diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | doc/guide.html | 16 | ||||
| -rw-r--r-- | doc/guide.tex | 17 | ||||
| -rw-r--r-- | src/ejabberd_service.erl | 37 |
4 files changed, 57 insertions, 17 deletions
@@ -1,5 +1,9 @@ 2007-06-28 Mickael Remond <mickael.remond@process-one.net> + * src/ejabberd_service.erl: Added an option to disable from attribute + checks in packets coming from an external component (EJAB-275) + * doc/guide.tex: Likewise + * doc/guide.tex: Documentation rework started (EJAB-272) * doc/introduction.tex: Likewise diff --git a/doc/guide.html b/doc/guide.html index 6eae82257..f0de1e5cf 100644 --- a/doc/guide.html +++ b/doc/guide.html @@ -348,7 +348,8 @@ The latest development version can be retrieved from the Subversion repository. install <TT>ejabberd</TT> into the directory <CODE>/var/lib/ejabberd</CODE>, </LI><LI CLASS="li-itemize">install the configuration file into <CODE>/etc/ejabberd</CODE>, </LI><LI CLASS="li-itemize">create a directory called <CODE>/var/log/ejabberd</CODE> to store log files. -</LI></UL><P>Note: if you want to use an external database, you need to execute the configure +</LI></UL><!--TOC subsubsection Compilation options--> +<H4 CLASS="subsubsection"><!--SEC ANCHOR -->Compilation options</H4><!--SEC END --><P>If you want to use an external database, you need to execute the configure script with the option(s) <TT>–enable-odbc</TT> or <TT>–enable-odbc –enable-mssql</TT>. See section <A HREF="#database">3.2</A> for more information.</P><!--TOC subsubsection Windows--> <H4 CLASS="subsubsection"><!--SEC ANCHOR -->Windows</H4><!--SEC END --><P> @@ -573,6 +574,11 @@ enables the web interface for <TT>ejabberd</TT> administration which is availabl at <CODE>http://server:port/admin/</CODE>. Login and password are the username and password of one of the registered users who are granted access by the `configure' access rule. +</DD><DT CLASS="dt-description"><B><TT>component_check_from</TT></B></DT><DD CLASS="dd-description"> +This option can be used with <TT>ejabberd_service</TT> only. It is +used to disable control on the from field on packets send by an +external components. The option can be either <TT>true</TT> or +<TT>false</TT>. The default value is <TT>true</TT> which conforms to <A HREF="http://www.xmpp.org/extensions/xep-0114.html">XEP-0114</A>. </DD></DL><P>In addition, the following options are available for s2s connections: </P><DL CLASS="description"><DT CLASS="dt-description"> <B><TT>{s2s_use_starttls, true|false}</TT></B></DT><DD CLASS="dd-description"> @@ -614,6 +620,7 @@ connected to port 5237 with password `<TT>ggsecret</TT>'. <A HREF="http://ejabberd.jabber.ru/jmc">Jabber Mail Component</A> <TT>jmc.example.org</TT> is connected to port 5238 with password `<TT>jmcsecret</TT>'. +</LI><LI CLASS="li-itemize">The service custom has enabled the special option to avoiding checking the <TT>from</TT> attribute in the packets send by this component. The component can send packets in behalf of any users from the server, or even on behalf of any server. </LI></UL><PRE CLASS="verbatim"> {acl, blocked, {user, "bad"}}. {access, c2s, [{deny, blocked}, {allow, all}]}. @@ -637,10 +644,13 @@ connected to port 5237 with password `<TT>ggsecret</TT>'. {5237, ejabberd_service, [{host, "gg.example.org", [{password, "ggsecret"}]}]}, {5238, ejabberd_service, [{host, "jmc.example.org", - [{password, "jmcsecret"}]}]} + [{password, "jmcsecret"}]}]}, + {5239, ejabberd_service, [{host, "custom.example.org", + [{password, "customsecret"}]}, + {service_check_from, false}]} ] }. - {s2s_use_starttls, true}. + {S2s_use_starttls, true}. {s2s_certfile, "/path/to/ssl.pem"}. </PRE><P>Note, that for jabberd 1.4- or WPJabber-based services you have to make the transports log and do XDB by themselves: diff --git a/doc/guide.tex b/doc/guide.tex index deb4ca7fc..f8377bed6 100644 --- a/doc/guide.tex +++ b/doc/guide.tex @@ -255,7 +255,9 @@ These commands will: \item create a directory called \verb|/var/log/ejabberd| to store log files. \end{itemize} -Note: if you want to use an external database, you need to execute the configure +\subsubsection{Compilation options} + +If you want to use an external database, you need to execute the configure script with the option(s) \term{--enable-odbc} or \term{--enable-odbc --enable-mssql}. See section~\ref{database} for more information. @@ -570,6 +572,11 @@ The following options are available: at \verb|http://server:port/admin/|. Login and password are the username and password of one of the registered users who are granted access by the `configure' access rule. + \titem{component\_check\_from} \ind{options!service\_check\_from} + This option can be used with \term{ejabberd\_service} only. It is + used to disable control on the from field on packets send by an + external components. The option can be either \term{true} or + \term{false}. The default value is \term{true} which conforms to \xepref{0114}. \end{description} In addition, the following options are available for s2s connections: @@ -615,6 +622,7 @@ For instance, the following configuration defines that: \footahref{http://ejabberd.jabber.ru/jmc}{Jabber Mail Component} \jid{jmc.example.org} is connected to port 5238 with password `\term{jmcsecret}'. +\item The service custom has enabled the special option to avoiding checking the \term{from} attribute in the packets send by this component. The component can send packets in behalf of any users from the server, or even on behalf of any server. \end{itemize} \begin{verbatim} {acl, blocked, {user, "bad"}}. @@ -640,10 +648,13 @@ For instance, the following configuration defines that: {5237, ejabberd_service, [{host, "gg.example.org", [{password, "ggsecret"}]}]}, {5238, ejabberd_service, [{host, "jmc.example.org", - [{password, "jmcsecret"}]}]} + [{password, "jmcsecret"}]}]}, + {5239, ejabberd_service, [{host, "custom.example.org", + [{password, "customsecret"}]}, + {service_check_from, false}]} ] }. - {s2s_use_starttls, true}. + {S2s_use_starttls, true}. {s2s_certfile, "/path/to/ssl.pem"}. \end{verbatim} Note, that for \ind{jabberd 1.4}jabberd 1.4- or \ind{WPJabber}WPJabber-based diff --git a/src/ejabberd_service.erl b/src/ejabberd_service.erl index 0d635b512..7d866f6f1 100644 --- a/src/ejabberd_service.erl +++ b/src/ejabberd_service.erl @@ -34,9 +34,10 @@ -include("jlib.hrl"). -record(state, {socket, sockmod, streamid, - hosts, password, access}). + hosts, password, access, + check_from}). -%-define(DBGFSM, true). +%-Define(DBGFSM, true). -ifdef(DBGFSM). -define(FSMOPTS, [{debug, [trace]}]). @@ -128,13 +129,18 @@ init([{SockMod, Socket}, Opts]) -> {value, {_, S}} -> S; _ -> none end, + CheckFrom = case lists:keysearch(service_check_from, 1, Opts) of + {value, {_, CF}} -> CF; + _ -> true + end, SockMod:change_shaper(Socket, Shaper), {ok, wait_for_stream, #state{socket = Socket, sockmod = SockMod, streamid = new_id(), hosts = Hosts, password = Password, - access = Access + access = Access, + check_from = CheckFrom }}. %%---------------------------------------------------------------------- @@ -205,14 +211,23 @@ stream_established({xmlstreamelement, El}, StateData) -> NewEl = jlib:remove_attr("xmlns", El), {xmlelement, Name, Attrs, _Els} = NewEl, From = xml:get_attr_s("from", Attrs), - FromJID1 = jlib:string_to_jid(From), - FromJID = case FromJID1 of - #jid{lserver = Server} -> - case lists:member(Server, StateData#state.hosts) of - true -> FromJID1; - false -> error - end; - _ -> error + FromJID = case StateData#state.check_from of + %% If the admin does not want to check the from field + %% when accept packets from any address. + %% In this case, the component can send packet of + %% behalf of the server users. + false -> jlib:string_to_jid(From); + %% The default is the standard behaviour in XEP-0114 + _ -> + FromJID1 = jlib:string_to_jid(From), + case FromJID1 of + #jid{lserver = Server} -> + case lists:member(Server, StateData#state.hosts) of + true -> FromJID1; + false -> error + end; + _ -> error + end end, To = xml:get_attr_s("to", Attrs), ToJID = case To of |