25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-10 15:47:30 +01:00
Commit Graph

166 Commits

Author SHA1 Message Date
Pablo Polvorin
cf973f27bb Prevent overload of incomming s2s connections
Three changes were introduced:

1) ejabberd_s2s_in now uses p1_fsm instead of gen_fsm.  And uses
   the {max_queue, N} option to kill the process if its input
   queue grows too much.
2) If a ejabberd_s2s_in process is overload and killed, the server
   that originated that connection is not allowed to connect back
   to us for X seconds (set to 60seconds on the source)
3) The list of blocked (both statically and dynamically by the above
   method) host is now also checked for hosts authenticating by
   starttls+sasl. Previusly it was only used during dialback.
2011-12-02 15:30:20 -03:00
Pablo Polvorin
87df27109a Fix bug on s2s shaper when TLS is used
The shaper was not enabled if the remote server authenticates
using a certificate instead of dialback.
2011-12-01 13:16:21 -03:00
Christophe Romain
fd52f2cb7d update copyright up to 2011 2011-02-14 13:50:55 +01:00
Badlop
b9bbe19d4c Option to reject S2S connection if untrusted certificate (EJAB-464) 2010-12-11 02:29:53 +01:00
Badlop
faf422202f When TLS is required in s2s, add subelement to stream:features starttls 2010-12-11 02:29:50 +01:00
Andreas Köhler
e34eebb5ad Correct domain_certfile tlsopts modifications for s2s connections (EJAB-1086)
* In ejabberd_s2s_out:wait_for_feature_request/2, the domain to use for
  looking up domain_certfile options is #state.myname and not
  #state.server

* If s2s_certfile is not specified, connect should still be part of the
  tls options used by ejabberd_s2s_out

* Add #state.server to ejabberd_s2s_in processes and store the to
  attribute in :wait_for_stream/2. Then use that server in
  :wait_for_feature_request/2 to change the tls options like in
  ejabberd_s2s_out.

Fixes EJAB-1086.
2010-11-26 00:14:46 +01:00
Andreas Köhler
6eeb355a22 Use LFrom and LTo consistently in ejabberd_s2s_in:stream_established/2 (EJAB-1342) 2010-11-17 12:57:05 +01:00
Badlop
12e00c57f9 When using OTP R14, use public_key library instead of old ssl (EJAB-953) 2010-07-12 13:57:07 +02:00
Evgeniy Khramtsov
715cc5ea3b New configure option: --enable-nif 2010-07-01 20:54:01 +10:00
Evgeniy Khramtsov
58590cf08d full support for XEP-0115 v1.5 (EJAB-1223) (EJAB-1189) 2010-05-08 02:32:57 +10:00
Badlop
7b76fdcde7 Update year of ProcessOne copyright from 2009 to 2010 (EJAB-1159)
SVN Revision: 2891
2010-01-12 16:11:32 +00:00
Pablo Polvorin
9d8de17b4d Use the local (target) domain for firing the s2s_receive_packet hook.
It was using the external server domain (LFrom) instead of the local domain (LTo).  
This might have impact on mod_caps in s2s scenarios, needs further attention.

SVN Revision: 2583
2009-09-04 21:31:03 +00:00
Badlop
3571ef9767 Update Ingoing s2s connections inner state to hold domain name (thanks to Juan Pablo Carlino)(EJAB-972)
SVN Revision: 2489
2009-08-15 21:38:48 +00:00
Badlop
b5964c2a5f Added API function to get current S2S connections with information
get_info_s2s_connections(Type) returns a list of incoming (or outgoing)
S2S connections with information for each one including IP address,
port number, TLS options... (thanks to Juan Pablo Carlino)

SVN Revision: 2088
2009-05-19 09:38:17 +00:00
Badlop
f09509502e * doc/guide.tex: Update copyright date 2008 to 2009 (EJAB-842)
* doc/guide.html: Likewise
* src/*/*.erl: Likewise
* src/*/*.erl: Remove unneeded blankspaces in license text

SVN Revision: 1804
2009-01-12 14:44:42 +00:00
Badlop
c3bda4aaee * doc/guide.tex: Update Process-one name to ProcessOne (EJAB-708)
* doc/guide.html: Likewise
* doc/api/overview.edoc: Likewise
* src/*/*.erl: Likewise
* src/*/*.hrl: Likewise
* src/*/*.c: Likewise
* src/odbc/*.sql: Likewise

SVN Revision: 1499
2008-07-31 11:18:49 +00:00
Mickaël Rémond
5e9576ffa3 * src/ejabberd_s2s.erl: Added s2s_send_packet and s2s_receive_packet hooks (EJAB-635).
* src/ejabberd_s2s_in.erl: Likewise.

SVN Revision: 1342
2008-05-22 10:53:49 +00:00
Badlop
ee6aae8211 * src/ejabberd_s2s_out.erl: Fix long timeout when reconnecting s2s
after a remote server crash (EJAB-540)
* src/ejabberd_s2s_in.erl: Likewise
* src/ejabberd_s2s.erl: Likewise
* doc/guide.tex: Likewise

SVN Revision: 1296
2008-04-18 12:19:45 +00:00
Badlop
07454d8f1a * src/ejabberd_s2s_in.erl (get_cert_domains): When compiling with
Erlang R12, replace the calls to deprecated module PKIX1Explicit88
with OTP-PKIX (EJAB-556)

SVN Revision: 1226
2008-03-11 14:25:35 +00:00
Badlop
2d2fcc8210 * doc/guide.tex: Updated copyright dates to 2008
* src/*: Likewise

SVN Revision: 1153
2008-01-15 17:02:57 +00:00
Jérôme Sautret
38976270b4 * src/Makefile.in: Allow compilation with Erlang R12 (EJAB-446).
* src/aclocal.m4: Likewise
* src/configure.ac: Likewise
* src/configure: Likewise
* src/ejabberd_s2s_in.erl: Likewise

SVN Revision: 1150
2008-01-15 11:11:27 +00:00
Mickaël Rémond
56fe3579bb * Applied copyright update patch 1.
SVN Revision: 1110
2007-12-24 11:41:41 +00:00
Mickaël Rémond
2100ea63ca * Making sure SVN properties are correctly set.
SVN Revision: 970
2007-11-15 10:33:18 +00:00
Mickaël Rémond
48a2813ec6 * src/ejabberd_s2_in.erl: Added debug hook for s2s loop (EJAB-358).
SVN Revision: 947
2007-09-14 14:21:12 +00:00
Mickaël Rémond
afec054544 * src/ejabberd_c2s.erl: Option to prevent the use of Erlang OTP supervisor for transient processes (EJAB-354).
* src/ejabberd_s2s_in.erl: Likewise.
* src/ejabberd_s2s_out.erl: Likewise.
* src/mod_muc/mod_muc_room.erl: Likewise.
* src/configure.ac: Likewise.
* src/configure: Likewise.
* src/Makefile.in: Likewise.
* src/mod_muc/Makefile.in: Likewise.

SVN Revision: 931
2007-09-14 14:16:36 +00:00
Mickaël Rémond
ffd7267082 * src/ejabberd_s2s_in.erl: Moved s2s connexion information from INFO level to DEBUG level (EJAB-353).
SVN Revision: 929
2007-09-14 14:16:04 +00:00
Mickaël Rémond
9fc203ee6d open up to 3 s2s outgoing connection per domain pair
SVN Revision: 928
2007-09-14 14:15:44 +00:00
Mickaël Rémond
799ff1d883 * src/ejabberd_s2s_in.erl: Add s2s whitelist / blacklist support on incoming s2s connections (EJAB-283)
* src/ejabberd_s2s.erl: Likewise

SVN Revision: 820
2007-07-19 21:17:13 +00:00
Alexey Shchepin
c72599cacd * src/ejabberd_frontend_socket.erl: Support for frontend
connection manager
* src/ejabberd_c2s.erl: Likewise
* src/ejabberd_listener.erl: Likewise
* src/ejabberd_s2s_in.erl: Likewise
* src/ejabberd_service.erl: Likewise
* src/ejabberd_socket.erl: Likewise
* src/web/ejabberd_http_poll.erl: Likewise

SVN Revision: 657
2006-10-01 01:53:37 +00:00
Alexey Shchepin
aa478100d8 * src/ejabberd_socket.erl: Support for non-xml sockets
* src/ejabberd_c2s.erl: Likewise
* src/ejabberd_s2s_in.erl: Likewise
* src/ejabberd_service.erl: Likewise
* src/web/ejabberd_http.erl: Likewise

SVN Revision: 629
2006-09-25 03:51:11 +00:00
Alexey Shchepin
0fe9caa304 * src/ejabberd_socket.erl: All XML socket operations moved here
* src/ejabberd_s2s_in.erl: Likewise

SVN Revision: 600
2006-09-05 04:36:01 +00:00
Alexey Shchepin
4d7cc9301a * src/ejabberd_socket.erl: All XML socket operations moved here
* src/ejabberd_listener.erl: Updated
* src/ejabberd_receiver.erl: Likewise
* src/ejabberd_c2s.erl: Likewise
* src/ejabberd_s2s_in.erl: Likewise
* src/ejabberd_s2s_out.erl: Likewise
* src/ejabberd_service.erl: Likewise

* src/mod_shared_roster.erl: Bugfix

* src/mod_roster_odbc.erl: Bugfix

SVN Revision: 599
2006-09-05 04:26:28 +00:00
Alexey Shchepin
2b46e3eaa7 * src/ejabberd_s2s_in.erl: Removed needless check for xmlns:db
when starttls is enabled

SVN Revision: 581
2006-06-19 02:32:57 +00:00
Alexey Shchepin
c4b976881e * src/msgs/pt-br.msg: Updated (thanks to Lucius Curado)
* src/xml_stream.erl: Support for stanza size limit (thanks to
Igor Goryachev)
* src/ejabberd_receiver.erl: Likewise
* src/ejabberd_c2s.erl: Likewise
* src/ejabberd_s2s_in.erl: Likewise
* src/ejabberd.cfg.example: Updated

* src/ejabberd_auth.erl: Fixed try_register/3 behaviour

SVN Revision: 537
2006-04-22 03:35:13 +00:00
Alexey Shchepin
ed43f8024c * src/msgs/ru.msg: Updated (thanks to Sergei Golovan)
* src/msgs/uk.msg: Likewise

* src/mod_configure.erl: Updated translation strings (thanks to
Sergei Golovan)
* src/web/ejabberd_web_admin.erl: Likewise

* src/ejabberd_s2s_in.erl: Changed a path to PKIX includes (thanks
to Sergei Golovan)

SVN Revision: 525
2006-04-01 21:43:52 +00:00
Alexey Shchepin
efacb0ad66 * src/ejabberd_c2s.erl: Remove top-level xmlns from incoming
stanzas
* src/ejabberd_s2s_in.erl: Likewise
* src/ejabberd_service.erl: Likewise

SVN Revision: 492
2006-01-25 00:35:12 +00:00
Alexey Shchepin
6bb510d99e * src/ejabberd_service.erl: Bugfix
* src/ejabberd_receiver.erl: Rewritten to use {active, once} mode
for socket
* src/ejabberd_c2s.erl: Update
* src/ejabberd_listener.erl: Likewise
* src/ejabberd_s2s_in.erl: Likewise
* src/ejabberd_s2s_out.erl: Likewise
* src/ejabberd_service.erl: Likewise
* src/shaper.erl: Likewise
* src/tls/tls.erl: Likewise
* src/web/ejabberd_http.erl: Likewise

SVN Revision: 483
2006-01-13 01:55:20 +00:00
Alexey Shchepin
c6441edc7a * src/ejabberd_s2s_in.erl: Support for dNSName certificate field
and DNS name matching
* src/XmppAddr.asn1: Moved here from src/tls/XmppAddr.asn1
* src/tls/XmppAddr.asn1: Likewise    
* src/Makefile.in: Updated
* src/tls/Makefile.in: Updated

SVN Revision: 435
2005-11-17 05:29:33 +00:00
Alexey Shchepin
719cd49e59 * src/ejabberd_config.erl: Support for per host certificates
* src/ejabberd_c2s.erl: Likewise
* src/ejabberd_s2s_out.erl: Likewise
* src/ejabberd.cfg.example: Updated

* src/ejabberd_s2s_in.erl: Fixed id-on-xmppAddr processing

SVN Revision: 432
2005-11-05 21:15:53 +00:00
Alexey Shchepin
f6343f01f7 * src/ejabberd_s2s_out.erl: Support for STARTTLS+SASL EXTERNAL
* src/ejabberd_s2s_in.erl: Likewise
* src/tls/tls.erl: Likewise
* src/tls/tls_drv.c: Likewise
* src/tls/XmppAddr.asn1: Likewise
* src/tls/Makefile.in: Likewise

SVN Revision: 430
2005-11-03 05:04:54 +00:00
Alexey Shchepin
1433dafe6b * src/tls/tls_drv.c: Support for "connect" method
* src/tls/tls.erl: Likewise

* src/ejabberd_s2s_in.erl: Support for STARTTLS+Dialback
* src/ejabberd_s2s_out.erl: Likewise
* src/ejabberd_receiver.erl: Added a few hacks ({active,once} mode
should be used instead of recv/3 call to avoid them)
* src/ejabberd_config.erl: Added s2s_use_starttls and s2s_certfile
options
* src/ejabberd.cfg.example: Likewise

SVN Revision: 426
2005-10-25 01:08:37 +00:00
Alexey Shchepin
4098c3ecba * (all): Enhanced virtual hosting support
SVN Revision: 370
2005-06-20 03:18:13 +00:00
Alexey Shchepin
2f7f3d9b00 * src/aclocal.m4: Fixed headers detecting in AM_WITH_OPENSSL
(thanks to Leif Johansson)

* src/ejabberd_auth.erl: Added support for ldap_rootdn and
ldap_password options (thanks to Stefan de Konink)
* src/mod_vcard_ldap.erl: Likewise

* src/ejabberd_router.erl: Now possible to route packet via
function call instead of message sending
* src/ejabberd_sm.erl: Added function route/3, use it in route
table
* src/ejabberd_local.erl: Likewise
* src/ejabberd_s2s.erl: Likewise

* (all): Fixed spelling of word "authentication"

* src/*/Makefile.in: Replaced erlc with @ERLC@

SVN Revision: 285
2004-11-05 21:14:31 +00:00
Alexey Shchepin
6f9a3922ef * src/ejabberd_s2s_in.erl: Changed timeout processing, bugfix
* src/ejabberd_s2s_out.erl: Changed timeout processing

* src/msgs/ru.msg: Updated (thanks to Sergei Golovan)

* src/mod_muc/mod_muc.erl: Better i18n support, added support for
<registered/> field in iq:register replies (thanks to Sergei
Golovan)

* src/mod_register.erl: More i18n support (thanks to Sergei
Golovan)

SVN Revision: 181
2003-12-06 19:58:49 +00:00
Alexey Shchepin
b18ed05e92 * src/ejabberd.cfg.example: Updated
* src/ejabberd_s2s_in.erl: Added support for shapers

* src/ejabberd_c2s.erl: Moved receiver functions to
ejabberd_receiver module
* src/ejabberd_s2s_in.erl: Likewise
* src/ejabberd_receiver.erl: Likewise

SVN Revision: 173
2003-11-10 21:25:36 +00:00
Alexey Shchepin
23b3779b20 * src/ejabberd_listener.erl: Fixed starting of SSL connection
* src/ejabberd_s2s_in.erl: Partially rewriten

* src/ejabberd_router.erl: More verbose error report
* src/ejabberd_local.erl: Likewise
* src/ejabberd_sm.erl: Likewise

* src/ejabberd_s2s_out.erl: Updated to be compatible with R9C

* src/ejabberd_c2s.erl: Minor fix

SVN Revision: 164
2003-10-29 20:09:09 +00:00
Alexey Shchepin
61875f80b3 * (all): Changed JID storage format, added support for stringprep
* src/stringprep/: Added support for Unicode normalization form KC

* src/stringprep/: Added support for case convertion to multiple
characters

* src/cyrsasl_digest.erl: Temporary removed "auth-int" QOP

SVN Revision: 144
2003-10-07 20:31:44 +00:00
Alexey Shchepin
de6b2a2996 * src/ejabberd_s2s_in.erl: Fixed "id" attribute processing
* src/ejabberd_s2s_out.erl: Likewise

* src/ejabberd_c2s.erl: Added sending of empty <stream:features/>
element after opening of authentificated stream

SVN Revision: 135
2003-09-03 17:49:42 +00:00
Alexey Shchepin
dc80fa1562 * src/ejabberd_s2s_in.erl: Temporary hack for "id" attribute
processing
* src/ejabberd_s2s_out.erl: Likewise

SVN Revision: 134
2003-09-02 20:13:32 +00:00
Alexey Shchepin
ca5d88c368 * (all): Reorganized supervision tree
SVN Revision: 125
2003-07-20 20:35:35 +00:00
Alexey Shchepin
1834fb3a72 * src/ejabberd_s2s_out.erl: Close connection after key
verification

* src/ejabberd_c2s.erl: start replaced with start_link
* src/ejabberd_s2s_in.erl: Likewise
* src/ejabberd_s2s_out.erl: Likewise
* src/ejabberd_service.erl: Likewise

* src/ejabberd_listener.erl: Now uses proc_lib to spawn listeners,
removed 3rd parameter in listener configuration (assumed to equal
start_link)

* src/ejabberd.rel: Updated

* doc/guide.tex: Small changes

* doc/Makefile: Added implicit charset specification to hevea

SVN Revision: 124
2003-07-14 18:06:03 +00:00
Alexey Shchepin
481cc2d1f4 * src/ejabberd_s2s_out.erl: Fixed error replies, added timeouts
* src/ejabberd_s2s_in.erl: Likewise

SVN Revision: 107
2003-05-12 18:36:13 +00:00
Alexey Shchepin
86cd1729cb * src/ejabberd_local.erl: Updated missed errors to new style
* src/mod_register.erl: Likewise
* src/mod_version.erl: Likewise
* src/mod_time.erl: Likewise
* src/mod_stats.erl: Likewise
* src/mod_register.erl: Likewise
* src/mod_private.erl: Likewise
* src/mod_configure.erl: Likewise
* src/ejabberd_sm.erl: Likewise
* src/ejabberd_service.erl: Likewise
* src/ejabberd_c2s.erl: Likewise
* src/ejabberd_s2s_out.erl: Likewise
* src/mod_vcard.erl: Likewise
* src/mod_roster.erl: Likewise

* src/mod_muc/mod_muc.erl: Added vcard to mod_muc module

* src/ejabberd_app.erl: Dump list of opened ports every hour

* src/ejabberd.hrl: Added INFO_MSG macros, ERROR_LOG_PATH renamed
to LOG_PATH

SVN Revision: 106
2003-05-09 19:32:59 +00:00
Alexey Shchepin
27b0a72c6f * src/ejabberd_s2s_in.erl: Bugfix
SVN Revision: 94
2003-03-27 15:28:47 +00:00
Alexey Shchepin
a8a8e3b5a6 *** empty log message ***
SVN Revision: 62
2003-02-06 19:09:22 +00:00
Alexey Shchepin
6599d1ecc5 *** empty log message ***
SVN Revision: 55
2003-02-01 20:21:28 +00:00
Alexey Shchepin
aed24c637f *** empty log message ***
SVN Revision: 51
2003-01-26 20:16:53 +00:00
Alexey Shchepin
2aa3c1c720 *** empty log message ***
SVN Revision: 49
2003-01-24 20:18:33 +00:00
Alexey Shchepin
c4d76dec7d *** empty log message ***
SVN Revision: 38
2003-01-13 20:51:17 +00:00
Alexey Shchepin
e23adaae38 *** empty log message ***
SVN Revision: 33
2003-01-08 20:42:03 +00:00
Alexey Shchepin
0a9a6261f8 *** empty log message ***
SVN Revision: 29
2003-01-05 20:24:59 +00:00
Alexey Shchepin
083e2b75d0 *** empty log message ***
SVN Revision: 28
2003-01-04 20:09:25 +00:00
Alexey Shchepin
ae30798efd *** empty log message ***
SVN Revision: 20
2002-12-20 20:42:08 +00:00
Alexey Shchepin
496c041b28 *** empty log message ***
SVN Revision: 16
2002-12-13 20:58:27 +00:00
Alexey Shchepin
6c96829311 *** empty log message ***
SVN Revision: 13
2002-12-07 20:27:26 +00:00
Alexey Shchepin
e6c062fe40 *** empty log message ***
SVN Revision: 12
2002-12-06 20:59:19 +00:00