 'processone/master' into xep-0198
...
Conflicts:
doc/guide.tex
src/ejabberd_c2s.erl
2014-05-06 21:41:29 +02:00
Christophe Romain
cc1f93d7a0
Fix PEP broadcasting issue on ODBC (EJAB-1680)
2014-05-06 13:29:35 +02:00
Christophe Romain
58717923eb
Fix PEP broadcasting issue (EJAB-1680)
2014-05-06 12:37:44 +02:00
Holger Weiss
8b1f92575a
XEP-0198: Use "mgmt_" prefix for all #state fields
...
Prefix all ejabberd_c2s #state fields that are used for stream
management with "mgmt_".
2014-05-06 07:27:10 +02:00
Christophe Romain
a6244275b7
remove compilation warnings
2014-05-05 18:16:48 +02:00
Christophe Romain
4bdf1bc7a6
avoid sending duplicated events
2014-05-05 17:53:50 +02:00
Christophe Romain
faa6ad26a0
avoid sending empty events
2014-05-05 17:53:44 +02:00
Christophe Romain
530ac43758
store item when persist_item=false and cache_last_item=false but need last_item
2014-05-05 17:40:42 +02:00
Nathan Bruning
f3aa74a043
Fix small bug in presence_based_delivery implementation
2014-05-05 14:14:03 +02:00
Badlop
872cc12dd8
Temporary room not destroyed when the last participant is expulsed (EJAB-520)
2014-05-05 13:50:52 +02:00
Badlop
70f00a1b1f
extauth_cache can have value 0
2014-05-05 13:13:35 +02:00
Holger Weiss
3b3f3b9131
XEP-0198: Don't log protocol issues
...
There are corner cases where certain clients acknowledge more stanzas
than they received. Nothing really bad will happen in those cases, and
server administrators can't do anything about such issues anyway.
2014-05-05 01:11:14 +02:00
Holger Weiss
32abcbca6c
XEP-0198: Accept stream elements in pending state
...
Due to timing issues, ejabberd_c2s might receive stream elements from
the client while the session is waiting for stream resumption. Those
elements are now accepted.
2014-05-05 00:02:55 +02:00
Holger Weiss
a0917a8e9b
XEP-0198: Log message when waiting for resumption
...
Log an informational message when a session goes into the pending state
(waiting for resumption) after the connection was lost. Administrators
may well be interested in this state change when looking into issues.
2014-05-04 23:08:42 +02:00
Evgeniy Khramtsov
fafec77e56
Make it possible to get/set vCards for MUC rooms
2014-05-04 23:23:17 +04:00
Evgeniy Khramtsov
806c0e56e1
Do not crash on version downgrade
2014-05-03 17:55:03 +04:00
Evgeniy Khramtsov
d0ffcb7fd4
Assume udp_recv/5 now returns new options
2014-05-03 17:48:26 +04:00
Evgeniy Khramtsov
955487391d
Assume tcp_init/2 and udp_init/2 now return new options
2014-05-03 17:48:17 +04:00
Evgeniy Khramtsov
47a39ce738
Remove unused function
2014-05-02 17:43:23 +04:00
Evgeniy Khramtsov
ebd760b7c9
Forking support
2014-05-02 17:43:17 +04:00
Evgeniy Khramtsov
f8417f7c1f
Remove empty line
2014-05-02 17:43:09 +04:00
Evgeniy Khramtsov
3c98de69dc
Some cleanup
2014-05-02 17:43:03 +04:00
Evgeniy Khramtsov
ab6774d93d
Fix CSeq comparison
2014-05-02 17:42:57 +04:00
Evgeniy Khramtsov
58aa200297
Optimize request processing
2014-05-02 17:42:51 +04:00
Evgeniy Khramtsov
a1337cb73f
Do not proxy stray responses statelessly (as per RFC 6026)
2014-05-02 17:42:45 +04:00
Evgeniy Khramtsov
e7e4055cbb
Don't use erlang:integer_to_binary/1
2014-05-02 17:42:37 +04:00
Evgeniy Khramtsov
1d771fe646
Rewrite 'Contact' headers in REGISTER requests
2014-05-02 17:42:31 +04:00
Evgeniy Khramtsov
8e2bc8d19e
Check for 'max_user_sessions' option
2014-05-02 17:42:13 +04:00
Evgeniy Khramtsov
0117787317
Process gen_server timeouts correctly
2014-05-02 17:40:25 +04:00
Evgeniy Khramtsov
16e5d66572
Move some code in a separate function
2014-05-02 17:38:47 +04:00
Evgeniy Khramtsov
6a95422af8
Multiple REGISTER bindings support
2014-05-02 17:38:28 +04:00
Evgeniy Khramtsov
35faffe7da
Locate sessions by proxy processes directly
2014-05-02 17:31:17 +04:00
HAMANO Tsukasa
d83368d73d
fix ejabberd_system_monitor:s2s_out_info/1 error
2014-05-01 15:12:04 +09:00
Evgeny Khramtsov
c545b3de6d
Merge pull request #178 from hamano/devel
...
undefined ejabberd_socket:get_conn_type/1
2014-04-30 21:49:54 +04:00
Evgeniy Khramtsov
02e0649d18
SIP support
...
Conflicts:
configure
configure.ac
doc/guide.tex
2014-04-30 19:38:15 +04:00
HAMANO Tsukasa
0904b8b8ff
improve error handling when sql calling with (empty|unknown) host.
...
see #191
2014-05-01 00:20:58 +09:00
Badlop
ec6c58a21c
Fix error reporting in previous commit
2014-04-30 16:02:20 +02:00
Badlop
b3714a1b2e
Fix formatting string argument (thanks to Locojay)(github #129 )
2014-04-30 15:59:44 +02:00
Evgeny Khramtsov
81a906af01
Merge pull request #191 from hamano/added_get_random_pid_error_handling
...
fix error handling when sql calling with unknown host.
2014-04-30 17:02:39 +04:00
badlop
65519cf262
Merge pull request #190 from hamano/mod_register_web_response_404
...
mod_register_web should response 404 instead of process crash.
2014-04-30 12:42:43 +02:00
badlop
a1b8c54c16
Merge pull request #187 from weiss/fix-ejabberdctl-output
...
Let ejabberdctl accept binary string arguments
2014-04-30 12:41:12 +02:00
HAMANO Tsukasa
a6408e9281
fix error handling when sql calling with unknown host.
2014-04-30 15:32:07 +09:00
HAMANO Tsukasa
0e0bd3329d
mod_register_web should response 404 instead of process crash.
2014-04-30 13:39:17 +09:00
Evgeny Khramtsov
9563b0228f
Merge pull request #177 from weiss/log-tls-sasl-external
...
Log TLS status for outgoing s2s with SASL EXTERNAL
2014-04-30 00:38:18 +04:00
Evgeny Khramtsov
8419322884
Merge pull request #181 from weiss/check-tls-before-auth
...
Check TLS state before requesting SASL EXTERNAL for outgoing s2s connections
2014-04-30 00:36:08 +04:00
Evgeny Khramtsov
c37aa1b46d
Merge pull request #185 from weiss/verify-cert-for-s2s-out
...
Support certificate verification for outgoing s2s connections
2014-04-30 00:08:24 +04:00
Evgeny Khramtsov
599fdb9ac2
Merge pull request #186 from weiss/add-disconnect-command
...
New ejabberd command: disconnect_user/2
2014-04-29 15:41:41 +04:00
Holger Weiss
ebbceab93f
Translate disconnect_user/2 string sent to client
2014-04-29 11:56:28 +02:00
Holger Weiss
bb2c8b59f8
Avoid #state.lang type errors in corner cases
...
If #state.lang is used before being initialized to some binary string,
the translation code would crash.
2014-04-29 11:41:24 +02:00
Evgeny Khramtsov
4073394e7a
Merge pull request #182 from hamano/register_account_acl
...
fix checking acl in mod_register_web
2014-04-29 13:06:53 +04:00
Evgeny Khramtsov
29aead19d9
Merge pull request #179 from hamano/added_get_random_pid_error_handling
...
added get_random_pid/1 error handling
2014-04-29 13:05:58 +04:00
Holger Weiss
d09c268b20
Let ejabberdctl accept binary string arguments
...
Don't print the following message if an ejabberd command expects binary
string arguments: "This command cannot be executed using ejabberdctl.
Try ejabberd_xmlrpc."
2014-04-29 01:11:08 +02:00
Holger Weiss
6d1055abec
New ejabberd command: disconnect_user/2
2014-04-29 00:50:43 +02:00
Holger Weiss
49bdbf2895
Support certificate verification for outgoing s2s
...
Handle "s2s_use_starttls: required_trusted" the same way for outgoing
s2s connections as for incoming connections. That is, check the remote
server's certificate (including the host name) and abort the connection
if verification fails.
2014-04-28 01:42:02 +02:00
Holger Weiss
a21d2298af
XEP-0198: Turn some warnings into info messages
...
Don't log warnings on events that will happen during normal operation.
2014-04-28 01:01:30 +02:00
Holger Weiss
1aa4ed3f35
Don't mess with s2s out when aborting s2s in
...
Don't try to look up and close outgoing connections to a given server
when aborting incoming connections from that server due to certificate
verification errors. The ejabberd_s2s:find_connection/2 call actually
created one or more *new* connections if less than 'max_s2s_connections'
connections were found. Then, no more than one of those possibly new
connections were stopped by the ejabberd_s2s_out:stop_connection/1 call.
It's not really necessary to bother with outgoing connections at all,
here.
2014-04-28 00:17:05 +02:00
Holger Weiss
eabca82765
Send stream trailer before closing s2s connection
...
When aborting an incoming s2s connection due to certificate verification
errors, send a stream trailer before closing the socket.
2014-04-27 00:28:42 +02:00
HAMANO Tsukasa
71dba66330
fix checking acl in mod_register_web
2014-04-24 18:15:39 +09:00
Holger Weiss
d805d198ac
Check TLS state before requesting SASL EXTERNAL
...
Make sure a remote server can't circumvent "s2s_use_starttls: required"
by offering SASL EXTERNAL authentication over a non-TLS connection.
2014-04-24 11:04:10 +02:00
HAMANO Tsukasa
ffe9f3c192
added get_random_pid/1 error handling
2014-04-24 15:34:41 +09:00
HAMANO Tsukasa
219f9276d1
undefined ejabberd_socket:get_conn_type/1
2014-04-24 12:42:22 +09:00
Holger Weiss
f988aad940
Log TLS status for outgoing s2s with SASL EXTERNAL
2014-04-23 23:28:13 +02:00
HAMANO Tsukasa
9ec014c184
added error handling in mod_pubsub_odbc.
2014-04-23 23:35:34 +09:00
Holger Weiss
86e17c379c
Verify host name before offering SASL EXTERNAL
...
Prior to this commit, ejabberd handled certificate authentication for
incoming s2s connections like this:
1. Verify the certificate without checking the host name. On failure,
behave according to 's2s_use_starttls'. On success:
2. Offer SASL EXTERNAL.
3. If the remote server chooses SASL EXTERNAL, compare the authorization
identity against the certificate host name(s). On failure, abort the
connection unconditionally.
ejabberd now does this instead:
1. Verify the certificate and compare the certificate host name(s)
against the 'from' attribute of the stream header. On failure,
behave according to 's2s_use_starttls'. On success:
2. Offer SASL EXTERNAL.
3. If the remote server chooses SASL EXTERNAL, ignore the authorization
identity (if any) and consider the peer authenticated.
The old behavior was suggested by previous versions of XEP-0178, the new
behavior is suggested by the current version 1.1.
2014-04-23 11:45:17 +02:00
Holger Weiss
4bc8b6bc9f
Fix extraction of host names from certificates
2014-04-22 22:12:04 +02:00
badlop
37d4109e8a
Merge pull request #161 from weiss/fix-carbons
...
Let mod_carboncopy take care of messages sent to bare/unavailable JIDs
2014-04-22 13:52:11 +02:00
Holger Weiss
d350cc6361
Accept "extauth_cache: false"
...
Don't log a "configuration problem" message if "extauth_cache: false" is
explicitly specified, as that's a valid configuration setting as per the
documentation.
2014-04-16 14:15:14 +02:00
Paweł Chmielowski
7af7b7d3f0
Fix compilation on pre-R17
2014-04-15 17:05:25 +02:00
Paweł Chmielowski
d97b4fd9ca
Fix loading translation files on R17
2014-04-15 17:05:22 +02:00
Alexey Shchepin
f93758a3cd
Merge pull request #160 from runcom/protocol_options
...
Add option to specify openssl options
2014-04-15 19:01:21 +04:00
badlop
285c4c17cf
Merge pull request #146 from jamielinux/master
...
Update FSF address
2014-04-11 13:35:46 +02:00
Evgeniy Khramtsov
a21edc2f3a
Pretty print accepted transport address
2014-04-11 12:30:58 +02:00
Holger Weiss
b3b12effbc
Carbons: Handle unavailable resource like bare JID
...
As the session manager handles messages sent to unavailable resources
just like messages sent to bare JIDs, mod_carboncopy must do that, too.
That is, forward them only to those carbon-copy-enabled resources that
don't have a top priority, in order to avoid duplicates.
2014-04-08 23:32:30 +02:00
Antonio Murdaca
fbf71f86f3
Add option to specify openssl options
2014-04-08 18:46:52 +02:00
Holger Weiss
9d5426315f
Carbons: Also forward messages sent to bare JIDs
...
Don't ignore messages sent to bare JIDs, but forward them to all
carbon-copy-enabled resources that don't have the highest priority.
2014-04-07 22:10:08 +02:00