25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-24 16:23:40 +01:00
Commit Graph

3160 Commits

Author SHA1 Message Date
Pablo Polvorin
a8ef64ab45 Fix cyrsasl_digest RFC-2831 2.1.2.1 (EJAB-476)
Fix sasl digest bug when username|password|resource strings had
all characters <= U+00FF and at least one character >= U+0080.

Warnning:
Note that by fixing the bug, we may be broking compatibility with clients
that "implements" it.
See comments on https://support.process-one.net/browse/EJAB-476
2010-12-02 12:56:21 -03:00
Christophe Romain
9afaec40f5 fix pubsub cross domain eventing (EJAB-1340) 2010-12-02 14:05:19 +01:00
Evgeniy Khramtsov
8520b76483 Increase maximum restart strategy of the ODBC supervisor. Do not brutally kill ODBC processes on supervisor shutdown to avoid polution of the mnesia table 2010-12-01 14:25:58 +09:00
Badlop
b8f04aae6f When the Password attribute is missing in PIEFXIS file, don't check account auth. 2010-12-01 00:55:29 +01:00
Pablo Polvorin
c9db1f691c Merge branch 'master' of git+ssh://git@gitorious.process-one.net/ejabberd/mainline 2010-11-29 16:56:32 -03:00
Pablo Polvorin
ef572c815f Port to latest exmpp changes (attribute names as binary()).
All atributes are now binary() instead of atoms.
2010-11-29 16:44:31 -03:00
Christopher tofu Zorn
dad3297c9c expose find_connection for routing in other modules (if needed) 2010-11-29 20:06:02 +01:00
Christopher tofu Zorn
312574cbc5 add the ability to send raw xml packets over http bind 2010-11-29 20:06:00 +01:00
Badlop
008a0a29cd Fix characters not allowed in username. Don't include that in translatable string.
List mentioned in:
http://xmpp.org/rfcs/rfc3920.html#nodeprep-prohibited
2010-11-29 19:39:01 +01:00
Badlop
f9e2466867 Support negative part-hour TZ values (thanks to Alexander Zhukov)(EJAB-1301) 2010-11-29 14:35:57 +01:00
Alexey Shchepin
26550efd91 Don't loop when there is nothing after a stream start 2010-11-26 17:11:56 +01:00
Andreas Köhler
7be6e33ea4 Correct domain_certfile tlsopts modifications for s2s connections (EJAB-1086)
* In ejabberd_s2s_out:wait_for_feature_request/2, the domain to use for
  looking up domain_certfile options is #state.myname and not
  #state.server

* If s2s_certfile is not specified, connect should still be part of the
  tls options used by ejabberd_s2s_out

* Add #state.server to ejabberd_s2s_in processes and store the to
  attribute in :wait_for_stream/2. Then use that server in
  :wait_for_feature_request/2 to change the tls options like in
  ejabberd_s2s_out.

Fixes EJAB-1086.
2010-11-26 00:13:36 +01:00
Badlop
7aa48e265a Send Unavailable Presence stanza when an occupant is kicked or banned (EJAB-1350) 2010-11-22 21:16:34 +01:00
Badlop
2ef06678c0 Port SSLVER detection from 2.1.x, needed for ?PG2 (EJAB-1349) 2010-11-22 16:20:40 +01:00
Badlop
2aa56cd86e Use pg2 from R14B in systems with older versions (EJAB-1349)
pg2_backport.erl is a copy of pg2.erl from Erlang/OTP R14B.
That module is used in ejabberd installations where an OTP
previous to R14 is installed.
2010-11-22 16:02:36 +01:00
Badlop
33116be0ae Disapprove the use of R14A and R14B due to the rwlock bug. 2010-11-19 15:36:48 +01:00
Badlop
d94f6b45bf Remove forgotten mentions of obsolete and undocumented mod_..._odbc 2010-11-19 11:31:01 +01:00
Christophe Romain
81f4e71efa add missing modrosterodbc newcommand 2010-11-19 10:35:00 +01:00
Evgeniy Khramtsov
5a3fe4e348 Document mod_shared_roster_ldap (thanks to Marcin Owsiany) 2010-11-18 17:02:21 +09:00
Badlop
c2dface515 Fix http-bind supervisor to support multiple vhosts (EJAB-1321) 2010-11-17 20:30:37 +01:00
Andreas Köhler
690c56ca6d Fix R12B5 compatibility in ejabberd_http_bind.erl (EJAB-1343)
erlang:max/2 and :min/2 are new functions
2010-11-17 13:03:59 +01:00
Andreas Köhler
aaa69a8c36 Use LFrom and LTo consistently in ejabberd_s2s_in:stream_established/2 (EJAB-1342) 2010-11-17 12:56:18 +01:00
Evgeniy Khramtsov
ec0e0ef8a6 Do not start mod_proxy65 if it is unable to bind an address (EJAB-1336) 2010-11-17 18:13:55 +09:00
Evgeniy Khramtsov
0b8a761a61 Use MEDIUMTEXT type for vcard avatars in MySQL schema (EJAB-1252) 2010-11-17 17:42:04 +09:00
Evgeniy Khramtsov
0ccbd7e3f2 Do not print full error message when LDAP timeout occurs (EJAB-1324) 2010-11-17 17:15:28 +09:00
Evgeniy Khramtsov
549f1029a6 Set SSL_MODE_RELEASE_BUFFERS mode when available (EJAB-1351) 2010-11-17 13:55:35 +09:00
Badlop
da7e53fe3c Temporary workaround for starting stored rooms 2010-11-16 02:13:58 +01:00
Badlop
3e9de2ec79 Provide new, not old, affiliation in kick/ban presence with codes 321 and 301 2010-11-16 01:19:34 +01:00
Badlop
d146ef873d Fix typos in the example configuration file 2010-11-12 22:01:09 +01:00
Andreas Köhler
d8d20d5b88 Before binding tcp ports, checks the socket type and listener options
(EJAB-1334)

If the callback module has a socket type of independent and needs to
create the listener itself, do not pre-bind the port. The same holds if
there are errors in the listener configuration.
2010-11-10 23:45:27 +01:00
Andreas Köhler
1ab92d1159 Bind listener ports early and start accepting connections later
(EJAB-1334)

It may happen that auth or rdbms client tcp connections bind a local
socket to a port number required by a configered listener. The ejabberd
applications fails to start up and needs to be restarted.

In plain C you would bind(2) the listener port and listen(2) later on.
gen_tcp:listen/2 does not allow to separate these two steps though, so
another way is not to accept connections while start up. OTOH, the
kernel will syn/ack incoming connections and receive data, leaving them
in a buffer for the ejabberd to read from. If this is unwanted, a load
balancer would need to receive data from the ejabberd server before
adding the node to its pool.

This patch binds tcp ports while initializing the ejabberd_listener
process, storing ListenSockets in an ets table. start_listeners/0 will
reuse these ports later on.
2010-11-10 23:45:24 +01:00
Badlop
abf069da9e Rollback some Specs that break Dialyzer (thanks to Karim Gemayel)(EJAB-1345) 2010-11-10 21:27:53 +01:00
ppolvorin
f4f949bd72 Fix anonymous user cleanup (EJAB-883)
anonymous users table and vcards were not correctly cleaned up
after the user disconnect.
2010-11-10 13:27:47 -03:00
Andreas Köhler
f4507a088a In mod_last*:get_last_iq/4, check for user resources first to return 0 seconds if there is one
Fixes problem 2 of EJAB-1158.
2010-11-10 15:41:10 +01:00
Andreas Köhler
6b46b8f794 Refactor mod_last to use the same core get_last/2 functionality, but keep api stable
The local function get_last/4 has been renamed to get_last_iq/4, since
it converts the result of get_last/2 (typically {ok, TimeStamp, Status})
to an iq packet.
2010-11-10 15:41:09 +01:00
Andreas Köhler
7d93cad452 Before forwarding last activity requests to a user, check that the user's presence is visible for From
According to XEP-0012, 4. Online User Query, "if the requesting entity
is not authorized to view the user's presence information (normally via
a presence subscription as defined in XMPP IM), the user's server MUST
NOT deliver the IQ-get to an available resource but instead MUST return
a <forbidden/> error in response to the last activity request."

So check for a subscription of from of the jid and bare jid and whether
outgoing presences to From are allowed.

Fixes problem 3 of EJAB-1158.
2010-11-10 15:41:08 +01:00
Andreas Köhler
860d8525ee Remove dead code for NS_VCARD iq packets from ejabberd_c2s
For EJAB-1045, the special NS_VCARD block for handling incoming vcard
iqs on behalf of clients has already been restricted to cases where the
user or resource part of the recipient is empty. But then the packets
should not have been routed to the c2s process anyway. This patch
completely removes it.
2010-11-10 15:41:07 +01:00
Andreas Köhler
351635d0aa Use ejabberd_c2s:privacy_check_packet/5 for all those hook folded runs in the c2s module 2010-11-10 15:41:06 +01:00
Andreas Köhler
614f13714c Use c2s state data as user and server in ejabberd_c2s:is_privacy_allow
is_privacy_allow is only used in ejabberd_c2s:handle_info/3 to determine
for a few presence types whether the packet is allowed to be forwarded
to the user's client. This only makes sense if To#jid.user and
To#jid.server match StateData#state.user and StateData#state.server.

Also, add the atom in as parameter to a new argument Dir of
is_privacy_allow and extract from that function
privacy_check_packet(StateData, From, To, Packet, Dir) which runs the
privavcy check without converting allow/deny to true/false.
2010-11-10 15:41:05 +01:00
Andreas Köhler
642b18edcb Correct error responses of forbidden offline last activity queries
According to XEP-0012 Last Activity, the server must return iq errors
with forbidden instead of not-allowed.

Fixes problem 1 of EJAB-1158.
2010-11-10 15:41:03 +01:00
Christophe Romain
03239c662e populate pubsub#roster_groups_allowed in node configuration options (thanks to Karim Gemayel)(EJAB-1344) 2010-11-10 15:14:16 +01:00
Christophe Romain
fbb84c8256 fix bad plugin order issue injected in previous patch (EJAB-1286) 2010-11-09 14:36:04 +01:00
Andreas Köhler
e710ac51eb Correct privacy check direction in mod_last (EJAB-1339)
The change for EJAB-1271 to change the direction of the privacy check
from out to in violates the idea that the check should imitate a
subscription state check of from. Rather correct the order of the From
and To parameters.
2010-11-09 13:57:01 +01:00
Andreas Köhler
6ce29e7ecb Change max restart strategy of ejabberd_odbc_sup to handle some SQL timeouts. 2010-11-08 18:42:37 +01:00
Badlop
e84d853bc3 Improve the IQ error stanzas to provide an explanation (EJAB-1262) 2010-11-08 12:01:14 +01:00
Christophe Romain
5e0f2b8560 avoid node_call to break transaction (thanks to Karim Gemayel)(EJAB-1286) 2010-11-08 11:18:33 +01:00
Andreas Köhler
01b6cd3aba Re-raise exceptions caught in gen_mod:start_module/3 (EJAB-1335)
Modules configured by the administrator normally should not be treated
as optional, so a exception (error, exit, throw) to start them should not
be caught and logged only.

This patch re-raises a caught exception instead of ignoring the
exception and inserting the module's opts on success. That way
gen_mod:get_module_opt/4 should work while calling Module:start/2.
2010-11-07 00:47:53 +01:00
Badlop
2ebfd4090a Fix register 2010-11-06 21:53:18 +01:00
Evgeniy Khramtsov
e4a1eb4370 Take care of xml:lang attribute in unauthenticated stanzas as well 2010-11-06 21:53:16 +01:00
Evgeniy Khramtsov
e3afec9465 Disable LRU caching algorithm for LDAP shared rosters 2010-11-06 21:53:14 +01:00