summaryrefslogtreecommitdiff
path: root/src/ejabberd_s2s_in.erl (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Update copyright year to 2022Badlop2022-02-111-1/+1
|
* Update newest copyright year to 2021 (#3464)Badlop2021-01-271-1/+1
|
* Use include_lib() to include headers from dependencies (#3369)Stu Tomlinson2020-09-031-1/+1
|
* Set 'max_fsm_queue' default value (back) to 10000Holger Weiss2020-05-051-1/+1
| | | | | | | | | | The default value for the 'max_fsm_queue' option was set to 10000 in commit 79685da90b514a49f9c412e31dccc17be9dd8680, and that value is still documented to be the default. It was (probably unintentionally) changed to 5000 in commit 03de853e4fdcf852ae75a86922c08bb1a0950e6d. It makes sense to keep it larger than the value of mod_stream_mgmt's 'max_ack_queue' option.
* Fix potential message loss in terminating c2s sessionsPaweł Chmielowski2020-04-011-4/+6
| | | | | | | | | | Calling sync version of xmpp_stream_in/out:stop could lead to messages never being processed by c2s process if they were queued in p1_server. This could be reproduced by when having messages in offline storage, starting sessions, enabling stream_mgmt, sending initial presence, and then immediately </stream:stream>, messages that mod_offline would send process would not be bounced back by stream_mgmt.
* Update copyright to 2020 (#3149)Badlop2020-01-281-1/+1
|
* Correctly handle unicode in log messagesEvgeny Khramtsov2019-09-231-4/+4
|
* Fix certificate selection for s2sEvgeny Khramtsov2019-09-061-2/+2
| | | | | The bug was introduced in c2cbb4d87955ff4917581fedc93cbcd4edd1ce8a Fixes #3015
* Get rid of useless dialyzer instructionsEvgeny Khramtsov2019-07-011-2/+0
|
* Call ejabberd_s2s:allow_host/2 with correct virtual hostEvgeny Khramtsov2019-06-241-1/+1
|
* Make logging messages more consistentEvgeny Khramtsov2019-06-241-2/+2
|
* Use correct virtual host for s2s optionsEvgeny Khramtsov2019-06-231-28/+28
|
* Fix shaper selection in ejabberd_c2sEvgeny Khramtsov2019-06-221-1/+1
|
* Make option 'validate_stream' globalEvgeny Khramtsov2019-06-211-1/+1
|
* Use new configuration validatorEvgeny Khramtsov2019-06-141-13/+6
|
* Rename listening callback from start/2 to start/3Evgeny Khramtsov2019-04-011-5/+5
| | | | | This will prevent conflicts in callback names in mod_mqtt Old callback function is still supported.
* Update copyright to 2019 (#2756)Badlop2019-01-081-1/+1
|
* ejabberd_s2s_in: Check for subdomain configurationHolger Weiss2018-12-011-5/+5
| | | | | | | | If an incoming s2s connection to a subdomain such as conference.example.com is accepted, check for host-specific configuration settings for that subdomain rather than for example.com. This is for consistency with ejabberd_s2s_out, and with my previous commit.
* ejabberd_s2s_in: Check for subdomain certificateHolger Weiss2018-12-011-1/+1
| | | | | | | | | If an incoming s2s connection to a subdomain such as conference.example.com is accepted and a separate certificate is available for that subdomain, offer that certificate instead of the one for example.com. Thanks to Mike Kuketz for reporting the bug.
* ejabberd_s2s_in: Fix indentationHolger Weiss2018-10-151-5/+5
|
* Move certificates processing code to pkix applicationEvgeny Khramtsov2018-09-271-2/+2
| | | | | | | | ==== WARNING: MUST BE ADDED TO RELEASE NOTES ===== The commit introduces the following incompatibility: - Option 'ca_path' is deprecated and has no effect anymore: option 'ca_file' should be used instead if needed. ==================================================
* Switch more log message to warning levelEvgeny Khramtsov2018-09-191-3/+3
| | | | | The commit is supposed to improve logging at loglevel 3, which is the recommended level for high loaded ejabberd servers
* Remove useless type specsEvgeny Khramtsov2018-09-181-1/+0
|
* Refactor ejabberd_listenerEvgeny Khramtsov2018-09-181-28/+15
|
* Refactor ejabberd listener APIEvgeny Khramtsov2018-09-171-16/+6
|
* Fix some dialyzer warningsEvgeny Khramtsov2018-09-091-15/+1
|
* ejabberd_s2s_in: Log message on connection closeHolger Weiss2018-08-291-1/+9
| | | | | Log a message when an incoming s2s connection is closed, analogous to the message on outgoing s2s connection close.
* Fix regression: list SASL EXTERNAL mechanism for inbound s2sEvgeniy Khramtsov2018-07-101-8/+1
|
* Move XMPP stream and SASL processing to xmpp repoEvgeniy Khramtsov2018-07-061-6/+9
|
* Get rid of ejabberd.hrl headerEvgeniy Khramtsov2018-06-141-5/+4
| | | | | | | | | The header consisted of too many unrelated stuff and macros misuse. Some stuff is moved into scram.hrl and type_compat.hrl. All macros have been replaced with the corresponding function calls. TODO: probably type_compat.hrl is not even needed anymore since we support only Erlang >= OTP 17.5
* Add validator for 'accept_interval' listening optionEvgeniy Khramtsov2018-04-301-1/+4
|
* Validate additional listen optsStu Tomlinson2018-02-281-1/+8
| | | | | | | | | The options "inet", "inet6" and "backlog" are valid listen options, but are currently logged as errors (even though they do work): 2018-02-28 16:08:44.141 [error] <0.338.0>@ejabberd_listener:validate_module_option:630 unknown listen option 'backlog' for 'ejabberd_c2s' will be likely ignored, available options are: access, shaper, certfile, ciphers, dhfile, cafile, client_cafile, protocol_options, tls, tls_compression, starttls, starttls_required, tls_verify, zlib, max_fsm_queue This adds the necessary validators so they are correctly recognized.
* Introduce 'negotiation_timeout'Evgeniy Khramtsov2018-02-201-1/+3
| | | | | | | The option can be used to specify a period (in seconds) for a stream negotiation to complete. If the timer fires, the stream is considered as failed and the underlying connection gets closed. This is a global option (you cannot set it per domain) and the default is 30 seconds.
* Introduce option 'validate_stream'Evgeniy Khramtsov2018-02-091-1/+2
| | | | | | | | | | | | If set to `true`, all incoming XML packets are fully validated against known schemas. If an error occurs, the packet will be bounced with the corresponding error reason. The default value is `false`. The option might be useful to protect client software from sofisticated bugs related to XML validation as well as for client developers who want to catch validation errors at early stage of development. Note that the option might have slight performance impact, so use it with care on loaded machines.
* Update copyright datesEvgeniy Khramtsov2018-01-051-1/+1
|
* Get rid of ejabberd receiverEvgeniy Khramtsov2017-12-261-13/+11
| | | | | | | | | | | | ejabberd receivers were meant to serve connections from frontends to backends. However, this approach was not popular and frontend related code was removed in previous releases. Now, ejabberd receiver's code was also removed, making the code shorter and cleaner. Also, in stress tests ejabberd now handles load more robustly, without c2s processes overload (even with disabled shapers). ejabberd_socket.erl is renamed to xmpp_socket.erl: it's supposed to be finally moved into stand-alone xmpp library.
* Change loglevel of TLS failuresEvgeniy Khramtsov2017-12-191-2/+2
|
* Log warnings for c2s/s2s certfile optionEvgeniy Khramtsov2017-11-031-1/+3
|
* Don't let a receiver to crash if a controller is unavailableEvgeniy Khramtsov2017-06-221-1/+4
| | | | Fixes #1796
* Cosmetic change: Fix indentation errorsHolger Weiss2017-05-241-6/+6
|
* Introduce Certficate ManagerEvgeniy Khramtsov2017-05-121-1/+5
| | | | | | | | | | | | | | | | | | | | The major goal is to simplify certificate management in ejabberd. Currently it requires some effort from a user to configure certficates, especially in the situation where a lot of virtual domains are hosted. The task is splitted in several sub-tasks: * Implement basic certificate validator. The validator should check all configured certificates for existence, validity, duration and so on. The validator should not perform any actions in the case of errors except logging an error message. This is actually implemented by this commit. * All certificates should be configured inside a single section (something like 'certfiles') where ejabberd should parse them, check the full-chain, find the corresponding private keys and, if needed, resort chains and split the certficates into separate files for easy to use by fast_tls. * Options like 'domain_certfile', 'c2s_certfile' or 's2s_certfile' should probably be deprecated, since the process of matching certificates with the corresponding virtual hosts should be done automatically and these options only introduce configuration errors without any meaningful purpose.
* Don't call gen_mod:get_opt() outside of modulesEvgeniy Khramtsov2017-05-081-1/+1
|
* Add type specs for Module:opt_type/1Evgeniy Khramtsov2017-05-081-7/+15
|
* Don't validate an option in gen_mod:get*opt() functionsEvgeniy Khramtsov2017-04-301-12/+27
| | | | | | | | | | | | | | The changes are very similar to those from previous commit: * Now there is no need to pass validating function in gen_mod:get_opt() and gen_mod:get_module_opt() functions, because the modules' configuration keeps already validated values. * New functions gen_mod:get_opt/2 and gen_mod:get_module_opt/3 are introduced. * Functions gen_mod:get_opt/4 and get_module_opt/5 are deprecated. If the functions are still called, the "function" argument is simply ignored. * Validating callback Mod:listen_opt_type/1 is introduced to validate listening options at startup.
* Improve ejabberd_c2s:close()Evgeniy Khramtsov2017-04-151-1/+4
|
* Rename aux.erl as misc.erlChristophe Romain2017-04-111-2/+2
| | | | Thanks Microsoft Windows to not support some filenames
* Deprecate jlib.erl in favor of aux.erlEvgeniy Khramtsov2017-03-301-2/+2
| | | | | Since the main goal of jlib.erl is lost, all auxiliary functions are now moved to aux.erl, and the whole jlib.erl is now deprecated.
* Report more TLS errorsEvgeniy Khramtsov2017-03-081-2/+1
|
* Report some TLS errorsEvgeniy Khramtsov2017-03-071-2/+12
|
* Start/stop virtual hosts when reloading configuration fileEvgeniy Khramtsov2017-02-231-14/+23
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-27 23:24:44 +0000