Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Do not proxy stray responses statelessly (as per RFC 6026) | Evgeniy Khramtsov | 2014-05-02 | 1 | -48/+2 |
| | |||||
* | Don't use erlang:integer_to_binary/1 | Evgeniy Khramtsov | 2014-05-02 | 1 | -2/+2 |
| | |||||
* | Rewrite 'Contact' headers in REGISTER requests | Evgeniy Khramtsov | 2014-05-02 | 1 | -22/+40 |
| | |||||
* | Check for 'max_user_sessions' option | Evgeniy Khramtsov | 2014-05-02 | 2 | -5/+13 |
| | |||||
* | Process gen_server timeouts correctly | Evgeniy Khramtsov | 2014-05-02 | 1 | -2/+16 |
| | |||||
* | Move some code in a separate function | Evgeniy Khramtsov | 2014-05-02 | 1 | -18/+21 |
| | |||||
* | Multiple REGISTER bindings support | Evgeniy Khramtsov | 2014-05-02 | 2 | -57/+155 |
| | |||||
* | Locate sessions by proxy processes directly | Evgeniy Khramtsov | 2014-05-02 | 3 | -89/+65 |
| | |||||
* | Merge pull request #192 from hamano/fix_ejabberd_system_monitor_error | Evgeny Khramtsov | 2014-05-01 | 1 | -3/+2 |
|\ | | | | | fix ejabberd_system_monitor:s2s_out_info/1 error | ||||
| * | fix ejabberd_system_monitor:s2s_out_info/1 error | HAMANO Tsukasa | 2014-05-01 | 1 | -3/+2 |
|/ | |||||
* | Merge pull request #178 from hamano/devel | Evgeny Khramtsov | 2014-04-30 | 1 | -2/+1 |
|\ | | | | | undefined ejabberd_socket:get_conn_type/1 | ||||
| * | undefined ejabberd_socket:get_conn_type/1 | HAMANO Tsukasa | 2014-04-24 | 1 | -2/+1 |
| | | |||||
* | | SIP support | Evgeniy Khramtsov | 2014-04-30 | 10 | -19/+959 |
| | | | | | | | | | | | | | | Conflicts: configure configure.ac doc/guide.tex | ||||
* | | Fix error reporting in previous commit | Badlop | 2014-04-30 | 1 | -2/+2 |
| | | |||||
* | | Fix formatting string argument (thanks to Locojay)(github #129) | Badlop | 2014-04-30 | 1 | -1/+5 |
| | | |||||
* | | Merge pull request #191 from hamano/added_get_random_pid_error_handling | Evgeny Khramtsov | 2014-04-30 | 2 | -1/+2 |
|\ \ | | | | | | | fix error handling when sql calling with unknown host. | ||||
| * | | fix error handling when sql calling with unknown host. | HAMANO Tsukasa | 2014-04-30 | 2 | -1/+2 |
| | | | |||||
* | | | Merge pull request #190 from hamano/mod_register_web_response_404 | badlop | 2014-04-30 | 1 | -1/+4 |
|\ \ \ | | | | | | | | | mod_register_web should response 404 instead of process crash. | ||||
| * | | | mod_register_web should response 404 instead of process crash. | HAMANO Tsukasa | 2014-04-30 | 1 | -1/+4 |
| |/ / | |||||
* | | | Merge pull request #187 from weiss/fix-ejabberdctl-output | badlop | 2014-04-30 | 1 | -0/+1 |
|\ \ \ | |/ / |/| | | Let ejabberdctl accept binary string arguments | ||||
| * | | Let ejabberdctl accept binary string arguments | Holger Weiss | 2014-04-29 | 1 | -0/+1 |
| | | | | | | | | | | | | | | | | | | Don't print the following message if an ejabberd command expects binary string arguments: "This command cannot be executed using ejabberdctl. Try ejabberd_xmlrpc." | ||||
* | | | Merge pull request #189 from weiss/markdown-readme | Evgeny Khramtsov | 2014-04-30 | 2 | -13/+25 |
|\ \ \ | | | | | | | | | Convert README to Markdown | ||||
| * | | | Convert README to Markdown | Holger Weiss | 2014-04-29 | 2 | -13/+25 |
|/ / / | | | | | | | | | | | | | Use Markdown syntax for the README file and add a README.md symlink, so that a certain popular Git hosting site renders it nicely. | ||||
* | | | Merge pull request #177 from weiss/log-tls-sasl-external | Evgeny Khramtsov | 2014-04-30 | 1 | -2/+4 |
|\ \ \ | | | | | | | | | Log TLS status for outgoing s2s with SASL EXTERNAL | ||||
| * | | | Log TLS status for outgoing s2s with SASL EXTERNAL | Holger Weiss | 2014-04-23 | 1 | -2/+4 |
| | |/ | |/| | |||||
* | | | Merge pull request #181 from weiss/check-tls-before-auth | Evgeny Khramtsov | 2014-04-30 | 1 | -1/+3 |
|\ \ \ | | | | | | | | | Check TLS state before requesting SASL EXTERNAL for outgoing s2s connections | ||||
| * | | | Check TLS state before requesting SASL EXTERNAL | Holger Weiss | 2014-04-24 | 1 | -1/+3 |
| |/ / | | | | | | | | | | | | | Make sure a remote server can't circumvent "s2s_use_starttls: required" by offering SASL EXTERNAL authentication over a non-TLS connection. | ||||
* | | | Merge pull request #185 from weiss/verify-cert-for-s2s-out | Evgeny Khramtsov | 2014-04-30 | 3 | -205/+218 |
|\ \ \ | | | | | | | | | Support certificate verification for outgoing s2s connections | ||||
| * | | | Support certificate verification for outgoing s2s | Holger Weiss | 2014-04-28 | 3 | -205/+218 |
| |/ / | | | | | | | | | | | | | | | | | | | Handle "s2s_use_starttls: required_trusted" the same way for outgoing s2s connections as for incoming connections. That is, check the remote server's certificate (including the host name) and abort the connection if verification fails. | ||||
* | | | Merge pull request #186 from weiss/add-disconnect-command | Evgeny Khramtsov | 2014-04-29 | 2 | -2/+21 |
|\ \ \ | | | | | | | | | New ejabberd command: disconnect_user/2 | ||||
| * | | | Translate disconnect_user/2 string sent to client | Holger Weiss | 2014-04-29 | 2 | -2/+5 |
| | | | | |||||
| * | | | Avoid #state.lang type errors in corner cases | Holger Weiss | 2014-04-29 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | If #state.lang is used before being initialized to some binary string, the translation code would crash. | ||||
| * | | | New ejabberd command: disconnect_user/2 | Holger Weiss | 2014-04-29 | 1 | -1/+17 |
| | |/ | |/| | |||||
* | | | Merge pull request #188 from weiss/update-readme | Evgeny Khramtsov | 2014-04-29 | 1 | -1/+0 |
|\ \ \ | | | | | | | | | Update README: XEP-0227 code no longer uses exmpp | ||||
| * | | | Update README: XEP-0227 code no longer uses exmpp | Holger Weiss | 2014-04-29 | 1 | -1/+0 |
| |/ / | |||||
* | | | Merge pull request #182 from hamano/register_account_acl | Evgeny Khramtsov | 2014-04-29 | 1 | -6/+7 |
|\ \ \ | | | | | | | | | fix checking acl in mod_register_web | ||||
| * | | | fix checking acl in mod_register_web | HAMANO Tsukasa | 2014-04-24 | 1 | -6/+7 |
| | | | | |||||
* | | | | Merge pull request #179 from hamano/added_get_random_pid_error_handling | Evgeny Khramtsov | 2014-04-29 | 2 | -5/+10 |
|\ \ \ \ | |_|/ / |/| | | | added get_random_pid/1 error handling | ||||
| * | | | added get_random_pid/1 error handling | HAMANO Tsukasa | 2014-04-24 | 2 | -5/+10 |
| |/ / | |||||
* | | | Merge pull request #184 from weiss/properly-abort-s2s-in | Evgeny Khramtsov | 2014-04-28 | 1 | -9/+3 |
|\ \ \ | |_|/ |/| | | Fix handling of certificate verification errors for incoming s2s connections | ||||
| * | | Don't mess with s2s out when aborting s2s in | Holger Weiss | 2014-04-28 | 1 | -7/+0 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Don't try to look up and close outgoing connections to a given server when aborting incoming connections from that server due to certificate verification errors. The ejabberd_s2s:find_connection/2 call actually created one or more *new* connections if less than 'max_s2s_connections' connections were found. Then, no more than one of those possibly new connections were stopped by the ejabberd_s2s_out:stop_connection/1 call. It's not really necessary to bother with outgoing connections at all, here. | ||||
| * | | Send stream trailer before closing s2s connection | Holger Weiss | 2014-04-27 | 1 | -2/+3 |
|/ / | | | | | | | | | When aborting an incoming s2s connection due to certificate verification errors, send a stream trailer before closing the socket. | ||||
* | | Merge pull request #176 from hamano/devel | badlop | 2014-04-23 | 1 | -4/+7 |
|\ \ | |/ |/| | added error handling in mod_pubsub_odbc. | ||||
| * | added error handling in mod_pubsub_odbc. | HAMANO Tsukasa | 2014-04-23 | 1 | -4/+7 |
|/ | |||||
* | Merge pull request #174 from weiss/fix-s2s-in-auth | badlop | 2014-04-23 | 1 | -71/+78 |
|\ | | | | | Fix certificate authentication for incoming s2s connections | ||||
| * | Verify host name before offering SASL EXTERNAL | Holger Weiss | 2014-04-23 | 1 | -66/+74 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prior to this commit, ejabberd handled certificate authentication for incoming s2s connections like this: 1. Verify the certificate without checking the host name. On failure, behave according to 's2s_use_starttls'. On success: 2. Offer SASL EXTERNAL. 3. If the remote server chooses SASL EXTERNAL, compare the authorization identity against the certificate host name(s). On failure, abort the connection unconditionally. ejabberd now does this instead: 1. Verify the certificate and compare the certificate host name(s) against the 'from' attribute of the stream header. On failure, behave according to 's2s_use_starttls'. On success: 2. Offer SASL EXTERNAL. 3. If the remote server chooses SASL EXTERNAL, ignore the authorization identity (if any) and consider the peer authenticated. The old behavior was suggested by previous versions of XEP-0178, the new behavior is suggested by the current version 1.1. | ||||
| * | Fix extraction of host names from certificates | Holger Weiss | 2014-04-22 | 1 | -5/+4 |
|/ | |||||
* | Merge pull request #162 from weiss/enable-carbons | badlop | 2014-04-22 | 1 | -0/+1 |
|\ | | | | | Enable mod_carboncopy in example configuration | ||||
| * | Enable mod_carboncopy in example configuration | Holger Weiss | 2014-04-08 | 1 | -0/+1 |
| | | | | | | | | XEP-0280 seems to be quite popular these days. | ||||
* | | Merge pull request #161 from weiss/fix-carbons | badlop | 2014-04-22 | 2 | -32/+49 |
|\ \ | | | | | | | Let mod_carboncopy take care of messages sent to bare/unavailable JIDs |