Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add s2s_dhfile to list of known options | Holger Weiss | 2015-06-20 | 1 | -1/+1 |
| | |||||
* | Add s2s_dhfile option to configuration validator | Holger Weiss | 2015-06-16 | 1 | -0/+1 |
| | |||||
* | Merge pull request #581 from weiss/dh-param-file | Alexey Shchepin | 2015-06-16 | 1 | -2/+7 |
|\ | | | | | New options: dhfile and s2s_dhfile | ||||
| * | New options: dhfile and s2s_dhfile | Holger Weiss | 2015-05-26 | 1 | -2/+7 |
| | | | | | | | | | | Let admins specify a file that contains custom parameters for Diffie-Hellman key exchange. | ||||
* | | Add config validation at startup | Evgeniy Khramtsov | 2015-06-01 | 1 | -20/+61 |
|/ | |||||
* | ejabberd_s2s_out: Remove Erlang/OTP version check | Holger Weiss | 2015-04-16 | 1 | -9/+2 |
| | | | | | The version check won't work for Erlang/OTP >= 17; and it's no longer needed, as we don't support versions older than R16 anyway. | ||||
* | Add compatibility macros for deprecated types (thanks to Alexey) | Christophe Romain | 2015-02-23 | 1 | -1/+1 |
| | |||||
* | Update copyright dates to 2015 (EJAB-1733) | Badlop | 2015-01-08 | 1 | -1/+1 |
| | |||||
* | Merge pull request #177 from weiss/log-tls-sasl-external | Evgeny Khramtsov | 2014-04-30 | 1 | -2/+4 |
|\ | | | | | Log TLS status for outgoing s2s with SASL EXTERNAL | ||||
| * | Log TLS status for outgoing s2s with SASL EXTERNAL | Holger Weiss | 2014-04-23 | 1 | -2/+4 |
| | | |||||
* | | Merge pull request #181 from weiss/check-tls-before-auth | Evgeny Khramtsov | 2014-04-30 | 1 | -1/+3 |
|\ \ | | | | | | | Check TLS state before requesting SASL EXTERNAL for outgoing s2s connections | ||||
| * | | Check TLS state before requesting SASL EXTERNAL | Holger Weiss | 2014-04-24 | 1 | -1/+3 |
| |/ | | | | | | | | | Make sure a remote server can't circumvent "s2s_use_starttls: required" by offering SASL EXTERNAL authentication over a non-TLS connection. | ||||
* / | Support certificate verification for outgoing s2s | Holger Weiss | 2014-04-28 | 1 | -37/+59 |
|/ | | | | | | | Handle "s2s_use_starttls: required_trusted" the same way for outgoing s2s connections as for incoming connections. That is, check the remote server's certificate (including the host name) and abort the connection if verification fails. | ||||
* | Merge pull request #160 from runcom/protocol_options | Alexey Shchepin | 2014-04-15 | 1 | -2/+14 |
|\ | | | | | Add option to specify openssl options | ||||
| * | Add option to specify openssl options | Antonio Murdaca | 2014-04-08 | 1 | -2/+14 |
| | | |||||
* | | Merge pull request #146 from jamielinux/master | badlop | 2014-04-11 | 1 | -4/+3 |
|\ \ | |/ |/| | Update FSF address | ||||
| * | Update FSF address | Jamie Nguyen | 2014-02-22 | 1 | -4/+3 |
| | | |||||
* | | Update copyright dates to 2014 (EJAB-1679) | Badlop | 2014-03-13 | 1 | -1/+1 |
|/ | |||||
* | Support for OpenSSL ciphers list in ejabberd_c2s, ejabberd_s2s_in and ↵ | Alexey Shchepin | 2013-11-28 | 1 | -2/+7 |
| | | | | ejabberd_s2s_out | ||||
* | Change configuration file format to YAML | Evgeniy Khramtsov | 2013-08-21 | 1 | -25/+54 |
| | |||||
* | Make it possible to enable/disable TLS compression | Evgeniy Khramtsov | 2013-07-17 | 1 | -1/+9 |
| | |||||
* | Switch to rebar build tool | Evgeniy Khramtsov | 2013-06-13 | 1 | -0/+1 |
| | | | | | | | | | | | | | | | | Use dynamic Rebar configuration Make iconv dependency optional Disable transient_supervisors compile option Add hipe compilation support Only compile ibrowse and lhttpc when needed Make it possible to generate an OTP application release Add --enable-debug compile option Add --enable-all compiler option Add --enable-tools configure option Add --with-erlang configure option. Add --enable-erlang-version-check configure option. Add lager support Improve the test suite | ||||
* | Accumulated patch to binarize and indent code | Badlop | 2013-03-14 | 1 | -766/+790 |
| | |||||
* | Update copyright dates | Alexey Shchepin | 2013-01-24 | 1 | -1/+1 |
| | |||||
* | Update copyright dates | Alexey Shchepin | 2012-02-23 | 1 | -1/+1 |
| | |||||
* | Reorganize the code to shut up the dialyzer | Evgeniy Khramtsov | 2011-09-05 | 1 | -27/+23 |
| | |||||
* | update copyright up to 2011 | Christophe Romain | 2011-02-14 | 1 | -1/+1 |
| | |||||
* | Handle Tigase's unexpected version=1.0 when ejabberd doesn't announce it ↵ | Badlop | 2011-01-31 | 1 | -0/+4 |
| | | | | (EJAB-1379) | ||||
* | Make sure 'closed' event is correctly processed on every state | Evgeniy Khramtsov | 2010-12-17 | 1 | -1/+1 |
| | |||||
* | Option to reject S2S connection if untrusted certificate (EJAB-464) | Badlop | 2010-12-11 | 1 | -1/+1 |
| | |||||
* | Include From attribute in the stream header of outgoing S2S connections | Badlop | 2010-12-11 | 1 | -3/+4 |
| | |||||
* | Add option to require encryption in S2S connections (EJAB-495) | Badlop | 2010-12-11 | 1 | -7/+15 |
| | |||||
* | Correct domain_certfile tlsopts modifications for s2s connections (EJAB-1086) | Andreas Köhler | 2010-11-26 | 1 | -4/+5 |
| | | | | | | | | | | | | | | | | * In ejabberd_s2s_out:wait_for_feature_request/2, the domain to use for looking up domain_certfile options is #state.myname and not #state.server * If s2s_certfile is not specified, connect should still be part of the tls options used by ejabberd_s2s_out * Add #state.server to ejabberd_s2s_in processes and store the to attribute in :wait_for_stream/2. Then use that server in :wait_for_feature_request/2 to change the tls options like in ejabberd_s2s_out. Fixes EJAB-1086. | ||||
* | add find_s2s_bridge hook | Evgeniy Khramtsov | 2010-10-11 | 1 | -2/+37 |
| | |||||
* | fixes typo in stop_connection/1 | Evgeniy Khramtsov | 2010-09-28 | 1 | -1/+1 |
| | |||||
* | When logging s2s out connection attempt or success, log if TLS is used | Badlop | 2010-07-23 | 1 | -6/+7 |
| | |||||
* | New configure option: --enable-nif | Evgeniy Khramtsov | 2010-07-01 | 1 | -1/+1 |
| | |||||
* | Remove warning for undefined print_state/1 function for p1_fsm processes ↵ | Pablo Polvorin | 2010-04-09 | 1 | -0/+9 |
| | | | | | | (thanks Badlop). Include a identity function as implementation of print_state/1. | ||||
* | improved s2s connections clean up (EJAB-1202) | Evgeniy Khramtsov | 2010-03-04 | 1 | -24/+30 |
| | |||||
* | Fix OTP version detection to work with old supported R10 and R11 | Badlop | 2010-01-16 | 1 | -4/+6 |
| | | | | SVN Revision: 2906 | ||||
* | Update year of ProcessOne copyright from 2009 to 2010 (EJAB-1159) | Badlop | 2010-01-12 | 1 | -1/+1 |
| | | | | SVN Revision: 2891 | ||||
* | Provide more detailed log message when s2s stream start fails. | Badlop | 2009-12-28 | 1 | -3/+4 |
| | | | | SVN Revision: 2831 | ||||
* | Fix mistake that disallowed s2s_out connections when using Erlang R12 or older. | Badlop | 2009-10-21 | 1 | -1/+0 |
| | | | | SVN Revision: 2694 | ||||
* | Provide send_timeout_close option in TCP only in R13B or higher (EJAB-926) | Badlop | 2009-10-19 | 1 | -1/+5 |
| | | | | SVN Revision: 2680 | ||||
* | Support gen_tcp send timeout: Close the connection if the other end has ↵ | Mickaël Rémond | 2009-10-19 | 1 | -0/+1 |
| | | | | | | disconnected ungracefully or cannot keep up with the rate at which we are sending data (EJAB-926) SVN Revision: 2671 | ||||
* | If s2s fails due to namespace mismatch, show differences to help debugging ↵ | Badlop | 2009-10-12 | 1 | -3/+4 |
| | | | | | | the problem. SVN Revision: 2662 | ||||
* | new option added: max_fsm_queue. removed hardcoded FSMLIMITS | Evgeniy Khramtsov | 2009-10-07 | 1 | -5/+10 |
| | | | | SVN Revision: 2645 | ||||
* | Change some error messages. | Badlop | 2009-09-07 | 1 | -2/+4 |
| | | | | SVN Revision: 2587 | ||||
* | Document the new option s2s_dns_options, expressed in seconds (EJAB-994) | Badlop | 2009-08-03 | 1 | -2/+2 |
| | | | | SVN Revision: 2417 | ||||
* | EJAB-994: Implements DNS timeouts and retries. | Geoff Cant | 2009-07-30 | 1 | -5/+29 |
| | | | | SVN Revision: 2404 |