25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-28 16:34:13 +01:00
Commit Graph

4665 Commits

Author SHA1 Message Date
Konstantinos Kallas
1aadb797b3 Remove the new account option from get certificate. There is no reason for having this 2017-08-11 14:10:55 +03:00
Konstantinos Kallas
7140c8d844 Format expired certificates differently in list_certificates 2017-08-11 13:28:17 +03:00
Christophe Romain
7a90cda8ff Process on_user_offline only from valid sessions 2017-08-11 12:05:14 +02:00
Evgeniy Khramtsov
35eeaa5869 Fix regression introduced by b82b93f8f0
Fixes #1928
2017-08-11 11:43:16 +03:00
Christophe Romain
024713a441 Remove temporary debug 2017-08-11 10:53:19 +02:00
Christophe Romain
32fbfe1981 Use correct c2s process sending PEP with multi devices 2017-08-11 10:32:36 +02:00
Christophe Romain
9c5427e0c2 PubSub: refactor send_last_items remove send_loop 2017-08-11 10:20:33 +02:00
Holger Weiss
7d3609d954 prosody2ejabberd: Support PEP import 2017-08-10 19:49:20 +02:00
Holger Weiss
fc7ba53c37 prosody2ejabberd: Remove superfluous 'catch' 2017-08-10 18:54:00 +02:00
Konstantinos Kallas
2b1fea01cd Renew certificate now renews all saved certificates that are close to expire
Before this commit renew_certificate only checked the hosts in the config file and renewd the certificates for those. However the user can request certificates apart from the hosts in the config file so he should be able to also renew them.
2017-08-10 18:54:26 +03:00
Konstantinos Kallas
c20bfb3422 Revoke Certificate: Jose Private Key
Instead of signing the jose object with the account private key, it now signs the object using the certificate private key. This is useful in case the user wants to revoke a old certificate whose account key doesn't exist anymore.
2017-08-10 17:23:13 +03:00
Konstantinos Kallas
011b7ac3f2 Support getting certificates for domains not specified in the configuration file 2017-08-10 15:26:35 +03:00
Evgeniy Khramtsov
a96d72330d Rename remove_room hook back 2017-08-10 14:49:05 +03:00
Christophe Romain
7d626b4f5c Add support of section 4.9.3.16 on rfc6120 2017-08-10 12:17:31 +02:00
Christophe Romain
e903348dd3 Fix pubsub send_loop after 3fec7824 2017-08-09 11:34:36 +02:00
Konstantinos Kallas
97a4d57f2e Remove some debugging functions 2017-08-08 18:00:37 +03:00
Evgeniy Khramtsov
3fec782494 Introduce 'hosts' option
The option can be used as a replacement of 'host' option
when several (sub)domains are needed to be registered for the module.
Note that you cannot combine both 'host' and 'hosts' in the config
because 'host' option is of a higher priority. Example:

mod_pubsub:
   ...
   hosts:
     - "pubsub1.@HOST@"
     - "pubsub2.@HOST@"

Fixes #1883
2017-08-08 17:46:26 +03:00
Konstantinos Kallas
9756b452d6 Implement renew_certificate command
This command renews the certificates for all domains that already have a certificate that has expired or is close to expiring. It is meant to be run automatically more often than the renewal process because if the certificates are valid nothing happens
2017-08-08 16:38:19 +03:00
Konstantinos Kallas
7fa9a387ae Try catch when formatting certificates 2017-08-08 12:45:57 +03:00
Konstantinos Kallas
48254a1e10 Change certificate notAfter to 90 days
As stated in Let's Encrypt FAQ: https://letsencrypt.org/docs/faq/
2017-08-08 12:23:13 +03:00
Christophe Romain
8679cfd2f3 Rename stop_all_connections to stop_s2s_connections for consistency 2017-08-07 15:06:07 +02:00
Evgeniy Khramtsov
2bceebc39d Get rid of export_all 2017-08-05 21:01:29 +03:00
Evgeniy Khramtsov
92532a0d66 Replace gen_fsm with p1_fsm to avoid warnings in OTP20+ 2017-08-05 20:58:21 +03:00
Holger Weiss
e1aaa1c99d ejabberd_c2s: Fix priority of 'certfile' option
Use the 'certfile' listener option rather than a 'domain_certfile' for
ejabberd_c2s listeners that have "tls: true" configured.  A
'domain_certfile' should only be preferred for STARTTLS connections.

Closes #1911.
2017-08-05 18:59:32 +02:00
Badlop
101e808124 Fix warning in previous commit 2017-08-04 13:09:17 +02:00
Christophe Romain
766b7c65a6 Merge pull request #1881 from weiss/push
Support XEP-0357: Push Notifications
2017-08-04 12:58:06 +02:00
Badlop
0516a3dc0e Remove unused 'managers' option, related to the deferred XEP-0321 (#1443) 2017-08-04 12:29:15 +02:00
Christophe Romain
3d185c0fb8 Fix missing validation from 633b68db1 (#1900) 2017-08-04 11:53:32 +02:00
Christophe Romain
06450f4a82 Keep disco#info on PEP compatible with XEP-0060 (#1717) 2017-08-03 15:48:23 +02:00
Christophe Romain
ce0beb550c Move pubsub sql export to pubsub_db_sql module 2017-08-03 15:34:01 +02:00
Christophe Romain
96c0483533 Fix Xref from 5dcc97c 2017-08-03 14:54:06 +02:00
Paweł Chmielowski
1274bcdba9 Change policy of user_resources command
This fixes issue #1908
2017-08-03 13:49:06 +02:00
Badlop
5dcc97c85a Preliminary export PubSub data from Mnesia tables to SQL file (#1571) 2017-08-03 10:53:01 +02:00
Konstantinos Kallas
e6e8e64f84 Improve return format of get_certificates command 2017-08-02 21:10:49 +03:00
Konstantinos Kallas
ac7105d39e Implement verbose list_certificates option 2017-08-02 19:36:11 +03:00
Christophe Romain
9edcbadd60 Fix clustering table reg_users_counter (#1889) 2017-08-02 14:36:32 +02:00
Christophe Romain
73509686f1 Fix getting cached last item (#1814) 2017-08-02 12:24:34 +02:00
Jing Sun
50511fcff7 Fix spec for mod_pubsub:subscribe_node 2017-08-02 10:31:42 +02:00
Christophe Romain
5e26190b98 Fix PubSub send last published items (#1572) 2017-08-01 17:00:52 +02:00
Christophe Romain
f22bd6eb46 Fix PEP node removal (#1839) 2017-08-01 15:40:34 +02:00
Christophe Romain
0ba6c78ed0 Fix disco#items on PEP service 2017-08-01 15:15:01 +02:00
Christophe Romain
636d68e0a9 Fix PEP node identity (#1717) 2017-08-01 14:41:16 +02:00
Christophe Romain
7e6d1c24c2 Update spec from custom and allow modules dependencies (#1740) 2017-08-01 13:33:14 +02:00
Konstantinos Kallas
3abe3aeeec Finish revoke_certificate and add specs
1. Add a try catch in the final revoke_certificate function
2. Also delete the certificate from persistent memory when it is done revoked
2017-07-29 19:10:06 +03:00
Paweł Chmielowski
51fa438340 Request basic auth dialog from browser 2017-07-28 16:08:05 +02:00
Christophe Romain
35a11526f9 Revert "Fix get_module_opt call in mod_block_strangers"
This reverts commit e5f64bc24a.
2017-07-27 18:23:10 +02:00
Paweł Chmielowski
0cfec92c14 Generate log messages when websocket is closed due timeouts 2017-07-27 17:53:16 +02:00
Alexey Shchepin
e5f64bc24a Fix get_module_opt call in mod_block_strangers 2017-07-27 17:48:41 +02:00
Konstantinos Kallas
cc6f4b90fb Support certificate revocation 2017-07-27 18:25:44 +03:00
Paweł Chmielowski
5c48ba4609 Set high water mark in lager for all backends 2017-07-27 17:14:03 +02:00
Jérôme Sautret
3ca62a797a Fix nick bug with MUC on riak 2017-07-27 17:06:34 +02:00
Christophe Romain
b66dab1313 Add muc related hooks 2017-07-27 17:02:06 +02:00
Marco Adkins
ea96615460 Ability to filter passwords from the log in mod_http_api (#1888)
* Ability to filter passwords from the log when creating users through the mod_http_api
2017-07-27 15:30:56 +02:00
Konstantinos Kallas
61d1411ab3 Sync fork with upstream 2017-07-26 09:54:23 +03:00
Konstantinos Kallas
92e38190aa Encode strings using a library function and not my custom made 2017-07-25 14:13:40 +03:00
Konstantinos Kallas
09918b5912 Add a try catch arounf list certificates 2017-07-23 21:47:22 +03:00
Christophe Romain
2e88d001d6 Fix errors from 1a0db3d 2017-07-21 11:42:03 +02:00
Badlop
1a0db3de3a Describe commands arguments and results in ejabberd_sm, ext_mod, mod_mam 2017-07-21 11:26:53 +02:00
Badlop
250876ea1a Fix indentation of commands lines 2017-07-21 11:26:47 +02:00
Holger Weiss
66510c1d78 Add mod_push_keepalive
This module tries to keep pending stream management sessions of push
clients alive (as long as the disconnected clients are reachable via
push notifications).
2017-07-21 01:07:36 +02:00
Holger Weiss
d6f1d3df5b Support XEP-0357: Push Notifications
Closes #1379.
2017-07-20 20:22:50 +02:00
Paweł Chmielowski
e216654c52 Don't add indentation after single item result in docs 2017-07-18 17:48:53 +02:00
Christophe Romain
cc3391cc1c Use string:join instead of lists:join 2017-07-18 15:43:46 +02:00
Christophe Romain
b8d56a7c11 Improve formatting of documented API parameters 2017-07-18 15:01:01 +02:00
Konstantinos Kallas
9ce1f12b66 Pretty print list-certificates 2017-07-18 13:28:44 +03:00
Paweł Dorofiejczyk
de1a66dfbe Fix old route record in mnesia's route table haven't been remove when restarting in some cases (#1184) 2017-07-17 15:14:30 +02:00
Konstantinos Kallas
2e18122cd9 Print validity in list-certificates 2017-07-17 13:40:53 +03:00
Konstantinos Kallas
8fe551cc68 Add a stub for the list-certificates command 2017-07-17 11:39:27 +03:00
Konstantinos Kallas
09c3496ff1 Remove httpdir from some function arguments as we now use the built in ejabberd http server for authorizations 2017-07-17 10:48:57 +03:00
Konstantinos Kallas
fa3108e6e2 Save acquired certificates in persistent storage 2017-07-17 10:42:09 +03:00
Konstantinos Kallas
9cf596c67b Change the persistent data structure from a record to a proplist
This is done so that possible future updates to the data structure don't break existing code.
With this change it will be possible to update the data structure and keep the same old persistent data file, which will still have the expected list format but with more properties
2017-07-17 09:59:38 +03:00
Konstantinos Kallas
478a12637d Separate the persistent data structure functions 2017-07-17 09:40:36 +03:00
Konstantinos Kallas
4d977535f2 Make some persistent data wrapper functions 2017-07-17 09:35:37 +03:00
Paweł Chmielowski
2cd193f97c Expand catch block used to report errors in doc generator 2017-07-14 17:18:07 +02:00
Paweł Chmielowski
33a9d6a3c3 Fix args_examples from last commit 2017-07-14 17:17:26 +02:00
Badlop
fdb863ce70 Describe even more command arguments and results in mod_admin_extra 2017-07-14 16:43:30 +02:00
Konstantinos Kallas
77a96b0ec6 Solve acme challenges using built in http server 2017-07-12 19:23:52 +03:00
Konstantinos Kallas
5199ede4a2 Changle acme file permissions
Also changed some specs
2017-07-11 11:11:00 +03:00
Konstantinos Kallas
c50f6c218f Clean up code by adding throws instead of passing the error value 2017-07-07 18:32:07 +03:00
Konstantinos Kallas
5866124138 Clean up get_certificate code 2017-07-07 17:37:44 +03:00
Holger Weiss
f6bdc6fdb2 mod_privacy: Don't crash while copying c2s state
Don't assume 'privacy_active_list' is set when c2s_copy_session/2 is
called.
2017-07-07 14:28:22 +02:00
Holger Weiss
8f25baada6 mod_privacy: Apply cosmetic change to type spec 2017-07-07 14:25:55 +02:00
Badlop
aaef1a14b4 Fix set_presence command to work in recent ejabberd 2017-07-07 10:55:08 +02:00
Evgeniy Khramtsov
22e8f5fd51 Add copyright and fix description for some sources 2017-07-06 21:27:04 +03:00
Paweł Chmielowski
3b0eee785f Handle new possible result from ejabberd_config.add_option 2017-07-06 17:19:22 +02:00
Evgeniy Khramtsov
ffdaff3740 Make ejabberd_cluster modular
For setting the cluster backend new global option 'cluster_backend' is
introduced. The default and only available value at the moment is 'mnesia'
2017-07-06 15:47:35 +03:00
Paweł Chmielowski
56d273477e Remove old command calling interface 2017-07-06 14:24:25 +02:00
Evgeniy Khramtsov
a35b9dd9cc Close accepted socket if sockname/peername has failed
Fixes #1834
2017-07-06 14:49:21 +03:00
Konstantinos Kallas
56fc0efbc8 Split ACME module into two
1. A communications module that handles all requets/responses and other low level stuff that have to do with the ACME CA
2. A head module that will do all the useful stuff
2017-07-04 11:44:22 +03:00
Konstantinos Kallas
d3c477646f Add support for command get_certificates, very crude 2017-07-03 13:37:32 +03:00
Paweł Chmielowski
a58de70f06 Fix invalid argument in get_messages_susbset
This should fix #1818
2017-06-30 14:24:35 +02:00
Christophe Romain
800965a957 Avoid useless calls on simples subscriptions (#1313) 2017-06-29 15:24:18 +02:00
Alexey Shchepin
fcf672c50e Add allow_local_users to mod_block_strangers (#1804, #1809) 2017-06-29 14:55:24 +03:00
Badlop
b66e369a1d Fix Salt import from prosody SCRAMmed password (#1803) 2017-06-29 10:28:44 +02:00
Badlop
3c7c71cfa6 In offline export to SQL, first write all DELETE, later all INSERT (#1509) 2017-06-28 11:14:59 +02:00
Konstantinos Kallas
637d9b054b Support get-cert, revoke-cert. Also cleaned some typespecs 2017-06-26 19:03:21 +03:00
Badlop
1bfb0ab39c Fix username in mam export (#1510)(thanks to themaverik) 2017-06-26 14:38:12 +02:00
Badlop
4ef1cdec12 Write validator for mod_multicast's limits option 2017-06-26 13:39:50 +02:00
Badlop
0534678028 Use YAML syntax for limits option in mod_multicast 2017-06-26 11:26:53 +02:00
Paweł Chmielowski
70606d7f1a Catch exception that may happen when sending data over websocket
This fixes #1667
2017-06-23 17:19:37 +02:00
Evgeny Khramtsov
54e6e1a5fb Merge pull request #1793 from marcphilipp/bugfix/set_room_affiliation_master
Fix mod_muc_admin:set_room_affiliation
2017-06-22 18:28:12 +04:00
Evgeniy Khramtsov
5bb7a0b0db Don't let a receiver to crash if a controller is unavailable
Fixes #1796
2017-06-22 16:58:46 +03:00
Konstantinos Kallas
330456bcf0 Indent using Emacs 2017-06-22 14:47:56 +03:00
Konstantinos Kallas
396bd5eb3d Removed some ?INFO_MSG 2017-06-22 11:38:40 +03:00
Konstantinos Kallas
dd79dea81d Support new_cert, make certificate request 2017-06-22 11:31:50 +03:00
Marc Philipp
976a8c9cc9 Fix mod_muc_admin:set_room_affiliation 2017-06-21 17:20:58 +02:00
Holger Weiss
950aca380c mod_client_state: Reset state on session resume
Don't restore the previous CSI state when a stream management session is
resumed.
2017-06-21 01:05:46 +02:00
Holger Weiss
985b0a1933 mod_stream_mgmt: Add missing function specs 2017-06-21 01:00:29 +02:00
Christophe Romain
a7841ed486 Improve API documentation generator 2017-06-20 14:45:57 +02:00
Christophe Romain
a11e833a98 Make ext_mod api return rescode 2017-06-20 14:45:31 +02:00
Paweł Chmielowski
62ee051c6e Fix invalid {args,result}_examples in mod_muc_admin 2017-06-19 16:31:07 +02:00
Paweł Chmielowski
5424ead01d Generate better errors when not being able to generate documentation 2017-06-19 16:30:45 +02:00
Paweł Chmielowski
96d385bf82 Another tweak to md generator 2017-06-19 15:10:34 +02:00
Paweł Chmielowski
8e2258b16a Update markdown api document generator 2017-06-19 15:02:02 +02:00
Konstantinos Kallas
dc4c00a78c Add support for solving http-01 challenge 2017-06-18 13:20:47 +03:00
Konstantinos Kallas
1d1250b056 Cleanup acme_challenge.erl, move types and records in ejabberd_acme.hrl 2017-06-17 19:06:39 +03:00
Badlop
f87b46f454 Fix srg_user_add/del for non-Mnesia database backends (#1780) 2017-06-15 11:05:41 +02:00
Konstantinos Kallas
133d2ae6d5 Derive the alg field of the JWS object using a erlang-jose library function rather than hardcoding 2017-06-15 11:47:29 +03:00
Christophe Romain
5418b37314 Add pubsub import from prosody/metronome 2017-06-15 09:56:05 +02:00
Konstantinos Kallas
4fc3d511ce Synchronize fork 2017-06-14 12:35:01 +03:00
Konstantinos Kallas
032ce9e53c Refactor get requests, Implement authorization handling functions 2017-06-14 12:12:43 +03:00
Evgeniy Khramtsov
0aa64381ff Fix IP address parsing for mod_metrics 2017-06-13 16:54:29 +03:00
Konstantinos Kallas
4b1c59e199 Major Refactoring, Separated Logic from Requests 2017-06-12 21:35:43 +03:00
Konstantinos Kallas
c25aa8378f Add new-authz, refactor the http requests that all used the same code 2017-06-12 15:31:48 +03:00
Badlop
63b6e0d381 Switch access rule delete_old_users with protect_old_users (#1772) 2017-06-09 19:18:47 +02:00
Konstantinos Kallas
911b8188d2 Refactor the http response handlers.
Encapsulate some dangerous calls with try catch.
2017-06-09 19:47:50 +03:00
Konstantinos Kallas
167edacb5f Make Stylistic Changes in order to conform to guidelines:
1. Remove trailing whitespace
2. Remove Macros
3. Handle all erroneous response codes the same way
4. Add specs
Also don't return nonces anymore when the http response is negative.
2017-06-09 18:53:54 +03:00
Konstantinos Kallas
53d47483c8 Implement some basic account handling functions 2017-06-09 15:49:27 +03:00
Paweł Chmielowski
62806607bf Add missing , 2017-06-09 12:10:40 +02:00
Badlop
b25b5c2f98 Improve export2sql explanation; remove obsolete and duplicated command 2017-06-09 12:02:49 +02:00
Badlop
ee8bbccb2a Fix and document push_roster_all command 2017-06-08 19:54:34 +02:00
Konstantinos Kallas
926de60f5d Support for new_cert 2017-06-05 17:10:37 +03:00
Konstantinos Kallas
df5d673e63 Solve http-01 challenge 2017-06-03 12:34:15 +03:00
Badlop
f6767ed061 Fix rooms list in WebAdmin (#1753) 2017-06-01 19:27:41 +02:00
Badlop
0982a9bc3c Parse correctly presence_broadcast option in change_room_option command 2017-05-29 12:49:53 +02:00
Evgeniy Khramtsov
50327a0cfc Fix case clause
Fixes #1746
2017-05-25 13:46:17 +03:00
Holger Weiss
5802062746 Cosmetic change: Fix indentation errors 2017-05-24 17:16:16 +02:00
Evgeniy Khramtsov
69de1780a0 Introduce --enable-stun and --enable-sip configure options
STUN/TURN and SIP is not compiled by default anymore.
Use --enable-stun, --enable-sip or --enable-all to enable them.
2017-05-23 13:12:48 +03:00
Evgeniy Khramtsov
6e8895f9e9 Get rid of sql_queries.erl 2017-05-23 12:25:13 +03:00
Evgeniy Khramtsov
e93762a720 Deprecate misc:encode_base64/1 and misc:decode_base64/1 2017-05-23 10:43:26 +03:00
Evgeniy Khramtsov
268065e5c4 Validate all certfiles on startup 2017-05-23 09:27:52 +03:00
Evgeniy Khramtsov
d7878ef131 Implement cache for mod_announce 2017-05-22 16:14:28 +03:00
Badlop
908bedeaa6 Describe command arguments and results in mod_muc_admin 2017-05-22 12:55:32 +02:00
Evgeniy Khramtsov
504860f065 Don't leak with UDP sockets 2017-05-22 11:29:53 +03:00
Evgeniy Khramtsov
3a96d72a7f Implement cache for mod_private 2017-05-22 10:34:57 +03:00
Evgeniy Khramtsov
d88e4d495f Don't store messages via a single process 2017-05-21 23:21:13 +03:00
Evgeniy Khramtsov
66a4e405e0 Improve mod_metrics
* Do not spawn a process per event
* Avoid UDP socket creation on every event
* Get rid of calls to str.erl module
* Add options 'ip' and 'port'
2017-05-21 14:24:57 +03:00
Evgeniy Khramtsov
0a77b9f43e Get rid of a workaround against old Erlang bug 2017-05-21 13:30:46 +03:00
Evgeniy Khramtsov
470669fa6b Get rid of db_type warning for mod_vcard_xupdate 2017-05-21 11:40:24 +03:00
Evgeniy Khramtsov
af29fb21df Get rid of detection of modules' db_type detection
The detection sometimes leads to errorneous warnings.
We need to improve it later. For now I just remove the
detection as it doesn't fully work anyway.
2017-05-21 11:33:16 +03:00
Evgeniy Khramtsov
be50d57ddd Declare ejabberd_oauth behaviour 2017-05-21 11:31:30 +03:00
Evgeniy Khramtsov
35d19b32f4 Implement cache for mod_privacy/mod_blocking 2017-05-20 22:36:32 +03:00
Paweł Chmielowski
654d907dcf export_all is not needed here 2017-05-19 17:03:41 +02:00
Paweł Chmielowski
b013c29c7e Fix values put in args_examples 2017-05-19 16:56:37 +02:00
Evgeniy Khramtsov
0ed23980a6 Get rid of Mnesia transaction in get_vcard/2 2017-05-18 21:24:47 +03:00
Evgeniy Khramtsov
a78862e05e The default 'iqdisc' is now 'no_queue' 2017-05-18 19:13:18 +03:00
Evgeniy Khramtsov
bcb44ccb6f Implement cache for mod_last 2017-05-18 13:21:17 +03:00
Evgeniy Khramtsov
736a182544 ?SQL_UPSERT returns 'ok' on success 2017-05-18 12:10:36 +03:00
Evgeniy Khramtsov
97bb1250ba Avoid erroneous usage of ?MODULE macro 2017-05-18 12:09:28 +03:00
Evgeniy Khramtsov
b0b7ac101c Fix function_clause after authentication refactoring
Fixes https://github.com/processone/ejabberd-contrib/issues/213
2017-05-18 09:51:04 +03:00
Evgeniy Khramtsov
6691c59a7a Clean up database code related to mod_vcard_xupdate 2017-05-17 19:29:19 +03:00
Evgeniy Khramtsov
1391d5a304 Use disc_only_copies for oauth_token Mnesia table 2017-05-17 17:42:22 +03:00
Evgeniy Khramtsov
8f595b58a7 Increase gen_mod's supervisor shutdown time 2017-05-17 17:33:07 +03:00
Evgeniy Khramtsov
1925b94131 Implement cache for mod_vcard and mod_vcard_xupdate 2017-05-17 17:13:34 +03:00
Konstantinos Kallas
ddb043aa71 More account support(Update/Info) 2017-05-17 16:55:26 +03:00
Evgeniy Khramtsov
fc794b680a Add cache options to the validator 2017-05-17 16:03:41 +03:00
Evgeniy Khramtsov
a71065fcda Ciphers should be a binary string 2017-05-17 15:42:18 +03:00
Evgeniy Khramtsov
7165196211 Get rid of unused variable 2017-05-17 15:24:32 +03:00
Evgeniy Khramtsov
f782955c06 Implement cache for roster 2017-05-17 14:47:35 +03:00
Evgeniy Khramtsov
3f13396d73 Fix use_cache/1 callback 2017-05-15 08:58:37 +03:00
Konstantinos Kallas
88365ed507 New account functional, very crude 2017-05-15 01:41:09 +03:00
Evgeniy Khramtsov
061d5f2380 Shut up dialyzer/xref if public_key:short_name_hash/1 is not available 2017-05-13 13:11:08 +03:00
Evgeniy Khramtsov
2d17a2850c Only validate certfiles if public_key:short_name_hash/1 is available 2017-05-12 17:51:17 +03:00
Evgeniy Khramtsov
cc58ce6301 Introduce Certficate Manager
The major goal is to simplify certificate management in ejabberd.
Currently it requires some effort from a user to configure certficates,
especially in the situation where a lot of virtual domains are hosted.

The task is splitted in several sub-tasks:
* Implement basic certificate validator. The validator should check all
configured certificates for existence, validity, duration and so on. The
validator should not perform any actions in the case of errors except
logging an error message. This is actually implemented by this commit.
* All certificates should be configured inside a single section (something
like 'certfiles') where ejabberd should parse them, check the full-chain,
find the corresponding private keys and, if needed, resort chains and
split the certficates into separate files for easy to use by fast_tls.
* Options like 'domain_certfile', 'c2s_certfile' or 's2s_certfile' should
probably be deprecated, since the process of matching certificates with the
corresponding virtual hosts should be done automatically and these options
only introduce configuration errors without any meaningful purpose.
2017-05-12 16:27:09 +03:00
Evgeniy Khramtsov
d3c8fb7705 Check presence of some files during option validation 2017-05-12 09:34:57 +03:00
Evgeniy Khramtsov
9fe16a29e1 Gracefully process malformed passwords during password change 2017-05-11 17:15:23 +03:00
Evgeniy Khramtsov
31a3cc7b10 Gracefully process malformed passwords during registration 2017-05-11 17:09:26 +03:00
Evgeniy Khramtsov
a8dc5f80d1 Add 'access_remove' ACL to mod_register 2017-05-11 16:37:01 +03:00
Evgeniy Khramtsov
cdb191bb48 Rename is_user_exists -> user_exists 2017-05-11 15:49:06 +03:00
Evgeniy Khramtsov
633b68db11 Use cache for authentication backends
The commit introduces the following API incompatibilities:

In ejabberd_auth.erl:
* dirty_get_registered_users/0 is renamed to get_users/0
* get_vh_registered_users/1 is renamed to get_users/1
* get_vh_registered_users/2 is renamed to get_users/2
* get_vh_registered_users_number/1 is renamed to count_users/1
* get_vh_registered_users_number/2 is renamed to count_users/2

In ejabberd_auth callbacks
* plain_password_required/0 is replaced by plain_password_required/1
  where the argument is a virtual host
* store_type/0 is replaced by store_type/1 where the argument is
  a virtual host
* set_password/3 is now an optional callback
* remove_user/3 callback is no longer needed
* remove_user/2 now should return `ok | {error, atom()}`
* is_user_exists/2 now must only be implemented for backends
  with `external` store type
* check_password/6 is no longer needed
* check_password/4 now must only be implemented for backends
  with `external` store type
* try_register/3 is now an optional callback and should return
  `ok | {error, atom()}`
* dirty_get_registered_users/0 is no longer needed
* get_vh_registered_users/1 is no longer needed
* get_vh_registered_users/2 is renamed to get_users/2
* get_vh_registered_users_number/1 is no longer needed
* get_vh_registered_users_number/2 is renamed to count_users/2
* get_password_s/2 is no longer needed
* get_password/2 now must only be implemented for backends with
  `plain` or `scram` store type

Additionally, the commit introduces two new callbacks:
* use_cache/1 where the argument is a virtual host
* cache_nodes/1 where the argument is a virtual host

New options are also introduced: `auth_use_cache`, `auth_cache_missed`,
`auth_cache_life_time` and `auth_cache_size`.
2017-05-11 14:37:21 +03:00
Badlop
e890525788 Use misc:atom_to_binary/1 instead of the deprecated jlib.erl (#1510) 2017-05-10 12:05:52 +02:00
Badlop
6b8c61b3a2 Update comment: aux.erl was renamed to misc.erl 2017-05-10 12:03:13 +02:00
Badlop
4849ac9781 Use jid:encode/1 instead of the deprecated jid:to_string/1 (#1510) 2017-05-10 11:22:15 +02:00
Lamtei W
cd18d3d8a7 Fix: update sql statement, added missing delimeter for sql queries 2017-05-10 11:22:11 +02:00
Lamtei W
a0908ba393 Added export function for mam module 2017-05-10 11:22:07 +02:00
Konstantinos Kallas
02dbe39b06 Examining jose functionality 2017-05-09 23:27:37 +03:00
Konstantinos Kallas
67a00939db Small improvements to the acme module 2017-05-08 20:29:58 +03:00
Evgeniy Khramtsov
5d7a704ca5 Remove forgotten 'export_all' 2017-05-08 17:23:29 +03:00
Evgeniy Khramtsov
cee90a886e Don't list 'redis_pool_size' option multiple times 2017-05-08 17:22:34 +03:00
Evgeniy Khramtsov
6b6d07745d Split some functions in smaller ones 2017-05-08 16:29:01 +03:00
Konstantinos Kallas
05362b9a7d Very basic acme client, only stubs 2017-05-08 15:35:11 +03:00
Evgeniy Khramtsov
8368a0850a Don't call gen_mod:get_opt() outside of modules 2017-05-08 14:34:35 +03:00
Evgeniy Khramtsov
01a2c9fe12 Add type specs for Module:opt_type/1 2017-05-08 12:59:28 +03:00
Evgeniy Khramtsov
3241c2506b Introduce 'sql_connect_timeout' option (#1698) 2017-05-05 16:25:10 +03:00
Evgeniy Khramtsov
48d6ae1def Introduce 'sql_query_timeout' option
Fixes #1698
2017-05-05 13:20:28 +03:00
Evgeniy Khramtsov
f2dc8c0442 Emit deprecation warning for SM related listening options 2017-05-05 12:31:17 +03:00
Evgeniy Khramtsov
b174e2c9c6 Improve validation of second-level options 2017-05-05 11:11:17 +03:00
Evgeniy Khramtsov
fb17c1b99f Make it possible to validate second-level options 2017-05-04 17:34:32 +03:00
Paweł Chmielowski
c64e77a08c Catch exceptions from acl:add_list in web admin 2017-05-04 12:01:22 +02:00
Evgeniy Khramtsov
cf53d834e9 Introduce 'iqdisc' global option 2017-05-04 12:24:47 +03:00
Evgeniy Khramtsov
a2a4a4970e Validate module options on start_module/2 2017-05-04 09:09:10 +03:00
Badlop
31fa36003f Parse ldap_uids in mod_vcard_ldap like in eldap_utils (#319) 2017-05-03 23:32:56 +02:00
Evgeniy Khramtsov
54cc49bc70 Validate new options before module reloading 2017-05-01 14:01:12 +03:00
Evgeniy Khramtsov
fe662c1a0a Don't forget to delete digraph 2017-05-01 10:14:00 +03:00
Evgeniy Khramtsov
fddd6110e0 Don't validate an option in gen_mod:get*opt() functions
The changes are very similar to those from previous commit:
* Now there is no need to pass validating function in
  gen_mod:get_opt() and gen_mod:get_module_opt() functions,
  because the modules' configuration keeps already validated values.
* New functions gen_mod:get_opt/2 and gen_mod:get_module_opt/3 are
  introduced.
* Functions gen_mod:get_opt/4 and get_module_opt/5 are deprecated.
  If the functions are still called, the "function" argument is
  simply ignored.
* Validating callback Mod:listen_opt_type/1 is introduced to validate
  listening options at startup.
2017-04-30 19:01:47 +03:00
Evgeniy Khramtsov
2b63d07329 Merge branch 'new-option-validation' 2017-04-29 11:48:57 +03:00
Evgeniy Khramtsov
b82b93f8f0 Don't validate an option in ejabberd_config:get_option() functions
The commit introduces the following changes:
* Now there is no need to pass validating function in
  ejabberd_config:get_option() functions, because the configuration
  keeps already validated values.
* New function ejabberd_config:get_option/1 is introduced
* Function ejabberd_config:get_option/3 is deprecated. If the function
  is still called, the second argument (validating function) is simply
  ignored.
* The second argument for ejabberd_config:get_option/2 is now
  a default value, not a validating function.
2017-04-29 11:39:40 +03:00
Evgeniy Khramtsov
7129aebe76 Don't re-define validation functions in multiple places 2017-04-28 13:23:32 +03:00
Paweł Chmielowski
2bcf822637 Fix elixir tests 2017-04-28 10:08:09 +02:00
Evgeniy Khramtsov
0b93cb7ece Store options using p1_options module 2017-04-27 19:44:58 +03:00
Badlop
d18d99e8ec Bug requesting non-existent data with private_get command (#1690) 2017-04-26 23:14:30 +02:00
Holger Weiss
9b8364b6c8 Merge remote-tracking branch 'processone/pr/1699'
* processone/pr/1699:
  Add support for HTTP File Upload, version 0.3.0
2017-04-26 21:18:16 +02:00
Badlop
c0eb85ce53 Allow a room admin also to subscribe another JID 2017-04-26 01:30:12 +02:00
Holger Weiss
56a4bf8f3c mod_stream_mgmt: Fix typo in variable name 2017-04-25 22:37:27 +02:00
Holger Weiss
9cc332d6b3 mod_stream_mgmt: Fix 'if_offline' detection 2017-04-25 22:32:03 +02:00
Evgeniy Khramtsov
120682ec8b Include original 'id' and 'type' attributes in offline event 2017-04-25 17:59:26 +03:00
Evgeniy Khramtsov
069bf6dec6 Make sure only jabberevent tag is present in offline event 2017-04-25 17:21:24 +03:00
Holger Weiss
d0f3696596 randoms: Keep compatibility with Erlang/OTP 17 2017-04-24 23:51:01 +02:00
Evgeniy Khramtsov
c923bb5c10 Avoid changing configuration on listener deletion 2017-04-23 16:42:54 +03:00
Evgeniy Khramtsov
9a93acc62a Improve Mnesia tables creation and transformation 2017-04-23 16:37:58 +03:00
Evgeniy Khramtsov
8770fc98e1 Use round-robin algorithm when selecting worker from DB pool 2017-04-23 11:54:56 +03:00
Evgeniy Khramtsov
18433e289f Add clear_cache admin command 2017-04-22 11:33:39 +03:00
Holger Weiss
168712ebbd Add support for HTTP File Upload, version 0.3.0
Support the current XEP-0363 version in addition to the previous
revisions.
2017-04-21 18:36:53 +02:00
Evgeniy Khramtsov
02790b105e Speedup Mnesia tables initialization 2017-04-21 12:27:15 +03:00
Evgeniy Khramtsov
d88c08e074 Use new cache API in mod_shared_roster_ldap 2017-04-21 10:43:14 +03:00
Evgeniy Khramtsov
9937cb48fd Use new cache API in ejabberd_oauth 2017-04-21 09:02:10 +03:00
Evgeniy Khramtsov
5444475b1d Correct option validation 2017-04-20 18:55:16 +03:00
Evgeniy Khramtsov
264a40f217 Use new cache API in mod_mam 2017-04-20 18:52:16 +03:00
Evgeniy Khramtsov
a26f90a346 Use new cache API in mod_caps 2017-04-20 18:18:26 +03:00
Badlop
ca9d04ba6b Fix private_get command sending a proper xmlel (#1683) 2017-04-20 16:50:08 +02:00
Badlop
4e86a71ab2 When getting user rooms, filter by the serverhost as expected (#1683) 2017-04-20 16:49:32 +02:00
Holger Weiss
3682888655 mod_stream_mgmt: Preserve stanza count on timeout
If a pending stream management session times out, call
ejabberd_c2s:process_terminated/2 *before* storing the incoming stanza
count.  Without this change, the session table entry that holds the
stanza count was purged while closing the session.
2017-04-19 23:04:20 +02:00
Holger Weiss
3adf720bc1 Use #jid{} type for #muc_unsubscribe.jid 2017-04-19 22:18:23 +02:00
Badlop
d7a999eaf5 Don't use jid:from_string as it's deprecated, see jid.erl line 43 2017-04-19 21:47:59 +02:00
Evgeniy Khramtsov
64333f69ea Don't try to load already loaded applications 2017-04-19 11:40:58 +03:00
Holger Weiss
b8a7720986 ejabberd_c2s: Don't close session on stream resume
Don't let ejabberd_c2s close the session and unset presence if a
'c2s_terminated' callback stops hook execution, as is done in
mod_stream_mgmt:c2s_terminated/2 on resumption.

Fixes #1680.
2017-04-19 01:20:28 +02:00
Evgeniy Khramtsov
7c9415356d Function fix_from_to/2 should not crash when 'from' is undefined
Fixes #1678
2017-04-18 01:38:35 +03:00
getong
ab751d290a lager_crash_log in some cases not run, catch it 2017-04-17 12:07:23 +08:00
Evgeniy Khramtsov
f496d22074 Improve logging message 2017-04-16 23:56:12 +03:00
Evgeniy Khramtsov
86b680a3ad Move compile_exprs() to misc module 2017-04-16 20:05:46 +03:00
Evgeniy Khramtsov
78dba217bf Speedup configuration options lookup
We now avoid excessive ETS lookups; instead, we use dynamically
compiled module 'ejabberd_options' keeping the configuration options
2017-04-16 15:29:10 +03:00
Evgeniy Khramtsov
878c762cdf Log human readable description when configuration file is not found 2017-04-16 01:22:55 +03:00
Evgeniy Khramtsov
920f2678ac Report configuration file location on startup 2017-04-16 01:02:46 +03:00
Evgeniy Khramtsov
b6182e6fe8 Speedup loading of translation files
A dump of 'translations' ETS table is now stored on disc.
The table is only re-created when new/deleted/modified translation
files are detected; otherwise, the ETS table is restored from
the dump file on startup.
2017-04-16 00:29:55 +03:00
Evgeniy Khramtsov
41fe062a8d Lower log level for some messages 2017-04-15 15:47:00 +03:00
Evgeniy Khramtsov
4c5f97bb9a Add Riak as mod_proxy65 RAM backend 2017-04-15 15:38:48 +03:00
Evgeniy Khramtsov
f9c24ab16d Add Riak as mod_carboncopy RAM backend 2017-04-15 14:41:14 +03:00
Evgeniy Khramtsov
72b536b52d Add Riak as BOSH RAM backend 2017-04-15 13:52:36 +03:00
Evgeniy Khramtsov
598c79ff86 Fix cleaning of Riak route table 2017-04-15 13:36:29 +03:00
Evgeniy Khramtsov
da66eb5714 Add Riak as router RAM backend 2017-04-15 13:07:56 +03:00