| Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
This stop overriding store_type when anonymous is enabled with other
auth modules, we don't really need that since anonymous is not taking
passwords anyway, and this was disabling scram mechanisms.
This fixes issue #2803.
|
|
|
|
|
|
By doing this check_password that returned info about mismatched password
caused user_exists checks performed after that to return wrongly that
account doesn't exist.
|
|
|
|
|
|
|
|
|
|
|
|
Reasons:
- Riak DB development is almost halted after Basho
- riak-erlang-client is abandoned and doesn't work
correctly with OTP22
- Riak is slow in comparison to other databases
- Missing key ordering makes it impossible to implement range
queries efficiently (e.g. MAM queries)
|
|
|
|
|
|
Fixes #2932
|
|
|
|
|
|
|
|
|
|
|
|
Fixes #2322
|
|
|
|
|
|
|
|
|
|
|
|
Let check_password_with_authmodule/6 handle the case where
validate_credentials/2 returns an error. This got lost in commit
4f8af723c6fc5dc4b689f0f1734d4e2b11dd4c82.
|
|
Fixes #2513
|
|
|
|
The header consisted of too many unrelated stuff and macros misuse.
Some stuff is moved into scram.hrl and type_compat.hrl.
All macros have been replaced with the corresponding function calls.
TODO: probably type_compat.hrl is not even needed anymore since
we support only Erlang >= OTP 17.5
|
|
|
|
Applies to authentication methods that compare User (normalized)
and AuthzId (was not being normalized). These are external, ldap & pam.
Fixes #2280
|
|
Now all external ports are attached to supervising processes
and requests are balanced in round-robin manner until the pool
is exhausted.
The commit also deprecates `extauth_instances` option and introduces
`extauth_pool_size` option instead, with the default value of a number
of logical processors (i.e. CPU cores).
Fixes #2403
|
|
Don't let the check whether a user exists use the cache if caching was
disabled in the configuration.
|
|
|
|
|
|
|
|
|
|
It is now possible to run `export` command even when the current `db_type` is not `sql`
|
|
|
|
|
|
|
|
The commit introduces the following API incompatibilities:
In ejabberd_auth.erl:
* dirty_get_registered_users/0 is renamed to get_users/0
* get_vh_registered_users/1 is renamed to get_users/1
* get_vh_registered_users/2 is renamed to get_users/2
* get_vh_registered_users_number/1 is renamed to count_users/1
* get_vh_registered_users_number/2 is renamed to count_users/2
In ejabberd_auth callbacks
* plain_password_required/0 is replaced by plain_password_required/1
where the argument is a virtual host
* store_type/0 is replaced by store_type/1 where the argument is
a virtual host
* set_password/3 is now an optional callback
* remove_user/3 callback is no longer needed
* remove_user/2 now should return `ok | {error, atom()}`
* is_user_exists/2 now must only be implemented for backends
with `external` store type
* check_password/6 is no longer needed
* check_password/4 now must only be implemented for backends
with `external` store type
* try_register/3 is now an optional callback and should return
`ok | {error, atom()}`
* dirty_get_registered_users/0 is no longer needed
* get_vh_registered_users/1 is no longer needed
* get_vh_registered_users/2 is renamed to get_users/2
* get_vh_registered_users_number/1 is no longer needed
* get_vh_registered_users_number/2 is renamed to count_users/2
* get_password_s/2 is no longer needed
* get_password/2 now must only be implemented for backends with
`plain` or `scram` store type
Additionally, the commit introduces two new callbacks:
* use_cache/1 where the argument is a virtual host
* cache_nodes/1 where the argument is a virtual host
New options are also introduced: `auth_use_cache`, `auth_cache_missed`,
`auth_cache_life_time` and `auth_cache_size`.
|
|
|
|
The commit introduces the following changes:
* Now there is no need to pass validating function in
ejabberd_config:get_option() functions, because the configuration
keeps already validated values.
* New function ejabberd_config:get_option/1 is introduced
* Function ejabberd_config:get_option/3 is deprecated. If the function
is still called, the second argument (validating function) is simply
ignored.
* The second argument for ejabberd_config:get_option/2 is now
a default value, not a validating function.
|
|
|
|
Thanks Microsoft Windows to not support some filenames
|
|
Since the main goal of jlib.erl is lost, all auxiliary functions
are now moved to aux.erl, and the whole jlib.erl is now deprecated.
|
|
|
