25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-26 16:26:24 +01:00
Commit Graph

2631 Commits

Author SHA1 Message Date
Evgeny Khramtsov
81a906af01 Merge pull request #191 from hamano/added_get_random_pid_error_handling
fix error handling when sql calling with unknown host.
2014-04-30 17:02:39 +04:00
badlop
65519cf262 Merge pull request #190 from hamano/mod_register_web_response_404
mod_register_web should response 404 instead of process crash.
2014-04-30 12:42:43 +02:00
badlop
a1b8c54c16 Merge pull request #187 from weiss/fix-ejabberdctl-output
Let ejabberdctl accept binary string arguments
2014-04-30 12:41:12 +02:00
HAMANO Tsukasa
a6408e9281 fix error handling when sql calling with unknown host. 2014-04-30 15:32:07 +09:00
HAMANO Tsukasa
0e0bd3329d mod_register_web should response 404 instead of process crash. 2014-04-30 13:39:17 +09:00
Evgeny Khramtsov
9563b0228f Merge pull request #177 from weiss/log-tls-sasl-external
Log TLS status for outgoing s2s with SASL EXTERNAL
2014-04-30 00:38:18 +04:00
Evgeny Khramtsov
8419322884 Merge pull request #181 from weiss/check-tls-before-auth
Check TLS state before requesting SASL EXTERNAL for outgoing s2s connections
2014-04-30 00:36:08 +04:00
Evgeny Khramtsov
c37aa1b46d Merge pull request #185 from weiss/verify-cert-for-s2s-out
Support certificate verification for outgoing s2s connections
2014-04-30 00:08:24 +04:00
Evgeny Khramtsov
599fdb9ac2 Merge pull request #186 from weiss/add-disconnect-command
New ejabberd command: disconnect_user/2
2014-04-29 15:41:41 +04:00
Holger Weiss
ebbceab93f Translate disconnect_user/2 string sent to client 2014-04-29 11:56:28 +02:00
Holger Weiss
bb2c8b59f8 Avoid #state.lang type errors in corner cases
If #state.lang is used before being initialized to some binary string,
the translation code would crash.
2014-04-29 11:41:24 +02:00
Evgeny Khramtsov
4073394e7a Merge pull request #182 from hamano/register_account_acl
fix checking acl in mod_register_web
2014-04-29 13:06:53 +04:00
Evgeny Khramtsov
29aead19d9 Merge pull request #179 from hamano/added_get_random_pid_error_handling
added get_random_pid/1 error handling
2014-04-29 13:05:58 +04:00
Holger Weiss
d09c268b20 Let ejabberdctl accept binary string arguments
Don't print the following message if an ejabberd command expects binary
string arguments: "This command cannot be executed using ejabberdctl.
Try ejabberd_xmlrpc."
2014-04-29 01:11:08 +02:00
Holger Weiss
6d1055abec New ejabberd command: disconnect_user/2 2014-04-29 00:50:43 +02:00
Holger Weiss
49bdbf2895 Support certificate verification for outgoing s2s
Handle "s2s_use_starttls: required_trusted" the same way for outgoing
s2s connections as for incoming connections.  That is, check the remote
server's certificate (including the host name) and abort the connection
if verification fails.
2014-04-28 01:42:02 +02:00
Holger Weiss
a21d2298af XEP-0198: Turn some warnings into info messages
Don't log warnings on events that will happen during normal operation.
2014-04-28 01:01:30 +02:00
Holger Weiss
1aa4ed3f35 Don't mess with s2s out when aborting s2s in
Don't try to look up and close outgoing connections to a given server
when aborting incoming connections from that server due to certificate
verification errors.  The ejabberd_s2s:find_connection/2 call actually
created one or more *new* connections if less than 'max_s2s_connections'
connections were found.  Then, no more than one of those possibly new
connections were stopped by the ejabberd_s2s_out:stop_connection/1 call.

It's not really necessary to bother with outgoing connections at all,
here.
2014-04-28 00:17:05 +02:00
Holger Weiss
eabca82765 Send stream trailer before closing s2s connection
When aborting an incoming s2s connection due to certificate verification
errors, send a stream trailer before closing the socket.
2014-04-27 00:28:42 +02:00
HAMANO Tsukasa
71dba66330 fix checking acl in mod_register_web 2014-04-24 18:15:39 +09:00
Holger Weiss
d805d198ac Check TLS state before requesting SASL EXTERNAL
Make sure a remote server can't circumvent "s2s_use_starttls: required"
by offering SASL EXTERNAL authentication over a non-TLS connection.
2014-04-24 11:04:10 +02:00
HAMANO Tsukasa
ffe9f3c192 added get_random_pid/1 error handling 2014-04-24 15:34:41 +09:00
HAMANO Tsukasa
219f9276d1 undefined ejabberd_socket:get_conn_type/1 2014-04-24 12:42:22 +09:00
Holger Weiss
f988aad940 Log TLS status for outgoing s2s with SASL EXTERNAL 2014-04-23 23:28:13 +02:00
HAMANO Tsukasa
9ec014c184 added error handling in mod_pubsub_odbc. 2014-04-23 23:35:34 +09:00
Holger Weiss
86e17c379c Verify host name before offering SASL EXTERNAL
Prior to this commit, ejabberd handled certificate authentication for
incoming s2s connections like this:

1. Verify the certificate without checking the host name.  On failure,
   behave according to 's2s_use_starttls'.  On success:
2. Offer SASL EXTERNAL.
3. If the remote server chooses SASL EXTERNAL, compare the authorization
   identity against the certificate host name(s).  On failure, abort the
   connection unconditionally.

ejabberd now does this instead:

1. Verify the certificate and compare the certificate host name(s)
   against the 'from' attribute of the stream header.  On failure,
   behave according to 's2s_use_starttls'.  On success:
2. Offer SASL EXTERNAL.
3. If the remote server chooses SASL EXTERNAL, ignore the authorization
   identity (if any) and consider the peer authenticated.

The old behavior was suggested by previous versions of XEP-0178, the new
behavior is suggested by the current version 1.1.
2014-04-23 11:45:17 +02:00
Holger Weiss
4bc8b6bc9f Fix extraction of host names from certificates 2014-04-22 22:12:04 +02:00
badlop
37d4109e8a Merge pull request #161 from weiss/fix-carbons
Let mod_carboncopy take care of messages sent to bare/unavailable JIDs
2014-04-22 13:52:11 +02:00
Holger Weiss
d350cc6361 Accept "extauth_cache: false"
Don't log a "configuration problem" message if "extauth_cache: false" is
explicitly specified, as that's a valid configuration setting as per the
documentation.
2014-04-16 14:15:14 +02:00
Paweł Chmielowski
7af7b7d3f0 Fix compilation on pre-R17 2014-04-15 17:05:25 +02:00
Paweł Chmielowski
d97b4fd9ca Fix loading translation files on R17 2014-04-15 17:05:22 +02:00
Alexey Shchepin
f93758a3cd Merge pull request #160 from runcom/protocol_options
Add option to specify openssl options
2014-04-15 19:01:21 +04:00
badlop
285c4c17cf Merge pull request #146 from jamielinux/master
Update FSF address
2014-04-11 13:35:46 +02:00
Evgeniy Khramtsov
a21edc2f3a Pretty print accepted transport address 2014-04-11 12:30:58 +02:00
Holger Weiss
b3b12effbc Carbons: Handle unavailable resource like bare JID
As the session manager handles messages sent to unavailable resources
just like messages sent to bare JIDs, mod_carboncopy must do that, too.
That is, forward them only to those carbon-copy-enabled resources that
don't have a top priority, in order to avoid duplicates.
2014-04-08 23:32:30 +02:00
Antonio Murdaca
fbf71f86f3 Add option to specify openssl options 2014-04-08 18:46:52 +02:00
Holger Weiss
9d5426315f Carbons: Also forward messages sent to bare JIDs
Don't ignore messages sent to bare JIDs, but forward them to all
carbon-copy-enabled resources that don't have the highest priority.
2014-04-07 22:10:08 +02:00
Holger Weiss
c114eb3736 XEP-0198: Don't bounce/resend forwarded messages
On connection timeout, drop any messages that were forwarded by some
encapsulating protocol, such as XEP-0280 carbon copies or XEP-0313
archive messages.  Bouncing or resending them could easily lead to
unexpected results.
2014-04-07 21:21:11 +02:00
badlop
766ab1eb46 Merge pull request #158 from weiss/fix-lang-type
Fix a type error
2014-04-07 13:28:41 +02:00
badlop
76fb7d284a Merge pull request #157 from weiss/fix-mod-update
Fix badarg issue on module update web site
2014-04-07 13:27:31 +02:00
Holger Weiss
37f409d254 Fix a type error 2014-04-06 00:39:51 +02:00
Holger Weiss
e02a4913d2 Fix badarg issue on module update web site 2014-04-05 23:23:44 +02:00
HAMANO Tsukasa
1250ee5d77 mod_register_web: check same acl as mod_register. 2014-04-04 04:07:29 +09:00
Badlop
8b9c49440a Fix user_resources command, and ejabberd_xmlrpc parsing auth details in call 2014-03-31 16:51:47 +02:00
Badlop
a5a065290b Small change in ejabberd_ctl output format to support bash completion 2014-03-26 16:43:53 +01:00
Badlop
ac0e199d36 Provide meaningful text to user when admin kicks session (EJAB-1455) 2014-03-26 16:01:37 +01:00
Holger Weiss
a97c716352 XEP-0198: Bounce unacked stanzas by default
If the new "resend_on_timeout" option is set to false (which it is by
default), bounce any unacknowledged stanzas instead of re-routing them.
2014-03-25 23:23:38 +01:00
Evgeniy Khramtsov
2150b10901 Fix service_info options processing 2014-03-25 09:52:57 +04:00
Evgeniy Khramtsov
5c36c44689 Remove annyoing warnings 2014-03-25 09:42:12 +04:00
Badlop
d5f90965d7 Fix ACLs syntax change (thanks to jokker23)(issue #140) 2014-03-24 19:40:55 +01:00
Holger Weiss
2da6933bb7 Remove "fun" element from c2s #state
Memory consumption wise, local "fun" references are quite expensive.
2014-03-22 20:25:43 +01:00
Holger Weiss
e360c56f87 Support XEP-0198 session resumption
Implement the optional session resumption feature described in XEP-0198.
A client that supports this feature may now resume the previous session
(within a configurable number of seconds) if the connection was lost.
During resumption, ejabberd will retransmit any stanzas that hadn't been
acknowledged by the client.
2014-03-19 00:51:33 +01:00
badlop
2b527f5e9a Merge pull request #149 from iulianlaz/carboncopy-fix-msg-back-to-original-sender
#148 Carbon copy sends message back to original sender solved
2014-03-16 20:59:49 +01:00
Holger Weiss
88a200e100 Remove some commented out code
The code that had been commented out at some earlier point in time would
now break XEP-0198.
2014-03-16 00:12:47 +01:00
Badlop
633d47f784 Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
Holger Weiss
7d594086c3 Add initial XEP-0198 support (EJAB-532)
Implement partial support for XEP-0198: Stream Management.  After
successful negotiation of this feature, the server requests an ACK for
each stanza transmitted to the client and responds to ACK requests
issued by the client.  On session termination, the server re-routes any
unacknowledged stanzas.  The length of the pending queue can be limited
by setting the "max_ack_queue" option to some integer value (default:
500).  XEP-0198 support can be disabled entirely by setting the
"stream_management" option to false (default: true).

So far, stream management is implemented only for c2s connections, and
the optional stream resumption feature also described in XEP-0198 is not
(yet) supported.

This addition was originally based on a patch provided by Magnus Henoch
and updated by Grzegorz Grasza.  Their code implements an early draft of
XEP-0198 for some previous version of ejabberd.  It has since been
rewritten almost entirely.
2014-03-12 23:34:14 +01:00
iulianlaz
9ef1ad0b6e #148 Carbon copy sends message back to original sender solved 2014-03-06 08:40:38 +00:00
Badlop
e211bf522e Support XEP-0321: Remote Roster Management (EJAB-1381) 2014-02-26 18:02:37 +01:00
Badlop
46b2d91105 Convert DB details to string when calling odbc:connect/2 (EJAB-1681) 2014-02-26 17:26:46 +01:00
Badlop
c29ba14dbf Don't provide current password in webinterface (github issue #137) 2014-02-26 17:19:07 +01:00
Jamie Nguyen
8538997d61 Update FSF address 2014-02-22 10:27:40 +00:00
Holger Weiss
e82a79efd5 Add missing parenthesis 2014-02-21 23:33:13 +01:00
Badlop
63a7011c38 When occupant changes nick, include status 110 in stanzas sent to him 2014-02-14 16:22:14 +01:00
Badlop
4c8b6fe16b Fixing mod_carboncopy sends carbons of carbons (fixes #107) 2014-01-23 17:29:24 +01:00
mrjameshamilton
5ccc6db093 Fixed parameter order in call to restore_room/3 2014-01-23 14:39:52 +00:00
Alexey Shchepin
9422164dda Clear SASL state after finishing auth 2014-01-21 13:44:29 +02:00
Alexey Shchepin
cbbfd921b4 Fix for the previous commit 2014-01-21 11:54:18 +02:00
Alexey Shchepin
d63be79df9 Use 'to' field only in the first client stream initialization 2014-01-20 16:06:05 +02:00
Badlop
e107e78773 Fix auth verification in ejabberd_xmlrpc (thanks to Vicis) 2014-01-02 16:10:19 +01:00
Evgeniy Khramtsov
d03de1bb43 Fix some type specs and errors 2013-12-10 21:44:46 +10:00
Evgeniy Khramtsov
33764bb931 Add ejabberd_xmlrpc 2013-12-10 21:25:12 +10:00
Badlop
5a1300bc70 Add access rule to mod_roster (EJAB-72) 2013-12-04 14:57:44 +01:00
Christophe Romain
9c17163b55 bind values for get_parentnodes_tree 2013-12-03 10:51:01 +01:00
Christophe Romain
e11c835bd3 fix use of virtual nodetree 2013-12-03 10:34:59 +01:00
Alexey Shchepin
1dd94ac0d0 Support for OpenSSL ciphers list in ejabberd_c2s, ejabberd_s2s_in and ejabberd_s2s_out 2013-11-28 19:39:11 +02:00
Badlop
a6b0e18bde add Pubsub data migration from mnesia to odbc (EJAB-1126)
By calling:
  ejd2odbc:export_pubsub("localhost","/tmp/aa.txt").
it will generate SQL files like these:
  /tmp/pubsub_item.txt
  /tmp/pubsub_node.txt
  /tmp/pubsub_state.txt

Conflicts:
	src/ejabberd_admin.erl
	src/ejd2odbc.erl
2013-11-14 19:29:16 +01:00
Evgeniy Khramtsov
89a17ba84a Correctly convert ACLs into YAML representation 2013-11-07 02:43:43 +10:00
Evgeniy Khramtsov
a87b475361 Do not use functions from crypto module wherever possible 2013-11-05 20:07:38 +10:00
Evgeniy Khramtsov
b7c7d2747b Fix some type errors 2013-11-05 19:49:30 +10:00
Evgeniy Khramtsov
c0240e7249 Do not try to start STUN application during config checks 2013-11-02 10:30:19 +10:00
Evgeniy Khramtsov
6dd31299cf Avoid case clause crash when loading permanent rooms 2013-10-23 12:23:00 +10:00
Badlop
cd0381bab5 Fix display ACLs in WebAdmin 2013-10-01 23:23:01 +02:00
Badlop
2c09d7c8a7 Fix handling of format_status arguments (thanks to Nbaronov) 2013-09-26 17:19:56 +02:00
Badlop
389a99b2db Fix bypass for tls-required (thanks to Zeha) 2013-09-26 16:41:57 +02:00
Evgeniy Khramtsov
07c8bf5064 Fix roster version support 2013-09-24 18:59:20 +10:00
Evgeniy Khramtsov
7fd91a4b12 Better web-handlers detection 2013-09-22 21:47:59 +10:00
Evgeniy Khramtsov
ae4356265f Merge branch 'master' of github.com:processone/ejabberd 2013-09-19 19:00:08 +10:00
Evgeniy Khramtsov
a0396620f2 Reflect modules name changes in p1_mysql 2013-09-19 18:59:32 +10:00
Paweł Chmielowski
7e73ed88f7 Fix problem with decoding http headers over tls connections
This fixed GitHub issue 96.
2013-09-16 16:32:02 +02:00
Christophe Romain
63b2d21b13 clean subscriptions handling and avoid function_clause 2013-08-27 14:46:54 +02:00
Christophe Romain
1b8876bf55 fix build of Parents list in #pubsub_node 2013-08-27 14:46:35 +02:00
Christophe Romain
b82eeeeec9 fix call to get_session_pid with binary arguments 2013-08-27 14:46:22 +02:00
Evgeniy Khramtsov
e3483ef9e1 Do not rely on p1_logger_h module when lager is enabled 2013-08-27 17:45:07 +10:00
Evgeniy Khramtsov
91a74e3e27 Change configuration file format to YAML 2013-08-21 22:17:59 +10:00
Evgeniy Khramtsov
f68dfacbbf Do not try to read/write the deprecated "config" table 2013-08-21 19:37:22 +10:00
Evgeniy Khramtsov
0b9754884e Do not distribute the ACL table 2013-08-21 19:37:08 +10:00
Evgeniy Khramtsov
cc6dcd161c Get rid of global configuration options 2013-08-21 19:36:35 +10:00
Evgeniy Khramtsov
807a1fe164 Fix timestamp processing 2013-07-23 15:27:18 +10:00
Evgeniy Khramtsov
8ce22b790d Fix some type errors 2013-07-22 19:24:09 +10:00
Evgeniy Khramtsov
f75d78d3f5 Make it possible to import without cursor usage 2013-07-22 10:46:47 +10:00
Evgeniy Khramtsov
ca6463ed78 Typo fix 2013-07-22 00:22:05 +10:00
Evgeniy Khramtsov
d58148fa8d Add SQL to Mnesia converter 2013-07-21 23:10:38 +10:00
Evgeniy Khramtsov
a2ead99c83 Make it possible to enable/disable TLS compression 2013-07-17 22:46:18 +10:00
Evgeniy Khramtsov
986f4d1a7f Do not forget to re-define the crash.log path 2013-07-15 11:51:09 +10:00
Badlop
0d7a5476c0 Allow room member to get members list using XEP 2013-07-11 12:11:48 +02:00
Christophe Romain
4e72dd6751 fix badmatch in send_loop (EJAB-1650) 2013-07-10 09:47:49 +02:00
Christophe Romain
48819d163a fix badmatch on remove_user on PEP nodes (EJAB-1649) 2013-07-09 21:50:56 +02:00
Christophe Romain
8621a8f006 fix invalid response on get_options when no options set (EJAB-1648) 2013-07-09 18:11:27 +02:00
Badlop
b66e4fbdc4 Apparently configure.erl is not needed anymore 2013-07-08 15:58:38 +02:00
Alexey Shchepin
b5623d6bee gen_iq_handler:check_type was missing 2013-07-08 10:40:39 +03:00
Evgeniy Khramtsov
0aca3a4585 Improve the applications start-up
* Check if all modules present for every application loaded.
* Get rid of now obsoleted 'ejabberd_check' module.
2013-07-07 02:19:51 +10:00
Christophe Romain
0266207e9d fix pubsub unsubscription without SubId on odbc 2013-07-04 15:13:21 +02:00
Christophe Romain
60600c341e improve pubsub odbc use of i2l 2013-07-04 10:07:53 +02:00
Christophe Romain
ac3cd2ebaa ip_adresse() does not need binary representation in config 2013-06-28 18:32:22 +02:00
Evgeniy Khramtsov
2636da0d98 Fix IDNA conversion 2013-06-28 02:45:42 +10:00
Badlop
91744733c1 Store only messages with body or subject (EJABS-2034) 2013-06-27 11:58:31 +02:00
Evgeniy Khramtsov
8a9743ab3b Avoid custom loglevels processing for lager 2013-06-27 19:27:56 +10:00
Evgeniy Khramtsov
597934637c Logger improvements.
lager:
	* It is now possible to change the loglevel.
	* Log rotation is now supported as well.
p1_logger:
	* When rotating a log file, add suffix ".0" to the renamed file.
	  This is needed in order to be consistent with lager
	  rotation mechanism.
2013-06-27 19:03:33 +10:00
Evgeniy Khramtsov
aab70fc066 Fix external authentication 2013-06-26 12:30:32 +10:00
Christophe Romain
ae1af885ce fix feature build on node disco#info 2013-06-25 14:49:22 +02:00
Badlop
9840b8395e Fix previous commit 2013-06-25 13:46:21 +02:00
Badlop
b524e79f55 Normalize HTTP path (thanks to Justin Kirby) 2013-06-25 11:26:44 +02:00
Christophe Romain
277ba798fc typo fix in spec 2013-06-24 22:38:15 +02:00
Christophe Romain
b07b820c4e fix missing binarization switch on pep nodes 2013-06-24 19:56:27 +02:00
Christophe Romain
1cc76ebb68 cosmetic change 2013-06-24 19:56:14 +02:00
Christophe Romain
1cb03439f2 add missing list conversion 2013-06-24 18:05:42 +02:00
Christophe Romain
3976351c4d decode_jid always gets binary(), encode_jid lets mod_pubsub handle conversion 2013-06-24 18:04:42 +02:00
Christophe Romain
6bfa34e8e0 minor improvements and binary fix 2013-06-24 16:31:38 +02:00
Christophe Romain
4195259d47 typo fix, related to commit 9194872 2013-06-24 16:29:43 +02:00
Christophe Romain
95546ac20d remove obsolete node attribute 2013-06-24 13:55:30 +02:00
Christophe Romain
0e28e4b600 Merge branch 'master' of github.com:processone/ejabberd 2013-06-24 13:46:44 +02:00
Christophe Romain
831ae2927a change default PEP config for simpler setup (EJAB-1494) 2013-06-24 13:46:27 +02:00
Christophe Romain
91948729e9 remove need of extra _odbc in pubsub plugin name 2013-06-24 13:43:11 +02:00
Christophe Romain
222a94300b fix decode function for binaryzed data 2013-06-24 13:42:34 +02:00
Evgeniy Khramtsov
f9390f3e9a Fix some dialyzer warnings 2013-06-24 20:04:56 +10:00
Evgeniy Khramtsov
7b07c2a9b2 Improve the type spec 2013-06-24 13:15:07 +10:00
Evgeniy Khramtsov
521bae7fa0 Get rid of useless clause 2013-06-24 13:13:43 +10:00
Evgeniy Khramtsov
a3354f5dc4 Do not generate LDAP's ASN.1 code when compiling ejabberd.
We need ASN.1 codec to decode messages into binaries, so we
fixed generated ELDAPv3.erl. A better solution is needed to be found.
2013-06-22 03:27:59 +10:00
Badlop
109ed1a8b1 According to XEP-0045, a MUC member is allowed to retrieve the members list 2013-06-21 11:43:23 +02:00
Christophe Romain
0c60718bef fix empty itemid on publish when passing Access 2013-06-20 17:51:07 +02:00
Christophe Romain
4221d56c04 fix pubsub issue on binary switch 2013-06-20 17:07:40 +02:00
Evgeniy Khramtsov
4dc80dddd4 Fix all calls to functions of p1_tls application 2013-06-20 18:40:44 +10:00
Evgeniy Khramtsov
89c3cf3677 Shutdown rooms before starting test cases 2013-06-19 21:46:22 +10:00
Jerome Sautret
fedea8bca0 Added missing license and copyright headers. 2013-06-18 16:56:29 +02:00
Christophe Romain
c030e8e136 sync pubsub_odbc with last fix 2013-06-18 12:23:32 +02:00
Evgeniy Khramtsov
8ea41718ac Fix node auto-creation 2013-06-18 04:11:54 +10:00
Christophe Romain
20598c7be4 sync and cleanup pubsub_odbc 2013-06-17 16:34:21 +02:00
Christophe Romain
08fc6df853 fix auto-create issue due to bad binary matching 2013-06-17 16:30:20 +02:00
Alexey Shchepin
62fb432e3e Fixed broadcast messages handling 2013-06-17 16:41:02 +03:00
Alexey Shchepin
862a08e9eb Fixed conversion to ezlib 2013-06-17 16:33:25 +03:00