Chapril
/
xmpp.chapril.org-ejabberd
mirror of https://github.com/processone/ejabberd.git
24
1
Fork 0
Code Releases Activity
xmpp.chapril.org-ejabberd/src
History
Holger Weiss 86e17c379c Verify host name before offering SASL EXTERNAL 
Prior to this commit, ejabberd handled certificate authentication for
incoming s2s connections like this:

1. Verify the certificate without checking the host name.  On failure,
   behave according to 's2s_use_starttls'.  On success:
2. Offer SASL EXTERNAL.
3. If the remote server chooses SASL EXTERNAL, compare the authorization
   identity against the certificate host name(s).  On failure, abort the
   connection unconditionally.

ejabberd now does this instead:

1. Verify the certificate and compare the certificate host name(s)
   against the 'from' attribute of the stream header.  On failure,
   behave according to 's2s_use_starttls'.  On success:
2. Offer SASL EXTERNAL.
3. If the remote server chooses SASL EXTERNAL, ignore the authorization
   identity (if any) and consider the peer authenticated.

The old behavior was suggested by previous versions of XEP-0178, the new
behavior is suggested by the current version 1.1.
 		2014-04-23 11:45:17 +02:00
..
ELDAPv3.asn1db Do not generate LDAP's ASN.1 code when compiling ejabberd. 2013-06-22 03:27:59 +10:00
ELDAPv3.erl Do not generate LDAP's ASN.1 code when compiling ejabberd. 2013-06-22 03:27:59 +10:00
acl.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
adhoc.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
cyrsasl.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
cyrsasl_anonymous.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
cyrsasl_digest.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
cyrsasl_plain.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
cyrsasl_scram.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd.app.src.in Switch to rebar build tool 2013-06-13 11:11:02 +02:00
ejabberd.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_admin.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_app.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_auth.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_auth_anonymous.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_auth_external.erl Accept "extauth_cache: false" 2014-04-16 14:15:14 +02:00
ejabberd_auth_internal.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_auth_ldap.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_auth_odbc.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_auth_pam.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_c2s.erl Merge pull request #160 from runcom/protocol_options 2014-04-15 19:01:21 +04:00
ejabberd_c2s_config.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_captcha.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_commands.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_config.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_ctl.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_frontend_socket.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_hooks.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_http.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_http_bind.erl Fix all calls to functions of p1_tls application 2013-06-20 18:40:44 +10:00
ejabberd_http_poll.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_listener.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_local.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_logger.erl Update FSF address 2014-02-22 10:27:40 +00:00
ejabberd_node_groups.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_odbc.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_odbc_sup.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_piefxis.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_rdbms.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_receiver.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_regexp.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_router.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_s2s.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_s2s_in.erl Verify host name before offering SASL EXTERNAL 2014-04-23 11:45:17 +02:00
ejabberd_s2s_out.erl Merge pull request #160 from runcom/protocol_options 2014-04-15 19:01:21 +04:00
ejabberd_service.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_sm.erl Merge pull request #161 from weiss/fix-carbons 2014-04-22 13:52:11 +02:00
ejabberd_socket.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_sup.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_system_monitor.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_tmp_sup.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_update.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_web.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_web_admin.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
ejabberd_xmlrpc.erl Fix user_resources command, and ejabberd_xmlrpc parsing auth details in call 2014-03-31 16:51:47 +02:00
ejd2odbc.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
eldap.erl Update FSF address 2014-02-22 10:27:40 +00:00
eldap_filter.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
eldap_filter_yecc.yrl Switch to rebar build tool 2013-06-13 11:11:02 +02:00
eldap_pool.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
eldap_utils.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
extauth.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
gen_iq_handler.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
gen_mod.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
gen_pubsub_node.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
gen_pubsub_nodetree.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
idna.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
jd2ejd.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
jlib.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_adhoc.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_announce.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_blocking.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_caps.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_carboncopy.erl Merge pull request #161 from weiss/fix-carbons 2014-04-22 13:52:11 +02:00
mod_configure.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_configure2.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_disco.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_echo.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_http_bind.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_http_fileserver.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_ip_blacklist.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_irc.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_irc_connection.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_last.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_muc.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_muc_log.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_muc_room.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_offline.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_ping.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_pres_counter.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_privacy.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_private.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_proxy65.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_proxy65_lib.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_proxy65_service.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_proxy65_sm.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_proxy65_stream.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_pubsub.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
mod_pubsub_odbc.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
mod_register.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_register_web.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_roster.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_service_log.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_shared_roster.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_shared_roster_ldap.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_sic.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_stats.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_time.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_vcard.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_vcard_ldap.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
mod_vcard_xupdate.erl Add SQL to Mnesia converter 2013-07-21 23:10:38 +10:00
mod_version.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
node.template Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
node_buddy.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
node_club.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
node_dag.erl Switch to rebar build tool 2013-06-13 11:11:02 +02:00
node_dispatch.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
node_flat.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
node_flat_odbc.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
node_hometree.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
node_hometree_odbc.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
node_mb.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
node_pep.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
node_pep_odbc.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
node_private.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
node_public.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
nodetree_dag.erl Switch to rebar build tool 2013-06-13 11:11:02 +02:00
nodetree_tree.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
nodetree_tree_odbc.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
nodetree_virtual.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
odbc_queries.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
p1_fsm.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
p1_mnesia.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
pubsub_db_odbc.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
pubsub_index.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
pubsub_subscription.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
pubsub_subscription_odbc.erl Update copyright dates to 2014 (EJAB-1679) 2014-03-13 12:30:57 +01:00
randoms.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
scram.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
shaper.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
str.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
translate.erl Fix compilation on pre-R17 2014-04-15 17:05:25 +02:00
treap.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00
win32_dns.erl Merge pull request #146 from jamielinux/master 2014-04-11 13:35:46 +02:00