diff options
| author | Alexey Shchepin <alexey@process-one.net> | 2014-04-15 19:01:21 +0400 |
|---|---|---|
| committer | Alexey Shchepin <alexey@process-one.net> | 2014-04-15 19:01:21 +0400 |
| commit | f93758a3cd9a5eca47510f906e5edbaaeb6db2ec (patch) | |
| tree | 99077e53dd62cbfc5bf6d6f64f42f8ee248f6887 /src | |
| parent | Merge pull request #167 from weiss/fix-modules-doc (diff) | |
| parent | Add option to specify openssl options (diff) | |
Merge pull request #160 from runcom/protocol_options
Add option to specify openssl options
Diffstat (limited to 'src')
| -rw-r--r-- | src/ejabberd_c2s.erl | 17 | ||||
| -rw-r--r-- | src/ejabberd_s2s_in.erl | 16 | ||||
| -rw-r--r-- | src/ejabberd_s2s_out.erl | 16 |
3 files changed, 41 insertions, 8 deletions
diff --git a/src/ejabberd_c2s.erl b/src/ejabberd_c2s.erl index 44ad2d56..33d76b07 100644 --- a/src/ejabberd_c2s.erl +++ b/src/ejabberd_c2s.erl @@ -244,11 +244,20 @@ init([{SockMod, Socket}, Opts]) -> (_) -> false end, Opts), - TLSOpts2 = case proplists:get_bool(tls_compression, Opts) of - false -> [compression_none | TLSOpts1]; - true -> TLSOpts1 + TLSOpts2 = case lists:keysearch(protocol_options, 1, Opts) of + {value, {_, O}} -> + [_|ProtocolOptions] = lists:foldl( + fun(X, Acc) -> X ++ Acc end, [], + [["|" | binary_to_list(Opt)] || Opt <- O, is_binary(Opt)] + ), + [{protocol_options, iolist_to_binary(ProtocolOptions)} | TLSOpts1]; + _ -> TLSOpts1 end, - TLSOpts = [verify_none | TLSOpts2], + TLSOpts3 = case proplists:get_bool(tls_compression, Opts) of + false -> [compression_none | TLSOpts2]; + true -> TLSOpts2 + end, + TLSOpts = [verify_none | TLSOpts3], IP = peerip(SockMod, Socket), %% Check if IP is blacklisted: case is_ip_blacklisted(IP) of diff --git a/src/ejabberd_s2s_in.erl b/src/ejabberd_s2s_in.erl index 0759ef5b..bd2f13a8 100644 --- a/src/ejabberd_s2s_in.erl +++ b/src/ejabberd_s2s_in.erl @@ -181,9 +181,21 @@ init([{SockMod, Socket}, Opts]) -> undefined -> TLSOpts1; Ciphers -> [{ciphers, Ciphers} | TLSOpts1] end, + TLSOpts3 = case ejabberd_config:get_option( + s2s_protocol_options, + fun (Options) -> + [_|O] = lists:foldl( + fun(X, Acc) -> X ++ Acc end, [], + [["|" | binary_to_list(Opt)] || Opt <- Options, is_binary(Opt)] + ), + iolist_to_binary(O) + end) of + undefined -> TLSOpts2; + ProtocolOpts -> [{protocol_options, ProtocolOpts} | TLSOpts2] + end, TLSOpts = case proplists:get_bool(tls_compression, Opts) of - false -> [compression_none | TLSOpts2]; - true -> TLSOpts2 + false -> [compression_none | TLSOpts3]; + true -> TLSOpts3 end, Timer = erlang:start_timer(?S2STIMEOUT, self(), []), {ok, wait_for_stream, diff --git a/src/ejabberd_s2s_out.erl b/src/ejabberd_s2s_out.erl index 8e4454d0..a0a83631 100644 --- a/src/ejabberd_s2s_out.erl +++ b/src/ejabberd_s2s_out.erl @@ -195,13 +195,25 @@ init([From, Server, Type]) -> undefined -> TLSOpts1; Ciphers -> [{ciphers, Ciphers} | TLSOpts1] end, + TLSOpts3 = case ejabberd_config:get_option( + s2s_protocol_options, + fun (Options) -> + [_|O] = lists:foldl( + fun(X, Acc) -> X ++ Acc end, [], + [["|" | binary_to_list(Opt)] || Opt <- Options, is_binary(Opt)] + ), + iolist_to_binary(O) + end) of + undefined -> TLSOpts2; + ProtocolOpts -> [{protocol_options, ProtocolOpts} | TLSOpts2] + end, TLSOpts = case ejabberd_config:get_option( {s2s_tls_compression, From}, fun(true) -> true; (false) -> false end, true) of - false -> [compression_none | TLSOpts2]; - true -> TLSOpts2 + false -> [compression_none | TLSOpts3]; + true -> TLSOpts3 end, {New, Verify} = case Type of {new, Key} -> {Key, false}; |