25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-12-18 17:24:31 +01:00
Commit Graph

65 Commits

Author SHA1 Message Date
Badlop
ce5a8acaf7 Define the types of options that opt_type.sh cannot derive automatically 2024-09-16 17:50:33 +02:00
Paweł Chmielowski
ead87e3727 Add option update_sql_schema_timeout to allow schema update use longer timeouts
This also makes batch of schema updates to single table use transaction,
which should help in not leaving table in inconsistent state if some update
steps fails (unless you use mysql where you can't rollback changes to
table schemas).
2024-07-16 15:42:00 +02:00
Holger Weiss
1add1de23b ejabberd_options: Add trailing @ to @VERSION@
Thanks to Marc Schink for reporting the issue.
2024-07-05 22:41:18 +02:00
Badlop
b840ab9907 Revert "Disable update_sql_schema by default"
The update_sql_schema feature was published half a year ago,
included in two releases, it is used by the CI tests,
and consequently it's stable enough to be enabled by default.

This reverts commit ec20691188.
2024-05-28 15:36:39 +02:00
Badlop
589521bfd8 Update copyright year to 2024 (#4139) 2024-01-22 17:29:13 +01:00
Paweł Chmielowski
29ec5bff60 Add option to disable XEP-0474: SASL SCRAM Downgrade Protection support
Looks like clients using strophejs aren't able to authenticate when we
add data required by that spec to scram packets, so at least give a way
to disable this until clients will be fixed.
2024-01-16 12:03:35 +01:00
Paweł Chmielowski
7d4330b57a Increase default value of negotiation_timeout from 30s to 2m
This timeout also covers in-band registration, and if user don't fill
registration form in that time leads to disconnect and aborting
registration. This will allow for more time to finish that.
2023-12-04 13:24:32 +01:00
Alexey Shchepin
ec20691188 Disable update_sql_schema by default 2023-10-16 19:31:32 +03:00
Alexey Shchepin
c1af36ac20 Automatically create and update SQL schema 2023-10-16 18:21:08 +03:00
Paweł Chmielowski
12d47455ba Add auth_external_user_exists_check option
This makes `user_check` hook work better with authentication methods
that don't have a way to determine if user exists (like is the case for
jwt and cert based authentication), and as result will improve mod_offline
and mod_mam handling of offline messages to those users. This reuses
information stored by `mod_last` for this purpose.

Should fix issue #3377.
2023-10-11 14:17:18 +02:00
Paweł Chmielowski
00c76003cb Add ability to force alternative upsert implementation in mysql 2023-08-18 11:46:37 +02:00
Badlop
c333cc0776 New option install_contrib_modules
This option is read during ejabberd start or config reload.
It installs the listed modules which aren't yet installed,
as long as allow_contrib_modules is not disabled.
Edit ejabberd.yml and configure the desired ejabberd-contrib modules,
add them in the install_contrib_modules option,
finally start ejabberd (or reload config).
2023-06-09 10:27:13 +02:00
Badlop
c4a2f8d64f captcha_url option now accepts 'auto' value, and it's the default 2023-03-22 16:23:41 +01:00
Badlop
243697e25a Update copyright year to 2023 (#3967) 2023-01-10 13:52:04 +01:00
Jonathan Davies
25ddd7b152 Changed default outgoing_s2s_families to IPv6 as servers are within datacenters
where IPv6 is more commonly enabled (contrary to clients), and if it's not
present - it'll just fall back to IPv4.
2022-12-22 14:00:22 +01:00
Paweł Chmielowski
d49b50a055 Add log_modules_fully option to make some modules log everything independed from global loglevel 2022-12-01 13:24:46 +01:00
Badlop
8ea7690fc5 Support @VERSION@ and @SEMVER@ in captcha_cmd option 2022-10-24 12:35:30 +02:00
Holger Weiß
13d4787ea9
Bump default 's2s_timeout' value (#3653)
Wait for an hour before closing an idle s2s connection.

It's not uncommon for a connection to be idle for longer than ten
minutes but less than an hour.  For example, XEP-0410 suggests a ping
interval of fifteen minutes.  A longer idle timeout avoids the latency
and log entries associated with constantly re-establishing such
connections.

Co-authored-by: Paweł Chmielowski <pawel@process-one.net>
2022-10-18 16:08:16 +02:00
Mark Zealey
555ff2db4c
Add log_burst_limit_* options (#3865)
* Add log_burst_limit_* options

On our ejabberd deployment we were sometimes seeing more than 500
msgs/sec of legitimate traffic, however this was getting silently
dropped. Provide config options to enable this limit to be configured
from the config file.

* Pass new logging vars in via ejabberdctl
2022-08-01 12:07:54 +02:00
Holger Weiss
121fc716b0 domain_balancing: Allow for specifying 'type' only
Allow for specifying the 'type' of 'domain_balancing' without specifying
the 'component_number' (as per the example in the documentation).  The
balancing 'type' is then applied to the dynamic number of component
instances.
2022-04-04 00:14:32 +02:00
Badlop
b3211b1f71 Update copyright year to 2022 2022-02-11 09:39:25 +01:00
Badlop
6e0161470e Update newest copyright year to 2021 (#3464) 2021-01-27 17:02:06 +01:00
Paweł Chmielowski
faaee94060 Add oauth_cache_rest_failure_life_time option
This allows to use shorted life time for failures in rest oauth
backend than specified in oauth_cache_life_time.
2021-01-27 11:23:39 +01:00
Paweł Chmielowski
1dc0ecd1e9 Allow to use different hash for storing scram passwords 2020-12-08 12:06:52 +01:00
Holger Weiss
0a88f9c8a9 Merge remote-tracking branch 'processone/pr/3396'
* processone/pr/3396:
  Add outbound s2s out interface (ipv4/ipv6)
2020-11-04 12:19:49 +01:00
Jerome Sautret
fdda572c9a Added sql_odbc_driver option for mssql db
Add an option to choose the ODBC driver when sql_type is set to mssql
2020-10-08 16:23:34 +02:00
Daniel Kenzelmann
604cc9bb3a Add outbound s2s out interface (ipv4/ipv6)
Adding options taking IPs as string:
outgoing_s2s_ipv4_address: "1.2.3.4"
outgoing_s2s_ipv6_address: "2000:1:1:1::1"
2020-09-21 22:18:46 +02:00
Badlop
e234ced107 Support ejabberd_auth_http's auth_opts (processone/ejabberd-contrib#284) 2020-02-19 13:18:39 +01:00
Badlop
2d32c66fd7 Update copyright to 2020 (#3149) 2020-01-28 15:49:23 +01:00
Evgeny Khramtsov
97da380acd Generate ejabberd.yml.5 man page from source code directly
Several documentation callbacks (doc/0 and mod_doc/0) are implemented
and `ejabberdctl man` command is added to generate a man page. Note
that the command requires a2x to be installed (which is a part of
asciidoc package).
2020-01-08 12:24:51 +03:00
Alexey Shchepin
2a35cadf80 Merge branch 'pg_prepared_statements' of https://github.com/sabudaye/ejabberd into sabudaye-pg_prepared_statements
Conflicts:
	ejabberd.yml.example
	src/ejabberd_sql.erl
2019-11-26 19:45:01 +03:00
Evgeny Khramtsov
3826a9ed58 Also group duplicated list-like options inside host_config/append_host_config 2019-11-07 12:14:08 +03:00
Evgeny Khramtsov
bb26d7c379 Accept a list in c2s_ciphers/s2s_ciphers options 2019-11-05 17:54:56 +03:00
Evgeny Khramtsov
a202818037
Merge pull request #3069 from nosnilmot/jwt-custom-jid-field
Add option for JWT field name containing JID
2019-10-26 11:03:19 +03:00
Stu Tomlinson
b2651dae0f Add option for JWT field name containing JID 2019-10-25 16:56:18 +01:00
Evgeny Khramtsov
f981a2ef17 Improve jwt_key validator 2019-10-25 18:30:50 +03:00
Alexey Shchepin
c7470f5107 Handle the case when JWT key file contains JWK set 2019-10-25 16:33:22 +03:00
Evgeny Khramtsov
f1a35cc9ac Avoid calling to logger module on OTP<22 2019-10-25 15:27:47 +03:00
Evgeny Khramtsov
e4a8afb15d Replace lager with built-in new logging API
This change requires Erlang/OTP-21.0 or higher.
The commit also deprecates the following options:
  - log_rotate_date
  - log_rate_limit

Furthermore, these options have no effect. The logger now fully
relies on log_rotate_size, that cannot be 0 anymore.

The loglevel option now accepts levels in literal formats.
Those are: none, emergency, alert, critical, error, warning, notice, info, debug.
Old integer values (0-5) are still supported and automatically converted
into literal format.
2019-10-18 19:12:32 +03:00
Paweł Chmielowski
9822535e70 Convert oauth_expire option to accept timeout values 2019-10-15 11:28:47 +02:00
Alexey Shchepin
8f7fa38949 Support OAUTH client authentication 2019-09-27 20:36:58 +03:00
Evgeny Khramtsov
e227940b85 Improve ACME implementation
Fixes #2487, fixes #2590, fixes #2638
2019-09-20 12:36:31 +03:00
Alexey Shchepin
0fe1e40a9d JWT-only authentication for some users (#3012) 2019-09-18 18:46:24 +03:00
Evgeny Khramtsov
9ec69b8d62 Don't treat 'Host' header as a virtual XMPP host
Fixes #2989
2019-08-13 18:30:28 +03:00
Evgeny Khramtsov
d796dcace5 Spawn SQL connections on demand only 2019-08-12 12:21:31 +03:00
Evgeny Khramtsov
4be98b5aef Log an error when JWT authentication is configured without jwt_key 2019-07-19 12:01:57 +03:00
Evgeny Khramtsov
55d42b9000 Fix typo 2019-07-18 22:35:16 +03:00
Evgeny Khramtsov
6d6e3e348d Improve robustness of reading jwt_key option 2019-07-18 22:31:08 +03:00
Evgeny Khramtsov
3f7d9e3ad6 Remove Riak support
Reasons:
- Riak DB development is almost halted after Basho
- riak-erlang-client is abandoned and doesn't work
  correctly with OTP22
- Riak is slow in comparison to other databases
- Missing key ordering makes it impossible to implement range
  queries efficiently (e.g. MAM queries)
2019-07-18 19:31:12 +03:00
Evgeny Khramtsov
d718b35d46 Use econf:timeout() instead of econf:pos_int() wherever appropriate 2019-07-17 22:15:56 +03:00