25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-12-18 17:24:31 +01:00
Commit Graph

121 Commits

Author SHA1 Message Date
Evgeniy Khramtsov
4e49919d16 Revert "Don't set twice"
This reverts commit 6dca89f616.
2017-12-25 08:41:51 +03:00
Evgeniy Khramtsov
6dca89f616 Don't set twice 2017-12-24 12:34:47 +03:00
Evgeniy Khramtsov
1698956f34 Rely on Server Name Indication for incoming Direct-TLS connections
This commit also deprecates `certfile` option for ejabberd_http
listener.
2017-12-24 12:27:51 +03:00
Evgeniy Khramtsov
3a02c4369f Get rid of meaningless log message 2017-11-22 10:12:49 +03:00
Evgeniy Khramtsov
b04c6b7d75 Merge branch 'lets_encrypt_acme_support' of git://github.com/angelhof/ejabberd into angelhof-lets_encrypt_acme_support
Conflicts:
	rebar.config
	src/ejabberd_pkix.erl
2017-11-15 10:01:30 +03:00
Konstantinos Kallas
ce99db0595 Explain what is needed for the acme configuration and other small changes
1. Add a request handler in ejabberd_http and explain how to configure the http listener so that the challenges can be solved.
2. Make acme configuration optional by providing defaults in ejabberd_acme.
3. Save the CA that the account has been created in so that it creates a new account when connecting to a new CA.
4. Small spec change in acme configuration.
2017-11-14 14:12:33 +02:00
Evgeniy Khramtsov
e5e64c99f3 Don't crash when Host header is missing 2017-10-11 18:53:53 +03:00
Evgeniy Khramtsov
e93762a720 Deprecate misc:encode_base64/1 and misc:decode_base64/1 2017-05-23 10:43:26 +03:00
Evgeniy Khramtsov
a71065fcda Ciphers should be a binary string 2017-05-17 15:42:18 +03:00
Evgeniy Khramtsov
cc58ce6301 Introduce Certficate Manager
The major goal is to simplify certificate management in ejabberd.
Currently it requires some effort from a user to configure certficates,
especially in the situation where a lot of virtual domains are hosted.

The task is splitted in several sub-tasks:
* Implement basic certificate validator. The validator should check all
configured certificates for existence, validity, duration and so on. The
validator should not perform any actions in the case of errors except
logging an error message. This is actually implemented by this commit.
* All certificates should be configured inside a single section (something
like 'certfiles') where ejabberd should parse them, check the full-chain,
find the corresponding private keys and, if needed, resort chains and
split the certficates into separate files for easy to use by fast_tls.
* Options like 'domain_certfile', 'c2s_certfile' or 's2s_certfile' should
probably be deprecated, since the process of matching certificates with the
corresponding virtual hosts should be done automatically and these options
only introduce configuration errors without any meaningful purpose.
2017-05-12 16:27:09 +03:00
Evgeniy Khramtsov
d3c8fb7705 Check presence of some files during option validation 2017-05-12 09:34:57 +03:00
Evgeniy Khramtsov
8368a0850a Don't call gen_mod:get_opt() outside of modules 2017-05-08 14:34:35 +03:00
Evgeniy Khramtsov
01a2c9fe12 Add type specs for Module:opt_type/1 2017-05-08 12:59:28 +03:00
Evgeniy Khramtsov
fddd6110e0 Don't validate an option in gen_mod:get*opt() functions
The changes are very similar to those from previous commit:
* Now there is no need to pass validating function in
  gen_mod:get_opt() and gen_mod:get_module_opt() functions,
  because the modules' configuration keeps already validated values.
* New functions gen_mod:get_opt/2 and gen_mod:get_module_opt/3 are
  introduced.
* Functions gen_mod:get_opt/4 and get_module_opt/5 are deprecated.
  If the functions are still called, the "function" argument is
  simply ignored.
* Validating callback Mod:listen_opt_type/1 is introduced to validate
  listening options at startup.
2017-04-30 19:01:47 +03:00
Evgeniy Khramtsov
b82b93f8f0 Don't validate an option in ejabberd_config:get_option() functions
The commit introduces the following changes:
* Now there is no need to pass validating function in
  ejabberd_config:get_option() functions, because the configuration
  keeps already validated values.
* New function ejabberd_config:get_option/1 is introduced
* Function ejabberd_config:get_option/3 is deprecated. If the function
  is still called, the second argument (validating function) is simply
  ignored.
* The second argument for ejabberd_config:get_option/2 is now
  a default value, not a validating function.
2017-04-29 11:39:40 +03:00
Christophe Romain
b1acd1183f Rename aux.erl as misc.erl
Thanks Microsoft Windows to not support some filenames
2017-04-11 12:13:58 +02:00
Evgeniy Khramtsov
7bcbea2108 Deprecate jlib.erl in favor of aux.erl
Since the main goal of jlib.erl is lost, all auxiliary functions
are now moved to aux.erl, and the whole jlib.erl is now deprecated.
2017-03-30 14:17:13 +03:00
Holger Weiss
191fc1b4e8 ejabberd_http: Expand @VERSION@ in custom headers
Let ejabberd_http expand the @VERSION@ keyword to the ejabberd version
if specified in the "custom_headers" listener option.

Closes #1414.
2017-03-27 23:52:49 +02:00
Holger Weiss
41de5e78d0 ejabberd_http: Add "custom_headers" option
If the new listener option "custom_headers" is specified, include those
headers with the HTTP(S) response.

Closes #517.
2017-03-27 23:19:11 +02:00
Paweł Chmielowski
6aab450c16 Make sure that addr_re is always initialized when creating http state 2017-02-24 11:30:36 +01:00
Paweł Chmielowski
f310d7bb12 Make host header parser work correctly with ipv6 literal addresses 2017-02-24 10:25:26 +01:00
Evgeniy Khramtsov
d5d906184f Merge branch 'new_stream'
Conflicts:
	src/cyrsasl.erl
	src/ejabberd_c2s.erl
	src/ejabberd_cluster.erl
	src/ejabberd_frontend_socket.erl
	src/ejabberd_node_groups.erl
	src/ejabberd_router.erl
	src/mod_bosh.erl
	src/mod_ip_blacklist.erl
	src/mod_muc_mnesia.erl
	src/mod_offline.erl
	src/mod_proxy65_sm.erl
2017-01-20 19:35:46 +03:00
Badlop
5fdd1c39fe Update copyright date automatically (#1442) 2017-01-02 21:42:06 +01:00
Paweł Chmielowski
769975f6d7 Remove mod_http_bind and migration code to mod_bosh 2017-01-02 15:53:25 +01:00
Evgeniy Khramtsov
e7fe4dc474 More refactoring on session management 2016-12-30 00:00:36 +03:00
Evgeniy Khramtsov
49f1275e20 Get rid of excessive (io)list_to_binary/1 calls 2016-11-24 15:06:06 +03:00
Evgeniy Khramtsov
78a44e0176 Merge branch 'master' into xml-ng
Conflicts:
	src/adhoc.erl
	src/cyrsasl_oauth.erl
	src/ejabberd_c2s.erl
	src/ejabberd_config.erl
	src/ejabberd_service.erl
	src/gen_mod.erl
	src/mod_admin_extra.erl
	src/mod_announce.erl
	src/mod_carboncopy.erl
	src/mod_client_state.erl
	src/mod_configure.erl
	src/mod_echo.erl
	src/mod_mam.erl
	src/mod_muc.erl
	src/mod_muc_room.erl
	src/mod_offline.erl
	src/mod_pubsub.erl
	src/mod_stats.erl
	src/node_flat_sql.erl
	src/randoms.erl
2016-11-12 13:27:15 +03:00
Holger Weiss
d4b4f35a0e ejabberd_http: Handle missing POST data gracefully
Return a "bad request" error instead of crashing if receiving POST/PUT
data fails.
2016-09-27 23:22:30 +02:00
Evgeniy Khramtsov
fa31e3ef23 Deprecate jlib:integer_to_binary/1 and jlib:binary_to_integer/1 2016-09-24 23:34:28 +03:00
gabrielgatu
803270fc6b
Support for Elixir configuration file #1208
Contribution for Google Summer of code 2016 by Gabriel Gatu
2016-09-08 11:37:14 +02:00
Evgeniy Khramtsov
5cd1cf5096 Get rid of "jlib.hrl" dependency in some modules 2016-07-30 18:37:57 +03:00
Badlop
c5d9d35e7b Convert password provided by web form to UTF8 before passing it (#375) 2016-07-22 16:52:13 +02:00
Mickael Remond
3c480a5b0b Fix Dialyzer inconsistency 2016-03-30 16:47:40 +02:00
Mickael Remond
dfc29ea03c Switch to Fast XML module 2016-02-03 19:03:17 +01:00
Mickael Remond
71ee0d56fa Switch to fast_tls and update app names 2016-02-03 16:13:16 +01:00
Badlop
f448ff608a Update copyright to 2016 (#901) 2016-01-13 12:29:14 +01:00
Holger Weiss
2d22507636 ejabberd_http: Cope with large POST/PUT requests
gen_tcp returns 'enomem' if we try to receive more than 64 MiB.
2015-12-20 23:30:11 +01:00
Holger Weiss
d039b9b72b ejabberd_http: Log debug message on receive errors 2015-12-20 23:26:57 +01:00
Christophe Romain
8ee5f9fb6f Remove http supervisors 2015-12-11 14:13:24 +01:00
Badlop
daad71bc7e trusted_proxies option not parsed correctly (#860) 2015-12-04 13:14:39 +01:00
Paweł Chmielowski
3ee5195b7a Fix problem with pipelined http requests arriving in single packet
This fixes github issue ejabberd#835
2015-11-12 17:23:59 +01:00
Christophe Romain
6aeb9dcb38 cosmetic cleanup 2015-10-07 14:18:38 +02:00
Christophe Romain
a1129dc96b Add OAuth support (thanks to Aleksey) 2015-09-25 15:49:07 +02:00
Paweł Chmielowski
f89db30d77 Catch errors when calling inet:peername in ejabberd_http 2015-08-17 15:50:35 +02:00
Alexey Shchepin
2110b929bc Merge pull request #581 from weiss/dh-param-file
New options: dhfile and s2s_dhfile
2015-06-16 11:59:06 +03:00
Evgeniy Khramtsov
c1119b1f39 Remove unused validation code 2015-06-03 16:05:17 +03:00
Evgeniy Khramtsov
fb6267f38e Add config validation at startup 2015-06-01 15:38:27 +03:00
Holger Weiss
5585fb1ecf New options: dhfile and s2s_dhfile
Let admins specify a file that contains custom parameters for
Diffie-Hellman key exchange.
2015-05-26 21:06:04 +02:00
Paweł Chmielowski
ba69c469b5 Remove http_poll module
For couple years browsers did limit ability to change cookies from js
for different domains, this made http_poll connections practically not
usuable. I don't think this module is used at all so it's time to put it
to rest.
2015-04-15 10:47:10 +02:00
Alexey Shchepin
736710cc9c Add support for ciphers and protocol_options in ejabberd_http 2015-03-24 18:14:47 +03:00
Badlop
f18ce9564c Fix: default_host is forgotten between consecutive HTTP requests (#416) 2015-03-06 12:40:48 +01:00
Paweł Chmielowski
ab3d38c9fc Fix processing POST messages after changes from adding websocket handling 2015-02-25 14:36:48 +01:00
Paweł Chmielowski
b42b171613 Add support for websocket connections 2015-02-25 13:57:02 +01:00
Holger Weiss
9f822dd2b8 Don't crash if 'request_path' has unexpected type 2015-02-11 15:38:55 +01:00
Badlop
7690320f0f Fix access_commands option in ejabberd_xmlrpc, now it works 2015-01-15 17:39:12 +01:00
Badlop
5a35405cd5 Update copyright dates to 2015 (EJAB-1733) 2015-01-08 17:34:43 +01:00
Evgeniy Khramtsov
1d782db84f Process XML-RPC requests via p1_xml and ejabberd_http 2014-10-04 12:49:12 +04:00
badlop
285c4c17cf Merge pull request #146 from jamielinux/master
Update FSF address
2014-04-11 13:35:46 +02:00
Holger Weiss
37f409d254 Fix a type error 2014-04-06 00:39:51 +02:00
Badlop
633d47f784 Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
Jamie Nguyen
8538997d61 Update FSF address 2014-02-22 10:27:40 +00:00
Evgeniy Khramtsov
7fd91a4b12 Better web-handlers detection 2013-09-22 21:47:59 +10:00
Paweł Chmielowski
7e73ed88f7 Fix problem with decoding http headers over tls connections
This fixed GitHub issue 96.
2013-09-16 16:32:02 +02:00
Evgeniy Khramtsov
91a74e3e27 Change configuration file format to YAML 2013-08-21 22:17:59 +10:00
Evgeniy Khramtsov
a2ead99c83 Make it possible to enable/disable TLS compression 2013-07-17 22:46:18 +10:00
Badlop
9840b8395e Fix previous commit 2013-06-25 13:46:21 +02:00
Badlop
b524e79f55 Normalize HTTP path (thanks to Justin Kirby) 2013-06-25 11:26:44 +02:00
Evgeniy Khramtsov
f9390f3e9a Fix some dialyzer warnings 2013-06-24 20:04:56 +10:00
Evgeniy Khramtsov
521bae7fa0 Get rid of useless clause 2013-06-24 13:13:43 +10:00
Evgeniy Khramtsov
4dc80dddd4 Fix all calls to functions of p1_tls application 2013-06-20 18:40:44 +10:00
Evgeniy Khramtsov
4d8f770624 Switch to rebar build tool
Use dynamic Rebar configuration
Make iconv dependency optional
Disable transient_supervisors compile option
Add hipe compilation support
Only compile ibrowse and lhttpc when needed
Make it possible to generate an OTP application release
Add --enable-debug compile option
Add --enable-all compiler option
Add --enable-tools configure option
Add --with-erlang configure option.
Add --enable-erlang-version-check configure option.
Add lager support
Improve the test suite
2013-06-13 11:11:02 +02:00