25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-26 16:26:24 +01:00
Commit Graph

112 Commits

Author SHA1 Message Date
Evgeny Khramtsov
9563b0228f Merge pull request #177 from weiss/log-tls-sasl-external
Log TLS status for outgoing s2s with SASL EXTERNAL
2014-04-30 00:38:18 +04:00
Evgeny Khramtsov
8419322884 Merge pull request #181 from weiss/check-tls-before-auth
Check TLS state before requesting SASL EXTERNAL for outgoing s2s connections
2014-04-30 00:36:08 +04:00
Holger Weiss
49bdbf2895 Support certificate verification for outgoing s2s
Handle "s2s_use_starttls: required_trusted" the same way for outgoing
s2s connections as for incoming connections.  That is, check the remote
server's certificate (including the host name) and abort the connection
if verification fails.
2014-04-28 01:42:02 +02:00
Holger Weiss
d805d198ac Check TLS state before requesting SASL EXTERNAL
Make sure a remote server can't circumvent "s2s_use_starttls: required"
by offering SASL EXTERNAL authentication over a non-TLS connection.
2014-04-24 11:04:10 +02:00
Holger Weiss
f988aad940 Log TLS status for outgoing s2s with SASL EXTERNAL 2014-04-23 23:28:13 +02:00
Alexey Shchepin
f93758a3cd Merge pull request #160 from runcom/protocol_options
Add option to specify openssl options
2014-04-15 19:01:21 +04:00
badlop
285c4c17cf Merge pull request #146 from jamielinux/master
Update FSF address
2014-04-11 13:35:46 +02:00
Antonio Murdaca
fbf71f86f3 Add option to specify openssl options 2014-04-08 18:46:52 +02:00
Badlop
633d47f784 Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
Jamie Nguyen
8538997d61 Update FSF address 2014-02-22 10:27:40 +00:00
Alexey Shchepin
1dd94ac0d0 Support for OpenSSL ciphers list in ejabberd_c2s, ejabberd_s2s_in and ejabberd_s2s_out 2013-11-28 19:39:11 +02:00
Evgeniy Khramtsov
91a74e3e27 Change configuration file format to YAML 2013-08-21 22:17:59 +10:00
Evgeniy Khramtsov
a2ead99c83 Make it possible to enable/disable TLS compression 2013-07-17 22:46:18 +10:00
Evgeniy Khramtsov
4d8f770624 Switch to rebar build tool
Use dynamic Rebar configuration
Make iconv dependency optional
Disable transient_supervisors compile option
Add hipe compilation support
Only compile ibrowse and lhttpc when needed
Make it possible to generate an OTP application release
Add --enable-debug compile option
Add --enable-all compiler option
Add --enable-tools configure option
Add --with-erlang configure option.
Add --enable-erlang-version-check configure option.
Add lager support
Improve the test suite
2013-06-13 11:11:02 +02:00
Badlop
9deb294328 Accumulated patch to binarize and indent code 2013-03-14 10:33:02 +01:00
Alexey Shchepin
0ae400533c Update copyright dates 2013-01-24 16:25:13 +02:00
Alexey Shchepin
b1e2538488 Update copyright dates 2012-02-23 17:52:34 +02:00
Evgeniy Khramtsov
6b0eb1f09d Reorganize the code to shut up the dialyzer 2011-09-05 21:27:31 +10:00
Christophe Romain
fd52f2cb7d update copyright up to 2011 2011-02-14 13:50:55 +01:00
Badlop
6ddc66db9f Handle Tigase's unexpected version=1.0 when ejabberd doesn't announce it (EJAB-1379) 2011-01-31 19:43:28 +01:00
Evgeniy Khramtsov
606c207e21 Make sure 'closed' event is correctly processed on every state 2010-12-17 17:26:20 +09:00
Badlop
b9bbe19d4c Option to reject S2S connection if untrusted certificate (EJAB-464) 2010-12-11 02:29:53 +01:00
Badlop
44b2002504 Include From attribute in the stream header of outgoing S2S connections 2010-12-11 02:29:52 +01:00
Badlop
eb884c80d0 Add option to require encryption in S2S connections (EJAB-495) 2010-12-11 02:29:48 +01:00
Andreas Köhler
e34eebb5ad Correct domain_certfile tlsopts modifications for s2s connections (EJAB-1086)
* In ejabberd_s2s_out:wait_for_feature_request/2, the domain to use for
  looking up domain_certfile options is #state.myname and not
  #state.server

* If s2s_certfile is not specified, connect should still be part of the
  tls options used by ejabberd_s2s_out

* Add #state.server to ejabberd_s2s_in processes and store the to
  attribute in :wait_for_stream/2. Then use that server in
  :wait_for_feature_request/2 to change the tls options like in
  ejabberd_s2s_out.

Fixes EJAB-1086.
2010-11-26 00:14:46 +01:00
Evgeniy Khramtsov
ac87749d55 add find_s2s_bridge hook 2010-10-11 18:40:57 +10:00
Evgeniy Khramtsov
1f2c9b7971 fixes typo in stop_connection/1 2010-09-28 14:20:02 +10:00
Badlop
c8033833f9 When logging s2s out connection attempt or success, log if TLS is used 2010-07-23 00:25:43 +02:00
Evgeniy Khramtsov
715cc5ea3b New configure option: --enable-nif 2010-07-01 20:54:01 +10:00
Pablo Polvorin
84c4d75735 Remove warning for undefined print_state/1 function for p1_fsm processes (thanks Badlop).
Include a identity function as implementation of print_state/1.
2010-04-09 14:25:00 -03:00
Evgeniy Khramtsov
31c3a78453 improved s2s connections clean up (EJAB-1202) 2010-03-04 12:36:57 +09:00
Badlop
86794b1d23 Fix OTP version detection to work with old supported R10 and R11
SVN Revision: 2906
2010-01-16 12:24:11 +00:00
Badlop
7b76fdcde7 Update year of ProcessOne copyright from 2009 to 2010 (EJAB-1159)
SVN Revision: 2891
2010-01-12 16:11:32 +00:00
Badlop
d812975565 Provide more detailed log message when s2s stream start fails.
SVN Revision: 2831
2009-12-28 15:29:42 +00:00
Badlop
798853abb6 Fix mistake that disallowed s2s_out connections when using Erlang R12 or older.
SVN Revision: 2694
2009-10-21 21:11:09 +00:00
Badlop
257e4c34a8 Provide send_timeout_close option in TCP only in R13B or higher (EJAB-926)
SVN Revision: 2680
2009-10-19 14:47:05 +00:00
Mickaël Rémond
006515020a Support gen_tcp send timeout: Close the connection if the other end has disconnected ungracefully or cannot keep up with the rate at which we are sending data (EJAB-926)
SVN Revision: 2671
2009-10-19 09:36:23 +00:00
Badlop
355648dc7e If s2s fails due to namespace mismatch, show differences to help debugging the problem.
SVN Revision: 2662
2009-10-12 22:51:19 +00:00
Evgeniy Khramtsov
14232df14c new option added: max_fsm_queue. removed hardcoded FSMLIMITS
SVN Revision: 2645
2009-10-07 14:24:09 +00:00
Badlop
d678a21f21 Change some error messages.
SVN Revision: 2587
2009-09-07 14:28:08 +00:00
Badlop
720fd7605d Document the new option s2s_dns_options, expressed in seconds (EJAB-994)
SVN Revision: 2417
2009-08-03 15:03:50 +00:00
Geoff Cant
f4330e9ed3 EJAB-994: Implements DNS timeouts and retries.
SVN Revision: 2404
2009-07-30 12:34:59 +00:00
Badlop
b5964c2a5f Added API function to get current S2S connections with information
get_info_s2s_connections(Type) returns a list of incoming (or outgoing)
S2S connections with information for each one including IP address,
port number, TLS options... (thanks to Juan Pablo Carlino)

SVN Revision: 2088
2009-05-19 09:38:17 +00:00
Badlop
f09509502e * doc/guide.tex: Update copyright date 2008 to 2009 (EJAB-842)
* doc/guide.html: Likewise
* src/*/*.erl: Likewise
* src/*/*.erl: Remove unneeded blankspaces in license text

SVN Revision: 1804
2009-01-12 14:44:42 +00:00
Mickaël Rémond
f0af10e600 * src/ejabberd_listener.erl: Define send timeout option to avoid blocking on socket send (EJAB-746).
* src/ejabberd_s2s_out.erl: Likewise.

SVN Revision: 1784
2009-01-08 20:49:16 +00:00
Badlop
1944aa097f Use inet:gethostbyname instead of inet_res:getbyname
SVN Revision: 1758
2008-12-26 18:36:53 +00:00
Badlop
682909e0fc * src/ejabberd_config.erl: Option outgoing_s2s_options to define
s2s outgoing behaviour: IPv4, IPv6 and timeout (thanks to Stephan
Maka)(EJAB-665)
* src/ejabberd_s2s_out.erl: Likewise
* src/ejabberd_socket.erl: Likewise
* src/ejabberd.cfg.example: Likewise
* doc/guide.tex: Likewise
* doc/guide.html: Likewise

SVN Revision: 1756
2008-12-26 11:45:08 +00:00
Mickaël Rémond
10e3f2cf92 * src/ejabberd_s2s_out.erl: exports the DNS resolution function.
SVN Revision: 1674
2008-11-08 17:50:54 +00:00
Badlop
c3bda4aaee * doc/guide.tex: Update Process-one name to ProcessOne (EJAB-708)
* doc/guide.html: Likewise
* doc/api/overview.edoc: Likewise
* src/*/*.erl: Likewise
* src/*/*.hrl: Likewise
* src/*/*.c: Likewise
* src/odbc/*.sql: Likewise

SVN Revision: 1499
2008-07-31 11:18:49 +00:00
Mickaël Rémond
8dae53abda * src/ejabberd_s2s_out.erl: Fix compilation error.
SVN Revision: 1332
2008-05-18 12:34:52 +00:00